At 8:23 PM -0700 08/11/2013, John Hardin wrote:
However, I may be taking too-conservative a stance here. It's
possible that, while HTML comments can appear in ham, *long* HTML
comments won't, and the fact that we're looking for long blocks of
comment text is enough safety.
That's why feeling. You'll notice my rule is dumb: it's simply
looking for a bunch of stuff in a comment. My main feeling is that
if anyone is sending HTML email with LOTS of stuff commented out,
that email is almost certainly spam. Ham HTML email would probably
be done with more care.
Yes, there's the chance for FPs, if some company decides to send a
legitimate (ham, opt-in, etc.) HTML email from a badly-written
template where the designer was a lazy bum and left giant
commented-out sections... but would you really want such an email
anyway? ;-)
Thanks.
--- Amir
