[SAtalk] Spam using invalid Mime headers to bypass SpamAssassin?

Ryan Moore Mon, 25 Aug 2003 19:49:52 +0000

I got an email that made it by spamassassin with virtually no hits, which looks like it used some wierd mime technique to get through spamassassin. I put the source of the email at http://h0b0.net/brokenmime.txt. I also edited the message and put some simple mime headers in it and passed it through spamassassin and it got 7.7 hits, I put the source of that at http://h0b0.net/fixedmime.txt.

Is it valid to specify a different boundary in the mime header (when not attaching a rfc822 source message)? This message did that it appears, though I'm no mime expert so I'm not sure if that is a valid thing to do or not. In any case, is this a bug of some sort with SpamAssassin?

Ryan Moore
----------
Perigee.net Corporation
704-849-8355 (sales)
704-849-8017 (tech)
www.perigee.net

-------------------------------------------------------
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines
at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

[SAtalk] Spam using invalid Mime headers to bypass SpamAssassin?

Reply via email to