Re: embedded image spams

[ha...@t-online.de]

> So my question is can we have rulesets in spamassassin that can compare
> the sending host domain with the latter part of @ of content id or look
> for @ in the content id.

Hi,

honestly the fact that outlook uses different strings and this spam uses similar strings for
the boundary and the content id could be seen as a coincidence.
I am using a few perl and php scripts for mail with attachments that more resemble the
spam than the outlook case - and I dont think there are any recommendations in the
RFC about how to create content id

Wolfgang Hamann