On 06/02/11 03:48, Jeff Lasman wrote: > On Friday, February 04, 2011 05:24:39 am Todd Lyons wrote:
>> If your ACL's just check for the presence of the header and don't also
>> make sure that one of your hosts put that header there, then you have
>> a hole which crafty spammers can abuse. >>
>> I know, and I'm ready to close the hole. I suppose I need to figure out a way
>> to remove all other SpamAssassin headers and then run the email through our
>> copy. If you have another idea, or an easy way to remove the headers I hope
>> you'll write back.
>>
Spamassassin's Bayesian module will handily ignore any header you want;
I have the following in my /etc/local.cf file:
…so unless you're using some other spamassassin module that might be
misled by the presence of some headers, all should work fine. (It surely
works for me – I'm using SA 3.3.1 and exim4 from Debian Squeeze)
