http://bugzilla.spamassassin.org/show_bug.cgi?id=3069
------- Additional Comments From [EMAIL PROTECTED] 2004-04-14 13:50 ------- Subject: Re: non-text part inside of forwarded message included in "body" -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >If we don't scan message/rfc822 parts, then that's exactly what spammers >will start sending (and this is a similar problem to one of the major >flaws with challege/response systems, spammers can fake C/R messages and >trick users into opening them). I think I'd settle for making this behaviour optional, through a boolean config parameter. I will definitely be turning it off ;) Consider also the effects on Bayes learning -- if a mailman admin (or someone similarly receiving nonspam mails with spammy messages encapsulated within them) wants the nonspam mails to get past Bayes, they'll probably consider learning them as ham. That'll wind up with a load of spam tokens (from the encapsulated spam) getting learned as ham. >Haven't we always scanned message/rfc822 parts anyway? Maybe not very >effectively or consistently, but I thought we just muddled through them >in 2.6x. Maybe I should re-read the old thread... :-) Possibly it's the new MIME-part comparison rules that are causing trouble here: MIME_HTML_MOSTLY, MPART_ALT_DIFF. Also the HTML rules are now firing on the message/rfc822 text, whereas before I think the message/rfc822 part would be treated as plain text, and its HTML sub-parts would not be parsed as HTML correctly. - --j. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Exmh CVS iD8DBQFAfaQpQTcbUG5Y7woRAgIpAJ92tCJNMVE5AXhXqarpRJSMmJDg7QCeK+5W 6Htw4Qg9s8ZtLPj3P6S1XcU= =Nmvu -----END PGP SIGNATURE----- ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
