XPost: news.admin.net-abuse.email

David Ritz wrote:

[ x-post stripped ]

Of course, because none of this has anything to do with
comp.mail.headers, so why cross-post it to that group - right?

Yes, there is a X-Message-Info header inserted, by Microsoft's public
mailbox servers, when a message is received. They are, however,
considerably longer than thirty two characters in length.

The header commonly appeared in my local spam sample collection, from
2004, through about 2007. By that time, I changed my spam processing
and handling and examples become rare.

I think it's safe to assume that anything being delivered outside a
Microsoft mailbox, ie. hotmail.com, msn.net, outlook.com, which
includes an X-Message-Info header, should be taken as a positive spam
sign.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: news.admin.net-abuse.email, comp.mail.misc

I wrote wrote:

X-Message-Info: (A 32 character string)

Apparently this was discussed in a thread in comp.mail.headers starting
on Sept 11 / 2004 (X-Message-Info header : spam or not ?) as well as comp.mail.misc in a thread starting on June 7 / 2004 (What mailer
inserts X-Message-Info headers?).

The conclusion from both threads indicated that the header line "X-Message-Info" was added by Hotmail to the headers of mail received by hotmail servers, but is not present in the headers of out-going mail
sent by Hotmail. As I don't have access to any MS-hosted mail account,
I don't know if this characteristic is still in effect today.

Its appearance in spam back in 2004 was apparent (as evidenced by those threads) and its use must have ended prior to 2009. It now seems to
have started again as of February 2015.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)