On Mon, Apr 03, 2006, W B Hacker wrote: >>i'm trying to replace headers in the ACLs, so i could hint SpamAssassin
>>(through exiscan-acl) about the status of callout verification. however,
>>'warn message' adds a new header instead of replacing the existing one.
>>
>>is replacing headers ACL-time possible or is there any good workaround?
> Suggest you leave the original headers alone, add what you need
> in an X-header, 'act' on that X-header.
'warn' inserts an another header below existing ones, the first one
(above) is the one interpreted. SA interprets the first encountered
header, when many of them exist. this way, rogue users could send email
with headers influencing SA's decision. am i being overly paranoid? :-)