Bogofilter accuracy plummets starting around March 10, 2010
Jonathan Kamens
jik at kamens.brookline.ma.us
Tue Apr 6 03:36:59 CEST 2010
Thomas Anderson wrote:
> Also, in the end, spamitarium doesn't throw away any of the forged
> received line info... So information was ADDED, not removed,
> by spamitarium.
>
I did a little playing around with spamitarium, and it appears that it
/does /throw away useful information from /valid/ Received lines. For
example, I fed a recent valid message through spamitarium with this
valid Received line in it:
Received: from omta01-mdp.westchester.pa.bo.comcast.net ([76.96.53.11])
by qmta02-mdp.westchester.pa.bo.comcast.net with comcast
id 1u2R1e0010EWbPw01u407n; Mon, 05 Apr 2010 18:04:00 +0000
and it spit back this:
Received: from omta01-mdp.west 76.96.53.11 as36733
by qmta02-mdp.westchester.pa; Mon, 05 Apr 2010 18:04:00 +0000
So the host names in the received line are no longer FQDNs (in violation
of RFCs, I believe) and the MTA queue ID has been discarded.
Both of these are of concern. The latter is a problem if there is an
issue with mail delivery and I need to contact a transit site about it
(and yes, I've done this on numerous occasions in the past). If I can
give them the queue ID assigned to the message by their MTA, then they
can find it easily in their logs. If I can't, I might as well forget
any possibility of them being willing to help me.
jik
More information about the Bogofilter
mailing list