MIMEEval - perform various tests against MIME structure and body
loadplugin Mail::SpamAssassin::Plugin::MIMEEval
body NAME_OF_RULE eval:check_for_mime
body NAME_OF_RULE eval:check_for_mime_html
body NAME_OF_RULE eval:check_for_mime_html_only
body NAME_OF_RULE eval:check_mime_multipart_ratio
body NAME_OF_RULE eval:check_msg_parse_flags
body NAME_OF_RULE eval:check_for_ascii_text_illegal
body NAME_OF_RULE eval:check_abundant_unicode_ratio
body NAME_OF_RULE eval:check_for_faraway_charset
body NAME_OF_RULE eval:check_for_uppercase
body NAME_OF_RULE eval:check_ma_non_text
body NAME_OF_RULE eval:check_base64_length
body NAME_OF_RULE eval:check_qp_ratioPerform various tests against MIME structure and body.
Adds capability check for "if can()" for check_for_ascii_text_illegal
If a MIME part claims to be text/plain or text/plain;charset=us-ascii and the Content-Transfer-Encoding is 7bit (either explicitly or by default), then we should enforce the actual text being only TAB, NL, SPACE through TILDE, i.e. all 7bit characters excluding NO-WS-CTL (per RFC-2822).
All mainstream MTA's get this right.
Adds capability check for "if can()" for check_abundant_unicode_ratio
A MIME part claiming to be text/plain and containing Unicode characters must be encoded as quoted-printable or base64, or use UTF data coding (typically with 8bit encoding). Any message in 7bit or 8bit encoding containing (HTML) Unicode entities will not render them as Unicode, but literally.
Thus a few such sequences might occur on a mailing list of developers discussing such characters, but a message with a high density of such characters is likely spam.
Adds capability check for "if can()" for check_qp_ratio
Takes a min ratio to use in eval to see if there is an spamminess to the ratio of quoted printable to total bytes in an email.