Forwards and Date: header
in [Postfix]
|
From: LuKreme on 23 Apr 2010 11:38 When ThunderBird forwards a message, it sends it with the ORIGINAL Date header: This hits one of my header_checks for spammy mails: /^Date:.* 200[0-8]/ REJECT Your email has a date from the past. Fix your system clock and try again. Apr 23 09:18:26 mail postfix/cleanup[69286]: C6CE1118B9E8: reject: header Date: Tue, 29 Jan 2008 11:19:20 -0800 from *munge*.hsd1.dc.comcast.net[98.218.*,*]; from=<duser(a)dmainm> to=<user(a)otherdomain> proto=ESMTP helo=<[192.168.0.2]>: 5.7.1 Your email has a date from the past. Fix your system clock and try again. Is this behavior of ThunderBird's normal? I've never encountered it with another client, but then again I am not normally seeing people forward emails from years past either. -- They say only the good die young. If it works the other way too I'm immortal
From: Victor Duchovni on 23 Apr 2010 11:47 On Fri, Apr 23, 2010 at 09:38:36AM -0600, LuKreme wrote: > When ThunderBird forwards a message, it sends it with the ORIGINAL Date header: > > This hits one of my header_checks for spammy mails: > > /^Date:.* 200[0-8]/ REJECT Your email has a date from the past. Fix your system clock and try again. Did you set "nested_header_checks =" so that this check is not applied to the headers of attached messages? The backwards-compatible default is "nested_header_checks = header_checks". You should also consider that messages can be "Resent", not just forwarded (as attachments), and in that case old dates do legitimately show-up in new messages. The new date is in "Resent-Date:". Blocking old dates is unlikely to be a very effective anti-spam measure. I would advise that you turn this filter off. -- Viktor. P.S. Morgan Stanley is looking for a New York City based, Senior Unix system/email administrator to architect and sustain our perimeter email environment. If you are interested, please drop me a note.
From: LuKreme on 23 Apr 2010 13:37 On 23-Apr-2010, at 09:47, Victor Duchovni wrote: > > On Fri, Apr 23, 2010 at 09:38:36AM -0600, LuKreme wrote: > >> When ThunderBird forwards a message, it sends it with the ORIGINAL Date header: >> >> This hits one of my header_checks for spammy mails: >> >> /^Date:.* 200[0-8]/ REJECT Your email has a date from the past. Fix your system clock and try again. > > Did you set "nested_header_checks =" so that this check is not applied > to the headers of attached messages? The backwards-compatible default is > "nested_header_checks = header_checks". Ah, no. I didn't know about that setting. > You should also consider that messages can be "Resent", not just forwarded > (as attachments), and in that case old dates do legitimately show-up in > new messages. The new date is in "Resent-Date:". > > Blocking old dates is unlikely to be a very effective anti-spam measure. > I would advise that you turn this filter off. I've turned it off for now. Certainly blocking FUTURE dates has been effective in the past. -- ''As God as my witness, I though turkeys could fly,'' Arthur Carlson, WKRP in Cincinnati
From: Victor Duchovni on 23 Apr 2010 13:43 On Fri, Apr 23, 2010 at 11:37:01AM -0600, LuKreme wrote: > > Blocking old dates is unlikely to be a very effective anti-spam measure. > > I would advise that you turn this filter off. > > I've turned it off for now. Certainly blocking FUTURE dates has been effective in the past. Yes, blocking future and some types of invalid dates is much more reasonable. Blocking past dates is riskier and not terribly useful. -- Viktor. P.S. Morgan Stanley is looking for a New York City based, Senior Unix system/email administrator to architect and sustain our perimeter email environment. If you are interested, please drop me a note.
|
Pages: 1 Prev: postfix smtp_loop() breaks SMTP Next: giving more headers |