Yes, there are a number of multipart/mixed loopholes at the moment. Planning to use MIME::Tools to do some more serious deconstruction on the messages and their parts in future release. At the moment I'm actually thinking it'll be in 2.3 and I'll release 2.2 in the coming week, since the MIME::Tools will be a fairly big change and might conceivably break some stuff. Since so many rules have changed, and the evaluation-short-circuiting stuff is in there already, I think we might want to release that before going into serious MIME-overhaul mode.
C On Fri, 2002-03-29 at 10:04, Jay Jacobs wrote: > I just got some spam that had the entire body base64 encoded, it's > content-type was "multipart/mixed" with one part, the base64, which was > listed as type "text/html". > > Here's what hit: > PLING,BASE64_ENC_TEXT > > I see two big issues: > 1) it should have hit on the "html only" test, even though it was labelled > as multipart, it had only one part. > 2) the body wasn't parsed at all and thus bypassed all body tests, and > therefor got through the filter unscathed. > > It seems that spammers could get around a lot just by base64 encoding > their message? > > Jay > > > > > > _______________________________________________ > Spamassassin-talk mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/spamassassin-talk > > _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
