SA Bugzilla – Bug 1798
User-Agent - Message-ID mismatch / forgery
Last modified: 2003-04-18 01:07:08 UTC
Spam sent with forged Message-ID indicating message from Pine, forged User-Agent indicating sent from Mozilla; both of which give high ham scores. Perhaps a new rule to sanity check User-Agent / Message ID combos? Date: Fri, 18 Apr 2003 08:08:20 -0800 From: "Your Dollar Store" <mds23435999@mail.com> To: will@mylanders.com Subject: Your own Online Dollar Store in 15 mins or less Message-ID: <Pine.LNX.4.31.0301010903119.63808-52651071@mail.n1.nlite> References: <Pine.LNX.4.31.0301011169278.2149-29742985@mail.n1.nlite> In-Reply-To: <Pine.LNX.4.31.0301011407679.5894-28231974@mail.n1.nlite> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="==NextPart==12053448.878412.11002.==NextPart==" X-Priority: Normal X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0rc2) Gecko/20020510 X-Spam-Status: No, hits=-14.6 required=5.0 tests=BAYES_90,CLICK_BELOW,FROM_ENDS_IN_NUMS,HTML_30_40, HTML_IMAGE_ONLY_10,IN_REP_TO,LIMITED_TIME_ONLY, MIME_BOUND_NEXTPART,REFERENCES,SUBJ_YOUR_OWN, USER_AGENT_MOZILLA_UA,USER_AGENT_PINE autolearn=ham version=2.53 X-Spam-Checker-Version: SpamAssassin 2.53 (1.174.2.15-2003-03-30-exp)
Created attachment 898 [details] full spam message with forged UA/MsgID headers
Subject: Re: [SAdev] User-Agent - Message-ID mismatch / forgery This appears to be a duplicate of: http://www.hughes-family.org/bugzilla/show_bug.cgi?id=1783 Which was closed because it is also a dupe: http://www.hughes-family.org/bugzilla/show_bug.cgi?id=1589
Dupe of 1589; marking resolved; posted spam sample to 1589 for reference. *** This bug has been marked as a duplicate of 1589 ***