Personally I believe in obfuscation... The less the spooks know the better including knowing of your evasion by taunting them (/depends on what your trying to accomplish I guess/). For browsers like firefox there's IPFuck and a user-agent string changer that allows one to spoof another browser or create a "/Could be mutt but fucked if I'm telling you/" string. Must be some tool like that for mail user-agents. https://addons.mozilla.org/en-US/firefox/addon/blend-in/ Also see: https://sourceforge.net/projects/emspoofer/ Rr On 06/08/2016 04:02 AM, Zenaan Harkness wrote:
I know, I know, this is wildly off topic for this list, but I dare to ask:
Dear Dolly, I note that many punky punks round these parts use their MUA du journk, yet happily advertise (of course falsely) their MUA User-Agent name and version (due to the default header config which does as much).
Of course everyone round these parts is perfectly aware of such matters and has long ago manually modified such string to discretely lead any would be infiltrator astray. Such significant information so many people give away, "presently company excluded" of course... :)
So, can anyone tell me of known spam filters or "outright rejection" filters in any known mail server configurations/ setups, which would reject an email header such as:
User-Agent: Could be mutt but fucked if I'm telling you.
Is it better to simply not include such a header?
Or is it better to do the sly "make it look genuine but it's not" number?
Better is a purely objective assessment of course with no rune for alternative threat models or other subjective quasi quagmires...
Confused, Z
P.S. Thank you my gracious and all knowing lords of the crypto best practices paddfock. May we romp in freedom with daisies to save the world, as I've heard love and light is all powerful and will save us all.