I'm running SA 2.60-rc1, and have noticed that spamassassin is not catching microsoft executable attachments when they arrive as an enclosed bounce message. Shouldn't SA be detecting the microsoft_executable stuff since the test is done on rawbody?
The test isn't done with a rawbody rule.. it's an eval test in the code itself.
It appears the eval test itterates through all mime sections starting with the first. It will wind up skipping any boundaries which aren't actually a part of the boundary chain of the real message itself.
Sorry, but a text section quote of a message containing an attachment technically does not have that attachment, although some broken MUA's might try to interpret them even though they aren't a part of the boundary chain.
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
