https://bz.apache.org/SpamAssassin/show_bug.cgi?id=6439
--- Comment #8 from Bill Cole <billc...@apache.org> --- (In reply to Kent Oyer from comment #7) > Thanks for the quick response. I do have a real-world mail flow where I'm > seeing this being exploited dozens of times per day. As far as a spec goes, > I would recommend processing any application/octet-stream parts as text if > the filename extension is html, htm, or shtml (case-insensitive). It might > be wise to include other extensions such as xhtml but I'm not seeing that > being exploited. Seems to me that .txt also needs to be there. > Since there's no point in producing a patch for version 3, I'll try to solve > my problem with ClamAV. Unfortunately there are legitimate senders that also > use application/octet-stream to send HTML attachments so the only way to > detect malicious intent is to examine the attachment contents. > > I can provide sanitized examples if that helps. That would be helpful. -- You are receiving this mail because: You are the assignee for the bug.
