[SA-exim] Re[2]: X-SA-Do-Not-Rej
Christian Stuellenberg
christian_stuellenberg at web.de
Fri Aug 15 07:55:52 PDT 2003
>>>>> "Tony" == Tony Earnshaw <tonni at billy.demon.nl> writes:
Tony> Christian Stuellenberg wrote:
>> What about a mail that already comes with an header
>> X-SA-Do-Not-Rej: Yes and an SAEximRejCond: ${if !eq
>> {$h_X-SA-Do-Not-Rej:}{Yes} {1}{0}} in spamassassin.conf?
>>
>> Normally X-SA-Do-Not-Rej should only be set in exim's
>> check_rcpt-acl, but what if an spammer would already have set
>> this flag? If tried it, and the spam comes through. :(
>>
>> Am I misunderstanding or missing something here?
Tony> AFAIR we've had this before and the (Tim Jacksons?) remedy
Tony> was to set the SA code and ACL to something a spammer
Tony> wouldn't reckon with. Like X-Wibble-Wobble or whatever.
That's a good idea. It will keep the secret on the server. I just
didn't even thought about this easy thing and didn't get the point in
the last mails.
Tony> However, as long as I've been following this list, no-ones
Tony> ever mentioned any spammer actually having done this. Their
Tony> spam software (up to now) simply isn't made for every
Tony> eventuality in every anti-spam utility.
Yes, that's true, but if some spammer read about this default value,
he will possibly include it in his spam, so it is clever to use
something differnt. Thnx.
Christian
More information about the SA-Exim
mailing list