At Wed Aug 6 17:07:54 2003, Chris Santerre wrote: > > Is this ever possible to be legit? See the received domain of zzn.com and > the user agent at the bottom of AOL 7. Seems to me this is a sure fire spam > tag. > > Message-ID: <[EMAIL PROTECTED]> > ... > User-Agent: AOL 7.0 for Windows US sub 118 > > I'm thinking a simple meta of user-agent AOL, but recieved header or from > having no AOL.
There's already a FORGED_MUA_AOL rule that checks the X-Mailer header against the Message-ID. However, there's no check for the User-Agent header. I spotted one of these the other day and had to go looking at the rules to see why it wasn't hitting the FORGED_MUA_AOL rule. I don't get mail from AOL users, so I can't check the headers of legitimate AOL messages. Are there any versions of the AOL software that use User-Agent instead of X-Mailer? Martin -- Martin Radford | "Only wimps use tape backup: _real_ [EMAIL PROTECTED] | men just upload their important stuff -o) Registered Linux user #9257 | on ftp and let the rest of the world /\\ - see http://counter.li.org | mirror it ;)" - Linus Torvalds _\_V ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
