From: Anthony Howe
Date: 2004-09-23 06:01:14 -0400
Subject: Re: [LFN14080312] milter-spamc setup generating
More information..: http://www.milter.info/#Support
Frank Heydlauf wrote:
> I think assuming a spammer would not set "X-Spam-Flag: no" in his
> mail would be naive.
> And why should I scan a message again if it's already marked as
> spam (here: containing X-Spam-Flag:)?
Because you don't trust outside sources to tell you what to think (as I
reaches for my mind control ray gun).
> Setting X-Spam-Flag to "YES" or another value is only a hack because
> empty headers would be removed by some (all?) MTAs.
No. Its not a hack. Its a header that represents a program variable -
variables VARY by definition.
> There seems to be a big difference between milter and exim installations.
> Exim in the recommended setup
> does *not* alter or delete existing X-Spam-Flag Header nor does it append
> new ones - ist's just not necessary!
It is necessary for exactly the reason you gave earlier: a spammer may
attempt to fake the header, therefore prior occurrences of such a header
that appear are always suspect. The header should only reflect the
opinion of the last (delivering) mail server to scan it, which should a
server in your control.
> But fully regardless if it's wrong or naive - there are countless
> exim installations with the setup mentioned above and the inherent
> danger of causing false positives if they receive mails already
> filtered by a milter setup in the way you recommend.
> That's what I wanted to tell you.
I really want to say something snide with lots of expletives as to what
I think about Exim in this case. Suffice it to say, I'll restrain myself
for the moment.
Anthony C Howe +33 6 11 89 73 78
7116561 AIM: Sir Wumpus
"Once...we were here." - Last of The Mohicans
Copyright 2009, 2012 by SnertSoft. All rights reserved.