Sorry for being a bit off topic: recently we had incoming phishing mails which all had a BCC header line. So I thought, that's easy to defend and I introduced a data ACL
deny condition = ${if def:h_BCC: {yes}{no}} My logs revealed a lot of them and I was afraid of doing some overblocking. So I changed the "deny" into a "warn", shifted the ACL further down below spam and virus scan and added some logging. The outcome is that there are really a bunch of incoming mails with a BCC header, which seems to be no spam. And forthermore about 90% are coming from Google hosts like e.g. mail-qk1-x742.google.com So my question for discussion here: is there any legitimate use to have a BCC header present or is this all crap and can be rejected ? My understanding is that when I use BCC in my MUA there is one mail with two (or more) envelope recipients but no BCC header. The BCC header is only present in the copy in my sent folder. Regards, Olaf -- Karlsruher Institut für Technologie (KIT) Steinbuch Centre for Computing (SCC) Dipl.-Geophys. Olaf Hopp Zirkel 2 Gebäude 20.21, Raum 316 76131 Karlsruhe Telefon: +49 721 608-48009 E-Mail: olaf.h...@kit.edu Web: www.scc.kit.edu Sitz der Körperschaft: Kaiserstraße 12, 76131 Karlsruhe KIT - Die Forschungsuniversität in der Helmholtz-Gemeinschaft
smime.p7s
Description: S/MIME Cryptographic Signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/