[Mimedefang] DoD finally bans HTML e-mail
David F. Skoll
dfs at roaringpenguin.com
Mon Jan 8 10:50:22 EST 2007
WBrown at e1b.org wrote:
> On my original suggestion, would it be worth blocking messages where there
> is either no plain text or it differs signicantly from the HTML in terms
> of blocking spam?
Two questions:
1) Should we block messages that contain no text/plain parts? I would
say no. There are some people who only send text/html with no corresponding
text/plain. There are also automated e-mailings that only contain text/html.
So blocking mail for not having a text/plain would lead to false positives.
However, I would strongly suggest blocking mail that lacks a text/* part
entirely. We've seen some image spams where the top-level MIME type is
image/gif. It's very hard or impossible to create such messages with most
MUAs; they need to be crafted specially.
2) Should we block messages where the text/html differs "significantly"
from the text/plain? In theory, yes, but measuring if the difference is
"significant" is nightmarish. SpamAssassin has some rules that take a stab
at it, but they're not all that good.
Regards,
David.
More information about the MIMEDefang
mailing list