> Add this rule to your local.cf file, run a message through manually using -D
> switch and SA will output what the rules will see in a full test.
>
> full PRINTFULL /(^.*$)(?{ print "Full:\n$^N\nEnd Full\n" })/is
Excellent. Thanks.
When it gets to the S/MIME pkcs-7-signature attachment spamassassin -D
outputs:
[skipped application/x-pkcs7-signature attachment]
I would like to be able to get at the MIME headers of that and
attachments in general I suppose. Do you know if that is possible?
The reason is that a valid pkcs7 S/MIME message (atleast all the ones I
am seeing here) contain all of the following :
in the header:
header MFH_PKCS7_1 Content-type =~ /multipart\/signed;/
as the first line of the body:
body MFH_PKCS7_2 /This is a cryptographically signed
message in MIME format\./
and the first, third and fourth line after the MIME boundary
full MFH_PKCS7_3 /Content-Type:
application\/x-pkcs7-signature; name=\"smime.p7s\"/
full MFH_PKCS7_4 /Content-Disposition: attachment;
filename=\"smime\.p7s\"/
full MFH_PKCS7_5 /Content-Description: S\/MIME
Cryptographic Signature/
I don't want to check if the signature is valid, only if it exists and
if it does assign a negative score for the existance of all of these
headers combined (e.g. a meta rule).
Am I going about this the wrong way?
Thanks
- Mike
