I first thought that as well, but using the nomime => 1 option to Mail::Audit removes all possibility of checking the MIME attachments of a mail, and also removes the implicit capability of easily checking Base64-encoded HTML content - which is one major misfeature of SpamAssassin, as it can't detect HTML tags such as <oprah><spam><filler> as invalid.

Writing my own rules via a .cf file is good as long as I am content with what SpamAssassin has to offer within its framework, that is, content checking on non-decoded or already-cleaned content, with all HTML tags removed.

I did not find an easy way to simply supply a module that injected a function into the SpamAssassin::NoMailAudit namespace (or wherever else) and then to use that function as a test from within a .cf rule.