You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Bill Friedman <lf...@sbcglobal.net> on 2004/07/27 03:39:32 UTC
Re: MSGID_FROM_MTA_SHORT
> I've set up MD (2.42)/SA (2.63) (SM 8.12.11) on a new system we just
> put into production
> and I'm getting a lot of quarantined messages including the following
> rule match.
>
> I've replaced the real local domain w/mydomain.com
>
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++
>
> MSGID_FROM_MTA_SHORT Message-Id was added by a relay
>
> I don't recall this rule popping up regularly in past MD/SA systems.
> Here our some sample headers from several such quarantined message
>
> Here are the message headers:
> From: "Mail Delivery Subsystem" <no...@mydomain.com>
> To: media@mydomain.com
> Subject: Returned mail: Data format error
> Date: Mon, 26 Jul 2004 09:42:16 -0700
> MIME-Version: 1.0
> Content-Type: multipart/mixed;
> boundary="----=_NextPart_000_0000_527A4796.921FD844"
> X-Priority: 3
> X-MSMail-Priority: Normal
> X-Mailer: Microsoft Outlook Express 6.00.2600.0000
> X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
>
> ----------
> Here are the headers for quarantined part 1:
> Content-Type: application/octet-stream;
> name="mydomain.com"
> Content-Transfer-Encoding: base64
> Content-Disposition: attachment;
> filename="mydomain.com"
>
> +++++++++++++++++++++++++++++++++++++++++
>
> MIME-Version: 1.0
> Content-Type: multipart/mixed; boundary="=200407221954="
> To: hossein@p-gene.com
> From: 123Greetings.com <sp...@123greetings.info>
> X-Mailer: 695B0DF8.1344C3FE.2d0cbc0154fc684d85195ead9a0d1b5c
> Subject: Enter to WIN a Portable DVD Player!
> Organization: 123Greetings.com
>
> ++++++++++++++++++++++++++++++++++++++++++++
>
> Here's another rule match that has me perplexed -
> NO_REAL_NAME From: does not include a real name
>
>
> Content analysis details: (7.1 points, 5.0 required)
>
> pts rule name description
> ---- ----------------------
> --------------------------------------------------
> 0.3 NO_REAL_NAME From: does not include a real name
> 0.1 MICROSOFT_EXECUTABLE RAW: Message includes Microsoft executable
> program
> 3.7 MSGID_FROM_MTA_SHORT Message-Id was added by a relay
> 3.0 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
>
> Here are the message headers:
> From: nadav@wired.com
> To: media@mydomain.com
> Subject: Returned mail: see transcript for details
> Date: Mon, 26 Jul 2004 10:11:37 -0700
> MIME-Version: 1.0
> Content-Type: multipart/mixed;
> boundary="----=_NextPart_000_0000_DCAE6AD4.11583A44"
> X-Priority: 3
> X-MSMail-Priority: Normal
> X-Mailer: Microsoft Outlook Express 6.00.2600.0000
> X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
>
> ----------
> Here are the headers for quarantined part 1:
> Content-Type: application/octet-stream;
> name="aij.scr"
> Content-Transfer-Encoding: base64
> Content-Disposition: attachment;
> filename="aij.scr"
>
Re: MSGID_FROM_MTA_SHORT
Posted by Daniel Quinlan <qu...@pathname.com>.
This is fixed (or greatly improved) in 3.0, I suggest upgrading to
3.0.0-pre2 (as long as you aren't using any third-party software that
doesn't support 3.0 yet).
Daniel
--
Daniel Quinlan
http://www.pathname.com/~quinlan/