[Postfixbuch-users] Spam jetzt auch im "X-Spam-Report" Feld

[Sven Schöppner]

Hallo Liste,
diese ist für mich eine neue Art von Spam.
Im Feld "X-Spam-Report" wird der Spamtext eingefügt, sogar mit dem 
richtigen namen meines Mailerservers "mail2.biotec.uni-bremen.de".
DAs FEld X-Spam-Status wird von meinem Mailserver erzeugt.
Das X-Feld darf man laut rfc nicht filtern, habe ich das richtig in 
Erinnerung?

Gruss
Sven

-----Spam-------


Subject: ***SPAM*** surefire
Content-Type: multipart/related;
 boundary="------------040805040505040703020004"
X-Antivirus: avast! (VPS 0642-2, 18/10/2006), Outbound message
X-Antivirus-Status: Clean
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at 
biotec.uni-bremen.de
X-Spam-Status: Yes, hits=13.8, required=5.3 tests=BAYES_99, HTML_10_20,
    HTML_IMAGE_ONLY_20, HTML_MESSAGE, MIME_HTML_ONLY,
    RCVD_IN_WHOIS_BOGONS, RCVD_IN_XBL, RCVD_NUMERIC_HELO
X-Spam-Level: *************
X-Spam-Flag: YES
X-Spam-Report: Spam detection software, running on the system 
"mail2.biotec.uni-bremen.de", has
    identified this incoming email as possible spam. The original message
    has been attached to this so you can view it (if it isn't spam) or label
    similar future email. If you have any questions, see
    @@CONTACT_ADDRESS@@ for details.
    Content preview: They have new many new video clips each week, with
    sometimes cruel, sometimes bizarre, sometimes outrageous commentary on
    each clip. Very well done clip, looks very real. The State had no money.
    Classic Letterman top ten. The State had no money. com featuring Bush
    and Kerry blasting each other. Watching them do something stupid,. com
    Walking GuideSite. Mark Foley complained to Florida Gov. They have new
    many new video clips each week, with sometimes cruel, sometimes bizarre,
    sometimes outrageous commentary on each clip. They have new many new
    video clips each week, with sometimes cruel, sometimes bizarre,
    sometimes outrageous commentary on each clip. because he's out of a job
    today. com featuring Bush and Kerry blasting each other. Watching them
    do something stupid,. Here are some rules of thumb. Daily Steps: If you
    are just tracking your daily steps with a. Classic Letterman top ten.
    Almost everyone spoke Spanish. However, watching people win can be dull.
    However, watching people win can be dull. Sources: NK sample shows no
    radiation Two U. Them the King of Spain is caught on film making a very
    un-royal gesture. Louis police officers intervened in a shooting outside
    a nightclub. They are so tempting, those bite-size miniatures, but they
    can add up fast to some. Jeb Bush two years ago that. Maybe the same
    should be required of people who use computers connected to the
    Internet. You'll need a pedometer and to set a personal goal, then log
    your steps online. [...]
    Content analysis details: (13.8 points, 5.0 required)
    pts rule name description
    ---- ---------------------- 
--------------------------------------------------
    1.5 RCVD_NUMERIC_HELO Received: contains an IP address used for HELO
    1.2 HTML_IMAGE_ONLY_20 BODY: HTML: images with 1600-2000 bytes of words
    0.0 HTML_MESSAGE BODY: HTML included in message
    3.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
    [score: 1.0000] 1.4 HTML_10_20 BODY: Message is 10% to 20% HTML
    0.0 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
    2.4 RCVD_IN_WHOIS_BOGONS RBL: CompleteWhois: sender on bogons IP block
    [58.64.167.24 listed in combined-HIB.dnsiplists.completewhois.com]
    3.9 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
    [58.64.108.16 listed in sbl-xbl.spamhaus.org]

This is a multi-part message in MIME format.
--------------040805040505040703020004
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
 <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
<img alt="" src="cid:part1.00050308.07050205 at gumibox.hu" height="314"
 width="611"><br>
They have new many new video clips each week, with sometimes cruel,
sometimes bizarre, sometimes outrageous commentary on each clip. Very
well done clip, looks very real. The State had no money.<br>
Classic Letterman top ten. The State had no money.<br>
com featuring Bush and Kerry blasting each other.<br>
Watching them do something stupid,.<br>
com Walking GuideSite. Mark Foley complained to Florida Gov.<br>
They have new many new video clips each week, with sometimes cruel,
sometimes bizarre, sometimes outrageous commentary on each clip.<br>
They have new many new video clips each week, with sometimes cruel,
sometimes bizarre, sometimes outrageous commentary on each clip. because
he's out of a job today. com featuring Bush and Kerry blasting each
other. Watching them do something stupid,.<br>
Here are some rules of thumb. Daily Steps: If you are just tracking your
daily steps with a.<br>
Classic Letterman top ten.<br>
Almost everyone spoke Spanish. However, watching people win can be
dull.<br>
However, watching people win can be dull.<br>
Sources: NK sample shows no radiation Two U.<br>
Them the King of Spain is caught on film making a very un-royal
gesture.<br>
Louis police officers intervened in a shooting outside a nightclub.<br>
They are so tempting, those bite-size miniatures, but they can add up
fast to some.<br>
Jeb Bush two years ago that. Maybe the same should be required of people
who use computers connected to the Internet.<br>
You'll need a pedometer and to set a personal goal, then log your steps
online.<br>
<br>
</body>
</html>

--------------040805040505040703020004
Content-Type: image/gif;
 name="ventriloquism.gif"
Content-Transfer-Encoding: base64
Content-ID: <part1.00050308.07050205 at gumibox.hu>
Content-Disposition: inline;
 filename="ventriloquism.gif"