https://issues.apache.org/SpamAssassin/show_bug.cgi?id=4469
--- Comment #14 from Justin Mason <[email protected]> 2009-08-21 08:55:08 PST --- Mark: how do you deal with the danger of phishers inserting fake 'X-Amavis-MessageSize: mmmmm, TRUNCATED to nnnnn' headers in their templates to avoid DKIM checks? (you could avoid it by ensuring the header appears at the start of the message, before any trusted+internal Received hdrs, if you're not already doing that.) Perhaps we should "standardize" an official TRUNCATED header name. There is also the issue that HTML spam can be easily concocted that contains an innocent-looking body for the first 512KB, then includes 3KB of spam payload which uses CSS to hide the innocent text and display only the payload. But I guess that may not be a showstopper. Certainly not as bad as spam getting past, unscanned. ;) -- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
