I've just seen in the last 12h a new virus coming through as a Microsoft security update.
I've added a test like this to catch it; header MSVIRUS To =~ /Microsoft Customer <'customer\@yourdomain.com'>/ describe MSVIRUS temp test to find new virus score MSVIRUS 300.0 I score it 300 because this is particularly incidious; @microsoft.com is whitelisted on my servers to get around the Microsoft Passport signups. I know it's not spam but this is a quick way to prevent it from spreading because it really does look pretty legit unless you examine the headers. Regards, Andrew _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
