Hi, I'm seeing a fair bit of spam from the null return path. That is, MAIL From:<> (or in the headers, Return-Path: <>). A lot of this spam lacks any MIME headers (MIME-Version:, Content-Type:)
I've experimented with a rule that adds points in this situation; most legitimate DSNs have a MIME-Version: header. So would anyone care to test this: meta DSN_NO_MIMEVERSION (__BOUNCE_RPATH_NULL && !__MIME_VERSION) describe DSN_NO_MIMEVERSION Return-Path <> and no MIME-Version: header score DSN_NO_MIMEVERSION 2 The rules __BOUNCE_RPATH_NULL and __MIME_VERSION come from 20_vbounce.cf and 20_head_tests.cf respectively and look like this: header __BOUNCE_RPATH_NULL Return-Path =~ /<>/ header __MIME_VERSION exists:MIME-Version Regards, David.
