On Sun, 26 Apr 1998, Paul Ashton wrote:
stanr(_at_)sunspot(_dot_)tiac(_dot_)net said:
At 05:31 AM 4/26/98 -0400, gsutter(_at_)pobox(_dot_)com wrote:
What legitimate mail clients don't add a Message-Id:? If they don't,
they're violating RFC 822.
No, it's optional.
Yep, you're right. I misremembered. However, I still claim that very
few "legitimate" e-mails are sent without a Message-Id: field.
I've just scanned my mail for messages where the domain in the
From: line is not contained in the domain of the Message-ID:.
There a quite a lot that are not spam and which don't match.
Right, that's why you should check the Received: headers.
would seem to be by content based filtering. The fact that the
message-id is put in by the relay is a hint, but would give me
too many false positives to automate.
I don't believe that is so. That recipe hasn't caused a single false
positive since I began testing it several weeks ago.
Instead of reacting to all this, it would be nice to be proactive
and start scanning for open relays and informing them that
they are likely to be abused, before the spammers get to them.
How about a "find-and-close-the-relays week"?
Sounds like you've been listening to Ron G. too much. :)
GReg
--
Gregory S. Sutter "How do I read this file?"
mailto:gsutter(_at_)pobox(_dot_)com "You uudecode it."
http://www.pobox.com/~gsutter/ "I I I decode it?"