https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7358
--- Comment #7 from John Woods <jwo...@greatplainsmfg.com> --- Good eye! The boundary is: --6479071-26388092-1648650284=:2907 The lines that throw the parser off have: --6479071-26388092-1648650284=:2907-- I'm not sure whether the e-mail in question conforms to RFC or not. But, bad actors could use this technique to sneak attachments past SpamAssassin. It looks like it is probably in lib/Mail/SpamAssassin/Message.pm, around line 848. One of the test conditions is: $body->[$line] =~ /^--\Q$boundary\E\s*$/ It's the trailing \s*$ that cause this to fail to detect the boundary. Are these parts of the regexp necessary for some other reason? -- You are receiving this mail because: You are the assignee for the bug.
