So the HELOBOGUS will apply the same logic and NO longer check for "BOGUS" host names?
If not - then why doesn't the same logic apply?
The HELOBOGUS test gets around this by only checking the HELO/EHLO if the sender is not a local user.
Frankly, I rather prefer to have a test that does it advertises to do (e.g., check for "BAD HEADERS"), and then let ME decide via "weights", how highly I want to rate this.
The problem here is that if the BADHEADERS test catches 50% of legitimate E-mail, nobody will use it.
If you'd like to take this on with the mail client vendors, that would be great. But this is one battle we're not going to try taking on.
Remember: Nobody is forced to use the BADHEADERS test
True. But given that it can catch about 40%-50% of spam and virtually no legitimate E-mail, it's one of the best tests in Declude JunkMail.
but those who do should be able to 'rely' on it discovering non-compliancy.
It isn't designed to be a foolproof test of the headers (such as one that mail client vendors could use to say "Our headers are 100% RFC-compliant). It's designed to detect headers that are common in spam that are not sent by standard mail clients, and which are not RFC-compliant.
For all other purposes you have the SPAMHEADERS test that is designed/advertised to be "flexible" and which is expected to "adopt" based on occurrence of certain issues in the "wild" - so THERE it would make sense to leave the MessageID FQDN check out of SPAMHEADERS.
The qualifications for the two tests are:
BADHEADERS: The header [1] must be common in spam, [2] must not be sent by most legitimate mail clients, and [3] must be non-RFC-compliant.
SPAMHEADERS: The header [1] must be common in spam, [2] must not be sent by most legitimate mail clients, and [3] is RFC-compliant.
The problem is that the non-FQDN in a Message-ID: header violates #2 -- it is commonly sent by legitimate mail clients. Therefore, it isn't appropriate for these tests.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers.
Declude Virus: Catches known viruses and is the leader in mailserver vulnerability detection.
Find out what you have been missing: Ask for a free 30-day evaluation.
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
--- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
