Training with Windows mailers

[Simon Huggins]

On Mon, Jun 09, 2003 at 10:02:43PM +0930, Stephen Davies wrote:
> G'day.

Hiya.  Where do you hide the key you used to sign this message?  I
couldn't see it on wwwkeys.pgp.net nor on keyserver.net.

> This raises the question of how to collect spam/ham datasets from
> Windows mailers for training purposes.

> A search of the lists does not seem to help. What I would like is
> advice as to how to tell users of Netscape, IE and MS Outlook to
> provide me with sample spam/ham emails.

Oh.  Not even the odd message about forwarding mail via mime.get.rfc822
and piping to bogofilter?

For instance Peter's message: <3ED5BD5F.4992.3339EAF at localhost>

> So far as I can see, none of the above have a "resend" capability and
> their "forward" formats are not easily restored to original state for
> processing by bogofilter.

When you forward a message it gets mime attached as a message/rfc822
part (or it should unless you're forwarding in the body of the mail but
then you generally don't forward all the headers).

Just run the resulting mails through mime.get.rfc822 which is in the
contrib directory in the tarballs and then pipe the output to bogofilter
-s if it's spam or bogofilter -n if it's not.

You therefore probably want a couple of special addresses which
procmail to this script and then bogofilter -s or -n.  You should ensure
that only legitimate users can forward email to these addresses.

As for doing this in bulk in the beginning then I'd suggest you look at
something which can take the Outlook/Netscape mailbox format and turn it
into mbox.  I believe such things exist but don't know of any OTTOMH.

Does this help?

-- 
Simon Huggins  \ "AAAhhh, I see you're using the Machine that goes Bing."
                \
http://www.earth.li/~huggie/                                htag.pl 0.0.22