Author: Ben Giddings Date: To: exim-users Subject: [Exim] Fighting fake spam headers
I used to have this in my exim configuration file:
# SpamAssassin
spamcheck_router:
no_verify
check_local_user
# When to scan a message :
# - it isn't already flagged as spam
# - it isn't already scanned
condition = "${if and { {!def:h_X-Spam-Status:} {!eq
{$received_protocol}{spam-scanned}}} {1}{0}}"
driver = accept
transport = spamcheck
Unfortunately, I found that some clever spammer *ssh*les are putting in
fake Spamassassin headers, marking their spam as not spam. So, what I
want to do is make sure my machine always scans messages.
I thought a good way to do that would be to make sure my machine's name
was in the X-Spam-Checker-Version header, but everything I tried to do
to use that ended up messing everything up, and creating a mail loop.
No matter what I tried to put in that second string, I never got a
match. I thought it might be a newline in the header, so I tried
escaping it, I tried matching against 'SpamAssassin'... nothing.
What am I doing wrong? How do I properly do what I'm trying to do?