Autor: W B Hacker Data: A: exim users Assumpte: Re: [exim] Mangling headers for spamd
Václav Hůla wrote:
> Hi,
> I'd like to ask how to change all X-Spam* headers on incoming messages (for
> example to X-Incoming-Spam*) before the mail gets scanned by spamd (so I can
> use them in SA local rules). I am using exim 4.62 with content scanning.
>
> Ax
'Incoming' X-Spam' headers are more safely ignored - or even removed entirely.
Some Spammers and Zombie Farmers add these with 'NO' and low/no scores, hoping
to trick the careless or clueless (human or scanner rule).
Many otherwise decent folks leave them on their *outbound* remote_smtp traffic.
That can be helpful on last-mile or local deliveries from your own, trusted ISP
provider or other 'contract' filtering/scanning relay service, but is not
otherwise to be trusted on traffic arriving/departing via remote_smtp.
Easiest way to 'ignore' these is to simply use something 'different' in all such
headers that you add, and write your rules to act only on your unique format.
Examples: X-Junk:, or X-Spam-Hůla:
That will upset no one who is actually expecting the original X-Spam: headers,
yet protect you from confusing such with your own local additions.
We try to just strip any X-Spam: headers that we did not originate, plus
removing our own specal headers during remote_smtp delivery, but leaving the
helpful ones intact for local delivery. At the same time, we keep archive copies
in an unaltered state - no munging at all.
