Bob Proulx a écrit :
> mouss wrote:
>> how about
>>
>> header __CTYPE_MULTIPART Content-Type =~ m{multipart/\w}i
>> mimeheader __MIME_CTYPE_IMAGE Content-Type =~ m{image/\w}
>> mimeheader __MIME_CTYPE_TEXT Content-Type =~ m{text/\w}
>>
>> meta MULTIPART_IMG_NO_TEXT (__CTYPE_MULTIPART && __CTYPE_IMAGE &&
>> !__CTYPE_TEXT)
>
> I like this! Because I think spammers will continue to abuse the
> subtype and we would be chasing it endlessly it seems best not to
> include it. But there does seem to be a mixup in the "__MIME_" prefix
> on or off in the above.
indeed.
> Here is the rule I have installed.
>
> header __CTYPE_MULTIPART Content-Type =~ m{multipart/\w}I
> mimeheader __MIME_CTYPE_IMAGE Content-Type =~ m{image/\w}
> mimeheader __MIME_CTYPE_TEXT Content-Type =~ m{text/\w}
> meta MULTIPART_IMG_NO_TEXT (__CTYPE_MULTIPART && __MIME_CTYPE_IMAGE &&
> !__MIME_CTYPE_TEXT)
> score MULTIPART_IMG_NO_TEXT 2.0
> describe MULTIPART_IMG_NO_TEXT Image body part but no text body parts
>
I also added a meta to add 10 points if the above happens and mail is
sent from debian lists (I guess I could add all lists I am subscribed
to). the nice thing is that it catches this junk even with DNSWL...
> Adjust the score 2.0 as appropriate. I have it much higher here at
> BAYES_99+required_hits to ensure that it forces a spam categorization
> because here I can guarantee that restriction.
>
> Bob
