Hello all,
In some (apple|bank|creditcard) scam mail I found the following header and made a rule for it. X-Get-Message-Sender-Via: cpanel3.example.org: authenticated_id: f0829646/only user confirmed/virtual account not confirmed describe MJ_VACCOUNT virtual account not confirmed header MJ_VACCOUNT X-Get-Message-Sender-Via =~ m;virtual account not confirmed; I scored it 1.5, I have no idea how to calculate a proper score, maybe someone cares to explain how to score? /MJ