> I've patched spamass milter to let any previously added "X-Spam"
> headers untouched
Am Sonntag, dem 09.07.2023 um 13:55 -0700 schrieb Loren Wilton:
Its generally considered bad practice to pass thru X-Spam headers from an
unkonwn source. Like most anything else in an email header, a spammer
could inject his own headers, probably populated with items designed to
generate a negative score.
On 10.07.23 01:01, Robert Senger wrote:
Sure, but updating headers in place and adding own headers somewhere
else like spamass-milter is doing it is also bad practice in my eyes...
I don't see a problem in this particular case.
Nobody but SA or compatible spam filter adds X-Spam: headers.
These headers are to be added by your local MTA when delivering mail and not
distributed over the net, although it happens.
They also should not be used for DKIM signatures.
Trusting them generally when received from external source is silly, just
like trusting "this mail does not contain viruses" headers.
For those few sources I trust their x-spam* headers, I exclude sending MTA
addresses.
Since I need to patch spamass-milter anyway to resolve a different
issue (calling "sendmail -bv <recipient>" does not work on postfix
systems)
you can use -S option to override path to sendmail and call your own script
instead of patching spamass-milter
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
42.7 percent of all statistics are made up on the spot.
