|
Or if you use an E-mail client that doesn't encode your mail stores,
you can just open it up in a text reader and search for the occurrences. I did a cursory search and found that Hotmail can display this behavior, as well as MS SMTP (using something like CDO). It is also possible that other Microsoft E-mail clients can do this as well, but I only found one example and it wasn't clear whether or not it was inserted by the client or a forwarding mechanism. So appears safe as long as we all stop using Microsoft products :) Matt Colbeck, Andrew wrote: I've definitely seen a BCC: header entry on legitimate mail, which is then blank.I think the big idea is that the sender MTA thought it was a good idea to let the receiver know that a BCC was used. Sorry, I can't remember the software or domain involved. I'd suggest at least creating a new JunkMail Pro filter with HEADERS 0 CONTAINS BCC: And then set a copyfile action and running that for a while to check for false positives before you decide to add weight. Andrew 8)-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of John T (Lists) Sent: Wednesday, December 21, 2005 10:17 AM To: [email protected] Subject: [Declude.JunkMail] BCC in header Since a BCC line from a legit client will never appear in the header, it makes sense then that we can filter on BCC: in the header and penalize a good amount, correct? John T eServices For You --- [This E-mail was scanned for viruses by Declude EVA www.declude.com] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.--- [This E-mail was scanned for viruses by Declude EVA www.declude.com] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. |
