Email with multiple Content-Type headers fools defang-mime processing so that 
the mail is not defanged, at least when viewed in Outlook Express.

I'm attaching one of the spams that does this in case my diagnosis is 
incorrect. I xx'd out the host names in the IMG tags so you don't have to look 
at the pictures if you look at it in an HTML viewer and verified that it still 
demnstrates this bug.

The spam has two Content-Type headers that both specify text/html and the body 
is HTML-only. When it is run through Spamassassin with defang-mime 1 in the 
preferences, it correctly gets a high score, the first Content-Type header is 
rewritten and the second one is left untouched. I have only looked atthe result 
with Outlook Express, so I can't say how other MUAs handle them, but OE uses 
the second Content-Type header, displaying the result as HTML.

This is not good when you are used to being able to click on the entries in the 
spam folder while at work to check for FPs :-)