X-Mailer and X-MimeOLE lines
Spam Guy
What I'd like to know about this is this: Is there a web-resource
that can tell me if this is valid:
X-Mailer: Microsoft Outlook, Build 10.0.2605
and if it normally would be accompanied by this:
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
I've been adding X-Mailer and X-MimeOLE entries to my custom spam
filtering list, and I'm trying to decipher bogus ones from valid ones.
For example, I have no valid or good e-mail that has the X-Mailer line
as indicated above, but I have a few dozen spams that do.
On a more general note, I guess that if X-Mailer: contains "Outlook",
then there must be an X-MimeOLE line (containing something) or again
you've got spam? I have about 7800 such e-mails dating back from 2002
to the present like that, and they're all spam.
kingpi...@lumbercartel.ca
> I know we just had a discussion about x-header lines.
>
> What I'd like to know about this is this: Is there a web-resource
> that can tell me if this is valid:
>
> X-Mailer: Microsoft Outlook, Build 10.0.2605
>
> and if it normally would be accompanied by this:
>
> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
>
> I've been adding X-Mailer and X-MimeOLE entries to my custom spam
> filtering list, and I'm trying to decipher bogus ones from valid ones.
Luckily the "X-" and "x-" headers are very helpful in determining if a
message is spam since spamware vendors tend to use existing messages as
examples. It gets especially interesting when they tinker with the
contents of such headers and create combinations of version numbers
that either don't exist, or specifically don't generate other types of
"X-" or "x-" headers.
> For example, I have no valid or good e-mail that has the X-Mailer line
> as indicated above, but I have a few dozen spams that do.
>
> On a more general note, I guess that if X-Mailer: contains "Outlook",
> then there must be an X-MimeOLE line (containing something) or again
> you've got spam? I have about 7800 such e-mails dating back from 2002
> to the present like that, and they're all spam.
Probably the best way to find out (short of asking Microsoft directly)
is to install Windows on test hardware, get the same version of OutLook
you're concerned about, and attempt to generate the same headers by
creating an eMail with similar elements to that of the spam.
There'll obviously be a lot of guess-work here as it's not usually
clear what spammers do when they send spam, and given their obvious
complete absense of intelligence one can't assume that they may not do
things in the same manner as a normal user.
alicerober...@gmail.com
Spam Guy
> On Saturday, December 16, 2006 8:51:55 PM UTC-5, Spam Guy (me) wrote:
>
> > I know we just had a discussion about x-header lines.
Wow, that's a blast from the past, isin't it?
> I have no idea what this is all about. I have never used SPAM to
> my knowledge. If I did it was totally not intended.
> It looks like someone has hacked into my gmail address which I
> no longer use. I have no idea who kingpi is either. Nor lumber
> cartel.
> Please remove me from any of your locations and contacts.
> Thank you.
> AliceRoberta
> I do not care to hear anymore about this nor want any trouble
> regarding this.