Tom Shaw wrote, regarding winnow.spam.ts.xmailer.hc.24 > I would love feedback from the folks on the list. > The signature detects a violation of RFC 2821/2822 > on header line terminations. We have never has a FP > on them although some on this list have. (I have, and seem to recall having posted about it too...) > I have kept the signature in due to its > violation of RFC's however, if the community > feel this is too agressive I will remove it > from the public distro. Feedback? Well... I've still got it in my local.ign, but I'm considering re-enabling that signature. My "False Positive" came when an external sender managed to misconfigure Eudora in interesting ways. How much does it catch in practice? If it catches relatively little, it might be worth dropping. If it catches a lot of real junk I'd suggest leaving it in, but if it mostly just catches people who break their email client it's probably worth dropping, regardless of the RFC violation. Mark.