Excerpts from mail: (25-Aug-97) Re: Re^2: Junk email relayed via procmail list
? by Philip Guenther
If you use fetchmail to get your mail from a pop server that inserts the
X-UIDL: header, than every message you get will contain the X-UIDL: header.
However, this is a relatively rare set up, and You Know Who Are. The rest
of us can use it to filter spam.
The problem then becomes what happens if someone who uses one of those POP3
servers that inserts the X-UIDL: header into their e-mail *re-sends* one of
those messages to you. Then, you'll be treating a valid e-mail as spam. This
happens rarely, but I have received such e-mails. It's easy enough to catch
though. Just use this recipe: (FYI, Era and I worked this out originally on
the spam-l mailing list.)
# First, a couple definitions:
PRE_ADDR_SPAN = '(.*[^-((_dot_)%(_at_)a-zA-Z0-9])?'
MY_NAMES = "($LOGNAME(@(my\.domain\.name\.net|other\.domain\.com)?)"
# E-mails with X-UIDL: headers are almost definitely spam unless they've been
# Resent-To: me by someone. Also, valid X-UIDL: headers have 32 hexadecimal
# digits exactly.
:0:
* ^X-UIDL:
* ! ^X-UIDL:[ ]*[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f]\
[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f]\
[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f]\
[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f]\
[0-9a-f][0-9a-f][0-9a-f][0-9a-f][ ]*$
* $ ! ^Resent-To:[ ]*($PRE_ADDR_SPAN)$MY_NAMES
/dev/null
(As always, that's a space and a tab inside the brackets.)
Later,
Ed