http://bugzilla.spamassassin.org/show_bug.cgi?id=3069
------- Additional Comments From [EMAIL PROTECTED] 2004-04-14 14:32 ------- Subject: Re: non-text part inside of forwarded message included in "body" On Wed, Apr 14, 2004 at 01:28:08PM -0700, [EMAIL PROTECTED] wrote: > http://bugzilla.spamassassin.org/show_bug.cgi?id=3069 > ------- Additional Comments From [EMAIL PROTECTED] 2004-04-14 13:28 ------- > If we don't scan message/rfc822 parts, then that's exactly what spammers > will start sending (and this is a similar problem to one of the major > flaws with challege/response systems, spammers can fake C/R messages and > trick users into opening them). > > Haven't we always scanned message/rfc822 parts anyway? Maybe not very > effectively or consistently, but I thought we just muddled through them > in 2.6x. Maybe I should re-read the old thread... :-) One place where it would be a really good idea to scan message/rfc822s is in the case of DSNs. Where you get either a complete message/rfc822 or a text/rfc822-headers within something that looks like a DSN (multipart/report for example), it would be extremely worthwhile scoring that inner message. Any Received: lines in it can be continued backwards from the final one in the outer message. As traces of message delivery they're exactly as trustworthy as they would be anyway. The ones where I've done this by hand usually end up on an RBLed IP address - all those points going to waste :-~) In 2.63, there is a problem with bounces going straight through the system - especially if it's newly installed and learning from scratch. Many bounces trigger no rules at all on 2.63, and I've had to fiddle with our rules to catch the spammy ones, so I'm really glad to hear that 3.0 will do that. I'll have to try it out :) I had started writing a plugin to do it, not knowing it was already in the code ! Nick ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
