These days there's a lot of incoming mails with a malformed FROM: header
looking like this:
From: Real Person <real.per...@wellknowndomain.com> <spam...@anydomain.xy>
This header fools MS Outlook (and probably other mail clients) to show the well
known real e-mail-address to make the user open the attached document (usually
.doc containing macro viruses not identified by ClamAV).
I'm wondering if we could use bombHeaderRe to identify and score/block these
messages. How should a regular expression look like to do that?
Regards,
Markus
PS: season's greetings to all of you.
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user
