Ashish, SA itself mainly does rule matching, it reads the decoded mail line by line, comparing it to it's rules and (optionally) bays database.
SA would parse the entire attachment except that there's a default setting saying to stop processing after a certain amount of KB of
data has been processed. The idea is that a spammer isn't going to send a large attachment on every spam. As far as the rendering and decoding process, as far as I know all of that is handed over to various perl modules, such as MIME::Base64 and such. If those perl modules cannot decode an attachment they would (presumably) return an error. But that is entirely up to the module, which isn't necessarily written by SA developers. And of course if a new mail parsing module were to come out I'm sure SA would switch to that. Beyond this the SA code itself is probably the best documentation from a developers point of view. Ted On 6/25/2010 4:53 AM, Sharma, Ashish wrote:
Hi, I want to know how spamassassin works from a developers point of view, specifically I want an answer to following questions: 1. How is an email rendered on spamassassin once it's received? 2. How are email attachments handled on spamassassin for rule parsing? 3. How is spamassassin able to determine that a particular attachment can/can't be parsed for defined rules? 4. What is the flow of attachment demimeing on spamassassin? Kindly refer some suitable links too. Thanks in advance Ashish Sharma
