I used to work for a security vendor and MIME/email used to be another great target for exploiting mail filters. We had our own sec team checking the security of our own software - amazing what stuff they found in our own code base and third party libraries. Security is hard.