https://bz.apache.org/SpamAssassin/show_bug.cgi?id=6260
--- Comment #7 from Kent Oyer <[email protected]> --- Please try running with these rules and let me know. rawbody MXG_HTML_PHISH / type=['"]?password\b/ describe MXG_HTML_PHISH HTML phishing rawbody MXG_JS_OBFU /\b(unescape|atob)(\(|%28)/ describe MXG_JS_OBFU JS Obfuscation If you need more spamples I can provide those as well. Unfortunately, T_OBFU_HTML_ATTACH fires on too much ham for it to be useful. For example, T_OBFU_HTML_ATTACH fires on ham from "[email protected]", "[email protected]", "[email protected]" just to name a few. -- You are receiving this mail because: You are the assignee for the bug.
