From: Noel Jones (no email)
Date: Tue Sep 02 2003 - 10:44:31 EDT
At 09:23 PM 9/1/03 +0300, Jussi Silvennoinen wrote:
>On Mon, 1 Sep 2003, SysAdmin wrote:
>
> > I've been doing a little looking at some email bounces to myself and to a
> > few friends that have written me asking "What's up with this?" and I've
> > found a header line that seems potentially bogus. It reads:
> >
> > X-MailScanner: Found to be clean
> >
> > Is this a line that is inserted by a known (by anyone on this group) mail
> > scanning agent, or is this likely (or known to be) an artifact of a
> > spammer/virus trying to make it look clean..???
> >
> > I guess it's the phrasing that seems odd to me. I would have expected
> > something more terse (like "Verified", or "Clean"). "Found to be clean"
> > seems oddly verbose...
> >
> > The reason for asking is, I'm thinking there might be potential for
> > filtering on this...
>
>Sobig.F at work here, discard or what ever your policy prefers.
>
>--
>
> Jussi
this is the default header added by mailscanner. Don't block mail based on
presence of this header.
It is true that Sobig.F uses this header, but don't use the presence of
this header to block mail, since it is a valid header.
-- Noel Jones - To unsubscribe from the postfix-users list, click the link below: <mailto:?body=unsubscribe%20postfix-users>
|
|
|