Hi, guys Recently I saw this.
http://jrs-s.net/2013/06/14/block-common-trojans-in-spamassassin/ My idea was to create a rule in the way mentioned in this site, such as, for example, certain attachment file type (such as HTML or ZIP) and a certain subject, score the message. The rule works. But I found that it causes false positives for emails that have HTML in the body and not necessarily attached (internally, I guess its the same, right?). Example --_000_2C3280CB5B1A584F8E4B3E0E263D843251617ACAMBXTB921Cvcarem_ Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr= osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" = This the system detects in the mimeheader content type = html rule as an HTML attachment... Is there a way to check only really file types that are attached explicitly to the email using Spamassassin and the mimeheader plugin? Thanks, Robert
