Note that some of these spams have an application/msword attachment so blocking zip/exe files is not enough. See for instance bug #819366 which has a FedEx.doc attachment.
Also, rather than banning all zip, exe or doc files I think it would make more sense to simply scan attachments for viruses using ClamAV. This would work not only for this wave of viruses but also for the next without overblocking and without having to write and keep updating very specific Spamassassin rules. For instance see http://drivel.com/clamassassin/ Just make sure you enable clamd for performance. -- Francois Gouget <fgou...@free.fr> http://fgouget.free.fr/ There are 10 types of people in the world... those who understand binary and those who don't.
