First, i'm sorry for my bad english, i'm a native german speaker.

I need a little change within the plugin MIMEHeader.pm to get all headers.

The best i think is to allow the ALL pseudoheader for mimeheader like in the 
header statement.

My last version of SA is 3.1.8 i've got a RPM for. However i've checked 
against 3.2.2 source that it isn't implemented yet.

Here comes the code i hacked into the 3.1.8 version in
sub eval_hook_called, so you can recognize what i mean.


  foreach my $p ($scanner->{msg}->find_parts(qr/./)) {
    my $val;
    if ($hdr =~ /ALL/i) {
        $val = $p->get_all_headers($getraw, 0);
    } else {
        $val = $p->get_header($hdr, $getraw);
    }

    $val ||= $if_unset;

this works for me, but it would not be nice to hack all SA versions in the 
future.

RFC1521 says in 7.1.1 (last subsection) that text which only contains US-ASCII 
characters must be marked as US-ASCII.

So Content-Type text/plain charset=iso-8859-x and 
Content-Transfer-Encoding 7 Bit is not valid by RFC. However there are some 
few mailers ( OsCommerce :-( ) which doesn't respect this, but a lot of 
spammer do also, even in the zip-attachment spam i got here a lot.

So one of my own rules scores if there is a invalid charset/encoding pair and 
give some bonus-points if it is a ill mailer, like osCommerce.