Hi all,
I've noticed that I've had a few spams recently where the To: field
includes a DOS-style file path - some examples are:
To: <C:\`Bulk.Adz\MTG\[EMAIL PROTECTED]>
To: <C:\`Commercial.Adz\Mtg\[EMAIL PROTECTED]>
To: <C:\``VipCustomer\`Euro\[EMAIL PROTECTED]>
To: <C:\``VipCustomer\Yen\[EMAIL PROTECTED]>
To: <C:\``VipCustomer\Dvd\[EMAIL PROTECTED]>
Is anyone else seeing these?
A rule to spot them is trivial, but will have to wait till after 2.50.
header L_TO_FILENAME To =~ /^<C:\\/
describe L_TO_FILENAME "To" header contains a filename
score L_TO_FILENAME 1.0
I'll file a bug in the Bugzilla for this in due course.
It's possible these are generated by the same software - all the
messages I've had also include the following headers:
Content-Type: text/plain;
charset="Windows-1252"
Content-Transfer-Encoding: 7bit
Martin
--
Martin Radford | "Only wimps use tape backup: _real_
[EMAIL PROTECTED] | men just upload their important stuff -o)
Registered Linux user #9257 | on ftp and let the rest of the world /\\
- see http://counter.li.org | mirror it ;)" - Linus Torvalds _\_V
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
