Hi All
I have a standard exim4/SA setup. SA is configured to add headers to an
email but otherwise leave the message alone. I use exim to then route
marked spam to a mailbox where I can check for ham.
I've noticed that I'm getting a few false positives because the incoming
message contains the header "X-Spam-Flag: NO". I've configured exim to
route emails with the existence of the X-Spam-Flag header as spam.
My reasoning went like this:
1). My SA configuration only adds the header if the e-mail scores high
enough to be considered spam other wise that header is not added.
2). Anyone added the header "X-Spam-Flag: NO" is probably a spammer
trying to their their spam pass SA.
I don't see the point in running a spam scanner on out going email as
the other end can't afford to trust the results, but it appears that
some email admins don't think that way.
So what is the best way of handling spam headers? Should I strip
headers from any emails received via the SMTP protocol? And if so, how?
If not what is the best way of dealing with them?
Ta for your advice.
Steve
P.S. My routers look like this:
begin routers
# Run pass SpamAssassin
#
spamchecker:
no_verify
domains = +local_domains
condition = "${if and { {!def:h_X-Spam-Flag:} \
{!eq {$received_protocol} \
{spam-scanned}}} {1}{0}}"
driver = accept
transport = spamassassin_delivery
# Deliver all spam to a local account for checking
#
caught_spam:
no_verify
driver = accept
transport = spam_delivery
condition = "${if def:h_X-Spam-Flag {yes} {no} }"
notlocal:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
# System aliase lookup
#
system_aliases:
driver = redirect
data = ${lookup{$local_part}lsearch*{/etc/aliases}}
# Standard local delivery
#
localuser:
check_local_user
driver = accept
transport = local_delivery
