I am trying to understand why the headers have no indication of being scanned by declude yet I do see an entry in the declude logs.
Anyone know of a reason?
The key here is the end of the headers:
X-AntiAbuse: Sender Address Domain - MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0222_01C3C64F.FBD71A00"
There are 2 things that I notice here. First is that there are no IMail headers, either (X-RCPT-To:, X-UIDL). The second is that this E-mail appears to contain the "Blank Folding" vulnerability (the last line of the headers contains just a single space). So the E-mail is not RFC-compliant. That blank folding is most likely what is causing the problems.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000.
Declude Virus: Catches known viruses and is the leader in mailserver vulnerability detection.
Find out what you've been missing: Ask for a free 30-day evaluation.
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
--- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
