Re: Rule suggestion - smtp sanity

From large providers i sometimes recieve messages through encrypted smtp, the header looks smth like this (qmail): ... with (AES256-SHA encrypted) SMTP; ... Would it be a good idea to give a minimal negative score on this -0.1 or -0.2 if this happens on the last hop? - It proves that the

Re: Rule suggestion - smtp sanity

From large providers i sometimes recieve messages through encrypted smtp, the header looks smth like this (qmail): ... with (AES256-SHA encrypted) SMTP; ... Would it be a good idea to give a minimal negative score on this -0.1 or -0.2 if this happens on the last hop? - It proves

Re: Rule suggestion - smtp sanity

On 7/13/2007 11:04 AM, arni wrote: From large providers i sometimes recieve messages through encrypted smtp, the header looks smth like this (qmail): ... with (AES256-SHA encrypted) SMTP; ... Would it be a good idea to give a minimal negative score on this -0.1 or -0.2

Re: Rule suggestion - smtp sanity

Matus UHLAR - fantomas wrote: On 13.07.07 17:04, arni wrote: From large providers i sometimes recieve messages through encrypted smtp, the header looks smth like this (qmail): ... with (AES256-SHA encrypted) SMTP; ... Would it be a good idea to give a minimal negative score on this

Re: Rule suggestion - smtp sanity

Most likely, Johnny Spammer monitoring this list will just add a FAKE header to take advantage of such a rule. Matt Kettler wrote: Matus UHLAR - fantomas wrote: On 13.07.07 17:04, arni wrote: From large providers i sometimes recieve messages through encrypted smtp, the header

Re: Rule suggestion - smtp sanity

On Sat, 14 Jul 2007, Dave Koontz wrote: Most likely, Johnny Spammer monitoring this list will just add a FAKE header to take advantage of such a rule. You would only check it in the header that your MTA added. -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ [EMAIL

Re: Rule suggestion - smtp sanity

1) that won't help any. You'd want to check this against headers generated by trusted relays. 2) Even if he does, who cares. At such a small score it's unlikely to help the spammer any. However, email which is marginally above the autolearn threshold will be helped. (Personally, I get a

Re: Rule suggestion - smtp sanity

On 7/13/2007 11:04 AM, arni wrote: From large providers i sometimes recieve messages through encrypted smtp, the header looks smth like this (qmail): ... with (AES256-SHA encrypted) SMTP; ... Would it be a good idea to give a minimal negative score on this -0.1 or -0.2 if this

Rule suggestion - smtp sanity

From large providers i sometimes recieve messages through encrypted smtp, the header looks smth like this (qmail): ... with (AES256-SHA encrypted) SMTP; ... Would it be a good idea to give a minimal negative score on this -0.1 or -0.2 if this happens on the last hop? - It proves that the

Re: Rule suggestion - smtp sanity

On 13.07.07 17:04, arni wrote: From large providers i sometimes recieve messages through encrypted smtp, the header looks smth like this (qmail): ... with (AES256-SHA encrypted) SMTP; ... Would it be a good idea to give a minimal negative score on this -0.1 or -0.2 if this happens on