On Fri, 13 Sep 2002, Hack Hawk wrote:
HH> Notice the email address I use has "pm" in it? That means specially for
HH> procmail. I just received a spam email at the address for the first time
HH> today. The BASTARDS!!!!!
HH>
HH> ------ Here's the details -------------
HH> Return-Path: <marmitek(_at_)mail(_dot_)com>
HH> Received: from 200.38.225.6 ([217.167.180.65])
HH> by denali.nightsource.com (8.11.0/8.11.0) with SMTP id g8DAgho31277
HH> for <pmhh(_at_)hackhawk(_dot_)net>; Fri, 13 Sep 2002 03:42:44 -0700
HH> Message-Id:
<200209131042(_dot_)g8DAgho31277(_at_)denali(_dot_)nightsource(_dot_)com>
HH> From: Helena <marmitek(_at_)mail(_dot_)com>
HH> To: pmhh(_at_)hackhawk(_dot_)net
HH> Cc:
HH> Subject: Important mail to you!!!!!!!
HH> Sender: Helena <marmitek(_at_)mail(_dot_)com>
HH> Mime-Version: 1.0
HH> Content-Type: text/plain; charset="iso-8859-1"
HH> Date: Sat, 14 Sep 2002 13:30:02 +0200
HH> X-Mailer: MIME-tools 5.503 (Entity 5.501)
HH> X-UIDL: VU$#!F#J"!lpc!!jXX!!
HH>
Just had a look in the spam box. This one was caught because it had
mx.mailix.net in the message-id and other aspects of the header indicated
that this was because it had arrived at my mailbox provider without a mail
id. Your version appears to have a a message id that contains the name of
your host that is in the received line.
It did take a bit of effort to recognise legitimate mail with the mailix
id but this is what I ended up with:
# suspect mailix id
:0
* ^Message-Id:(_dot_)*(_at_)mx\(_dot_)mailix\(_dot_)net
* ! ^Received:.*smtp\.mailix\.net
* ! ^Return-Path.*\.mailix\.net
{
nl
nl=${SPAMREASON+"$NL"}
SPAMREASON="${SPAMREASON}${nl}${SPAMREASON_HEADER}mailix Id, no smtp"
}
Alan
( Please do not email me AS WELL as replying to the list. Personal
email is welcome but may invoke a password autoresponder. )
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail