'Re: Prevent amavis from obliterating spam headers'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       amavis-user
Subject:    Re: Prevent amavis from obliterating spam headers
From:       Joolee <amavisd () joolee ! nl>
Date:       2015-01-30 10:23:30
Message-ID: CA+Q-w8U2ydsaQbsoSXcqX1FPVWvS3=jmrxUDH4E=9hB9SC304Q () mail ! gmail ! com
[Download RAW message or body]

There is of course a notable difference between keeping possibly
untrustworthy headers and using those headers as part of the spam filtering
process.
Are you perhaps refering to client software, using the 'is-spam' header for
separating spam from ham? In this case, it is possible the untrustworthy
headers will be used instead of the ones added by your own spamfilter. This
might be solvable by prepending either your own or the third party headers
with a known prefix.

On 30 January 2015 at 04:48, Olivier Nicole <Olivier.Nicole@cs.ait.ac.th>
wrote:

> Quanah,
>
> > Customers who have external scanners running SA prior to hitting Zimbra's
> > SA install have found that Amavis will obliterate existing SA headers.
> > Additionally, redirecting an email that was previously scanned by SA also
> > results in Amavis obliterating the existing SA headers.
> >
> > Is there a method in which Amavis can be configured to preserve existing
> > headers?
>
> My understanding is there is no way to do that. How can you be sure that
> the pre-existing headers are genuine? They could have been added by a
> spammer, in order to make you beleive the message is safe and need no
> further checking.
>
> If you trust some customers to have a proven anti-spam solution, you
> could redirect their mail to completely by-pass amavis (or the SA part
> in amavis), but you leave them exposed to what their own anti-span can
> or can't do.
>
> best regards,
>
> Olivier
>
> >
> > <https://bugzilla.zimbra.com/show_bug.cgi?id=96532> has the general user
> > reports.
> >
> > Thanks,
> > Quanah
> >
> > --
> >
> > Quanah Gibson-Mount
> > Platform Architect
> > Zimbra, Inc.
> > --------------------
> > Zimbra ::  the leader in open source messaging and collaboration
> >
>
> --
>

[Attachment #3 (text/html)]

<div dir="ltr"><div>There is of course a notable difference between keeping possibly \
untrustworthy headers and using those headers as part of the spam filtering \
process.<br></div>Are you perhaps refering to client software, using the \
&#39;is-spam&#39; header for separating spam from ham? In this case, it is possible \
the untrustworthy headers will be used instead of the ones added by your own \
spamfilter. This might be solvable by prepending either your own or the third party \
headers with a known prefix.<br><div class="gmail_extra"><br><div \
class="gmail_quote">On 30 January 2015 at 04:48, Olivier Nicole <span \
dir="ltr">&lt;<a href="mailto:Olivier.Nicole@cs.ait.ac.th" \
target="_blank">Olivier.Nicole@cs.ait.ac.th</a>&gt;</span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex">Quanah,<br> <span class=""><br>
&gt; Customers who have external scanners running SA prior to hitting \
Zimbra&#39;s<br> &gt; SA install have found that Amavis will obliterate existing SA \
headers.<br> &gt; Additionally, redirecting an email that was previously scanned by \
SA also<br> &gt; results in Amavis obliterating the existing SA headers.<br>
&gt;<br>
&gt; Is there a method in which Amavis can be configured to preserve existing<br>
&gt; headers?<br>
<br>
</span>My understanding is there is no way to do that. How can you be sure that<br>
the pre-existing headers are genuine? They could have been added by a<br>
spammer, in order to make you beleive the message is safe and need no<br>
further checking.<br>
<br>
If you trust some customers to have a proven anti-spam solution, you<br>
could redirect their mail to completely by-pass amavis (or the SA part<br>
in amavis), but you leave them exposed to what their own anti-span can<br>
or can&#39;t do.<br>
<br>
best regards,<br>
<br>
Olivier<br>
<span class=""><br>
&gt;<br>
&gt; &lt;<a href="https://bugzilla.zimbra.com/show_bug.cgi?id=96532" \
target="_blank">https://bugzilla.zimbra.com/show_bug.cgi?id=96532</a>&gt; has the \
general user<br> &gt; reports.<br>
&gt;<br>
&gt; Thanks,<br>
&gt; Quanah<br>
&gt;<br>
&gt; --<br>
&gt;<br>
&gt; Quanah Gibson-Mount<br>
&gt; Platform Architect<br>
&gt; Zimbra, Inc.<br>
&gt; --------------------<br>
&gt; Zimbra ::   the leader in open source messaging and collaboration<br>
&gt;<br>
<br>
</span>--<br>
</blockquote></div><br></div></div>



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic