[bogofilter] Bogofilter Mirrors, and new patch for 0.7.1
Michael J. Rensing
michael.rensing at shaw.ca
Wed Sep 25 04:50:30 CEST 2002
> > >> 2) If a message already has an X-Spam-Status header, it is
> ignored instead
> > >> of passed through in -p mode. A syslog message is logged if
> an existing
> > >> header is skipped.
> > >
> > >Won't this provide an easy way for spammers to elude detection? Just
> > >supply your spam with premade headers that say the message isn't spam.
> >
> > I would suggest if possible the exact spam status header content be set
> > by the server admin as a preference. That way it would be impossible for
> > spammers to bypass it, would require knowing what exactly each admin
> > specified for the header.
>
> This seems like a good solution to the wrong problem. How about
> renaming an existing X-Spam-Status header to Old-X-Spam-Status, and
> putting in a new one? The precedent is "formail -i".
I tend to agree with the last statement. Even if a server admin can change
their local header, how many will? Witness the huge number of Cisco switches
or computer operating systems that are still running with the default
settings for the administrator's password. Also, obviously any filter can
not say anything about the validity of any header passed to it. You have to
assume that the incoming message can have anything spoofed, and work from
there.
Regards,
Michael
For summay digest subscription: bogofilter-digest-subscribe at aotto.com
More information about the Bogofilter
mailing list