mouss wrote:
> how about
>
> header __CTYPE_MULTIPART Content-Type =~ m{multipart/\w}i
> mimeheader __MIME_CTYPE_IMAGE Content-Type =~ m{image/\w}
> mimeheader __MIME_CTYPE_TEXT Content-Type =~ m{text/\w}
>
> meta MULTIPART_IMG_NO_TEXT (__CTYPE_MULTIPART && __CTYPE_IMAGE &&
> !__CTYPE_TEXT)
I like this! Because I think spammers will continue to abuse the
subtype and we would be chasing it endlessly it seems best not to
include it. But there does seem to be a mixup in the "__MIME_" prefix
on or off in the above. Here is the rule I have installed.
header __CTYPE_MULTIPART Content-Type =~ m{multipart/\w}I
mimeheader __MIME_CTYPE_IMAGE Content-Type =~ m{image/\w}
mimeheader __MIME_CTYPE_TEXT Content-Type =~ m{text/\w}
meta MULTIPART_IMG_NO_TEXT (__CTYPE_MULTIPART && __MIME_CTYPE_IMAGE &&
!__MIME_CTYPE_TEXT)
score MULTIPART_IMG_NO_TEXT 2.0
describe MULTIPART_IMG_NO_TEXT Image body part but no text body parts
Adjust the score 2.0 as appropriate. I have it much higher here at
BAYES_99+required_hits to ensure that it forces a spam categorization
because here I can guarantee that restriction.
Bob
