On 23/12/2016, 13:35, "Sebastian Arcus" <s.ar...@open-t.co.uk> wrote:
As soon as I manually delete the SA headers and report in the .eml file,
and pass the message again through spamc, I get identical Bayes scores
to the ones when the message passes initially through Exim -> SA.
http://svn.apache.org/repos/asf/spamassassin/trunk/rulesrc/sandbox/axb/23_bayes_ignore_header.cf
this is a sandbox ruleset but it answers your question here and also prevents
other potentially bad signals.
However, this raises some interesting questions. It would appear that SA
is incapable of recognising it's own reports in the header of the
emails, and tokenizes them as well and adds them to the Bayes report. Is
that right?
Spamassassin ignores certain headers -
http://svn.apache.org/repos/asf/spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/Bayes.pm
- note here that within $IGNORED_HDRS we have -
---8<---
|X-Spam(?:-(?:Status|Level|Flag|Report|Hits|Score|Checker-Version))?
---8<---
Really SA should be ignoring the headers it puts there – do the headers match
anything in that list?
Also, does it mean that, as SA tokenizes all the info in the headers, my
own email address, as the recipient of the email, will also be added to
the database of spam tokens - when I ask SA to learn a message as spam?
As above, headers like “X-Envelope-To” and “X-Delivered-To” etc etc are
ignored, however the To: header is not as this can be a good indicator – for
example, if a ‘spoofed’ To header isn’t matching the actual recipient of the
email within your system… *mumble* numbers and things
Paul
--
Paul Stead
Systems Engineer
Zen Internet
