AntiVirus(3) simple anti-virus tests


loadplugin Mail::SpamAssassin::Plugin::AntiVirus
body MICROSOFT_EXECUTABLE eval:check_microsoft_executable()
body MIME_SUSPECT_NAME eval:check_suspect_name()


The MICROSOFT_EXECUTABLE rule works by checking for 3 possibilities in the message in any application/* or text/* part in the message:
- in text parts, look for a uuencoded executable start string
- in application parts, look for filenames ending in an executable extension
- in application parts, look for a base64 encoded executable start string