Hi,
I noticed that FORGED_MUA_OUTLOOK falsely triggers with this hotmail-email
that is sent from Outlook-Express via the http-hotmailserver.
I think the meta __FORGED_OE is triggered, because the Message-ID is not
ending with 'hotmail.com':
Received: from hotmail.com (bay19-dav15.bay19.hotmail.com [64.4.53.195])
by ***.nl (Postfix) with ESMTP id DFE8917C38F
for <***.nl>; Wed, 12 Jan 2005 13:54:14 +0100 (CET)
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC;
Wed, 12 Jan 2005 04:55:01 -0800
Message-ID: <[EMAIL PROTECTED]>
Received: from xxx by BAY19-DAV15.phx.gbl with DAV;
Wed, 12 Jan 2005 12:54:03 +0000
<SNIP>
X-Mailer: Microsoft Outlook Express 6.00.2800.1478
I see this phx.gbl in a lot of hotmails so I'm thinking of adding this
phx.gbl to the __FORGED_OE meta-rule. Or is there some other workaround
that I've missed? Don't want to set this score to 0 because it also hits
on real spam.
Regards
Menno van Bennekom
postfix 2.1.5
amavisd-new 2.2.1
spamassassin 3.02
clamav 0.80
