Autor: W B Hacker Fecha: A: exim users Asunto: Re: [exim] Mangling headers for spamd
Václav Hůla wrote: > Dne Friday 01 September 2006 14:08 W B Hacker napsal(a):
>
>>Václav Hůla wrote:
>>
>>>Hi,
>>> I'd like to ask how to change all X-Spam* headers on incoming messages
>>>(for example to X-Incoming-Spam*) before the mail gets scanned by spamd
>>>(so I can use them in SA local rules). I am using exim 4.62 with content
>>>scanning.
>>>
>>>Ax
>>
>>'Incoming' X-Spam' headers are more safely ignored - or even removed
>>entirely.
>>
>>Some Spammers and Zombie Farmers add these with 'NO' and low/no scores,
>>hoping to trick the careless or clueless (human or scanner rule).
>>
>>Many otherwise decent folks leave them on their *outbound* remote_smtp
>>traffic.
>>
>>That can be helpful on last-mile or local deliveries from your own, trusted
>>ISP provider or other 'contract' filtering/scanning relay service, but is
>>not otherwise to be trusted on traffic arriving/departing via remote_smtp.
>
>
> I just want to use x-spam headers that I get from our MX server that is
> outside of my control to bump the score up, so I have no trouble with spam
> with low score.
Problem there is that you cannot necessarily be assured that those headers were,
in fact, added by the specific MX server you 'trust and not at soem earlier point.
> I just hate that SA doesnt see the x-spam headers and it
> seems no way to tell him otherwise.
>
> Ax
SA can be so told, though I would consider it most unwise.
Look at the format of the tests SA uses, and create your own if you feel you must.
You might want to test this with an MUA first. Just write a filter that looks
for the headers you want to rely on, let it run for a while, and see if you
don't get more grief than good out of it.
A lot of experience goes into SA and Exim. Things 'missing' in common use for
either usually have been tried before, found wanting, and rejected.
Don't go against that without plenty of your own experience and testing.
