Snowbat Posted June 5, 2010 Share Posted June 5, 2010 These three trigger a "Can't parse date of spam for age detection" error. http://www.spamcop.net/sc?id=z4111146897z4...73add6448ad2e4z http://www.spamcop.net/sc?id=z4111124197z4...032128ebb6c257z http://www.spamcop.net/sc?id=z4111121636z6...4d8e9d472fcbd9z The "offending" timestamp from my provider's mail server looks fine to me and other spam from this account parses normally. The interesting thing about these (and I suspect what triggers the error) is a bogus-looking Received line where the timestamp is interspersed with email addresses and a spurious Cc: Any thoughts? Link to comment Share on other sites More sharing options...
Wazoo Posted June 5, 2010 Share Posted June 5, 2010 These three trigger a "Can't parse date of spam for age detection" error. The "offending" timestamp from my provider's mail server looks fine to me and other spam from this account parses normally. The interesting thing about these (and I suspect what triggers the error) is a bogus-looking Received line where the timestamp is interspersed with email addresses and a spurious Cc: Any thoughts? You say "my provider's server" looks fine, but none of the three samples is anywhere near 'fine' .... The easy question to ask is who is actually munging out the year data in the timestamps? Iniitial thought is that there was a "2010" issue with SpamAssassin, which would suggest that someone needs to get caught up a bit on their server configuration. However, based on the data and words provided, this seems a bit at odds if these are also connected with your provider ????? Link to comment Share on other sites More sharing options...
SpamCopAdmin Posted June 5, 2010 Share Posted June 5, 2010 The spams were all submitted with properly formatted dates. I can only assume that SpamCop replaced the year with an x prior to the parse. All very strange. I have no idea what might have happened. I'll ask around. Received: from [123.20.92.165] by ontario.esatclear.ie with esmtp (Exim 4.62) (envelope-from <5594525[at]ms21.hinet.net>) id 1OKsAj-0003Ka-1Y; Sat, 05 Jun 2010 13:08:17 +0100 Received: from [117.196.144.141] (helo=[117.196.144.141]) by tweedledee.esatclear.ie with esmtp (Exim 4.14) id 1OKlj2-0004uf-Oe; Sat, 05 Jun 2010 06:15:17 +0100 Received: from [110.139.13.186] (helo=186.subnet110-139-13.speedy.telkom.net.id) by tweedledee.esatclear.ie with esmtp (Exim 4.14) id 1OKkWh-0003q0-9Y; Sat, 05 Jun 2010 04:58:27 +0100 - Don D'Minion - SpamCop Admin - . Link to comment Share on other sites More sharing options...
Snowbat Posted June 6, 2010 Author Share Posted June 6, 2010 Thanks guys. I've been getting the odd spam like this for a number of months but they are now increasing in frequency. [at]Wazoo SpamAssassin runs on a local box here, fed by Fetchmail and Procmail. I fixed the 2010 bug in the first week of January. I'll PM you the headers. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.