Hello, it looks like SA doesn't really like partial messages, like those sent by outlook
these messages have a header, for example Content-type: message/partial; number=2; id="[EMAIL PROTECTED]"; total=18 SA seems to consider what follows (which is a base64 part of the full message) as text, so it applies any rules to it, which can often hits bayes_99, bayes_90, large_hex, obfu, etc... known bug ? Would it be wise to implement a negative scoring rule to offset those mismatches ? or would there be any drawbacks ? of course this rule should not match for a supposed partial message with only one part : Content-type: message/partial; number=1; id="[EMAIL PROTECTED]"; total=1 Thank you
