Hi all I have had reports of someone here having been sent a lot of bounced messages because their e-mail address has been forged in spam. I know that this is unavoidable, and that there isn't a lot we can do about it, but having looked at the sample mail had a slight idea.
The bounce message in this instance contained the actual spam (at least, cut down headers as displayed by the e-mail client, and the plain text). In the spam's headers were things that had been added by the spamassassin on the system that created the bounce. This included stuff like "X-Spam-Score: ++++++++++++++" and "Subject: *** SPAM *** whatever". What would be the benefits of creating rules that fired on bounce messages only (i.e. came from <>), and hit stuff like this. Are there any reasons why giving a score of 10 when matching "Spam-Score: ++++++++" on a bounce would cause a real bounce to get rejected? Obviously not all bounces include info about the original message, but this might help cut down some of them, maybe? Any comments? Thanks Matthew -- Matthew Newton <[EMAIL PROTECTED]> UNIX and e-mail Systems Administrator, Network Support Section, Computer Centre, University of Leicester, Leicester LE1 7RH, United Kingdom