spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Gregorie <mar...@gregorie.org>
Subject Re: Catching fake LinkedIn invites
Date Fri, 30 Aug 2013 14:25:21 GMT
On Fri, 2013-08-30 at 14:25 +0100, RW wrote:
> On Fri, 30 Aug 2013 10:45:23 +0100
> Martin Gregorie wrote:
> 
> > On Thu, 2013-08-29 at 05:42 -0700, Neil Schwartzman wrote:
> > > On Aug 29, 2013, at 4:40 AM, RW <rwmaillists@googlemail.com> wrote:
> > > 
> > > > On Thu, 29 Aug 2013 00:55:29 +0200
> > > > Michael Schaap wrote:
>  
> > > >> The "From:" header is at linkedin dot com, but the envelope
> > > >> sender is a random address
> > > > 
> > > > I'm guessing that legitimate linkedin mail has something other
> > > > than a random address in its envelope sender. 
> > > 
> > > 
> > >  no need to guess
> > > 
> > The headers you've sent don't contain an envelope sender (the "From"
> > header) or a "From:" header.
> 
> Actually there is a Return-Path. And the OP said that there is a From.
> 
Yes, agreed there's a Return-Path, but the message I sent, which
contains the complete set of headers in the body of message I replied
to, did not include an envelope "From" or a "From:" header and no
Reply-to header either - this surprised me so I checked quite carefully.

> I was thinking of just the header and the envelope, but it wouldn't
> hurt to add the message-id as well:
> 
I use tests on Message-ID header to identify messages from gmail and
yahoo. So far I have not had any FPs from doing this.


Martin




Mime
View raw message