From: Anthony Howe
Date: 2004-09-23 04:01:27 -0400
Subject: Re: [LFN14080312] milter-spamc setup generating false positives
More information..: http://www.milter.info/#Support
Frank Heydlauf wrote:
> Sadly I did not get a reaction from Anthony when I wrote him - now
Actually as I recall I did answer you in the negative.
> try again using the new list he subscribed me.
> | The report headers inserted by milter-spamc are:
> | X-Spam-Flag Boolean "YES" or "NO" as to whether the
message is spam.
> That causes the problem. In the default Spamassassin
> config the X-Spam-Flag tag is only set, when the message
> is classified as spam - and is complete absent if the
> message is ham.
> This is to prevent a spammer from setting "X-Spam-Flag: no"
> by himself and bypass client side filters.
> The clients (as we and probably many others do) filter for
> the existens of X-Spam-Flag. If it's set - with "Yes" or "no"
> or whatever - the message is treated as spam.
I disagreed with this then as I do now. Filtering based on the presence
or absence of a header is totally WRONG and naive. When a header is
defined to have a value, such as boolean for X-Spam-Flag, its those
values that should be tested for, not the existance of a header.
The X-Spam-Flag, if already present, is always overridden by
milter-spamc, so a spammer attempting to slip by milter-spamc and
SpamAssassin by setting it to "NO" would not gain from this. I'm not
familar with all of SpamAssassin's rules, but if it skipped scanning a
message that was already marked with X-Spam-Flag: NO, then it would be
very brain damaged filter IMHO.
Anthony C Howe +33 6 11 89 73 78
7116561 AIM: Sir Wumpus
"Once...we were here." - Last of The Mohicans
Copyright 2009, 2012 by SnertSoft. All rights reserved.