On Mon, 1 Feb 2010, Adam Katz wrote:
Martin Gregorie wrote:
Apparently putting the spam's payload in the "personal name" part
of the From: header is as old a trick as putting it in the Subject:
header though I hadn't seen it used until recently.
There was a recent suggestion that 'personal name' text from the
From: header should be included in the text examined by 'body'
rules, which already includes the Subject: text. This sounds like a
good thing to do.
My tests have been mildly successful on this note, with FROM_WWW
already getting promoted out of testing:
http://ruleqa.spamassassin.org/?rule=/FROM_W&srcpath=khop
This indicates that we don't actually need to parse any further
because there is no sizable mass of legitimate mail that does this
(and hopefully by getting this rule out the door, people considering
it might decide against it).
Concur.
http://ruleqa.spamassassin.org/20100201-r905213-n/T_FROM_URI/detail?srcpath=jhardin
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
I'm seriously considering getting one of those bright-orange prison
overalls and stencilling PASSENGER on the back. Along with the paper
slippers, I ought to be able to walk right through security.
-- Brian Kantor in a.s.r
-----------------------------------------------------------------------
Today: the 7th anniversary of the loss of STS-107 Columbia
