jdow wrote:
From: "Kevin Peuhkurinen" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <users@spamassassin.apache.org> Sent: Monday, 2004 September, 20 11:20 Subject: Re: Mozilla Headers
[EMAIL PROTECTED] wrote:
David Brodbeck wrote:
On Mon, 20 Sep 2004 10:40:39 -0400, Kevin Peuhkurinen wrote
Mozilla Mail and Thunderbird add X-Mozilla-Status and Status2 headers to all emails they recieve. I do not believe they are ever added to outgoing emails, even if you are forwarding an email that already has them.
(And the little light goes on...)
Is this why I've been receiving spam that's marked as already read in Thunderbird? I've been wondering about that. I suspect the idea is to try to get around Thunderbird's junk mail controls, since they're only run on unread messages.
MUA's creating headers for their own internal purposes is a dangerous
idea. But many do it. This may be the tip of the iceberg here.
As a test, I created an email to myself with the headers:
X-Mozilla-Status: 0001 X-Mozilla-Status2: 02000000
And sure enough, the email showed up as read and marked "Important" (highlighted in red). Think I'll open a new bug in bugzilla.
Um, let me see if I understand this correctly. These two status messages appear only after the MUA has gotten its metaphorical hands on the email. So it should never appear on spam in your MTA where the anti-spam tests are run. It seems to me that those two header lines are prime meat for SpamAssassin rules, aren't they? Under what circumstances would they ever possibly appear in a legitimate email? Do they appear on Mozilla mail that is forwarded or does Mozilla properly remove them before it sends them out?
{^_^}
Yes, mozilla/tb adds them after downloading I presume - yes, they all appear on mail that is forwarded and yes, the app(s) don't remove them. at least on thunderbird, anyhow. So, I guess the only place they should appear in legitimate email are in Fwd'ed stuff, (unless any appear in my own headers above of course, because I can't tell.) The latest tb release also adds this new one to distinguish between internal MUA mail accounts (lovely):
X-Account-Key: account1
regards, jamie
