1. Forum
  2. Usenet
  3. COMP.MAIL.HEADERS

  • "X-Message-Info:" seems to be diagnostic for spam

    From Spam Guy@21:1/5 to David Ritz on Sun Nov 8 12:29:14 2015
    XPost: news.admin.net-abuse.email

    David Ritz wrote:

    [ x-post stripped ]

    Of course, because none of this has anything to do with
    comp.mail.headers, so why cross-post it to that group - right?

    Yes, there is a X-Message-Info header inserted, by Microsoft's public
    mailbox servers, when a message is received. They are, however,
    considerably longer than thirty two characters in length.

    The header commonly appeared in my local spam sample collection, from
    2004, through about 2007. By that time, I changed my spam processing
    and handling and examples become rare.

    I think it's safe to assume that anything being delivered outside a
    Microsoft mailbox, ie. hotmail.com, msn.net, outlook.com, which
    includes an X-Message-Info header, should be taken as a positive spam
    sign.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Spam Guy@21:1/5 to All on Sun Nov 8 09:21:21 2015
    XPost: news.admin.net-abuse.email, comp.mail.misc

    I wrote wrote:

    X-Message-Info: (A 32 character string)

    Apparently this was discussed in a thread in comp.mail.headers starting
    on Sept 11 / 2004 (X-Message-Info header : spam or not ?) as well as comp.mail.misc in a thread starting on June 7 / 2004 (What mailer
    inserts X-Message-Info headers?).

    The conclusion from both threads indicated that the header line "X-Message-Info" was added by Hotmail to the headers of mail received by hotmail servers, but is not present in the headers of out-going mail
    sent by Hotmail. As I don't have access to any MS-hosted mail account,
    I don't know if this characteristic is still in effect today.

    Its appearance in spam back in 2004 was apparent (as evidenced by those threads) and its use must have ended prior to 2009. It now seems to
    have started again as of February 2015.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)