I have created a multipart message using cfmail and
cfmailpart, there's a text part and an html part that includes
inline images. The messages are being caught by our email antivirus
(declude). The antivirus message states that the message contains
"the [Outlook 'Space Gap' Vulnerability]"
The vulnerability can be defined as:
This vulnerability occurs when there is a space in one of
headers where there is not normally a space (such as
:" instead of "Content-Type:"). This is not RFC-compliant,
Outlook will treat it as valid and be able to see a virus
virus scanners will not usually see. There is no legitimate
for an email to be formed like this.
When I look at the source of the email message, it appears
that coldfusion does the following to the mime headers: