On Fri, 29 Aug 2003, Michael Stevens wrote: > On Fri, Aug 29, 2003 at 12:22:25PM +0100, Roger Burton West wrote: > > On Fri, Aug 29, 2003 at 12:17:28PM +0100, Michael Stevens wrote: > > > > >I'm fully in favour of banning text/html only messages, but > > >I'm quite happy with multipart/alternative, as they usually render > > >perfectly well in decent console MUAs. > > > > Spammers have noticed that people are banning text/html only; quite a > > bit of the spam I've seen recently has been of the form: > > > > multipart/alternative > > text/plain (blank) > > text/html (body of spam) > > Okay, possibly a more intelligent filter that can spot this case > as well? Harder to implement as a system filter in exim, though, I'd > guess.
But then to get around that you've got multipart/alternative text/plain (body of gibberish) text/html (body of spam) At which point it seems attractive to at least take a stab at making sure that the /plain and /html branches resemble each other. But how? It doesn't seem feasible to embed an HTML parser in a high volume mail scanner ("meet the new SpamAssassin 3.0 -- now with Gecko!"). Checksums seem unlikely to help. You could guess with metrics such as "the average html branch will be N times the plain branch, give or take X standard deviations" but ...yuck. A less painful approach might just be to queue multipart messages for moderator review. As has been noted, there have only been a handful of these in the past six months, not all of which were meant to go to the list anyway. -- Chris Devers [EMAIL PROTECTED] ISO, n. [Origin: possibly Greek iso "equal" but now presumed acronym for International Standards Organization.] A meta-standards organization set up in 1947 in order to establish standards for the setting up of standard organizations. See also ANSI; ASCII; STANDARD. -- from _The Computer Contradictionary_, Stan Kelly-Bootle, 1995