On Sun, 17 Jun 2018, RW wrote:
On Sun, 17 Jun 2018 14:19:25 +0200
Matus UHLAR - fantomas wrote:
meta ENCRYPTED_MESSAGE __CT_ENCRYPTED
header __CT_ENCRYPTED Content-Type
=~ /^multipart\/(?:x-)?(?:pgp-)?encrypted|application\/(?:x-)?pkcs7-mime/
__CT_ENCRYPTED is for now better solution, mostly because of someone
could disable ENCRYPTED_MESSAGE in case of FPs.
If it were
meta ENCRYPTED_MESSAGE __ENCRYPTED_MESSAGE
I'd agree, but the the current definition has clearly been set up to
allow additional tests to be added to ENCRYPTED_MESSAGE.
Correct.
__CT_ENCRYPTED is the basic test for the MIME type and is intended
for use in metas.
ENCRYPTED_MESSAGE is what score to apply to that, potentially with FP (or
in this case spam) avoidance filters. Generally those are added by seeing
what else hits in the masscheck results.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Are you a mildly tech-literate politico horrified by the level of
ignorance demonstrated by lawmakers gearing up to regulate online
technology they don't even begin to grasp? Cool. Now you have a
tiny glimpse into a day in the life of a gun owner. -- Sean Davis
-----------------------------------------------------------------------
Tomorrow: SWMBO's Birthday
