Hi, Heads-up: We're seeing weird new malware with a subject that looks like
Invoice XXXnnnn where XXX is two or three random upper-case letters and nnnnn is a series of digits. What's weird is that the Content-Type: header looks like this: Content-Type: multXXXart/mixed where the XXX is the same as in the subect. That is, a message with subject "Invoice UUI8187685" has Content-Type "multUUIart/mixed". This is fooling our MIME parser because it doesn't see the container as a multipart. Does any client software? Anyway, might want to make rules for this. Regards, Dianne.
