I just got some spam that had the entire body base64 encoded, it's content-type was "multipart/mixed" with one part, the base64, which was listed as type "text/html".
Here's what hit: PLING,BASE64_ENC_TEXT I see two big issues: 1) it should have hit on the "html only" test, even though it was labelled as multipart, it had only one part. 2) the body wasn't parsed at all and thus bypassed all body tests, and therefor got through the filter unscathed. It seems that spammers could get around a lot just by base64 encoding their message? Jay _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
