Scott, does the COMMENTS test also catch bogus HTML tags?
No. It is only designed to catch HTML comments that are designed specifically to bypass filters, such as "I am a spa<!-- haha! -->mmer" (which would appear in the mail client as "I am a spammer").
I've seen rather a lot of spam HTML messages where there are deliberate "bogus tags" like <HUE5MTl> to throw text matching off the scent, whereas because they look like tags, the e-mail client display doesn't show them at all. Text matching on the bogus tags is a waste of energy, because the spammer changes the bogus tags too often, and sometimes every bogus tag is different inside a single message.
This is something that we are looking into, as spammers are also using legitimate HTML tags such as "I am a spa<B></B>mmer". What we are thinking about is removing all HTML tags (legitimate or not), and scanning the results.
-Scott
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
--- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.