Jo Rhett wrote on Tue, 14 Aug 2007 13:27:20 -0700: > Well first I don't think many of us want to waste CPU cycles trying > to analyze the contents of PDF files.
Right, and not only of PDFs. That's why "many of us" reject this stuff already at MTA for technical reasons and thus rarely see this stuff. Problem solved. Without complaining. But if you don't want to detect with SA you *have* to analyze the PDF as the spammy content is in the PDF and not elsewhere. You cannot rely on some signs in the mail itself as they may easily change from day to day. > What can be done to get these tested and included in the main ruleset? What is "these"? I don't see that you offered any rules catching that stuff. So, what do you want the developers or anyone to test? Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com
