[Spambayes] Forged header?

Anthony Baxter anthony at interlink.com.au
Thu Feb 13 17:47:12 EST 2003


>>> Frank Horowitz wrote
> It occurs to me that for a spammer to get past the entire filtering
> process, they simply need to include the  
> <X-Spambayes-Classification: ham; 0.00> header.  

Note that if you're using procmail, and you have your procmailrc set up
something like:

  :0 fw:hamlock
  | /usr/local/bin/hammie.py -f -d

  :0:  
  * ^X-Spambayes-Classification: spam
  | $RCVSTORE +spam

  :0:  
  * ^X-Spambayes-Classification: unsure
  | $RCVSTORE +unsure

  ... other message handling ...

Then the duplicate header won't matter worth a damn. procmail will still
see the 'spam' header, and punt the message into the spam folder.




More information about the Spambayes mailing list