False Positive FORGED_MUA_MOZILLA

2017-04-03 Thread Joe Albertson
There looks to be a false positive with the FORGED_MUA_MOZILLA rule when sending form Yahoo as shown by the following example: Message-ID: <831172902.119665.1490778597...@mail.yahoo.com> X-Mailer: WebService/1.1.9272 YahooMailNeo Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML,

Re: SpamAssassin false positive bayes with attachments

2014-10-06 Thread Joe Albertson
After reading your reply, I re-examined the message and found the case was an incorrect Content-Type: ~~~ Content-Type: text/plain; charset=windows-1250; name="pdfname.pdf" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="pdfname.pdf" ~~~ So it was scanning the base64