> > [...]
> > So, it's a "feature" in my Outlook 2003 to *not* include the Message-Id
> > header.. Jesus!
>
> But only if NOT using Exchange, right? :)
>
> > So, how can we go about to make the MSGID_FROM_MTA_SHORT detection skip
> > clients which adds the mailer tag:
> > "X-Mailer: Microsoft Office Outlook, Build 11.0.5510", or at least Build
> 11?
> > Outlook 2003 do add that, so can the detection engine be told to check
> that
> > and not tag up the e-mails as spam because of the erroneous "Message-Id"
> > tag?
>
> Well, it's OUTLOOK that's broken, but... a meta rule could easily be
> created to check for both. Something like (untested):
>
> header CLIENT_OUTLOOK2003 X-Mailer =~ /Microsoft Office Outlook, Build 11/
> meta OUTLOOK2003ADJUST (MSGID_FROM_MTA_SHORT && CLIENT_OUTLOOK2003)
> score OUTLOOK2003ADUST -3
>
> So there's a fix for outlook, and a nice way for spammers to circumvent
> the check. :) Maybe tighten the rules down more to be prudent.
>
> It might be easier to just tweak the score for MSGID_FROM_MTA_SHORT
> down, since blindly trusting the X-Mailer header isn't a great strategy
> unless you've got some other factor you can add to the meta to prevent
> simple forging.
I just got this hint... Can it be elaborated on?
rename the existing rule __MSG_ID_FROM_MTA_SHORT, then add these:
header __NO_MSGID_OUTLOOK =~ /Microsoft Office Outlook, Build
11.\d{1,2}.\d{4}/
meta MSG_ID_FROM_MTA_SHORT (__MSG_ID_FROM_MTA_SHORT && !
__NO_MSGID_OUTLOOK)
