Have you looked at 'Sanitization'? When you look at how malware is delivered -- if you subtract phishing -- then it is going to be as an attachment, not as plain text. HTML mail comes as a MIME attachment ... Tools exist that can sequester the attachments. If this is HTML mail ten the message should have a plain-text part. If the attachments are, for example, documents, then the user can be told where they can be obtained if they are deemed legitimate. Yes, users will need to be educated in how this is different from traditional AV; yes users will have to be made more security conscious so that they don't just retried the sequestered part as a matter of course. However there are also tools that can process as well as strip, ones that can test and 'de-fang' the attachments separately, yet not impede the delivery of the basic message. This may seem obtuse to people used to 'traditional' AV, but I've worked at clients where it has been implemented and is accepted by the end used as the 'normal' way of things. Its part of the culture there. The again, I've seen client where they use MS-Word as a email composer and the god-damn-awful HTML that it produces and 'defend to the death' their "right" to produce bloated messages in fancy fonts and more colours than in your child box of crayons, regardless of the extra space it consumes, as insist that this adds business value that plain-text cannot deliver. Go Figure. Of course you can always use some smarts. I do. I have a pre-filtered 'white list' and 'black list' for known correspondents. Everything else gets filtered. -- It is the test of a good religion whether you can joke about it. - G. K. Chesterton -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org