fleet(_at_)teachout(_dot_)org wrote:
On Tue, 1 Apr 2003, Daryle A. Tilroe wrote:
PS. I don't quite understand why you original recipe:
* Content-Type:(.*\<)?text/(html|plain)
* ^Content-Transfer-Encoding:(.*\<)?base64
failed in the examples you gave.
>
> It was restricted to headers - if I move it to include bodies then every
> message that contains a valid image (and I get a lot of them) winds up in
> the spam folder. The "consecutive lines" thing avoids that problem - or
> at least it appears to for the time being.
Ahhh! Since I implemented it about a month ago
my 'consecutive line' regexp has been limited to
the headers as well. Of course I could widen the
scope to the body as you are doing. That would
offer protection against an email that was flagged
as multipart and had this highly suspicious, base64
encoded html (although I have not yet seen this
yet it is probably only a matter of time).
This also brings up a short coming of the
potential plan I had to screen for html only
messages (see the header scope parsing thread).
It is, of course, trivial to construct a message
with a different, or empty, plain text section and
still have the obtusificated html spam (again
I have not seen this yet but it seems an obvious
extension)... Hmmmm.
Say ever consider that some of the more 'expert'
spammers may subscribe to this list? I suppose
someone has already pondered that before.
--
Daryle A. Tilroe
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail