-Original Message-
From: Benny Pedersen [mailto:[EMAIL PROTECTED]
Sent: Sunday, December 24, 2006 5:09 AM
To: users@spamassassin.apache.org
Subject: Re: MID_14DIGITS_HEX will FP on any server running postfix?
On Sat, December 23, 2006 23:14, Michael Scheidell wrote:
Message-Id: [EMAIL PROTECTED]
Here is rule:
header MID_14DIGITS_HEX Message-ID =~
/^[EMAIL PROTECTED]/
updates_spamassassin_org/80_additional.cf:score
MID_14DIGITS_HEX 2.8
It also looks like you added it to CVS:
what mua is createing this ?
I don't think the client put any message id on it.
Why exim didn't put a message-id on it, I don't know.
Received: from 0.mail.spammertrap.net ([127.0.0.1])
by localhost (0.mail.spammertrap.net [127.0.0.1]) (amavisd-new,
port 10024)
with LMTP id VQzAT6V4ohWM for [EMAIL PROTECTED];
Sat, 23 Dec 2006 10:07:15 -0500 (EST)
Received: from s11.s11avahost.net (s11.s11avahost.net [66.98.170.86])
by 0.mail.spammertrap.net (Postfix) with ESMTP id E842517017
for [EMAIL PROTECTED]; Sat, 23 Dec 2006 10:07:14 -0500
(EST)
Received: from e9.fcbccf.client.atlantech.net ([207.188.252.233]:4214
helo=DCERT01)
by s11.s11avahost.net with esmtpa (Exim 4.52)
id 1GuQme-0001m1-UP
for [EMAIL PROTECTED]; Wed, 13 Dec 2006 03:52:17 -0600
As per first email, the MUA left it blank.
MY MTA (postfix 2.3.4) added the misssing message id, as per RFC's.
http://www.postfix.org/postconf.5.html#remote_header_rewrite_domain
Not sure what the above has to do with it.
postconf remote_header_rewrite_domain
remote_header_rewrite_domain =
Maybe I am dense.
At issue is the regex expression used to decide that this is a forged
email.
It wasn't, its not, and neither is any email coming from my MTA.
