> It is intended behaviour, and it worked for me 100%. What do you > think, is the subject line the only problem?
Hi Fritz, I took a look through my logfiles and this check does catch a lot of spam, with two types of false positives I spotted: - One is the example I already gave, with the recipient domain name being in the subject line. - The second I found is when the recipient domain turns up legitimately in an X- header, such as: "X-AntiAbuse: Original Domain - surecruise.com" or some other X-header which was presumably added by the sender's system or some other intermediary. I also have to imagine the following could be a false positive although I didn't try it: - Where the sender has in their address book the recipient (or a CC/BCC recipient) set up as *"Evan at SureCruise.com" [EMAIL PROTECTED] in which case I bet this would match falsely as well. A couple of ideas: - Do this check only on the Received lines, which would certainly represent spam - And/or (more complicated) make this a separate check from BombHeader, that could be put into monitoring mode, to gather more information about false positives and also enable it to be turned off while the rest of BombHeader stays on Thanks, Fritz. Evan ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
