On Thu, 2009-10-15 at 09:38 -0600, Jason Haar wrote: > I just received what appeared to be a standard "certain north american > country" pharma spam that went straight by rules I have that normally > catch it. Within Thunderbird (and any other HTML-capable MUA) it's > blatantly shouting its wares. Clever usage of SPANs appear to enable it > to sneak straight by SA. > > http://pastebin.com/m56d2db96 > > Is this something SA normally has components in place to catch/parse? > FYIW short-circuit kicked in when the clamav plugin hit. I'm running the third party sigs and it hit on Sanesecurity.Hdr.8239.UNOFFICIAL.
-- KeyID 0xE372A7DA98E6705C
signature.asc
Description: This is a digitally signed message part
