It would be nice, although ultimately unworkable I guess, if SA could be engineered to ignore anything which isn't humanly-visible in an email. i.e. when spammers insert fake PGP signatures in <font color="White"></font> tags to lower their score - SA should ignore it.
The problem with this, I guess, is that not only would it be near impossible to catch every permutation of "hiding content", but you would also potentially miss glaring spam signatures that are hidden.. e.g. <!-- Created by SpamPro (c) 2003 -->
Actually, SA does parse out the HTML comments before running body tests as a part of the HTML preprocessing. It doesn't get everything which "isn't humanly-visible" but it does get certain kinds of obfuscation out of the way before processing rules.
There's also a "rawbody" ruletype that explicitly does not get HTML pre-processing done, so you can look for things burried in HTML tags like your example.
------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
