[SA-exim] Re[2]: X-SA-Do-Not-Rej

Christian Stuellenberg christian_stuellenberg at web.de
Fri Aug 15 07:55:52 PDT 2003

Previous message: [SA-exim] X-SA-Do-Not-Rej
Next message: [SA-exim] Distinct sender_host_address for SA scores?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>>>>> "Tony" == Tony Earnshaw <tonni at billy.demon.nl> writes:

    Tony> Christian Stuellenberg wrote:
    >> What about a mail that already comes with an header
    >> X-SA-Do-Not-Rej: Yes and an SAEximRejCond: ${if !eq
    >> {$h_X-SA-Do-Not-Rej:}{Yes} {1}{0}} in spamassassin.conf?
    >> 
    >> Normally X-SA-Do-Not-Rej should only be set in exim's
    >> check_rcpt-acl, but what if an spammer would already have set
    >> this flag?  If tried it, and the spam comes through. :(
    >> 
    >> Am I misunderstanding or missing something here?

    Tony> AFAIR we've had this before and the (Tim Jacksons?) remedy
    Tony> was to set the SA code and ACL to something a spammer
    Tony> wouldn't reckon with. Like X-Wibble-Wobble or whatever.

That's a good idea.  It will keep the secret on the server.  I just
didn't even thought about this easy thing and didn't get the point in
the last mails.

    Tony> However, as long as I've been following this list, no-ones
    Tony> ever mentioned any spammer actually having done this. Their
    Tony> spam software (up to now) simply isn't made for every
    Tony> eventuality in every anti-spam utility.

Yes, that's true, but if some spammer read about this default value,
he will possibly include it in his spam, so it is clever to use
something differnt.  Thnx.

Christian

Previous message: [SA-exim] X-SA-Do-Not-Rej
Next message: [SA-exim] Distinct sender_host_address for SA scores?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the SA-Exim mailing list