We for the last couples of days we see many hits of XM_RANDOM rule on
legit mail. Samples of X-Mailers it hits
> *X-Mailer:* AspQMail 2.0 4.03 (QSM260971F)
> X-Mailer: WebService/1.1.18138 YahooMailAndroidMobile YMobile/1.0
(com.yahoo.mobile.client.android
<http://com.yahoo.mobile.client.android/>.mail/6.27.0; Android/11;
RP1A.200720.012; a52xq; samsung; SM-A526B; 5.99; 2186x1080;) >
*X-Mailer:* WebService/1.1.18121 YahooMailAndroidMobile YMobile/1.0
(com.yahoo.mobile.client.android.mail/6.10.5; Android/10;
QP1A.190711.020; starlte; samsung; SM-G960F; 5.68; 1450x720;)
> *X-Mailer:* Traveler 11.0.2.0 Build 202010261910_30 on server
DETR02/SRV/BAUHAUS/DE at
20210418173104417 by DelQ-18bc[NoticeMgr]
especially the AspQMail (hits on stuff within '()') and the yahoo mailer
are quite common in our message flow.
Think that rule should be revised
--
Cheers
tobi
legit mail. Samples of X-Mailers it hits
> *X-Mailer:* AspQMail 2.0 4.03 (QSM260971F)
> X-Mailer: WebService/1.1.18138 YahooMailAndroidMobile YMobile/1.0
(com.yahoo.mobile.client.android
<http://com.yahoo.mobile.client.android/>.mail/6.27.0; Android/11;
RP1A.200720.012; a52xq; samsung; SM-A526B; 5.99; 2186x1080;) >
*X-Mailer:* WebService/1.1.18121 YahooMailAndroidMobile YMobile/1.0
(com.yahoo.mobile.client.android.mail/6.10.5; Android/10;
QP1A.190711.020; starlte; samsung; SM-G960F; 5.68; 1450x720;)
> *X-Mailer:* Traveler 11.0.2.0 Build 202010261910_30 on server
DETR02/SRV/BAUHAUS/DE at
20210418173104417 by DelQ-18bc[NoticeMgr]
especially the AspQMail (hits on stuff within '()') and the yahoo mailer
are quite common in our message flow.
Think that rule should be revised
--
Cheers
tobi