http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5393
------- Additional Comments From [EMAIL PROTECTED] 2007-03-29 12:12 ------- I don't think it really is a matter of SA only working with mail that follows the RFCs, as we don't in every case. But in this case there is a specific answer to your question about what is the harm in scanning the epilogue text. Given that some MUAs ignore it and some MUAs show it, we have to make a choice based on what spammers will do if we do or do not scan it. If we do not scan the epilogue they can put spam there and not in the body, targeting the people who use MUAs that see it and missing people who do not. If we do scan the epilogue, they can target people who use MUAs that do not see it by putting high volumes of non-spammy garbage in the epilogue designed to overload spam filters and poison Bayes databases. The question is not a matter of what does the RFC say, but which MUAs do what with it, how popular are they, what are spammers doing now, and what potential advantages do we give spammers with our choice of how we handle this. I would like to see a list of MUAs that display the epilogue in these test messages. If it is only Outlook 97, Versamail, and mail readers that don't understand MIME, then I would go with having SA ignore the epilogue following the reasoning that spammers will be more likely to try to take advantage of a loophole to DoS spam filters than they are to target a very small subset of the MUAs. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
