I have a folder that has 64 messages that I have verified contain "google.com/pagead" 11 or which are in attachments.
I do an F9 on one of the messages with an attachment and copy google.com/pagead from the message and paste it into the search tool. I get the following results:
Any part contains finds 53 messages (0 with attachments)
Any part doesn't contain all 64 messages
Any part match finds 53 messages (0 with attachments)
Any part doesn't match all 64 messages
Text contains finds 53 messages (0 with attachments)
Text doesn't contain 11 messages with attachments
Text match finds 53 messages (0 with attachments)
Text doesn't match 11 messages with attachments
Attachment contains 0 messages
Attachment doesn't contain all 64 messages
Attachment match 0 messages
Attachment doesn't match all 64 messages
From the message source (I haveplaced actual domain with "domain" and IPs with ip):
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="9B095B5ADSN=_01C878475030ACBC000C886Bserver.domain"
X-DSNContext: 335a7efd - 4460 - 00000001 - 80040546
Message-ID: <oxOIw9Bx6000b258b@server.domain.com>
Subject: Notificaci=?unicode-1-1-utf-7?Q?+APM-n
de
estado
de
entrega
(Error)?=
X-EsetId: 767BAE2BE93E21362037
--9B095B5ADSN=_01C878475030ACBC000C886Bserver.domain
Content-Type: text/plain; charset=unicode-1-1-utf-7
Notificaci+APM-n de estado de entrega domain autom+AOE-ticamente.
Error en la entrega a los siguientes destinatarios.
sales@domain.com
--9B095B5ADSN=_01C878475030ACBC000C886Bserver.domain
Content-Type: message/delivery-status
Reporting-MTA: dns;server.domain.com
Received-From-MTA: dns;ip.ip.ip.ip
Arrival-Date: Wed, 9 Apr 2008 07:09:35 +0200
Final-Recipient: rfc822;sales@domain.com
Action: failed
Status: 5.1.1
--9B095B5ADSN=_01C878475030ACBC000C886Bserver.domain
Content-Type: message/rfc822
Received: from ip.ip.ip.ip ([ip.ip.ip.ip]) by server.domain.com with Microsoft SMTPSVC(5.0.2195.6713);
Wed, 9 Apr 2008 07:09:35 +0200
Message-ID: <000a01c899ff$05f2ed35$0c3b05b0@lpqiau>
From: "bayard ted" <home@mydomain.com>
To: <sales@domain.com>
Subject: yCalis, Vyagar adn Levyrta at Bargain Prices - We Have It All! sales's discount.
Date: Wed, 09 Apr 2008 03:20:16 +0000
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0007_01C899FF.05EE1DE8"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.3138
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
Return-Path: home@mydomain.com
X-OriginalArrivalTime: 09 Apr 2008 05:09:37.0473 (UTC) FILETIME=[E8656B10:01C899FF]
X-TM-AS-Product-Ver: SMEX-8.0.0.1181-5.000.1023-15838.002
X-TM-AS-Result: Yes-37.288600-8.000000-31
X-TM-AS-User-Approved-Sender: No
X-TM-AS-User-Blocked-Sender: No
This is a multi-part message in MIME format.
------=_NextPart_000_0007_01C899FF.05EE1DE8
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<Text advertising questionable products>
------=_NextPart_000_0007_01C899FF.05EE1DE8
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2900.3199" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV style=3D"text-align:center; margin:0 auto;">
<DIV style=3D"text-align:center; border-top:3px solid #05074D; =
border-bottom:3px solid #05074D; background:#EFEFFF;">
<H3>
<A =
href=3D"http://www.google.com/pagead/iclk?sa=3Dl&ai=3DimLwKNI&num=3D09964=
&adurl=3Dhttp://domainadvertised.com" style=3D"color:#16227D;">
<More html with more links and advertisements>
------=_NextPart_000_0007_01C899FF.05EE1DE8--
--9B095B5ADSN=_01C878475030ACBC000C886Bserver.domain--