On Tue, 11 Aug 2009, Karsten Br?ckelmann wrote:
I just got a 419/fillform spam where the bulk of the message was in a
base64-encoded plain text attachment. This effectively bypassed the
many BODY and RAWBODY tests that would have hit on the text had it been
included in the message body.
Should plain text attachments be scanned as regular message parts?
Sample?
http://www.impsec.org/~jhardin/antispam/samples/body_text_as_octet_attachment.txt
As I understand the docs, both are supposed to include all text parts.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
[email protected] FALaholic #11174 pgpk -a [email protected]
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
The difference is that Unix has had thirty years of technical
types demanding basic functionality of it. And the Macintosh has
had fifteen years of interface fascist users shaping its progress.
Windows has the hairpin turns of the Microsoft marketing machine
and that's all. -- Red Drag Diva
-----------------------------------------------------------------------
4 days until the 64th anniversary of the end of World War II
