Release Notes -- Apache SpamAssassin -- Version 3.3.2
Introduction
------------
This is a minor release, primarily to support perl-5.12 and later.
Additionally several other minor bugs are fixed.
Downloading and availability
----------------------------
Downloads are available from:
http://spamassassin.apache.org/downloads.cgi
md5sum of archive files:
253f8fcbeb6c8bfcab9d139865c1a404 Mail-SpamAssassin-3.3.2.tar.bz2
d1d62cc5c6eac57e88c4006d9633b81e Mail-SpamAssassin-3.3.2.tar.gz
06d84d34834d9aecdcdffcc4de08b2a7 Mail-SpamAssassin-3.3.2.zip
72f8075499c618518c68c7399f02b458
Mail-SpamAssassin-rules-3.3.2-r1104058.tar.gz
sha1sum of archive files:
f38480352935fe3bb849a27a52615e400dee7d66 Mail-SpamAssassin-3.3.2.tar.bz2
de954f69e190496eff4a796a9bab61747f03072b Mail-SpamAssassin-3.3.2.tar.gz
edc6297dc651eeb7a4872f596ec5a54aeea85349 Mail-SpamAssassin-3.3.2.zip
a199d5f0f8c2381e3dfe421e7a774356b3ffda4b
Mail-SpamAssassin-rules-3.3.2-r1104058.tar.gz
Note that the *-rules-*.tar.gz files are only necessary if you cannot,
or do not wish to, run "sa-update" after install to download the latest
fresh rules.
See the INSTALL and UPGRADE files in the distribution for important
installation notes.
GPG Verification Procedure
--------------------------
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the wwwkeys.pgp.net key server, as well as
http://www.apache.org/dist/spamassassin/KEYS
The key information is:
pub 4096R/F7D39814 2009-12-02
Key fingerprint = D809 9BC7 9E17 D7E4 9BC2 1E31 FDE5 2F40 F7D3 9814
uid SpamAssassin Project Management Committee
<private@spamassassin.apache.org>
uid SpamAssassin Signing Key (Code Signing Key,
replacement for 1024D/265FA05B) <dev@spamassassin.apache.org>
sub 4096R/7B3265A5 2009-12-02
To verify a release file, download the file with the accompanying .asc
file and run the following commands:
gpg -v --keyserver wwwkeys.pgp.net --recv-key F7D39814
gpg --verify Mail-SpamAssassin-3.3.2.tar.bz2.asc
gpg --fingerprint F7D39814
Then verify that the key matches the signature.
Note that older versions of gnupg may not be able to complete the steps
above. Specifically, GnuPG v1.0.6, 1.0.7 & 1.2.6 failed while v1.4.11
worked flawlessly.
See http://www.apache.org/info/verification.html for more information on
verifying Apache releases.
Summary of major changes since 3.3.1
------------------------------------
NOTE: Complete changes are available at
http://svn.apache.org/repos/asf/spamassassin/branches/3.3/Changes
Bug #6353: Fix FH_FROMEML_NOTLD, add MISSING_FROM
Bug #6427: Spamc windows header library missing two defines.
Bug #6476: patch to fix missing sa-awl man page bug
Bug #6470: Small change in windows to exit stating that the exit status
is unknown. Thanks to Daniel Lemke for many of these small win32 patches.
Bug #6314: Complete removal of spamassassin.spec
Bug #6589: Errors in man pages
Bug #6588: Small bug in the regexp caught by Jose Borges Ferreira in
Bug #6515: spamd timeout_child option overrides time_limit configuration
option with nastier behaviour
Bug #6490: Mail::SpamAssassin::Plugin::SPF - Two enhancement issues
Bug #6562: NULL reference bug in libspamc. Quick workaround to avoid a
crash.
Bug #6454: wrong status test on $sth->rows in BayesStore::PgSQL
Bug #6418: Cannot Log to stderr without timestamps
Bug #6403: GMail should use ESMTPSA to indicate that it is in fact
authenticated, but doesn't
Bug #6229: TextCat is too case sensitive
Bug #6241: mkrules does not understand newer options and "else"
Bug #6382: add missing unwhitelist_from_dkim, remove facebook and
linkedin from dkim whitelisting
Bug #5744: some documentation fixes
Bug #6447: new feature to bayes autolearning: learn-on-error
Bug #6566: X-Ham-Report default wording ("has identified this incoming
email as possible spam") is confusing and inaccurate
Bug #6468: splice() offset past end of array in HTML.pm
Bug #6377: win32: spamd signal handling
Bug #6376: win32: consider negative pids under windows in spamds waitpid
Bug #6375: win32: posix macro not implemented - spamd
Bug #6336: "Illegal octal digit 9" received during rules compile
Bug #6526: Disable rfc-ignorant.org
Bug #6531: clear_uridnsbl_skip_domain feature to allow admin override of
default configuration
Bug #5491: MIME_QP_LONG_LINE triggering on valid email
Bug #6558: body rules having "tflags multiple" may cause infinite loop
when compiled - a workaround
Bug #6557: Use same age limits in ruleqa as in sa-updates
Bug #6548: spamd protocol examples are wrong
Bug #6500: clear_originating_ip_headers seems to be broken
Bug #6565: check_rbl_sub rules - all dots need to be escaped - commit
felicity/70_dnswl.cf and felicity/70_iadb.cf too
Bug #6565: check_rbl_sub rules - all dots need to be escaped
Bug #6578: Move TLD regexp to RegistrarBoundaries and make FreeMail use it
Bug #6392: fix one more case of a 'goto into a construct' this one
occured with sa-compile
Bug #6443: Metadata Headers are Case-Sensitive
Bug #5690: tune BAD_ENC_HEADER score down
Bug #6022, tune TVD_RCVD_IP score down
Bug #6394: too high score for FREEMAIL_ENVFROM_END_DIGIT
Bug #6499: and mailing list: wrapped scores for rules
DKIMDOMAIN_IN_DWL*, ACCESSDB and SHORTCIRCUIT into a suitable
ifplugin/endif to avoid lint warnings; removed score for nonexistent
rule SUBJ_RE_NUM.
Bug #6242: merge the boundary fix in r931527 to the 3.3 branch
Bug #6460: RCVD_ILLEGAL_IP false positives
Bug #6506: Modifying a list while traversing it with a foreach
Bug #6488: Lint errors with Perl 5.12.1 in AntiVirus.pm
Bug #6467: Remove assigned 223/8 from RCVD_ILLEGAL_IP
Bug #6419: Resolve rounding issue irregularity with spamd/spamc
Bug #5894: spamd doesn't use vpopmail virtual users' dirs - removed one
extra space
Bug #6416: avoid undef warnings in AutoWhitelist.pm as a result of
incorrect Received header field or its incorrect parsing
Bug #6415: Open of auto-whitelist file failed: Insecure dependency in eval
Bug #6299: update, enhance, and expand RCVD_ILLEGAL_IP from
Bug #6392: Test suite fails with perl 5.12.0
Bug #6412: remove .yu TLD and add .me SLDs
Bug #6395: backport - improved URI parsing
Bug #6393: make File::Copy module load conditional on 'sa-learn
--upgrade' with DBM files, not very commonly used
Bug #6396: Use of uninitialized value in lc at
lib/Mail/SpamAssassin/Plugin/MIMEEval.pm
About Apache SpamAssassin
-------------------------
Apache SpamAssassin is a mature, widely-deployed open source project
that serves as a mail filter to identify spam. SpamAssassin uses a
variety of mechanisms including mail header and text analysis, Bayesian
filtering, DNS blocklists, and collaborative filtering databases. In
addition, Apache SpamAssassin has a modular architecture that allows
other technologies to be quickly incorporated as an addition or as a
replacement for existing methods.
Apache SpamAssassin typically runs on a server, classifies and labels
spam before it reaches your mailbox, while allowing other components of
a mail system to act on its results.
Most of the Apache SpamAssassin is written in Perl, with heavily
traversed code paths carefully optimized. Benefits are portability,
robustness and facilitated maintenance. It can run on a wide variety of
POSIX platforms.
The server and the Perl library feels at home on Unix and Linux
platforms, and reportedly also works on MS Windows systems under ActivePerl.
For more information, visit http://spamassassin.apache.org/
About The Apache Software Foundation
------------------------------------
Established in 1999, The Apache Software Foundation provides
organizational, legal, and financial support for more than 100
freely-available, collaboratively-developed Open Source projects. The
pragmatic Apache License enables individual and commercial users to
easily deploy Apache software; the Foundation's intellectual property
framework limits the legal exposure of its 2,500+ contributors.
For more information, visit http://www.apache.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: announce-unsubscribe@spamassassin.apache.org
For additional commands, e-mail: announce-help@spamassassin.apache.org
Release Notes -- Apache SpamAssassin -- Version 3.3.0
Introduction
------------
This is a major release, incorporating enhancements and bug fixes that have
accumulated in a year and a half of development since the 3.2.5 release.
Apart from some new or changed dependencies on perl modules, this version
is compatible to large extent with existing installations, so the upgrade
is not expected to be problematic (neither is downgrading, if need arises).
Please consult the list of known incompatibilities below before upgrading.
Downloading and availability
----------------------------
Downloads are available from:
http://spamassassin.apache.org/downloads.cgi
md5sum of archive files:
15af629a95108bf245ab600d78ae754b Mail-SpamAssassin-3.3.0.tar.bz2
38078b07396c0ab92b46386bc70ef086 Mail-SpamAssassin-3.3.0.tar.gz
e66856085ca14947146d57a40a51beaa Mail-SpamAssassin-3.3.0.zip
5be313a60c27ae522700e20b557ade33 Mail-SpamAssassin-rules-3.3.0.r901671.tgz
sha1sum of archive files:
209a97102e2c0568f6ae8151e5a55cd949317b69 Mail-SpamAssassin-3.3.0.tar.bz2
35ff5ab33dd83bf8e3a63bd1540d819ab35117d5 Mail-SpamAssassin-3.3.0.tar.gz
d1c61c67c806054c4404a854fc113a1a3c3e71c7 Mail-SpamAssassin-3.3.0.zip
04ac1d5d02a69f382909b01a4426a048a1e69278 Mail-SpamAssassin-rules-3.3.0.r901671.tgz
Note that the *-rules-*.tgz files are only necessary if you cannot, or do not
wish to, run "sa-update" after install to download the latest fresh rules.
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the wwwkeys.pgp.net key server, as well as
http://www.apache.org/dist/spamassassin/KEYS
The key information is:
pub 4096R/F7D39814 2009-12-02
Key fingerprint = D809 9BC7 9E17 D7E4 9BC2 1E31 FDE5 2F40 F7D3 9814
uid SpamAssassin Project Management Committee <private@spamassassin.apache.org>
uid SpamAssassin Signing Key (Code Signing Key, replacement for 1024D/265FA05B)
<dev@spamassassin.apache.org>
sub 4096R/7B3265A5 2009-12-02
See the INSTALL and UPGRADE files in the distribution for important
installation notes.
Summary of major changes since 3.2.5
------------------------------------
COMPATIBILITY WITH 3.2.5
- rules are no longer distributed with the package, but installed by
sa-update - either automatically fetched from the network (preferably)
or from a tar archive, which is available for downloading separately
(see below, section INSTALLING RULES);
- CPAN module requirements:
- minimum required version of ExtUtils::MakeMaker is 6.17;
- modules now required: Time::HiRes, NetAddr::IP (4.000 or later),
Archive::Tar (1.23 or later), IO::Zlib;
- minimal version of Mail::DKIM is 0.31 (preferred: 0.37 or later);
expect some tests in t/dkim2.t to fail with versions older than 0.36_5;
- no longer used: Mail::DomainKeys, Mail::SPF::Query;
- either Digest::SHA or the older Digest::SHA1 is required, though
note that the DKIM plugin requires Digest::SHA for sha256 hashes
and Razor agents still need Digest::SHA1;
- some IPv6 functionality requires IO::Socket::INET6;
- if keeping the AWL database in SQL, the field awl.ip must be extended to
40 characters. The change is necessary to allow AWL to keep track of IPv6
addresses which may appear in a mail header even on non-IPv6 -enabled host.
While at it, consider also adding a field 'signedby' to the SQL table 'awl'
(and adding 'auto_whitelist_distinguish_signed 1' to local.cf);
see sql/README.awl for details. The change need not be undone even if
downgrading back to 3.2.* for some reason;
- fixing a protocol implementation error regarding a PING command required
bumping up the SPAMC protocol version to 1.5. Spamd retains compatibility
with older spamc clients. Combining new spamc clients with pre-3.3 versions
of a spamd daemon is not supported (but happens to work, except for the
PING and SKIP commands);
- if using one of the plugins (FreeMail, PhishTag, Reuse) which were
previously not part of the official package, please retire your local copy
to avoid it conflicting with a new native plugin;
- as the plugin AWL is no longer loaded by default, to continue using it
the following line is needed in one of the .pre files (e.g. local.pre):
loadplugin Mail::SpamAssassin::Plugin::AWL
- it may be worth mentioning that a rule DKIM_VERIFIED has been renamed
to DKIM_VALID to match its semantics;
- the DKIM plugin is now enabled by default for new installs, if the perl
module Mail::DKIM is installed. However, installation of SpamAssassin
will not overwrite existing .pre configuration files, so to use DKIM when
upgrading from a previous release that did not use DKIM, a directive:
loadplugin Mail::SpamAssassin::Plugin::DKIM
will need to be uncommented in file "v312.pre", or added to some
other .pre file, such as local.pre;
- due to changes in some internal data structures (like Bug 6185, 6254),
some third-party plugins may need to be updated. One such example is
the ClamAVPlugin plugin - please find a fresh version, which can be used
with both SpamAssassin versions 3.2.5 and 3.3.0, on its wiki page at
http://wiki.apache.org/spamassassin/ClamAVPlugin
- versions of amavisd-new between 2.5.2 and 2.6.1 (inclusive) are incompatible
with SpamAssassin 3.3; please upgrade amavisd to 2.6.2 or later, or apply
a workaround https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6257
- support for versions of perl 5.6.* is being gradually revoked
(may still work, but no promises and no support);
- preferred versions of perl are 5.8.8, 5.8.9, and 5.10.1 or later;
- on FreeBSD, please avoid using multithreaded versions of perl older
than 5.10.0 due to small default main thread's stack size, which may
not suffice for some regular expression evaluations;
INSTALLING RULES
Rules are normally installed by running a sa-update command.
The version of sa-update program should match the version of SpamAssassin
modules, so invoking sa-update should be performed only after installing
or upgrading SpamAssassin code, not before.
Installing rules from network is done with a single command,
normally run as root:
sa-update
Installing rules from files:
obtain all the following files:
Mail-SpamAssassin-rules-xxx.tgz
Mail-SpamAssassin-rules-xxx.tgz.asc
Mail-SpamAssassin-rules-xxx.tgz.md5
Mail-SpamAssassin-rules-xxx.tgz.sha1
(where xxx may look something like '3.3.0.r893295')
install rules from a compressed tar archive:
sa-update --install Mail-SpamAssassin-rules-xxx.tgz
(sa-update will need corresponding .asc and .sha1 files with the
same base name in the same directory as the .tgz file)
MAIN NEW FEATURES
- IPv6 support was substantially improved (see below);
- many improvements to the DKIM plugin (understands author domain signatures,
supports multiple signatures, ADSP support with overrides) - (see below);
- added 'if can(Class::method)' conditional statement, allowing configuration
settings to be conditional on plugin capabilities without requiring
new version releases to do so;
- added a --verbose option to the sa-update utility to show updated channels;
- added a configuration option 'time_limit', defaulting to 300 seconds
or whatever the caller (like spamd) provides; attempting to gracefully
terminate the checking when a time limit is reached, reporting the score
and test hits that were collected so far, along with an added hit on
a rule TIME_LIMIT_EXCEEDED;
- more expensive code sections are now instrumented with timing measurements;
timing report is logged as a debug message by the end of processing,
and made available to a caller and to 'add_header' directives through
a TIMING tag;
- added a configuration option skip_uribl_checks to the URIDNSBL plugin,
cross-documented it with skip_rbl_checks;
- preserve order of declared 'add_header' header fields;
- configurable network mask length for the AWL plugin (see below);
- added support for DCC reputations (see below);
- improved error handling and robustness (see below);
- added timestamps when logging on stderr;
- allowed debug areas to be excluded from debugging,
e.g.: -D all,norules,noconfig,nodcc
BUILDING AND PACKAGING
- rules are no longer distributed with the package, but installed by
sa-update
- Makefile.PL has been simplified and a bug fixed in a DESTDIR support
by increasing the minimum required version of ExtUtils::MakeMaker to 6.17
- tools check_whitelist and check_spamd are now included in the distribution,
now called 'sa-awl' and 'sa-check_spamd'
WORKAROUNDS TO PERL BUGS AND LIMITATIONS
- modified the Check.pm plugin to produce smaller chunks of source code
from rules (60 kB) to avoid Perl compiler crashing on exceeding stack size;
- localized global variables $1, $2, etc at several places, avoiding taint
issue from propagating;
- avoided Perl I/O bug by replacing line-by-line reading with read() where
suitable, or played down the EBADF status in other places and only report
it as a dbg instead of a die - while also providing a little speedup
(10 .. 25 %) on reading a message;
- provided a new sub Message::split_into_array_of_short_lines to split
a text into array of paragraph chunks of sizes between 1 kB and 2 kB,
giving less opportunity to runaway regular expressions in rules;
fixes bugs: 5717, 5644, 5795, 5486, 5801, 5041;
MEMORY FOOTPRINT
- as a side-effect of compiling rules in smaller chunks (to avoid compiler
crashes), virtual memory footprint of SpamAssassin is reduced;
- saved some memory by not importing the Pod::Usage unless it is needed;
- saved 350k+ of memory in sa-compile by replacing DynaLoader with XSLoader;
- removed unneeded index from MySQL bayes_token table;
IPv6 SUPPORT
- added IPv6 support for trusted_networks, internal_networks, msa_networks,
whitelist_from_rcvd, and other stuff that uses NetSet and the Received
header field parser, using NetAddr::IP;
- allowed usage of a remote dccifd host through an INET or INET6 socket;
- added IPv6 support to AWL plugin and its utility modules; a network
mask length is now configurable and defaults to /48, which controls
what data is stored in an AWL database;
- sql/README.awl and sql/awl_*.sql: increased suggested awl.ip field width
to 40 characters to be able to hold IPv6 addresses;
- IP_PRIVATE now includes ipv6 variants of private address space,
as well as the ipv6-mapped ipv4 addresses.
- NetSet now understands that ::ffff:192.168.1.2 and 192.168.1.2 are
the same address;
- IPv6 addresses are now properly read from Received header fields;
- when reading Received header fields, the "IPv6:" prefix is stripped from
IPv6 addresses, and "::ffff:" is removed from IPv6-mapped IPv4 addresses
(so strings can match them as simply IPv4 addresses);
- ::1/128 is always included in the trusted_networks/internal_networks set
similar to 127.0.0.0/8;
- some of the IPv6 functionality in SpamAssassin requires that a perl module
IO::Socket::INET6 is available (like accessing a DNS resolver over inet6,
talking to a dccifd host over inet6 socket, SPAMC protocol);
SPAMC
- Mail::SpamAssasin::Client ping may erroneously result in broken pipe;
bump spamc protocol version to 1.5, updated spamd, spamc and Client.pm;
- added -n / --connect-timeout switch to spamc, allowing to separate
a connection timeout from communication timeout;
- added --filter-retries and --filter-retry-sleep;
- increased allowed line length in spamc.conf files to 8 KiB and report
an error when the limit is exceeded;
- fixed issue where spamc would not time out connections to a hung spamd;
- spamc client library leaked the zlib compression buffer if compression
is used;
- spamc long option '--dest' was broken;
SPAMD
- when spamd is started with the daemonize option do not exit the parent
until a child signals that it has logged the pid, to allow a wrapper
script to simply continue immediately after starting spamd;
- additional tempfile cleanup in kill_handler;
- added SPAMD_LOCALHOST option to "make test" to allow specifying
non-127.0.0.1 IP address for use in FreeBSD jail;
API
- adding one optional argument to Mail::SpamAssassin::parse allows caller
to pass additional out-of-band information to SpamAssassin (such as a
deadline time, DKIM verification results, information about a SMTP session,
or dynamic rule hits); this information is made available to plugins and
the rest of the code through a 'suppl_attrib' hash;
- added option 'master_deadline' to the suppl_attrib argument of a
Mail::SpamAssassin::parse method, allowing the caller to override a
time_limit configuration setting;
- Plugin::Check - pick up 'rule_hits' from caller via the new mechanism
and call got_hit() on them;
- simplified adding dynamic score hits and dynamic rules by plugins
(such as AWL, CRM114, FuzzyOcr, Check) by letting got_hit() accept
options tflags and description, and letting it store a supplied
dynamic score for proper reporting;
- let the timing breakdown information be accessible to a caller through
the existing get_tag mechanism (tag TIMING);
- let the generated header fields ('add_header' configuration options)
be accessible to a caller through the existing get_tag mechanism
(tags ADDEDHEADER, ADDEDHEADERHAM, ADDEDHEADERSPAM);
RULES
- rules are no longer distributed with the package;
- new scores were generated by a genetic algorithm (GA) and then manually
tweaked based on cleaned datasets supplied by a dozen volunteers;
- dropped redundant rules or rules causing too many false positives;
- added or updated many rules; incomplete list in no particular order:
vbounce, lotsa_money, muchmoney, image spam, fill_this_form, FreeMail,
European Parliament, HTML attachments, uri_obfu*, urinsrhsbl, urinsrhssub,
urifullnsrhsbl, URI_OBFU_X9_WS, rDNS=localhost, INVALID_DATE_TZ_ABSURD,
RCVD_IN_PSBL, FRT_VALIUM*, BOUNCE_MESSAGE, VBOUNCE_MESSAGE,
__BOUNCE_UNDELIVERABLE, HELO_STATIC_HOST, FILL_THIS_FORM_FRAUD_PHISH,
CHALLENGE_RESPONSE, DKIM_VALID, DKIM_VALID_AU, DKIM_ADSP_*,
NML_ADSP_CUSTOM_{LOW,MED,HIGH}, __VIA_ML, MIME_BASE64_TEXT, LOTTO_URI,
FORGED_MUA_THEBAT_BOUN, FORGED_MUA_THEBAT_CS, UNRESOLVED_TEMPLATE,
__THEBAT_MUA, __ANY_OUTLOOK_MUA, RP_MATCHES_RCVD, one-word X-Mailer,
SPAN rules, skype and misquoted-HTML rules, HTML obfuscation and
Google feedproxy URI rules, advance_fee updates including further
evolved advance fee second-order metarules, test rule for
postmaster+abuse missing, FROM_MISSPACED, fixed FROM_CONTAINS_TAB, a
Facebook redirector pattern, fixed FPs with TVD_SPACE_RATIO regarding
one-word emails and ISO-2022-JP, added exclusion for __ISO_2022_JP_DELIM
to OBFUSCATING_COMMENT, GAPPY_SUBJECT, PLING_QUERY and FM_FRM_RN_L_BRACK
rules, RATWARE_BOUNDARY plus variant, superseded all previous
RATWARE_OUTLOOK stuff, resolved FP in obfuscated URI rule, fixed breakage
in tbird image rule, fixed SUBJECT_FUZZY_MEDS FP on unobfuscated "meds",
added misspaced From header field rule, numeric+cctld URI rule,
updated FH_DATE_PAST_20XX, ...
- added PSBL blacklist - http://psbl.surriel.com/
- added support for http://www.spamhaus.org/css/
- replaces HABEAS, BSP and SSC with RP CERTIFIED;
- use ReturnPath's RNBL, replacing SSBL;
- added rule for plain text attachments with octet-stream MIME type;
- avoided false positives on ISO-2022-JP messages in several rules;
- removed massmailers from uridnsbl_skip_domain in 25_uribl.cf;
- updated various default whitelists, uridnsbl_skip_domain, adsp_override, ...
PLUGINS
- new plugins: FreeMail, PhishTag, Reuse;
- now enabled by default: DKIM;
- now disabled by default: AWL;
- retired plugin: DomainKeys;
AWL PLUGIN
- plugin AWL is now disabled by default;
- added new configuration options auto_whitelist_ipv4_mask_len and
auto_whitelist_ipv6_mask_len to allow more control on what part of
an IP address is stored into an AWL database;
- README.awl: increased a suggested awl.ip field width to 40 characters
to support IPv6 addresses;
- AutoWhitelist.pm: allowed storing a canonicalized IPv6 address, cropped
to a configurable network mask (previously causing SQL server errors:
'value too long');
- let AWL with SQL keep separate records for DKIM-signed and unsigned mail
(when auto_whitelist_distinguish_signed configuration option is true,
and a field awl.signedby exists);
- avoided a race condition in SQLBasedAddrList.pm when multiple processes
try to insert-or-update an awl SQL record: trying INSERT first, and if
that fails go for UPDATE;
- gracefully handle NaN from corrupted database or a broken emulator or
virtualizer;
DCC PLUGIN
- added support for DCC reputations, added setting dcc_rep_percent,
new test check_dcc_reputation_range(), new tag DCCREP
(DCC servers supply reputation data only to licensed clients);
- allowed usage of a remote dccifd host through an INET or INET6 socket;
DKIM PLUGIN
- the DKIM plugin is now enabled by default for new installs if the perl
module Mail::DKIM is installed. However, installing SpamAssassin will
not overwrite existing .pre configuration files, so to use DKIM when
upgrading from a previous release that did not use DKIM, the directive:
loadplugin Mail::SpamAssassin::Plugin::DKIM
will need to be uncommented in file "v312.pre", or added to some
other .pre file, such as local.pre;
- absolute minimal version of Mail::DKIM is 0.31;
support for ADSP requires Mail::DKIM 0.34;
a DNS test (and rule) for NXDOMAIN is operational since Mail::DKIM 0.36_5,
so effectively the recommended version is Mail::DKIM 0.37 or later;
- a perl module Digest::SHA is required if the DKIM plugin is enabled.
If a perl module Digest::SHA is available, the module Digest::SHA1
becomes optional as far as SpamAssassin is concerned, but is still
needed by Razor agents;
- added support for multiple signatures (useful for whitelisting);
- plugin now distinguishes author domain signatures from third party
signatures (useful for whitelisting);
- provides a tag DKIMIDENTITY (in addition to DKIMDOMAIN);
- DKIM now supports Author Domain Signing Practices - ADSP (RFC 5617);
- use the Mail::DKIM::AuthorDomainPolicy instead of Mail::DKIM::DkimPolicy,
when available (since Mail::DKIM 0.34);
- implements an 'adsp_override' configuration directive and adds
an eval:check_dkim_adsp check, which is used by new DKIM_ADSP_* rules;
- rules contain an initial set of 'adsp_override' directives, listing
some of the more popular target domains for phishing (applicable only to
domains which sign all their direct mail with a DKIM or DK signature);
- this plugin can now re-use Mail::DKIM verification results if made
available by a caller, which saves resources and makes it possible
for SpamAssassin to work on a truncated large mail without breaking
DKIM signatures;
- check_dkim_signed and check_dkim_adsp eval rules can now take an optional
list of domain names, which limits their action to listed domains only.
It facilitates building DKIM-based rules for specific domains, without
having to resort to meta rules;
- draft-ietf-dkim-ssp-10/RFC-5617 made Author Domain Signature based on 'd':
updated ADSP code accordingly; changed whitelisting code to be based on
SDID ('d') instead of AUID ('i');
- Plugin/DKIM.pm: terminology changes in comments and logging according
to RFC 5617 and draft-ietf-dkim-rfc4871-errata-07;
BUG FIXES
- fixed Rule2XSBody segfaults;
- no longer treat user data as perl booleans (a string "0" is a false);
- avoid data from the wild be interpreted as perl regular expressions;
- ArchiveIterator: prevent _scan_directory from passing directories
to _scan_file (on NFS it would fail with EISDIR on read(2);
- fixed inserting the SpamAssassin -generated header fields after a
multiline Return-Path header field;
- fixed vpopmail support;
- fixed incorrect mode bits when creating lock files for AWL;
- fixed some cases where :addr headers were parsed incorrectly;
- fixed leakage of 'whitelist_from_rcvd' entries between spamd users;
- fixing run_and_catch, which failed to catch a non-timed run;
- 127/8 isn't an illegal IP;
- reworked the M::S::Timeout module to deal with nested timers as one would
expect: an inner timer shouldn't be able to extend an outer timer's limit;
account for time elapsed in the submitted subroutine when restarting an
outer timer; reset() should have accounted for time already spent;
deal with nested timed runs where alarm(0) does not provide remaining time;
- the 'exists:' evaluator in HEADER rules now works as documented
and tests for existence of a header field, instead of testing for
a header field body being nonempty; internally, the pms->get can
also now distinguish between empty and nonexistent header fields;
- applied fixes to header fields parsing in several places: header field
names are case-insensitive, whitespace is not required after a colon,
obsolete rfc822 syntax allowed whitespace before a colon;
VBounce: match "Received:" only at the beginning of a line;
- fixed bugs 6237 and 6295: 1.0.0.0/8 and 2.0.0.0/8 are now valid allocated
address ranges, fixed a corresponding rule RCVD_ILLEGAL_IP;
- fixed bug 6205 comment 5 in URIDetail.pm;
- 'pyzor_options' in Plugin/Pyzor.pm was not untainted;
- made the URIDetail plugin taint safe;
- fixed parsing of multi-line Received header fields for
BOUNCE_MESSAGE/VBOUNCE_MESSAGE et al;
- Bug 6206, Bug 2536: spamd: untaint directory as obtained from a password
file or from vpopmail utilities, avoid implicit untainting; report error
if user preferences file exists but cannot be accessed;
- avoided using raw data from DNS as a regexp in Plugin/ASN.pm;
- ensured the dbg() and info() calls always return the same value (true)
regardless of log level;
- suppressed logging of $& when its value is not available (i.e. when
no regexp has been evaluated during rule evaluation);
- Exporter never really worked in SA, was not enclosed in BEGIN {};
- masses/runGA and masses/mk-baseline-results: prevent a shell 'source'
command from loading an unrelated file named 'config' which happens to be
in the current PATH - must use a ./ in an arg to a 'source' command;
ERROR HANDLING, ROBUSTNESS
- improved error detection and reporting: test status of all system calls
and I/O operations (or explicitly document where not), and report
unexpected failures;
- eval calls now check for eval result instead of testing the $@, which
is not always reliable;
- localized $@ and $! in DESTROY methods to prevent potential calls to eval
and calls to system routines in code executed from a DESTROY method
from clobbering global variables $@ and $!;
- Util::helper_app_pipe_open_unix: contain a failing exec with an eval
to prevent additional cases of process cloning. The exec could fail
this way when given tainted arguments;
- Util::helper_app_pipe_open_unix: flush stdout and stderr before forking,
otherwise an error reported by exec (such as 'insecure dependency')
was lost in a buffer;
- eval-protected an open($fh,'-|') to capture implied fork failures
due to lack of system resource;
- explicit untainting: combine "use re 'taint'" with untaint_var(),
avoiding implicit perl untainting, along with workarounds to prevent it;
- added 'use strict' where missing;
- avoided a bunch of warnings on "Use of uninitialized value";
- clearly report reasons for helper application process failures;
- t/SATest.pm: provide information about the process failure reason
if a system() call fails; improved its reporting of failures;
- improved error reporting in Plugin/DCC.pm on finding a DCC home directory
to facilitate troubleshooting;
OTHER CHANGES
- pseudoheader "ALL:raw" returns a pristine header section,
and pseudoheader "ALL" returns a cleaned header section
- total rewrite of URI detection in plain text body;
- many updates to the list of top level domains;
- added 'util_rb_3tld', allowing 3-level TLDs to be listed in URIBLs and
allowing new 3TLDs to be added from rule updates;
- avoided trusted_networks bog down due to O(n^2) loop with millions
of entries;
- applied fixes to Plugin/VBounce.pm, updated VBounce ruleset;
- added support for a 'Communigate Pro' Received header field;
- parse Communigate Pro "with HTTPU" auth token;
- let DependencyInfo.pm understand a concept of recommended module version,
besides a required version;
- provided a workaround for Net::DNS::Packet::new inconsistency;
- let SpamAssassin use either Digest::SHA or Digest::SHA1, whichever is
available (the Digest::SHA is now a base module since perl 5.10.0);
- improved parsing of eval-type rules: allow unquoted domain names as
arguments, disallow unmatched quotes;
- provided a new module Mail::SpamAssassin::BayesStore::BDB. It should be
treated as alpha-quality (needs more testing) and is not yet ready for
production use;
- exposed existing function 'received_within_months' as an eval function
in Plugin/HeaderEval.pm;
- moved rc script to /var/lock/subsys/spamd instead of
/var/lock/subsys/spamassassin so 'service spamd status' will work;
- added feature to re-download MIRRRORED.BY files at least once a week, or if
'sa-update --refreshmirrors' switch is used;
- input delimiter $/ can be corrupted by a plugin, localize $/ and $\ before
calling a plugin;
- bumped the retry counter to 180 seconds for starting spamd on slow machines;
- resolved Bug 5325: syslog severity level in spamc/libspamc.c for max
message size (changed LOG_ERR into LOG_NOTICE for the message:
"skipped message, greater than max message size");
- added checker to avoid taint warnings if hostname is returned as '(none)';
- altered sa-update to produce an error message if a channel doesn't exist;
- Bug 6150, Bug 6127, Bug 5981, Bug 5950, Bug 6191: let spamd log/report
a child process exit status or aborting condition in an informative way;
- added checker to detect accidental match-everything regexps in rules;
- updated garescorer for 3.3.0: use more epochs in GA runs for better scores;
clarify some mass-check warning output, ensure rule name always appears at
start of line; if a rule had no default/existing score in 50_scores.cf,
don't tell the GA that 1.0 is an appropriate default value, instead pick
the midway point of its score range. this produces better results;
remove some dead code from masses/score-ranges-from-freqs;
- set garescorer.c to report performance as iterations per second;
- added test to ensure that all config settings are correctly handled when
switching between users; added more config setting type metadata to enable
those tests to work; and fix URIDetail to store config on the {conf} object,
not on the plugin;
- moved 'release tests' to xt/ directory; mirror long-running, net-tests and
stress tests with xt/50_testname.t scripts to enforce their run before a
release;
- made numerous additional and updated self-tests;
- added a Test::Perl::Critic release-test;
- cleaned up some code based on suggestions by perl module Test::Perl::Critic,
among others:
. enable TestingAndDebugging::ProhibitNoStrict test but allow the
use of 'no strict "refs"';
. deal with BuiltinFunctions::RequireGlobFunction;
. deal with ControlStructures::ProhibitMutatingListFunctions
removing this exception from xt/60_perlcritic.t;
. deal with BayesStore/BDB.pm, Variables::ProhibitConditionalDeclarations
. now that the module Time::HiRes is a required module, we can afford
to replace a select() with Time::HiRes::sleep, and remove exception
BuiltinFunctions::ProhibitSleepViaSelect from xt/60_perlcritic.t;
- updated documentation, fixing numerous typos and mistakes in documentation
text and in log messages;
- extensively improved development process:
. automated testing through Hudson, a continuous integration tool;
. improved mass-check system and rules oversight;
About Apache SpamAssassin
-------------------------
Apache SpamAssassin is a mature, widely-deployed open source project
that serves as a mail filter to identify spam. SpamAssassin uses a variety
of mechanisms including mail header and text analysis, Bayesian filtering,
DNS blocklists, and collaborative filtering databases. In addition, Apache
SpamAssassin has a modular architecture that allows other technologies to be
quickly incorporated as an addition or as a replacement for existing methods.
Apache SpamAssassin typically runs on a server, classifies and labels spam
before it reaches your mailbox, while allowing other components of a mail
system to act on its results.
Most of the Apache SpamAssassin is written in Perl, with heavily traversed
code paths carefully optimized. Benefits are portability, robustness and
facilitated maintenance. It can run on a wide variety of POSIX platforms.
The server and the Perl library feels at home on Unix and Linux platforms,
and reportedly also works on MS Windows systems under ActivePerl.
For more information, visit http://spamassassin.apache.org/
About The Apache Software Foundation
------------------------------------
Established in 1999, The Apache Software Foundation provides organizational,
legal, and financial support for more than 100 freely-available,
collaboratively-developed Open Source projects. The pragmatic Apache License
enables individual and commercial users to easily deploy Apache software;
the Foundation's intellectual property framework limits the legal exposure
of its 2,500+ contributors.
For more information, visit http://www.apache.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: announce-unsubscribe@spamassassin.apache.org
For additional commands, e-mail: announce-help@spamassassin.apache.org
I've posted the following note on the Apache SpamAssassin website [1] about an issue with a rule that may cause wanted email to be classified as spam by SpamAssassin. If you're running SpamAssassin 3.2.x you are encouraged to update you rules (updates were released on sa-update around 1900 UTC Jan 1, 2010). Y2K10 Rule Bug - Update Your Rules Now! 2010-01-01: Versions of the FH_DATE_PAST_20XX [2] rule released with versions of Apache SpamAssassin 3.2.0 thru 3.2.5 will trigger on most mail with a Date header that includes the year 2010 or later. The rule will add a score of up to 3.6 towards the spam classification of all email. You should take corrective action immediately; there are two easy ways to correct the problem: 1) If your system is configured to use sa-update [3] run sa-update now. An update is available that will correct the rule. No further action is necessary (other than restarting spamd or any service that uses SpamAssassin directly). 2) Add "score FH_DATE_PAST_20XX 0" without the quotes to the end of your local.cf file to disable the rule. If you require help updating your rules to correct this issue you are encouraged to ask for assistance on the Apache SpamAssassin Users' list. Users' mailing list info is here. [4] On behalf of the Apache SpamAssassin project I apologize for this error and the grief it may have caused you. Regards, Daryl C. W. O'Shea VP, Apache SpamAssassin [1] http://spamassassin.apache.org/ [2] http://wiki.apache.org/spamassassin/Rules/FH_DATE_PAST_20XX [3] http://wiki.apache.org/spamassassin/RuleUpdates [4] http://wiki.apache.org/spamassassin/MailingLists --------------------------------------------------------------------- To unsubscribe, e-mail: announce-unsubscribe@spamassassin.apache.org For additional commands, e-mail: announce-help@spamassassin.apache.org
Apache SpamAssassin 3.3.0-beta1 is now available for testing.
Downloads are available from:
http://people.apache.org/~wtogami/devel/
md5sum of archive files:
9b39e4e4fad09cfe9eff974f3d5a01ea Mail-SpamAssassin-3.3.0-beta1.tar.bz2
530fb1bd28977271f30b348bc2b68db1 Mail-SpamAssassin-3.3.0-beta1.tar.gz
637f6495b28e9ab9580206ee344a2074 Mail-SpamAssassin-3.3.0-beta1.zip
cbd092c4e0e71b531f7aca81d4eb2781 Mail-SpamAssassin-rules-3.3.0-beta1.r886683.tgz
sha1sum of archive files:
b6aa2f21610e1de87bf21b629b98df9bddfa0988 Mail-SpamAssassin-3.3.0-beta1.tar.bz2
6750417097ce289a5b295c75bfc20a877bea87e6 Mail-SpamAssassin-3.3.0-beta1.tar.gz
95a54095f6e201a1b582f3715c81c9485aab5325 Mail-SpamAssassin-3.3.0-beta1.zip
3e2b23828dd3a7575ced80b2d6571995aebd7299 Mail-SpamAssassin-rules-3.3.0-beta1.r886683.tgz
Note that the *-rules-*.tgz files are only necessary if you cannot, or do not
wish to, run "sa-update" after install to download the latest fresh rules.
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the wwwkeys.pgp.net key server, as well as
http://www.apache.org/dist/spamassassin/KEYS
The key information is:
pub 4096R/F7D39814 2009-12-02
Key fingerprint = D809 9BC7 9E17 D7E4 9BC2 1E31 FDE5 2F40 F7D3 9814
uid SpamAssassin Project Management Committee <private@spamassassin.apache.org>
uid SpamAssassin Signing Key (Code Signing Key, replacement for 1024D/265FA05B)
<dev@spamassassin.apache.org>
sub 4096R/7B3265A5 2009-12-02
See the INSTALL and UPGRADE files in the distribution for important
installation notes.
Summary of major changes since 3.2.5
------------------------------------
COMPATIBILITY WITH 3.2.5
- rules are no longer distributed with the package, but installed by
sa-update - either automatically fetched from the network (preferably),
or from a tar archive, which is available for downloading separately
- CPAN module requirements:
- minimum required version of ExtUtils::MakeMaker is 6.17
- modules now required: Time::HiRes, NetAddr::IP, Archive::Tar
- minimal version of Mail::DKIM is 0.31 (preferred: 0.37 or later);
expect some tests in t/dkim2.t to fail with versions older than 0.36_5;
- no longer used: Mail::DomainKeys, Mail::SPF::Query
- if module Digest::SHA is not available, a module Digest::SHA1
will be used, but at least one of them must be installed;
a DKIM plugin requires Digest::SHA (the older Digest::SHA1 does not
support sha256 hashes), so in practice the Digest::SHA is required
- if keeping AWL database in SQL, the field awl.ip must be extended to
40 characters. The change is necessary to allow AWL to keep track of IPv6
addresses which may appear in a mail header even on non-IPv6 -enabled host.
While at it, consider also adding a field 'signedby' to the SQL table 'awl'
(and adding 'auto_whitelist_distinguish_signed 1' to local.cf);
See sql/README.awl for details. The change need not be undone even if
downgrading back to 3.2.* for some reason;
- fixing a protocol implementation error regarding a PING command required
bumping up the SPAMC protocol version to 1.5. Spamd retains compatibility
with older spamc clients. Combining new spamc clients with pre-3.3 versions
of a spamd daemon is not supported (but happens to work, except for the
PING and SKIP commands).
- it may be worth mentioning that a rule DKIM_VERIFIED has been renamed
to DKIM_VALID, to match its semantics;
- support for versions of perl 5.6.* is being gradually revoked
(may still work, but no promises and no support)
- preferred versions of perl are 5.8.8, 5.8.9, and 5.10.1 or later
MAIN NEW FEATURES
- IPv6 support was substantially improved (see below);
- many improvements to the DKIM plugin (understands author domain signatures,
supports multiple signatures, ADSP support with overrides) - (see below);
- added 'if can(Class::method)' conditional statement, allowing configuration
settings to be conditionalised on plugin capabilities without requiring
new version releases to do so;
- added a configuration option 'time_limit', defaulting to 300 seconds
or whatever the caller (like spamd) provides; attempting to gracefully
terminate the checking when a time limit is reached, reporting the score
and test hits that were collected so far, along with an added hit on
a rule TIME_LIMIT_EXCEEDED;
- more expensive code sections are now instrumented with timing measurements;
timing report is logged as a debug message by the end of processing,
and made available to a caller and to 'add_header' directives through
a TIMING tag;
- added a configuration option skip_uribl_checks to the URIDNSBL plugin,
cross-document it with skip_rbl_checks;
- preserve order of declared 'add_header' header fields;
- configurable network mask length for the AWL plugin (see below);
- added support for DCC reputations (see below);
- improved error handling and robustness (see below);
- added timestamps when logging on stderr;
- allowed debug areas to be excluded from debugging,
e.g.: -D all,norules,noconfig,nodcc
BUILDING AND PACKAGING
- rules are no longer distributed with the package, but installed by
sa-update
- Makefile.PL has been simplified and a bug fixed in a DESTDIR support
by increasing the minimum required version of ExtUtils::MakeMaker to 6.17
- tools check_whitelist and check_spamd are now included in the distribution,
now called 'sa-awl' and 'sa-check_spamd'
WORKAROUNDS TO PERL BUGS AND LIMITATIONS
- modified the Check.pm plugin to produce smaller chunks of source code
from rules (60 kB) to avoid Perl compiler crashing on exceeding stack size
- localized global variables $1, $2, etc at several places, avoiding taint
issue from propagating
- avoided Perl I/O bug by replacing line-by-line reading with read() where
suitable, or played down the EBADF status in other places and only report
it as a dbg instead of a die - while also providing a little speedup
(10 .. 25 %) on reading a message
- provided a new sub Message::split_into_array_of_short_lines to split
a text into array of paragraph chunks of sizes between 1 kB and 2 kB,
giving less opportunity to runaway regular expressions in rules;
fixes bugs: 5717, 5644, 5795, 5486, 5801, 5041
MEMORY FOOTPRINT
- as a side-effect of compiling rules in smaller chunks (to avoid compiler
crashes), virtual memory footprint of SpamAssassin is reduced;
- saved some memory by not importing the Pod::Usage unless it is needed;
- saved 350k+ of memory in sa-compile by replacing DynaLoader with XSLoader;
- removed unneeded index from MySQL bayes_token table;
IPv6 SUPPORT
- added IPv6 support for trusted_networks, internal_networks, msa_networks,
whitelist_from_rcvd, and other stuff that uses NetSet and the Received
header field parser, using NetAddr::IP;
- allowed usage of a remote dccifd host through an INET or INET6 socket;
- added IPv6 support to AWL plugin and its utility modules; a network
mask length is now configurable and defaults to /48, which controls
what data is stored in an AWL database;
- sql/README.awl and sql/awl_*.sql: increased suggested awl.ip field width
to 40 characters to be able to hold IPv6 addresses;
- IP_PRIVATE now includes ipv6 variants of private address space,
as well as the ipv6-mapped ipv4 addresses.
- NetSet now understands that ::ffff:192.168.1.2 and 192.168.1.2 are
the same address;
- IPv6 addresses are now recognised in Received header fields;
- when reading Received header fields, the "IPv6:" prefix is stripped from
IPv6 addresses, and "::ffff:" is removed from IPv6-mapped IPv4 addresses
(so strings can match them as simply IPv4 addresses);
- ::1/128 is always included in the trusted_networks/internal_networks set
similar to 127.0.0.0/8;
- some of the IPv6 functionality in SpamAssassin requires that a perl module
IO::Socket::INET6 is available (like accessing a DNS resolver over inet6,
talking to a dccifd host over inet6 socket, SPAMC protocol);
SPAMC
- Mail::SpamAssasin::Client ping may erroneously result in broken pipe;
bump spamc protocol version to 1.5, updated spamd, spamc and Client.pm;
- added -n / --connect-timeout switch to spamc, allowing separate
connection timeout from communication timeout;
- added --filter-retries and --filter-retry-sleep
- spamc would not time out connections to a hung spamd, fixed
- spamc client library leaked the zlib compression buffer if compression
is used
- spamc long option '--dest' was broken
SPAMD
- when spamd is started with the daemonize option do not exit the parent
until a child signals that it has logged the pid, to allow a wrapper
script to simply continue immediately after starting spamd;
- additional tempfile cleanup in kill_handler;
- added SPAMD_LOCALHOST option to "make test" to allow specifying
non-127.0.0.1 IP address for use in FreeBSD jail
API
- adding one optional argument to Mail::SpamAssassin::parse allows caller
to pass additional out-of-band information to SpamAssassin (such as a
deadline time, DKIM verification results, information about a SMTP session,
or dynamic rule hits); this information is made available to plugins and
the rest of the code through a 'suppl_attrib' hash;
- Plugin::Check - pick up 'rule_hits' from caller via the new mechanism
and call got_hit() on them;
- simplified adding dynamic score hits and dynamic rules by plugins
(such as AWL, CRM114, FuzzyOcr, Check) by letting got_hit() accept
options tflags and description, and letting it store a supplied
dynamic score for proper reporting;
- let the timing breakdown information be accessible to a caller through
the existing get_tag mechanism (tag TIMING);
- let the generated header fields ('add_header' configuration options)
be accessible to a caller through the existing get_tag mechanism
(tags ADDEDHEADER, ADDEDHEADERHAM, ADDEDHEADERSPAM);
RULES
- rules are no longer distributed with the package;
- new scores have been generated by a GA algorithm and then manually tweaked,
based on cleaned datasets supplied by a dozen of volunteers;
- dropped redundant rules or rules causing too many false positives;
- added or updated many rules; incomplete list in no particular order:
vbounce, lotsa_money, muchmoney, image spam, fill_this_form, FreeMail,
European Parliament, HTML attachments, uri_obfu*, urinsrhsbl, urinsrhssub,
urifullnsrhsbl, URI_OBFU_X9_WS, rDNS=localhost, INVALID_DATE_TZ_ABSURD,
KHOP_SC, RCVD_IN_PSBL, FRT_VALIUM*, BOUNCE_MESSAGE, VBOUNCE_MESSAGE,
__BOUNCE_UNDELIVERABLE, HELO_STATIC_HOST, FILL_THIS_FORM_FRAUD_PHISH,
CHALLENGE_RESPONSE, DKIM_VALID, DKIM_VALID_AU, DKIM_ADSP_*,
NML_ADSP_CUSTOM_{LOW,MED,HIGH}, __VIA_ML, MIME_BASE64_TEXT, LOTTO_URI,
FORGED_MUA_THEBAT_BOUN, FORGED_MUA_THEBAT_CS, UNRESOLVED_TEMPLATE,
__THEBAT_MUA, __ANY_OUTLOOK_MUA, RP_MATCHES_RCVD, one-word X-Mailer,
advance_fee update, tweak SPAN rules, tweak skype and misquoted-HTML rules,
added some new HTML obfuscation and Google feedproxy URI rules,
tweak reevolved advance fee second-order metarules,
added a test rule for postmaster+abuse missing, FROM_MISSPACED,
fix FROM_CONTAINS_TAB, added Facebook redirector pattern,
avoided ISO-2022-JP FPs on TVD_SPACE_RATIO, GAPPY_SUBJECT, PLING_QUERY
and FM_FRM_RN_L_BRACK rules, FP fix for one-word mails on TVD_SPACE_RATIO,
RATWARE_BOUNDARY plus variant, supersede all previous RATWARE_OUTLOOK
stuff, added exclusion for __ISO_2022_JP_DELIM to OBFUSCATING_COMMENT,
FP in obfuscated URI rule, fixed breakage in tbird image rule, fixed
SUBJECT_FUZZY_MEDS FP on unobfuscated "meds", added misspaced From header
field rule, numeric+cctld URI rule, ...
- added PSBL blacklist - http://psbl.surriel.com/
- added support for http://www.spamhaus.org/css/
- added rule for plain text attachments with octet-stream MIME type;
- avoided false positives on ISO-2022-JP messages in several rules;
- removed massmailers from uridnsbl_skip_domain in 25_uribl.cf;
- updated various default whitelists, uridnsbl_skip_domain, adsp_override, ...
PLUGINS
- new plugins: FreeMail, PhishTag, Reuse
- now enabled by default: DKIM
- now disabled by default: AWL
- retired plugin: DomainKeys
AWL PLUGIN
- plugin AWL is now disabled by default;
- added new configuration options auto_whitelist_ipv4_mask_len and
auto_whitelist_ipv6_mask_len to allow more control on what part of
an IP address is stored into an AWL database;
- README.awl: increased a suggested awl.ip field width to 40 characters
to support IPv6 addresses;
- AutoWhitelist.pm: allowed storing a canonicalized IPv6 address, cropped
to a configurable network mask (previously causing SQL server errors:
'value too long')
- let AWL with SQL keep separate records for DKIM-signed and unsigned mail
(when auto_whitelist_distinguish_signed configuration option is true,
and a field awl.signedby exists);
- avoided a race condition in SQLBasedAddrList.pm when multiple processes
try to insert-or-update an awl SQL record: trying INSERT first, and if
that fails go for UPDATE;
- gracefully handle NaN from corrupted database or a broken emulator or
virtualizer;
DCC PLUGIN
- added support for DCC reputations, added setting dcc_rep_percent,
new test check_dcc_reputation_range(), new tag DCCREP
(DCC servers supply reputation data only to licensed clients);
- allowed usage of a remote dccifd host through an INET or INET6 socket;
DKIM PLUGIN
- the plugin is now enabled by default;
- absolute minimal version of Mail::DKIM is 0.31;
support for ADSP requires Mail::DKIM 0.34;
a DNS test (and rule) for NXDOMAIN is operational since Mail::DKIM 0.36_5
- a perl module Digest::SHA is required if the DKIM plugin is enabled
(if a perl module Digest::SHA is available, the module Digest::SHA1
becomes optional as far as SpamAssassin is concerned (but is still
needed by Razor agents));
- added support for multiple signatures (useful for whitelisting);
- plugin now distinguishes author domain signatures from third party
signatures (useful for whitelisting);
- provides a tag DKIMIDENTITY (in addition to DKIMDOMAIN);
- DKIM now supports Author Domain Signing Practices - ADSP (RFC 5617);
- use the Mail::DKIM::AuthorDomainPolicy instead of Mail::DKIM::DkimPolicy,
when available (since Mail::DKIM 0.34);
- implements an 'adsp_override' configuration directive and adds
an eval:check_dkim_adsp check, which is used by new DKIM_ADSP_* rules;
- rules contain an initial set of 'adsp_override' directives, listing
some of the more popular target domains for phishing (applicable only to
domains which sign all their direct mail with a DKIM or DK signature);
- this plugin can now re-use Mail::DKIM verification results if made
available by a caller, which saves resources and makes it possible
for SpamAssassin to work on a truncated large mail without breaking
DKIM signatures;
- check_dkim_signed and check_dkim_adsp eval rules can now take an optional
list of domain names, which limits their action to listed domains only.
It facilitates building DKIM-based rules for specific domains, without
having to resort to meta rules;
- draft-ietf-dkim-ssp-10/RFC-5617 made Author Domain Signature based on 'd':
updated ADSP code accordingly; changed whitelisting code to be based on
SDID ('d') instead of AUID ('i');
- Plugin/DKIM.pm: terminology changes in comments and logging according
to RFC 5617 and draft-ietf-dkim-rfc4871-errata-07;
BUG FIXES
- fixed Rule2XSBody segfaults;
- no longer treat user data as perl booleans (a string "0" is a false);
- avoid data from the wild be interpreted as perl regular expressions;
- ArchiveIterator: prevent _scan_directory from passing directories
to _scan_file (on NFS it would fail with EISDIR on read(2);
- fixed vpopmail support;
- fixed incorrect mode bits when creating lock files for AWL;
- fixed some cases where :addr headers were parsed incorrectly;
- fixed leakage of 'whitelist_from_rcvd' entries between spamd users;
- fixing run_and_catch, which failed to catch a non-timed run;
- 127/8 isn't an illegal IP;
- reworked the M::S::Timeout module to deal with nested timers as one would
expect: an inner timer shouldn't be able to extend an outer timer's limit;
account for time elapsed in the submitted subroutine when restarting an
outer timer; reset() should have accounted for time already spent;
- the 'exists:' evaluator in HEADER rules now works as documented
and tests for existence of a header field, instead of testing for
a header field body being nonempty; internally, the pms->get can
also now distinguish between empty and nonexistent header fields;
- applied fixes to header fields parsing in several places: header field
names are case-insensitive, whitespace is not required after a colon,
obsolete rfc822 syntax allowed whitespace before a colon;
VBounce: match "Received:" only at the beginning of a line;
- fixed bug 6237: 2.0.0.0/8 is now an allocated address range,
fixed RCVD_ILLEGAL_IP with IP 2.0.0.0/8 (and 223.0.0.0/8);
- fixed bug 6205 comment 5 in URIDetail.pm;
- 'pyzor_options' in Plugin/Pyzor.pm was not untainted;
- URIDetail plugin was not taint safe, fixed;
- fixed parsing of multi-line Received header fields for
BOUNCE_MESSAGE/VBOUNCE_MESSAGE et al;
- Bug 6206, Bug 2536: spamd: untaint directory as obtained from a password
file or from vpopmail utilities, avoid implicit untainting; report error
if user preferences file exists but cannot be accessed;
- avoid using raw data from DNS as a regexp in Plugin/ASN.pm;
- ensured the dbg() and info() calls always return the same value (true)
regardless of log level;
- suppress logging of $& when its value is not available (i.e. when
no regexp has been evaluated during rule evaluation);
- Exporter never really worked in SA, was not enclosed in BEGIN {};
- masses/runGA and masses/mk-baseline-results: prevent a shell 'source'
command from loading an unrelated file named 'config' which happens to be
in the current PATH - must use a ./ in an arg to a 'source' command;
ERROR HANDLING, ROBUSTNESS
- improved error detection and reporting: test status of all system calls
and I/O operations (or explicitly document where not), and report
unexpected failures;
- eval calls now check for eval result instead of testing the $@, which
is not always reliable;
- localized $@ and $! in DESTROY methods to prevent potential calls to eval
and calls to system routines in code executed from a DESTROY method
from clobbering global variables $@ and $!;
- Util::helper_app_pipe_open_unix: contain a failing exec with an eval
to prevent additional cases of process cloning. The exec could fail
this way when given tainted arguments;
- Util::helper_app_pipe_open_unix: flush stdout and stderr before forking,
otherwise an error reported by exec (such as 'insecure dependency')
was lost in a buffer;
- eval-protected an open($fh,'-|') to capture implied fork failures
due to lack of system resource;
- explicit untainting: combine "use re 'taint'" with untaint_var(),
avoiding implicit perl untainting, along with workarounds to prevent it;
- added 'use strict' where missing;
- avoided a bunch of warnings on "Use of uninitialized value"
- clearly report reasons for helper application process failures
- t/SATest.pm: provide information about the process failure reason
if a system() call fails; improved its reporting of failures;
- improved error reporting in Plugin/DCC.pm on finding a DCC home directory
to facilitate troubleshooting;
OTHER CHANGES
- pseudoheader "ALL:raw" returns a pristine header section,
and pseudoheader "ALL" returns a cleaned header section
- total rewrite of URI detection in plain text body;
- many updates to the list of top level domains;
- added 'util_rb_3tld', allowing 3-level TLDs to be listed in URIBLs and
allowing new 3TLDs to be added from rule updates;
- avoided trusted_networks bog down due to O(n^2) loop with millions
of entries;
- applied fixes to Plugin/VBounce.pm, updated VBounce ruleset;
- added support for a 'Communigate Pro' Received header field;
- parse Communigate Pro "with HTTPU" auth token;
- provided a workaround for Net::DNS::Packet::new inconsistency;
- let SpamAssassin use either Digest::SHA or Digest::SHA1, whichever is
available (the Digest::SHA is now a base module since perl 5.10.0);
- improved parsing of eval-type rules: allow unquoted domain names,
disallow unmatched quotes;
- provided a new module Mail::SpamAssassin::BayesStore::BDB. It should be
treated as alpha-quality (needs more testing) and is not yet ready for
production use;
- exposed existing function 'received_within_months' as an eval function
in Plugin/HeaderEval.pm;
- use /var/lock/subsys/spamd instead of /var/lock/subsys/spamassassin for
rc script, so that 'service spamd status' will work;
- re-download MIRRRORED.BY files at least once a week, or if
'sa-update --refreshmirrors' switch is used;
- input delimiter $/ can be corrupted by a plugin, localize $/ and $\ before
calling a plugin;
- takes almost a minute to start spamd on a slow machine, bumped up the
retry counter to 90 seconds;
- resolved Bug 5325: syslog severity level in spamc/libspamc.c for max
message size (changed LOG_ERR into LOG_NOTICE for the message:
"skipped message, greater than max message size");
- avoid taint warnings if hostname is returned as '(none)';
- produce an error message if an sa-update channel doesn't exist;
- Bug 6150, Bug 6127, Bug 5981, Bug 5950, Bug 6191: let spamd log/report
a child process exit status or aborting condition in an informative way;
- detect accidental match-everything regexps in rules;
- updated garescorer for 3.3.0: use more epochs in GA runs for better scores;
clarify some mass-check warning output, ensure rule name always appears at
start of line; if a rule had no default/existing score in 50_scores.cf,
don't tell the GA that 1.0 is an appropriate default value, instead pick
the midway point of its score range. this produces better results;
remove some dead code from masses/score-ranges-from-freqs;
- report performance as iterations per second in garescorer.c;
- added test to ensure that all config settings are correctly handled when
switching between users; added more config setting type metadata to enable
those tests to work; and fix URIDetail to store config on the {conf} object,
not on the plugin;
- moved 'release tests' to xt/ directory; mirror long-running, net-tests and
stress tests with xt/50_testname.t scripts to enforce their run before a
release;
- numerous additional and updated self-tests;
- added a Test::Perl::Critic release-test;
- some code cleanups based on suggestions by a perl module Test::Perl::Critic,
among others:
. enable TestingAndDebugging::ProhibitNoStrict test but allow the
use of 'no strict "refs"';
. deal with BuiltinFunctions::RequireGlobFunction;
. deal with ControlStructures::ProhibitMutatingListFunctions
removing this exception from xt/60_perlcritic.t;
. deal with BayesStore/BDB.pm, Variables::ProhibitConditionalDeclarations
. now that the module Time::HiRes is a required module, we can afford
to replace a select() with Time::HiRes::sleep, and remove exception
BuiltinFunctions::ProhibitSleepViaSelect from xt/60_perlcritic.t
- documentation was updated, fixing numerous typos and mistakes in
documentation text and in log messages;
- extensive improvements to development process:
automated testing through Hudson, improvements to mass-check and rules
---------------------------------------------------------------------
To unsubscribe, e-mail: announce-unsubscribe@spamassassin.apache.org
For additional commands, e-mail: announce-help@spamassassin.apache.org
Apache SpamAssassin 3.2.5 is now available! This is a maintenance
release of the 3.2.x branch.
Downloads are available from:
http://spamassassin.apache.org/downloads.cgi
The release file will also be available via CPAN in the near future.
md5sum of archive files:
695f9107b240383e48df8938f2de334e Mail-SpamAssassin-3.2.5.tar.bz2
7fdc1651d0371c4a7f95ac9ae6f828a6 Mail-SpamAssassin-3.2.5.tar.gz
663fe705e608e16fee280f7539ab9382 Mail-SpamAssassin-3.2.5.zip
sha1sum of archive files:
32b701ffc68f7975eded107c456b902bc710d8b2 Mail-SpamAssassin-3.2.5.tar.bz2
14b1f6eae0221a152176f7f597f55581445e800a Mail-SpamAssassin-3.2.5.tar.gz
b333acfdaf2289e37f72f1f1a18449645ee532d0 Mail-SpamAssassin-3.2.5.zip
The release files also have a .asc file accompanying them. The file serves as
an external GPG signature for the given release file. The signing key is
available via the wwwkeys.pgp.net key server, as well as at:
http://spamassassin.apache.org/released/GPG-SIGNING-KEY
The key information is:
pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <release@spamassassin.org>
Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B
3.2.5 is a minor bug-fix release. Summary of changes:
- bug 5775: newer gpg versions require keys to be cross-certified (backsig). Did a cross-verify
on our sa-update public key and re-exported. (If you are already seeing "GPG validation failed"
errors from sa-update, see http://wiki.apache.org/spamassassin/SaUpdateKeyNotCrossCertified
.)
- bug 5899: add perl version string to the storage area for compiled rulesets, to avoid crashes
when perl is upgraded between major versions (e.g perl 5.8.x to 5.10.0) and the ABI breaks
- bug 5496, bug 5910: clear some FORGED_MUA_OUTLOOK false positives, particularly on the new-format
Message-ID generated by the Outlook Express version used in Windows XP service pack 3
- bug 5730: when using Postgres >= 8.1.0 with Bayes, this error occurs: 'WARNING: nonstandard
use of \ in a string literal at character'. fix, thanks to Tomasz Ostrowski
- bug 5769: fix 'sa-compile: eval failed: Can't find label NO' error, caused in rare circumstances
when sa-compile attempted to deal with rules written using 'replace_rules' features
- bug 5858: fix circular reference memory leak caused by some messages
- bug 5815: update 2TLD list to include .rs CCTLD
- bug 4706: remove HG_HORMOME rules due to poor performance
- bug 5835: typo in POD docs for SPF plugin; thanks to Benny Pedersen for fix
- bug 5839: a missing or failed eval rule function could mistakenly count as a rule hit, fixed
- trivial bugfix for the VBounce ruleset: __BOUNCE_FROM_DAEMON incorrectly used + instead
of *, so some From addresses were not being recognised as bounce senders
---------------------------------------------------------------------
To unsubscribe, e-mail: announce-unsubscribe@spamassassin.apache.org
For additional commands, e-mail: announce-help@spamassassin.apache.org
Apache SpamAssassin 3.2.4 is now available! This is a maintenance
release of the 3.2.x branch.
Downloads are available from:
http://spamassassin.apache.org/downloads.cgi
The release file will also be available via CPAN in the near future.
md5sum of archive files:
2081c24c8b9064f9dd220e4f41e1d299 Mail-SpamAssassin-3.2.4.tar.bz2
81ec227d4d63aba08563ee868af9fbeb Mail-SpamAssassin-3.2.4.tar.gz
a30aefb67a2db87b0fd2dac31116026c Mail-SpamAssassin-3.2.4.zip
sha1sum of archive files:
876fc328a2b6192fa0bb8d7f6926214716178417 Mail-SpamAssassin-3.2.4.tar.bz2
5c0e01831256518b27139507a4ded38e582d8649 Mail-SpamAssassin-3.2.4.tar.gz
387e5a8cd2c0602bc6b5ff9cf582d4ce367a8fc1 Mail-SpamAssassin-3.2.4.zip
The release files also have a .asc file accompanying them. The file serves as
an external GPG signature for the given release file. The signing key is
available via the wwwkeys.pgp.net key server, as well as at:
http://spamassassin.apache.org/released/GPG-SIGNING-KEY
The key information is:
pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <release@spamassassin.org>
Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B
3.2.4 is a major bug-fix release, with a few minor new features. Summary of
changes:
- bug 5599: allow load distribution of SA nameserver queries across all nameservers listed
in resolv.conf, using 'dns_options rotate'. thanks to Pawel Sasin <hannibal /at/ wp-sa.pl>
- bug 5673: 'ALL' header was including spurious extra spaces between header names and values.
fix
- bug 5594: several major sa-compile fixes. major increase in overall speed; cache results
between runs to further increase speed; and fix a danger of massive memory usage
- bug 5556: fix a variety of sa-compile portability issues, and support for 5.6.x perls
- bug 5514: make 'score set for a non-existent rule' a debug message, instead of a lint warning,
since it's a very frequent FAQ
- bug 5493: sa-compile fails to correctly deal with escaped backslashes. fix
- bug 5672: remove DNS_FROM_SECURITYSAGE (DNSBL lookups against securitysage.com) due to unreliability
- bug 5476: update Bonded Sender (now Sender Score Certified) rules, and add a rule for their
strictly-confirmed-opt-in-required zone
- bug 5538: remove FORGED_MUA_AOL_FROM and FORGED_AOL_TAGS entirely; they're obsolete, given
the current capabilities of AOL mail user agents
- bug 5632: remove all completewhois.com DNSBL lookups, site seems to have disappeared without
warning
- bug 5715: allow for more than one sa-update MIRRORED.BY file host in DNS, for redundancy
- bug 5662: DKIM changes: recognize author signature and multiple signatures for whitelisting
(with Mail::DKIM 0.29); disable useless "check_dkim_signsome"; new eval rules "check_dkim_valid_author_sig"
and "check_dkim_valid" (an alias for a "check_dkim_verified" misnomer); new tags _DKIMIDENTITY_
and _DKIMDOMAIN_; updated terminology; verification speedup with Mail::DKIM 0.30 (or its pre-releases)
- bug 5696: sa-compile: cut regexp base strings at Unicode high codepoints, to avoid corruption
of patterns containing UTF-8
- bug 5637: bayes_file_mode is handled incorrectly when creating bayes.mutex, resulting in
incorrect permissions on that file; fix by Mihaly Barasz
- bug 5612: DB_File version 4.2.x has a bug that loops infinitely if files named '__db.{filename}'
are present; work around. thanks to J. Nick Koston for the report and fix
- bug 5606: too-early init_learner() call causes root's user prefs file to be read when spamd
is started; this is inappropriate. fix
- bug 4179: if allow_user_rules is 1, user rules are not unique to each user; one user's user
rules can appear in later scans for other users that are run using the same spamd process.
fix
- bug 5680: ALL_TRUSTED can fire if a trusted MSA or webmail system receives the message from
an untrusted X-Originating-IP: header. fix
- bug 5626: in the 'spamassassin' script, install a signal handler for SIGHUP, SIGINT, SIGTERM
and SIGPIPE to ensure that temporary files are removed
- bug 5557: some temporary files are left not cleaned up on Windows; fix
- bug 5661: speed up Bayes SQL queries by allowing the use of indexes when expiring
- bug 5611: support 'spamd --nouser-config -u username', which setuids to 'username' but does
not read user_prefs files from anywhere
- bug 5665: spamd may fail to notice that a child has completed exiting, and keeps in the
child list in state 'K', eventually filling up the child list with 'ghost' children. fix
- bug 5735: spamc should allow retry_sleep 0
- bug 5728: spamd: require -u with --sql-config or --ldap-config
- bug 5682: remove FH_HOST_ALMOST_IP, FH_HOST_EQ_D_D_D_D, due to false positives and redundancy
with RDNS_DYNAMIC; remove FH_HOST_EQ_D_D_D_DB due to no hits
- bug 5681: look up IP addresses found in 'X-Yahoo-Post-IP' and 'X-SenderIP' headers, too,
thanks to Martin Blapp
- Bug 5589: Refined async events handling and DNS lookup completions
- bug 5586: RDNS_NONE has false positives if the MTA doesn't put the hostname in the Received
header, like Communigate Pro. add an exception for this
- bug 5748: fix locale problem with use of external sort in sa-compile
---------------------------------------------------------------------
To unsubscribe, e-mail: announce-unsubscribe@spamassassin.apache.org
For additional commands, e-mail: announce-help@spamassassin.apache.org
Apache SpamAssassin 3.2.3 is now available! This is a maintenance
release of the 3.2.x branch.
Downloads are available from:
http://spamassassin.apache.org/downloads.cgi
The release file will also be available via CPAN in the near future.
md5sum of archive files:
e9a5fd94dead0fca3f26fb3feb0c8e57 Mail-SpamAssassin-3.2.3.tar.bz2
2e356b70b9458b44a828c19f6e816521 Mail-SpamAssassin-3.2.3.tar.gz
6ea8ef7f37e4b305217fa8074dd2219e Mail-SpamAssassin-3.2.3.zip
sha1sum of archive files:
53199e0218d2f93043fcdca4db3f164f1f9f7cbc Mail-SpamAssassin-3.2.3.tar.bz2
93337a5cf6cc6f4980307c08ad65575fa08d1f54 Mail-SpamAssassin-3.2.3.tar.gz
0eca91718518547323f43b5473d1362032edb592 Mail-SpamAssassin-3.2.3.zip
The release files also have a .asc file accompanying them. The file serves as
an external GPG signature for the given release file. The signing key is
available via the wwwkeys.pgp.net key server, as well as at:
http://spamassassin.apache.org/released/GPG-SIGNING-KEY
The key information is:
1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <release@spamassassin.org>
Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B
3.2.3 is a major bug-fix release. Summary of changes:
- bug 5574: fix new setuid code to work with perl 5.6.1, and to support DCC and
Pyzor in all releases of perl
- bug 5107: change default 'user_scores_ldap_username' to be the null string,
allowing anonymous binding; fix 'schema' syntax error in LDAP config support
- zeroing an 'eval' rule's score did not stop it running. fix, thanks to
Richard Birkett <richard+spamassassin at musicbox.net>
- bug 5571: allow for new message ID format we have seen from Vista or Windows
2003 Server MAPI to avoid false positives
- bug 5397: RDNS_DYNAMIC should never fire on a PTR with 'static' in it; thanks
to Martin Blapp <mbr at freebsd.org>. bug 5563: RDNS_DYNAMIC rules use
order-dependent fields where it is unsafe to depend on this, fix. bug 5564:
__RDNS_DYNAMIC_IPADDR does not hit all of its test patterns, fix.
- bug 5475: fix FORGED_MUA_AOL_FROM to allow <*@{aol,cs}.*> addresses instead
of just <*@{aol,cs}.com>
---------------------------------------------------------------------
To unsubscribe, e-mail: announce-unsubscribe@spamassassin.apache.org
For additional commands, e-mail: announce-help@spamassassin.apache.org
Apache SpamAssassin 3.2.2 is now available! This is a maintenance
release of the 3.2.x branch.
Downloads are available from:
http://spamassassin.apache.org/downloads.cgi
The release file will also be available via CPAN in the near future.
md5sum of archive files:
7423a1bca96b932d321882fc6092080b Mail-SpamAssassin-3.2.2.tar.bz2
87b2a8852f125060f781922c3663525f Mail-SpamAssassin-3.2.2.tar.gz
8dd32339bf82591b50c9eb307745c8fa Mail-SpamAssassin-3.2.2.zip
sha1sum of archive files:
6dfaa36eb8e500f9315cf2461fbd3229ae92a2c7 Mail-SpamAssassin-3.2.2.tar.bz2
e8ea034fa4f695607af0e596c86c5daf82f234e0 Mail-SpamAssassin-3.2.2.tar.gz
e9a9723bb1cbadaded2340ef0aa86a0329f03783 Mail-SpamAssassin-3.2.2.zip
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the wwwkeys.pgp.net key server, as well as
http://spamassassin.apache.org/released/GPG-SIGNING-KEY
The key information is:
pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <release@spamassassin.org>
Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B
3.2.2 is a minor bug-fix release. Summary of changes:
- bug 5548: Certain mail input can take a long time to scan with 100% CPU
utilisation, due to backtracking in a rule's regexp. fix
- bugs 5510, 5518, 5529: fix 'make test' when running as root, needed for CPAN
- bug 5419: kill -HUP of pidof spamd causes the ps name to change from spamd
to perl. fixed
- bug 5535: 'make test' errors in Windows caused by nonportable use of
getpwuid
- bug 5462: multiple DNS records for a host name should allow use of spamd -H
for load balancing installs to work
- bugs 5509, 5511: fix network lookup timeouts, where lookups were being lost
once a timeout was hit; also fix code to match documentation on
rbl_timeout's scaling and minimum duration of 1 second; and attempt to
collect already-received DNS responses when the timeout is reached; improve
related debugging output. Thanks to Mark Martinec
- bugs 5412, 5478, 5522: Fix problems using the spamc -x option with certain
other options; 'spamc -x -R' always returned 0, instead of the exit code, on
error. Bug 5478: in addition, 'spamc -x -e /command' would still run the
command, even if errors meant that the filtered text would be unavailable,
which contradicted -x.
- bug 5445: body eval tests defined in user_rules cause ugly 'Subroutine
_eval_tests_type11_prineg400_set3 redefined' warnings
- bug 5355: add in new entries for RegistrarBoundaries
- bug 5515: libsslspamc.so & libsslspamc.so can not build without -fPIC, but
we were picking up the wrong CFLAGS to do this.
- bug 5501: zero score for FH_HAS_XID
- bug 5449: allow_user_rules causes sa-compile / Rule2XSBody plugin to emit
spurious warnings; fix. also, add a new 'user_conf_parsing_end' plugin
hook, which is called after the per-user configuration is parsed
- bug 5182: update the sa-learn doc to mention that -u is only usable w/ sql
- bug 5534: fix harmless-but-ugly C compiler warning in sa-compile
---------------------------------------------------------------------
To unsubscribe, e-mail: announce-unsubscribe@spamassassin.apache.org
For additional commands, e-mail: announce-help@spamassassin.apache.org
Apache SpamAssassin 3.2.1 is now available! This is a maintenance and
security release of the 3.2.x branch. It is highly recommended that
people upgrade to this version from 3.2.0.
Downloads are available from:
http://spamassassin.apache.org/downloads.cgi?update=200706081100
The release file will also be available via CPAN in the near future.
md5sum of archive files:
7b2fdbcdca5e9a181d4bb1b17663c138 Mail-SpamAssassin-3.2.1.tar.bz2
a7d51294c565999da01f212e5ad2a031 Mail-SpamAssassin-3.2.1.tar.gz
e058ed0dfe82ee62f617c12cc02e538b Mail-SpamAssassin-3.2.1.zip
sha1sum of archive files:
3095b38d90d0362c4e47e117fb612778a2ac362b Mail-SpamAssassin-3.2.1.tar.bz2
fbb5f538238e188f985c8e6672dad531fa035eea Mail-SpamAssassin-3.2.1.tar.gz
d6566975544cd706052d310481d7a100ffce14d1 Mail-SpamAssassin-3.2.1.zip
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the wwwkeys.pgp.net key server, as well as
http://spamassassin.apache.org/released/GPG-SIGNING-KEY
The key information is:
pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <release@spamassassin.org>
Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B
3.2.1 is a major bug-fix release, including a potential local DoS. The
major highlights are:
- bug 5480: fix for CVE-2007-2873: a local user symlink-attack DoS
vulnerability. It only affects systems where spamd is run as root, is used
with vpopmail or virtual users via the "-v"/"--vpopmail" OR
"--virtual-config-dir" switch, AND with the "-x"/"--no-user-config AND
WITHOUT the "-u"/"--username" switch AND with the "-l"/"--allow-tell" switch.
This is not default on any distro package, and is not a common configuration.
More details of the vulnerability can be read at
<http://spamassassin.apache.org/advisories/cve-2007-2873.txt>.
- bug 5488: zero some rules causing false positives: FH_HOST_EQ_D_D_D_DB and
FH_HOST_EQ_D_D_D_D.
- bug 5257: re-raise autolearn ham threshold to 1.0; the lower value
used in 3.2.0 was creating problems.
- bug 5422: in spamd, deleting hash entries from the SIGCHLD signal handler is
unsafe, causes corruption of the data structure, and results in 'prefork:
ordered child N to accept, but they reported state '1', killing rogue'
errors. fix.
- bug 5102: tighten up regexp for FORGED_HOTMAIL_RCVD to avoid some FPs.
- bug 5457: spamc build and test should handle not having zlib available.
- bug 5379: spamd could crash at startup if its preloading temporary directory
already exists. fix.
- bug 4616: spamc config can cause command line options to be ignored. fix.
- bug 5485: zero score DK/DKIM_POLICY_SIGNSOME rules since they'll always fire
due to defaults (unless there's an explicit SIGNALL policy).
- bug 5492: VBounce rule was looking in header instead of body for whitelisted
relays. fix.
- bug 5487: prevent multiple "urirhssub"s using the same zone from overwriting
each other.
- bug 5432 - Change default in Win32 build to not build spamc.
- bug 5446: add --updatedir option to sa-compile and remove inaccurate re2c
required version info from pod.
- bug 5436: add omitted "ifplugin" statements to the configuration, which would
otherwise cause lint errors if the default plugins were disabled.
- bug 5477: prevent Rule2XSBody info message from appearing on stderr during
spamd startup.
---------------------------------------------------------------------
To unsubscribe, e-mail: announce-unsubscribe@spamassassin.apache.org
For additional commands, e-mail: announce-help@spamassassin.apache.org
Apache SpamAssassin 3.1.9 is now available! This is a maintenance and
security release of the 3.1.x branch. It is highly recommended that
people upgrade to this version from 3.0.x or 3.1.x.
Downloads are available from:
http://spamassassin.apache.org/downloads.cgi?update=200706081100
The release file will also be available via CPAN in the near future.
md5sum of archive files:
ad5d812b1a04228f3dc3147ebd649bb3 Mail-SpamAssassin-3.1.9.tar.bz2
c0a6dc8564e60bf50d1792e4edc18e97 Mail-SpamAssassin-3.1.9.tar.gz
a1ed25d0878d102c17a91233ee741f87 Mail-SpamAssassin-3.1.9.zip
sha1sum of archive files:
bed85f0b7e269253e925831015f11809009080eb Mail-SpamAssassin-3.1.9.tar.bz2
181e0ca4e0568bb51e955b8b8e4595313fb7de8b Mail-SpamAssassin-3.1.9.tar.gz
c5f87a454ce4562558fd1af9ea71b7b858899f3e Mail-SpamAssassin-3.1.9.zip
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the wwwkeys.pgp.net key server, as well as
http://spamassassin.apache.org/released/GPG-SIGNING-KEY
The key information is:
pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <release@spamassassin.org>
Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B
3.1.9 is a major bug-fix release, including a potential local DoS. The major
highlights are:
- bug 5480: fix for CVE-2007-2873: a local user symlink-attack DoS
vulnerability. It only affects systems where spamd is run as root, is used
with vpopmail or virtual users via the "-v"/"--vpopmail" OR
"--virtual-config-dir" switch, AND with the "-x"/"--no-user-config AND
WITHOUT the "-u"/"--username" switch AND with the "-l"/"--allow-tell" switch.
This is not default on any distro package, and is not a common configuration.
More details of the vulnerability can be read at
<http://spamassassin.apache.org/advisories/cve-2007-2873.txt>.
- bug 5353 - meta rule parsing should handle not equal ("!=") syntax.
- set the score for URI_TRUNCATED to 0.001.
- bug 5337: change the start order for Fedora such that spamd starts before the
MTA.
---------------------------------------------------------------------
To unsubscribe, e-mail: announce-unsubscribe@spamassassin.apache.org
For additional commands, e-mail: announce-help@spamassassin.apache.org
Apache SpamAssassin 3.2.0 is now available! This is the official release,
and contains a significant number of changes and major enhancements --
please use it!
Downloads are available from:
http://spamassassin.apache.org/downloads.cgi?update=200705021400
md5sum of archive files:
6840e3be132e2c3cbf66298b0227e880 Mail-SpamAssassin-3.2.0.tar.bz2
aed988bb6cf463afc868a64d4cd771a3 Mail-SpamAssassin-3.2.0.tar.gz
484045c69499b2fa59f024179f1f49c2 Mail-SpamAssassin-3.2.0.zip
sha1sum of archive files:
2fb864f01fc1c287e6f6e62fab8338f32cd20fb1 Mail-SpamAssassin-3.2.0.tar.bz2
af3941ab4f9548107d06966780ba71f751ab0216 Mail-SpamAssassin-3.2.0.tar.gz
bf785d7088371ad3beafe6084bf296ee3434038c Mail-SpamAssassin-3.2.0.zip
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the wwwkeys.pgp.net key server, as well as
http://spamassassin.apache.org/released/GPG-SIGNING-KEY
The key information is:
pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <release@spamassassin.org>
Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B
See the INSTALL and UPGRADE files in the distribution for important
installation notes.
Summary of major changes since 3.1.8
------------------------------------
Changes to the core code:
* new behavior for trusted_networks/internal_networks: the 127.* network is now always considered
trusted and internal, regardless of configuration.
* bug 3109: short-circuiting of 'definite ham' or 'definite spam' messages based on individual
short-circuit rules using the 'shortcircuit' setting, by Dallas Engelken <dallase /at/
uribl.com>.
* bug 5305: implement 'msa_networks', for ISPs to specify their Mail Submission Agents, and
extend network trust accordingly.
* bug 4636: Add support for charset normalization, so rules can be written in UTF-8 to match
text in other charsets.
* sa-compile: compilation of SpamAssassin rules into a fast parallel-matching DFA, implemented
in native code.
* "tflags multiple": allow writing of rules that count multiple hits in a single message.
* bug 4363: if a message uses CRLF for line endings, we should use it as well, otherwise
stay with LF as usual; important for Windows users.
* bug 4515: content preview was omitting first paragraph when no Subject: header was present.
* The third-party modules used by sa-update are now required by the SpamAssassin package,
instead of being optional.
* Bug 5165: 'sa-update --checkonly' added to check for updates without applying them; thanks
to <anomie /at/ users.sourceforge.net>
* Bugs 4606, 4609: Adjust MIME parsing limits for nested multipart/* and message/rfc822 MIME
parts.
* bug 5295: add 'whitelist_auth', to whitelist addresses that send mail using sender-authorization
systems like SPF, Domain Keys, and DKIM
* Removed dependency on Text::Wrap CPAN module.
* Received header parsing updates/fixes/additions.
Spamc / spamd:
* bug 4603: Mail::SpamAssassin::Spamd::Apache2 -- mod_perl2 module, implementing spamd as
a mod_perl module, contributed as a Google Summer of Code project by Radoslaw Zielinski.
* bug 3991: spamd can now listen on UNIX domain, TCP, and SSL sockets simultaneously. Command-line
semantics extended slightly, although fully backwards compatibly; add the --ssl-port switch
to allow TCP and SSL listening at the same time.
* bug 3466: do Bayes expiration, if required, after results have been passed back to the
client from spamd; this helps avoid client timeouts.
* more complete IPv6 support.
* spamc: Add '-K' switch, to ping spamd.
* spamc: add '-z' switch, which compresses mails to be scanned using zlib compression; very
useful for long-distance use of spamc over the internet.
* bug 5296: spamc '--headers' switch, which scans messages and transmits back just rewritten
headers. This is more bandwidth-efficient than the normal mode of scanning, but only works
for 'report_safe 0'.
* Bump spamd's protocol version to 1.4, to reflect new HEADERS verb used for '--headers'.
Mail::SpamAssassin modules and API:
* bug 4589: allow M::SA::Message to use IO::File objects to read in message (same as GLOB).
* bug 4517: rule instrumentation plugin hooks, to measure performance, from John Gardiner
Myers <jgmyers /at/ proofpoint.com>.
* add two features to core rule-parsing code; 1. optional behaviour to recurse through subdirs
looking for .cf/.pre's, to support rules compilers working on rulesrc dir. 2. call back into
invoking code on lint failure, so rule compiler can detect which rules exactly fail the lint
check.
* bug 5206: detect duplicate rules, and silently merge them internally for greater efficiency.
* bug 5243: add Plugin::register_method_priority() API, allowing plugins to control the relative
ordering of plugin callbacks relative to other plugins' implementations.
* Reduced memory footprint.
Plugins:
* bug 5236: Support Mail::SPF replacement for Mail::SPF::Query.
* bug 5127: allow mimeheader :raw rules to match newlines and folded-header whitespace in
MIME header strings.
* bug 4770: add ASN.pm plugin, contributed by Matthias Leisi <matthias at leisi.net>
* bug 5271: move ImageInfo ruleset into 3.2.0 core rules, thanks to Dallas Engelken <dallase
/at/ uribl.com>.
* VBounce ruleset and plugin: detect spurious bounce messages sent by broken mail systems
in response to spam or viruses. (Based on Tim Jackson's "bogus-virus-warnings.cf" ruleset.)
* DomainKeys/DKIM: Mail::DKIM is now preferred over Mail::DomainKeys, since the latter module
is no longer actively maintained, and Mail::DKIM can handle both DomainKeys and DKIM signatures.
* DKIM: separate signature verification from fetching a policy: can save a DNS lookup for
each unverified message by setting score to 0 for all policy-related rules (DKIM_POLICY_SIGNALL,
DKIM_POLICY_SIGNSOME, and DKIM_POLICY_TESTING). (thanks to Mark Martinec)
* DKIM: support testing flags in the public key, as well as in the policy record. (thanks
to Mark Martinec)
* DKIM: skip fetching a policy (SSP) if a signature does verify, according to draft-allman-dkim-ssp-02
(thanks to Mark Martinec)
* Move rule functionality and checking into separate Check plugin, allowing third parties
to implement alternative scanner core algorithms.
* core EvalTests code moved into various plugins.
* Plus lots of miscellaneous bug fixes.
A more detailed change log can be read here:
http://svn.apache.org/repos/asf/spamassassin/tags/spamassassin_release_3_2_0/Changes
---------------------------------------------------------------------
To unsubscribe, e-mail: announce-unsubscribe@spamassassin.apache.org
For additional commands, e-mail: announce-help@spamassassin.apache.org
Apache SpamAssassin 3.1.8 is now available! This is a maintenance and
security release of the 3.1.x branch. It is highly recommended that
people upgrade to this version.
Downloads are available from:
http://spamassassin.apache.org/downloads.cgi?update=200702131100
The release file will also be available via CPAN in the near future.
md5sum of archive files:
e8184a9a4ff11da5bd20b294cfeac7ac Mail-SpamAssassin-3.1.8.tar.bz2
20a3a6b651a89dcc70634715ca833996 Mail-SpamAssassin-3.1.8.tar.gz
c81ef93066e60353032c21991e3c9ae2 Mail-SpamAssassin-3.1.8.zip
sha1sum of archive files:
0d092c4de6e6df66f1d0fb0ca8589147ee4096cb Mail-SpamAssassin-3.1.8.tar.bz2
08f81f72d8a783887cf815dfc55ea38e3582b966 Mail-SpamAssassin-3.1.8.tar.gz
f172c47a896c3c78aacf21f2af99088bd53363d0 Mail-SpamAssassin-3.1.8.zip
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the wwwkeys.pgp.net key server, as well as
http://spamassassin.apache.org/released/GPG-SIGNING-KEY
The key information is:
pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <release@spamassassin.org>
Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B
3.1.8 is a major bug-fix release, including a potential DoS. The major
highlights are:
- bug 5318: fix for CVE-2007-0451: possible DoS due to incredibly
long URIs found in the message content.
- bug 5240: disable perl module usage in update channels unless
--allowplugins is specified
- bug 5288: files with names starting/ending in whitespace weren't usable
- bug 5056: remove Text::Wrap related code due to upstream issues
- bug 5145: update spamassassin and sa-learn to better deal with STDIN
- bug 5140 and 5179: improvements and bug fixes related to DomainKeys
and DKIM support
- several updates for Received header parsing
- several documentation updates and random taint-variable related issues
A more detailed change log can be read here:
http://svn.apache.org/repos/asf/spamassassin/branches/3.1/Changes
--
Randomly Selected Tagline:
"I have a simple test to determine if any windows executable that I
received via E-mail is a virus or not: If I received it, it's a virus."
- Charlie Watts on the SpamAssassin mailing list
Apache SpamAssassin 3.1.6 is now available! This is a maintenance
release of the 3.1.x branch.
Downloads are available from:
http://spamassassin.apache.org/downloads.cgi?update=200610050918
The release file will also be available via CPAN in the near future.
md5sum of archive files:
1cf43cea76e30aec6983cdbfe2e08316 Mail-SpamAssassin-3.1.6.tar.bz2
a0acc5e63a5e3401d039cd05cd189b96 Mail-SpamAssassin-3.1.6.tar.gz
aac75c43ef9a74df4c100e8a7e37a5fd Mail-SpamAssassin-3.1.6.zip
sha1sum of archive files:
16575633e60177733069c1681d6bf9528c076274 Mail-SpamAssassin-3.1.6.tar.bz2
fbf7e7aac113313da3f7357260d1a295ff275eef Mail-SpamAssassin-3.1.6.tar.gz
779ea2f5174de766405bdaa6d378ed6e7a749526 Mail-SpamAssassin-3.1.6.zip
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the wwwkeys.pgp.net key server, as well as
http://spamassassin.apache.org/released/GPG-SIGNING-KEY
The key information is:
pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key
<release@spamassassin.org>
Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B
3.1.6 includes a large number of bug fixes and documentation updates.
Here is an abbreviated changelog (since 3.1.5) for major updates (see
the Changes file for a complete list):
- bug 4940: fixes to bug in date handling affecting DATE_IN_FUTURE_*
and DATE_IN_PAST_* rules when more than one Resent-Date header is
present
- bug 5044: include local site config in sa-update lint checks
- bug 5081: fix race condition in spamd preforking code that sometimes
left one child process running after SIGHUPing spamd
- bug 5076: unescape hash characters in the config
- bug 5077: fix false SPF_SOFTFAIL's when SPF queries timeout
- bug 5080: update RCVD_ILLEGAL_IP evaltest to properly deal with 127/8
- bug 5089: enable adding headers with single digit zero value
- bug 5098: add support for ecelerity Received headers
- bug 5101: fix a bug, introduced in 3.1.5, in mbx code
- bug 5105: M::SA::Client doesn't always catch failed connection to
spamd, fixed
---------------------------------------------------------------------
To unsubscribe, e-mail: announce-unsubscribe@spamassassin.apache.org
For additional commands, e-mail: announce-help@spamassassin.apache.org
Apache SpamAssassin 3.1.5 is now available! This is a maintainance
release of the 3.1.x branch.
Downloads are available from:
http://spamassassin.apache.org/downloads.cgi?update=200608300000
The release file will also be available via CPAN in the near future.
md5sum of archive files:
ae8734220ef82bbb1872f64dbf9c0995 Mail-SpamAssassin-3.1.5.tar.bz2
19d2e76d7759083343d63e61e6e29739 Mail-SpamAssassin-3.1.5.tar.gz
87bd540428116d6339322fef51b0c4eb Mail-SpamAssassin-3.1.5.zip
sha1sum of archive files:
9c9bcf4098c2b3418d5ea9ba69d1dcdfa255a819 Mail-SpamAssassin-3.1.5.tar.bz2
672399ab2e600ba2ae19d71f77974dc27512e837 Mail-SpamAssassin-3.1.5.tar.gz
9350e298c04d04b755640fa3ec2b5633755f93ad Mail-SpamAssassin-3.1.5.zip
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the wwwkeys.pgp.net key server, as well as
http://spamassassin.apache.org/released/GPG-SIGNING-KEY
The key information is:
pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <release@spamassassin.org>
Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B
3.1.5 includes a large number of bug fixes and documentation updates.
Here is an abbreviated changelog (since 3.1.4) for major updates (see
the Changes file for a complete list):
- bug 4952: set a default value for DEF_RULES_DIR, LOCAL_RULES_DIR,
and LOCAL_STATE_DIR. This allows third-party code which hasn't been
updated to deal with LOCAL_STATE_DIR to still use updates.
- bug 5065: implement DomainKeys whitelisting (whitelist_from_dk)
- bug 5034: fix endless loop in Mail::SpamAssassin::Client, possible
from bad input or network error
- bug 4843: skip text/calendar parts when generating body text for processing
- bug 5022: recognize Received header from a local command line call to sendmail
- bug 5018: update RegistrarBoundaries with new list of 2TLDs
- bug 4981: remove urirhssub support for regexp subrule from URIDNSBL plugin
- bug 5049: handle comments and extra whitespace in sa-update config files.
also, fix an error during channel name validation.
- bug 5030: sa-update couldn't run GPG if the path to the binary had a space in it
- bug 4737: when rewriting headers, strip out leading spaces to better allow
filtering by some MUAs
- bug 4848: fix Pyzor, DCC, and SpamCop plugins to properly have a
configuration pointer for things like their 'dont_report_to_...' option
- bug 4492: the parameters to bayes_ignore_header were treated case sensitively
- license text changed in source files, in accordance with new ASF policy:
http://www.apache.org/legal/src-headers.html
- a bunch of documentation updates and fixes
--
Randomly Generated Tagline:
"Always bear in mind that your own resolution to succeed is more important
than any other." - Abraham Lincoln
Apache SpamAssassin 3.0.6 is now available! This is a maintainance
release of the 3.0.x branch.
Downloads are available from:
http://spamassassin.apache.org/downloads.cgi?update=200606050750
The release file will also be available via CPAN in the near future.
md5sum of archive files:
423eb193db9f7757c6d957f5c04550cb Mail-SpamAssassin-3.0.6.tar.bz2
bf0a1e1a7f6e5dd719deda6293b83e35 Mail-SpamAssassin-3.0.6.tar.gz
72c012d51f8507c2839a34f900c80412 Mail-SpamAssassin-3.0.6.zip
sha1sum of archive files:
10d42d954c421f40fbbd9411a5ff096e29240c6f Mail-SpamAssassin-3.0.6.tar.bz2
78358df8ea26513a8fbe466f484d19e487e5438f Mail-SpamAssassin-3.0.6.tar.gz
17031fd2c9b54846d4e41d7ea3945639659fd91e Mail-SpamAssassin-3.0.6.zip
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the wwwkeys.pgp.net key server, as well as
http://spamassassin.apache.org/released/GPG-SIGNING-KEY
The key information is:
pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <release@spamassassin.org>
Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B
3.0.6 fixes a remote code execution vulnerability if spamd is run with the
"--vpopmail" and "-P" options. If either/both of those options are not
used, there is no vulnerability.
Changelog:
- bug 4926: given a certain set of parameters to spamd and a specially
formatted input message, users could cause spamd to execute arbitrary
commands as the spamd user
Apache SpamAssassin 3.1.3 is now available! This is a maintainance
release of the 3.1.x branch.
Downloads are available from:
http://spamassassin.apache.org/downloads.cgi?update=200606050750
The release file will also be available via CPAN in the near future.
md5sum of archive files:
5f049f0b9fc63585a85593a3c68409bb Mail-SpamAssassin-3.1.3.tar.bz2
32ad78f3cdaddb02cdf0f55572604d07 Mail-SpamAssassin-3.1.3.tar.gz
6cb6fc27c4466091b2bc4e04af8c39bf Mail-SpamAssassin-3.1.3.zip
sha1sum of archive files:
e1f4489ec8805985e0ca79765bde586bf0286725 Mail-SpamAssassin-3.1.3.tar.bz2
ed9e18fae6db86d0b77ce48d8262194e06df9ef8 Mail-SpamAssassin-3.1.3.tar.gz
090dfd3eaa0481789fbf94f67bcf9c2dd6387959 Mail-SpamAssassin-3.1.3.zip
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the wwwkeys.pgp.net key server, as well as
http://spamassassin.apache.org/released/GPG-SIGNING-KEY
The key information is:
pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <release@spamassassin.org>
Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B
3.1.3 fixes a remote code execution vulnerability if spamd is run with the
"--vpopmail" and "-P" options. If either/both of those options are not
used, there is no vulnerability. There was also a fix for the userstate
directory and prefs file not being created.
Changelog:
- bug 4926: given a certain set of parameters to spamd and a specially
formatted input message, users could cause spamd to execute arbitrary
commands as the spamd user
- bug 4932: the userstate dir and userprefs file would not be created
under certain conditions.
Apache SpamAssassin 3.1.2 is now available! This is a maintainance
release of the 3.1.x branch.
Downloads are available from:
http://spamassassin.apache.org/downloads.cgi?update=200605251700
The release file will also be available via CPAN in the near future.
md5sum of archive files:
e1fb14def1265d6d7351ba27b5940da2 Mail-SpamAssassin-3.1.2.tar.bz2
f255d8e887ea7961939d40b184e82054 Mail-SpamAssassin-3.1.2.tar.gz
9af9f2db1526baaa01b6b14a9b0e057a Mail-SpamAssassin-3.1.2.zip
sha1sum of archive files:
aad32b73f2870182fe8f2dd5277e94d0da91b196 Mail-SpamAssassin-3.1.2.tar.bz2
ea5e1e9755e294ee9edb238144ac831602d10027 Mail-SpamAssassin-3.1.2.tar.gz
c00da67f7dd9d9df7f9e148c7530586711991f46 Mail-SpamAssassin-3.1.2.zip
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the wwwkeys.pgp.net key server, as well as
http://spamassassin.apache.org/released/GPG-SIGNING-KEY
The key information is:
pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <release@spamassassin.org>
Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B
3.1.2 includes a large number of bug fixes and documentation updates.
Here is an abbreviated changelog (since 3.1.1) for major updates (see
the Changes file for a complete list):
- bug 4802: implement DKIM plugin, including whitelist_from_dkim support
- bug 3838: work around Perl bug causing captured RE variables to become
tainted -- thanks to Mark Martinec for pointing out the bug with
Perl itself
- bug 4850: re-enable the Razor2 plugin by default due to a service
policy change
- bug 4826: Razor2 plugin needs to load Mail::SpamAssassin::Timeout module
- bug 4827: M::SA::first_existing_path() would return the last array
entry passed in if none of the paths were found. Now return undef
instead and handle the error when it happens.
- bug 4813: generally open RE causes sendmail received header get read
in as qmail in error
- bug 4839: Logger.pm converts control chars including tab into
underscores which confuses a bunch of users when checking debug output.
Convert tab into space instead, etc.
- bug 4884: if a null message is passed in, there are several variables
which end up undefined causing warnings. fake an empty message if no
input is given.
- bug 4793: when replacing tags in a message (_TAG_), leave the tags
that don't exist alone instead of just removing them
- bug 4861, 4760: handle dccifd and dccproc failover properly, backport
relays_internal and relays_external code, backport bug 4760 fix so
that it's not possible to be in internal_networks without being in
trusted_networks as well
- bug 4901: deal more properly with failures in bgsend(). also, use
the proper variable to show when errors occur.
- bug 4867: fetchmail changed header formats at some point making Received
parsing fail in certain conditions
- bug 4699: use M::SA::Timeout for spamd copy_config call and allow for empty $@ values
- bug 3754: if there's a problem opening a file via sa-learn or
spamassassin, return an error exit value.
Apache SpamAssassin 3.1.1 is now available! This is a maintainance
release of the 3.1.x branch.
Downloads are available from:
http://spamassassin.apache.org/downloads.cgi?update=200603111700
The release file will also be available via CPAN in the near future.
md5sum of archive files:
33bc2bef2619135125ccf3b5a663be1d Mail-SpamAssassin-3.1.1.tar.bz2
f7844cbc149de3d7b09a4310f4ab6739 Mail-SpamAssassin-3.1.1.tar.gz
e5ae2dc25b6fc93c048adaf4beaa86e0 Mail-SpamAssassin-3.1.1.zip
sha1sum of archive files:
7723663486b013f738eb8e805a7503f52f50e347 Mail-SpamAssassin-3.1.1.tar.bz2
cda06e3d38d831521c59e50ec024e468b76035cb Mail-SpamAssassin-3.1.1.tar.gz
582114d083dcdc0975d710d54ebdb39cb020a10e Mail-SpamAssassin-3.1.1.zip
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the wwwkeys.pgp.net key server, as well as
http://spamassassin.apache.org/released/GPG-SIGNING-KEY
The key information is:
pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <release@spamassassin.org>
Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B
3.1.1 includes a large number of bug fixes and documentation updates.
Here is an abbreviated changelog (since 3.1.0) for major updates (see
the Changes file for a complete list):
- better validate a number of different configuration options
- support new Mail::DomainKeys API, which changed incompatibly between
0.18 and 0.80 without warning
- more properly handle new Received header formats
- bug 4788: backport sa-update from 3.2 along with the local_state_dir
code, etc.
- bug 4760: strictly validate trusted/internal network configurations
- bug 4696: consolidated fixes for timeout bugs
- bug 3710: add timeout to connect so spamc -t works
- bug 4363: if a message uses CRLF for line endings, use it for header
rewrites as well
- bug 4748: add ExpressionEngine and Google redirector patterns
- bug 3815: add _RELAYCOUNTRY_ tag so that the RelayCountry plugin can
put in the list of countries relayed through
- bug 4090: x86_64 platforms (linux specifically) have an issue compiling
libspamc.so causing RPM build failures
- bug 4791: fix issue where perl would throw a UTF-8 warning for certain
messages
- bugs 4606, 4609: Adjust MIME parsing limits
- bug 4780: fix IP_ADDRESS & LOCALHOST regexes to correctly parse IPv6
addresses
- bug 4728: DUL rules should only use the last external IP, not all but
the first of the external IPs
- bug 4700: certain privileged configuration settings can inject code,
due to a bad fix for bug 3846. Back that out
- bug 4655: have redhat-rc-script create .pid file for spamassassin
service to avoid killing the wrong processes and leaving spamd running
SpamAssassin 3.1.0 is released! SpamAssassin 3.1.0 is a major update.
SpamAssassin is a mail filter which uses advanced statistical and
heuristic tests to identify spam (also known as unsolicited bulk email).
Highlights of the release
-------------------------
- Apache preforking algorithm adopted; number of spamd child processes is now
scaled, according to demand. This provides better VM behaviour when not
under peak load.
- added PostgreSQL, MySQL 4.1+, and local SDBM file Bayes storage modules. SQL
storage is now recommended for Bayes, instead of DB_File. NDBM_File support
has been dropped due to a major bug in that module.
- detect legitimate SMTP AUTH submission, to avoid false positives on
Dynablock-style rules.
- new plugins: DomainKeys (off by default), MIMEHeader: a new plugin to perform
tests against header in internal MIME structure, ReplaceTags: plugin by Felix
Bauer to support fuzzy text matching, WhiteListSubject: plugin added to
support user whitelists by Subject header.
- Razor: disable Razor2 support by default per our policy, since the service is
not free for non-personal use. It's trivial to reenable (by editing
'/etc/mail/spamassassin/v310.pre').
- DCC: disable DCC for similar reasons, due to new license terms.
- Net::DNS bug: high load caused answer packets to be mixed up and delivered as
answers to the wrong request, causing false positives. worked around.
- DNSBL lookups and other DNS operations are now more efficient, by using a
custom single-socket event-based model instead of Net::DNS.
Downloading
-----------
Pick it up from:
http://SpamAssassin.apache.org/
Note, it may take up to two hours from now for that mirror to update.
md5sum:
d28bd7e83d01b234144e336bbfde0caa Mail-SpamAssassin-3.1.0.tar.bz2
f70c1fcab3d9563731bbc307eda7d69e Mail-SpamAssassin-3.1.0.tar.gz
65e9629ce255244fe3cb3d9772cdf239 Mail-SpamAssassin-3.1.0.zip
sha1sum:
0185f076f619dd9e64e94b453017f9b08d4b0f04 Mail-SpamAssassin-3.1.0.tar.bz2
d887cbae5962cb03e45aaf71cd93881a27cccc99 Mail-SpamAssassin-3.1.0.tar.gz
8b9494448782f910e573377bf226a8072f24bb3f Mail-SpamAssassin-3.1.0.zip
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the wwwkeys.pgp.net key server, as well as
http://spamassassin.apache.org/released/GPG-SIGNING-KEY
The key information is:
pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <release@spamassassin.org>
Key fingerprint =3D 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B
Important installation notes
----------------------------
- see the INSTALL and UPGRADE files in the distribution.
Summary of major changes since 3.0.x
------------------------------------
- Apache preforking algorithm adopted; number of spamd child processes is now
scaled, according to demand. This provides better VM behaviour when not
under peak load.
- Inclusion of sa-update script which will allow for updates of rules and
scores in between code releases.
- added PostgreSQL, MySQL 4.1+, and local SDBM file Bayes storage modules. SQL
storage is now recommended for Bayes, instead of DB_File. NDBM_File support
has been dropped due to a major bug in that module.
- detect legitimate SMTP AUTH submission, to avoid false positives on
Dynablock-style rules.
- new Advance Fee Fraud (419 scam) rules.
- removed use of the Storable module, due to several reported hangs on SMP
Linux machines.
- Converted several rule/engine components into Plugins such as:
AccessDB, AWL, Pyzor, Razor2, DCC, Bayes AutoLearn Determination, etc.
- new plugins: DomainKeys (off by default), MIMEHeader: a new plugin to perform
tests against header in internal MIME structure, ReplaceTags: plugin by Felix
Bauer to support fuzzy text matching, WhiteListSubject: plugin added to
support user whitelists by Subject header.
- TextCat language guesser moved to a plugin. (This means "ok_languages"
is no longer part of the core engine by default.)
- Razor: disable Razor2 support by default per our policy, since the
service is not free for non-personal use. It's trivial to reenable.
- DCC: disable DCC for similar reasons, due to new license terms.
- Net::DNS bug: high load caused answer packets to be mixed up and delivered as
answers to the wrong request, causing false positives. worked around.
- DNSBL lookups and other DNS operations are now more efficient, by using a
custom single-socket event-based model instead of Net::DNS.
- add support for accreditation services, including Habeas v2.
- better URI parsing -- many evasion tricks now caught.
- URIBL lookups are prioritized based on the location in the message
the URI was found.
- mass-check now supports reusing realtime DNSBL hit results, and sample-based
Bayes autolearning emulation, to reduce complexity.
- sa-learn, spamassassin and mass-check now have optional progress bars.
- modify header ordering for DomainKeys compatibility, by placing markup
headers at the top of the message instead at the bottom of the list.
- spamd/spamc now support remote Bayes training, and reporting spam.
- spamc now supports reading its flags from a configuration file using the -F
switch, contributed by John Madden.
- added SPF-based whitelisting.
- Polish rules contributed by Radoslaw Stachowiak.
- many rule changes and additions.
---------------------------------------------------------------------
To unsubscribe, e-mail: announce-unsubscribe@spamassassin.apache.org
For additional commands, e-mail: announce-help@spamassassin.apache.org
Apache SpamAssassin 3.0.4 was recently released [0], and fixes a denial of service vulnerability in versions 3.0.1, 3.0.2, and 3.0.3. The vulnerability allows certain misformatted long message headers to cause spam checking to take a very long time. While the exploit has yet to be seen in the wild, we are concerned that there may be attempts to abuse the vulnerability in the future. Therefore, we strongly recommend all users of these versions upgrade to Apache SpamAssassin 3.0.4 as soon as possible. This issue has been assigned CVE id CAN-2005-1266 [1]. To contact the Apache SpamAssassin security team, please e-mail security at spamassassin.apache.org. For more information about Apache SpamAssassin, visit the http://spamassassin.apache.org/ web site. Apache SpamAssassin Security Team [0]: http://mail-archives.apache.org/mod_mbox/spamassassin-dev/200506.mbox/%3c20050606223631.GG11538@kluge.net%3e [1]: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1266 --------------------------------------------------------------------- To unsubscribe, e-mail: announce-unsubscribe@spamassassin.apache.org For additional commands, e-mail: announce-help@spamassassin.apache.org
SpamAssassin 3.0.3 is released! SpamAssassin 3.0.3 contains some
important bug fixes and is recommended for use over previous
versions.
SpamAssassin is a mail filter which uses advanced statistical and
heuristic tests to identify spam (also known as unsolicited bulk email).
Highlights of the release
-------------------------
- Fixed possible memory bloat from large AutoWhitelist db files
- Fixed where user defined rules scores became ignored
- Updated parsing code for several Received: header formats
- Increased some BAYES_* scores for the network+bayes score set
- Document set_tag for Plugin API and added get_tag
- Additional bug fixes.
Downloading
-----------
You can pick up the release here: http://spamassassin.apache.org/
You can also find it on your favorite CPAN mirror (you may need to
wait a day or so for the release to propagate).
md5sum of archive files:
c9028e72958909285e43feb806d948dc Mail-SpamAssassin-3.0.3.tar.bz2
ca96f23cd1eb7d663ab55db98ef8090c Mail-SpamAssassin-3.0.3.tar.gz
d7292ec75eb61e0fa2ceb6aa5b20fed9 Mail-SpamAssassin-3.0.3.zip
sha1sum of archive files:
324763dd7b344b68ad9ab73fd68b8f779c801aab Mail-SpamAssassin-3.0.3.tar.bz2
e31407b68bf362dfe53814c0af867e8134c9808b Mail-SpamAssassin-3.0.3.tar.gz
c1aa1583eebc0771ee053b8a484a42fc22b8630c Mail-SpamAssassin-3.0.3.zip
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the wwwkeys.pgp.net key server, as well as
http://spamassassin.apache.org/released/GPG-SIGNING-KEY
The key information is:
pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <release@spamassassin.org>
Key fingerprint =3D 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B
Note: GnuPG 1.4.0, and possibly 1.3.x versions, seem to have problems
verifying certain signature files, including the type as used for
SpamAssassin releases. If you are running an affected version, please
verify the code using both MD5 and SHA1 sum values instead.
The SpamAssassin Developers
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SpamAssassin 3.0.1 is released! 3.0.1 contains some important
bugfixes, and is recommended.
Highlights:
- excessive memory-usage fixes
- bug fixed which stopped DCC, Pyzor working with amavisd
- deprecate RCVD_IN_RFC_IPWHOIS
- user_prefs were staying active between different spamd users, fixed
- user_prefs blacklist entries were not working in spamd, fixed
- excessive time and memory consumption when ok_languages is used, fixed
- sa-learn -u switch to specify the username for virtual environments
- avoid bug in Sys::Hostname::Long that renames the hostname when "make
test" is run
- whitelist the top 125 queried SURBL domains common in nonspam
Pick it up at http://spamassassin.apache.org/ !
md5sum of archive files:
83f60f97c823d9b8df19309247fe33eb Mail-SpamAssassin-3.0.1.tar.bz2
759e0486b07c4a03aa340d4a04e1d849 Mail-SpamAssassin-3.0.1.tar.gz
e42d4f6b7228f899efdfdce03b8851a0 Mail-SpamAssassin-3.0.1.zip
sha1sum of archive files:
7ad929efc388ebdf26da052c6fca958c7541bb4f Mail-SpamAssassin-3.0.1.tar.bz2
a3aebae1bf3c97830e540c42dc64791787d966c9 Mail-SpamAssassin-3.0.1.tar.gz
e4f23ad8251914bb240a4e42438310a263ca5056 Mail-SpamAssassin-3.0.1.zip
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the wwwkeys.pgp.net key server, as well as
http://spamassassin.apache.org/released/GPG-SIGNING-KEY
The key information is:
pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <release@spamassassin.org>
Key fingerprint =3D 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B
- --j.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Exmh CVS
iD8DBQFBectWMJF5cimLx9ARAh2DAKCBru7brC0dtjD4G2/QGvAmWntURgCgoKBp
J1C/3vGNxtuJcxuosscN+E4=
=RAAd
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: announce-unsubscribe@spamassassin.apache.org
For additional commands, e-mail: announce-help@spamassassin.apache.org
--------------------------------------------------------------------- To unsubscribe, e-mail: announce-unsubscribe@spamassassin.apache.org For additional commands, e-mail: announce-help@spamassassin.apache.org
Apache Software Foundation Announces SpamAssassin 3.0 Release Forest Hill, MD - September 22, 2004 -- The Apache Software Foundation is pleased to announce the release of SpamAssassin 3.0. SpamAssassin 3.0 contains a number of new technologies designed to protect against the changing techniques used by spammers. This is the first SpamAssassin release as an Apache Software Foundation project and under the Apache License. The release is available from the Apache SpamAssassin web site (http://spamassassin.apache.org/) via the Apache mirror network. SpamAssassin 3.0 delivers many new features including support for sender authentication using the Sender Policy Framework (SPF), checking for web links of known spam advertisers, a modular plugin architecture, improved SQL database support for storing user data in server installations, and improved email classification. SpamAssassin's practical multi-technique approach, modularity, and extensibility continue to give it an advantage over other anti-spam systems. Due to these advantages, SpamAssassin is widely used in all aspects of email management. You can readily find SpamAssassin in use in both email clients and servers, on many different operating systems, filtering incoming as well as outgoing email, and implementing a very broad range of policy actions. These installations include service providers, businesses, not-for-profit and educational organizations, and end-user systems. SpamAssassin also forms the basis for numerous commercial anti-spam products available on the market today. About SpamAssassin SpamAssassin is an intelligent email filter which uses a diverse range of tests to identify unsolicited bulk email, more commonly known as "spam". These tests are applied to email headers and content to classify email using advanced statistical methods. In addition, SpamAssassin has a modular architecture that allows other technologies to be quickly wielded against spam and is designed for easy integration into virtually any email system. About the Apache Software Foundation The Apache Software Foundation provides organizational, legal, and financial support for a broad range of open source software projects. As a US 501(c)(3) public charity, the Foundation provides an established framework for contributions of both intellectual property and funding for the support of open source software development. Through a collaborative and meritocratic development process, Apache projects deliver enterprise-grade, freely available software products for the public benefit, attracting large communities of users and enabling future innovation, both commercial and individual, through its pragmatic Apache License. Press Contact: press@apache.org -- Daniel Quinlan ApacheCon! 13-17 November (3 SpamAssassin http://www.pathname.com/~quinlan/ http://www.apachecon.com/ sessions & more) --------------------------------------------------------------------- To unsubscribe, e-mail: announce-unsubscribe@spamassassin.apache.org For additional commands, e-mail: announce-help@spamassassin.apache.org
*** THIS IS A RELEASE CANDIDATE ONLY, NOT THE FINAL 3.0.0 RELEASE ***
SpamAssassin 3.0.0-rc5 is released! SpamAssassin 3.0.0 is a major update
and includes a number of new email and anti-spam technologies.
SpamAssassin is a mail filter which uses advanced statistical and
heuristic tests to identify spam (also known as unsolicited bulk email).
Highlights of the release
-------------------------
- SpamAssassin is now part of the Apache Software Foundation and has an
improved software license, the 2.0 version of the Apache License.
- SpamAssassin now includes support for SPF (the Sender Policy Framework,
http://spf.pobox.com/).
- Web site links contained in the message are checked against SURBL and
SBL. SURBL and SBL track sites that advertise with spam, known spam
sources, and spam services.
- The new 3.0 architecture allows third-parties to easily add plugin modules.
- There is now SQL database support for both the Bayes and auto-whitelist
modules, allowing more large sites to easily deploy SpamAssassin.
- A more accurate simulation of email client handling of MIME and HTML
improves our accuracy. In addition, there is better detection and
handling of spammer techniques that try to trick anti-spam software.
Downloading
-----------
Pick it up from:
http://spamassassin.apache.org/released/Mail-SpamAssassin-3.0.0-rc5.tar.gz
http://spamassassin.apache.org/released/Mail-SpamAssassin-3.0.0-rc5.tar.bz2
http://spamassassin.apache.org/released/Mail-SpamAssassin-3.0.0-rc5.zip
md5sum:
5c7b9637916ccff578b91a7efb657576 Mail-SpamAssassin-3.0.0-rc5.tar.bz2
032a0336cb50c9458c7691264216c8a9 Mail-SpamAssassin-3.0.0-rc5.tar.gz
80de4033e1dc02a61638a8f6eb9894bd Mail-SpamAssassin-3.0.0-rc5.zip
sha1sum:
cf76cd12b680ace39bd05ac4e86e9b1a017888c2 Mail-SpamAssassin-3.0.0-rc5.tar.bz2
99618bdc7936c63b4654b159bd9834d643f126a2 Mail-SpamAssassin-3.0.0-rc5.tar.gz
9765337141ea92d2016139f85d1894aec22fcd44 Mail-SpamAssassin-3.0.0-rc5.zip
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the wwwkeys.pgp.net key server, as well as
http://spamassassin.apache.org/released/GPG-SIGNING-KEY
The key information is:
pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <release@spamassassin.org>
Key fingerprint =3D 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B
Important installation notes
----------------------------
- The SpamAssassin 2.6x release series was the last set of releases to
officially support perl versions earlier than perl 5.6.1. If you are
using an earlier version of perl, you will need to upgrade before you
can use the 3.0.0 version of SpamAssassin.
- SpamAssassin 3.0.0 has a significantly different API (Application
Program Interface) from the 2.x series of code. This means that if you
use SpamAssassin through a third-party utility (milter, etc,) you need
to make sure you have an updated version which supports 3.0.0.
- The --auto-whitelist and -a options for "spamd" and "spamassassin" to
turn on the auto-whitelist have been removed and replaced by the
"use_auto_whitelist" configuration option which is also now turned on by
default.
- The "rewrite_subject" and "subject_tag" configuration options were
deprecated and are now removed. Instead, using "rewrite_header Subject
[your desired setting]". e.g.
rewrite_subject 1
subject_tag ****SPAM(_SCORE_)****
becomes
rewrite_header Subject ****SPAM(_SCORE_)****
- The Bayesian storage modules have been completely re-written and now
include Berkeley DB (DBM) storage as well as SQL based storage (see
sql/README.bayes for more information). In addition, a new format has
been introduced for the bayes database that stores tokens in fixed
length hashes. All DBM databases should be automatically converted to
this new format the first time they are opened for write. You can
manually perform the upgrade by running "sa-learn --sync" from the
command line.
The "sa-learn --rebuild" command has been deprecated; please use
"sa-learn --sync" instead. The --rebuild option will remain temporarily
for backwards compatibility.
- "spamd" now has a default max-children setting of 5; no more than 5
child scanner processes will be run in parallel. Previously, there was
no default limit unless you specified the "-m" switch when starting
spamd.
- If you are using a UNIX machine with all database files on local disks,
and no sharing of those databases across NFS filesystems, you can use a
more efficient, but non-NFS-safe, locking mechanism. Do this by adding
the line "lock_method flock" to the /etc/mail/spamassassin/local.cf
file. This is strongly recommended if you're not using NFS, as it is
much faster than the NFS-safe locker.
- Please note that the use of the following command line parameters for
spamassassin and spamd have been deprecated and are now removed. If you
currently use these flags, please remove them:
in the 2.6x series: --add-from, --pipe, -F, -P, --stop-at-threshold, -S
in the 3.0.x series: --auto-whitelist, -a
- The following flags are deprecated and will be removed in a future major
release: --whitelist-factory, -M, --warning-from, -w, --log-to-mbox, -l.
- SpamAssassin runs in "taint mode" by default for improved security.
Certain third-party modules, such as Razor v2, may be incompatible with
taint mode. For Razor v2, you will need to be using v2.40 of
razor-agents or higher which allows taint mode by default. Earlier
versions which are patched to allow taint mode may be used as well.
- Finally, 2.6x deprecated the use of the "check_bayes_db" script, and it
is now no longer available. Please see the sa-learn man/pod
documentation for more info.
Summary of major changes since 2.6x
-----------------------------------
Licensing:
- Relicensed using Apache License v2.0, instead of dual GPL/PAL licensing,
since we are now an Apache Incubator project.
New rules:
- SPF testing, if the Mail::SPF::Query module is installed.
- added new rules and code to combat Bayes poisoning text and random
hash-busters; Habeas rules now verify against the Habeas user
list, to combat forged marks used in spam.
- URIDNSBL rules. These do DNSBL lookups on URLs, allowing URLs found
in the message body to be used in spam determination. Added the SURBL
blocklist (http://www.surbl.org/).
- Spamhaus XBL and a variety of new DNSBL rules
- Hashcash support.
- added Bob Menschel's 'longwords' rules
- added 'backhair' rule, technique based on Jennifer Wheeler's ruleset
- added Matt Kettler's 'antidrug' ruleset
- added anti-fraud rules from Matt Yackley
- added some hostname-based blocklist tests based on the envelope
sender address.
- a *lot* of other new rules, too many to detail here
Spamd:
- spamd now uses a 'preforking' model instead of 'fork per message'.
- new log format, detailing message-id, resent-message-id, the tests hit,
autolearn status, and several other things in a mass-check compatible
format, to provide more information for spamd log-summarizer scripts.
Infrastructure:
- Plugins. Third-party modules can now be written and loaded dynamically
from inside SpamAssassin, to provide support for entirely new rule types
or eval tests.
- SQL support for Bayes and AWL storage, thanks to Michael Parker.
See sql/README.bayes and sql/README.awl for additional information.
- ground-up rewrite of the MIME parser. Now deals correctly with complex
MIME structures, including entire message/rfc822 message attachments.
- rules can now test the "MAIL FROM:" address used in the SMTP transaction,
if it was logged to the message headers, using the "EnvelopeFrom"
pseudoheader. This allows rules such as SPF to be applied.
- Added optional faster but NFS-unsafe Bayes locking mechanism, using
"lock_method flock"
- support for parsing mbx mailboxes, as used by UW IMAP. Thanks to John
Newman for this patch.
- refactored configuration parser to split parser code from configuration
settings.
- Bayes databases can now be backed up and restored using --backup and
--restore.
- Config files can now include other files using the "include" command.
- replaced GA-based evolver with fast Perceptron score generation tool by
Henry Stern; scores can now be generated much more quickly.
- The "spamassassin" script can now check collections of mail en masse. This
lets us do things like 'spamassassin -d --mbox file1' and have the
functionality go over the entire mbox file. same for checks, adding to
white/black-lists, etc.
- Windows support improved.
Translations:
- Dutch translation, thanks to Jesse Houwing
- Polish translations from Jerzy Szczudlowski and radek at alter dot pl
- French translations, Michel Bouissou
- German translations, Klaus Heinz
*** THIS IS A RELEASE CANDIDATE ONLY, NOT THE FINAL 3.0.0 RELEASE ***
SpamAssassin 3.0.0-rc4 is released! SpamAssassin 3.0.0 is a major update and
includes a number of new email and anti-spam technologies.
SpamAssassin is a mail filter which uses advanced statistical and
heuristic tests to identify spam (also known as unsolicited bulk email).
Highlights of the release
-------------------------
- SpamAssassin is now part of the Apache Software Foundation and has an
improved software license, the 2.0 version of the Apache License.
- SpamAssassin now includes support for SPF (the Sender Policy Framework,
http://spf.pobox.com/).
- Web site links contained in the message are checked against SURBL and
SBL. SURBL and SBL track sites that advertise with spam, known spam
sources, and spam services.
- The new 3.0 architecture allows third-parties to easily add plugin modules.
- There is now SQL database support for both the Bayes and auto-whitelist
modules, allowing more large sites to easily deploy SpamAssassin.
- A more accurate simulation of email client handling of MIME and HTML
improves our accuracy. In addition, there is better detection and
handling of spammer techniques that try to trick anti-spam software.
Downloading
-----------
Pick it up from:
http://spamassassin.apache.org/released/Mail-SpamAssassin-3.0.0-rc4.tar.gz
http://spamassassin.apache.org/released/Mail-SpamAssassin-3.0.0-rc4.tar.bz2
http://spamassassin.apache.org/released/Mail-SpamAssassin-3.0.0-rc4.zip
md5sum:
d67e7a7c1ba5206f9aef60d8f6e91988 Mail-SpamAssassin-3.0.0-rc4.tar.bz2
c6631facddfba1ca2d9f03968909aee9 Mail-SpamAssassin-3.0.0-rc4.tar.gz
dfe733f7a183ee4984e6a1b46c9a0891 Mail-SpamAssassin-3.0.0-rc4.zip
sha1sum:
3d611f4f61997878964f61300bc7cfe6871f0b7f Mail-SpamAssassin-3.0.0-rc4.tar.bz2
4d4b02712c8d66fe9b535b96c41c9908ec5628be Mail-SpamAssassin-3.0.0-rc4.tar.gz
75de0bcefb408070e8f94dcdc4dd1e3d26dc4357 Mail-SpamAssassin-3.0.0-rc4.zip
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the wwwkeys.pgp.net key server, as well as
http://spamassassin.apache.org/released/GPG-SIGNING-KEY
The key information is:
pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <release@spamassassin.org>
Key fingerprint =3D 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B
Important installation notes
----------------------------
- The SpamAssassin 2.6x release series was the last set of releases to
officially support perl versions earlier than perl 5.6.1. If you are
using an earlier version of perl, you will need to upgrade before you
can use the 3.0.0 version of SpamAssassin.
- SpamAssassin 3.0.0 has a significantly different API (Application
Program Interface) from the 2.x series of code. This means that if you
use SpamAssassin through a third-party utility (milter, etc,) you need
to make sure you have an updated version which supports 3.0.0.
- The --auto-whitelist and -a options for "spamd" and "spamassassin" to
turn on the auto-whitelist have been removed and replaced by the
"use_auto_whitelist" configuration option which is also now turned on by
default.
- The "rewrite_subject" and "subject_tag" configuration options were
deprecated and are now removed. Instead, using "rewrite_header Subject
[your desired setting]". e.g.
rewrite_subject 1
subject_tag ****SPAM(_SCORE_)****
becomes
rewrite_header Subject ****SPAM(_SCORE_)****
- The Bayesian storage modules have been completely re-written and now
include Berkeley DB (DBM) storage as well as SQL based storage (see
sql/README.bayes for more information). In addition, a new format has
been introduced for the bayes database that stores tokens in fixed
length hashes. All DBM databases should be automatically converted to
this new format the first time they are opened for write. You can
manually perform the upgrade by running "sa-learn --sync" from the
command line.
The "sa-learn --rebuild" command has been deprecated; please use
"sa-learn --sync" instead. The --rebuild option will remain temporarily
for backwards compatibility.
- "spamd" now has a default max-children setting of 5; no more than 5
child scanner processes will be run in parallel. Previously, there was
no default limit unless you specified the "-m" switch when starting
spamd.
- If you are using a UNIX machine with all database files on local disks,
and no sharing of those databases across NFS filesystems, you can use a
more efficient, but non-NFS-safe, locking mechanism. Do this by adding
the line "lock_method flock" to the /etc/mail/spamassassin/local.cf
file. This is strongly recommended if you're not using NFS, as it is
much faster than the NFS-safe locker.
- Please note that the use of the following command line parameters for
spamassassin and spamd have been deprecated and are now removed. If you
currently use these flags, please remove them:
in the 2.6x series: --add-from, --pipe, -F, -P, --stop-at-threshold, -S
in the 3.0.x series: --auto-whitelist, -a
- The following flags are deprecated and will be removed in a future major
release: --whitelist-factory, -M, --warning-from, -w, --log-to-mbox, -l.
- SpamAssassin runs in "taint mode" by default for improved security.
Certain third-party modules, such as Razor v2, may be incompatible with
taint mode. For Razor v2, you will need to be using v2.40 of
razor-agents or higher which allows taint mode by default. Earlier
versions which are patched to allow taint mode may be used as well.
- Finally, 2.6x deprecated the use of the "check_bayes_db" script, and it
is now no longer available. Please see the sa-learn man/pod
documentation for more info.
Summary of major changes since 2.6x
-----------------------------------
Licensing:
- Relicensed using Apache License v2.0, instead of dual GPL/PAL licensing,
since we are now an Apache Incubator project.
New rules:
- SPF testing, if the Mail::SPF::Query module is installed.
- added new rules and code to combat Bayes poisoning text and random
hash-busters; Habeas rules now verify against the Habeas user
list, to combat forged marks used in spam.
- URIDNSBL rules. These do DNSBL lookups on URLs, allowing URLs found
in the message body to be used in spam determination. Added the SURBL
blocklist (http://www.surbl.org/).
- Spamhaus XBL and a variety of new DNSBL rules
- Hashcash support.
- added Bob Menschel's 'longwords' rules
- added 'backhair' rule, technique based on Jennifer Wheeler's ruleset
- added Matt Kettler's 'antidrug' ruleset
- added anti-fraud rules from Matt Yackley
- added some hostname-based blocklist tests based on the envelope
sender address.
- a *lot* of other new rules, too many to detail here
Spamd:
- spamd now uses a 'preforking' model instead of 'fork per message'.
- new log format, detailing message-id, resent-message-id, the tests hit,
autolearn status, and several other things in a mass-check compatible
format, to provide more information for spamd log-summarizer scripts.
Infrastructure:
- Plugins. Third-party modules can now be written and loaded dynamically
from inside SpamAssassin, to provide support for entirely new rule types
or eval tests.
- SQL support for Bayes and AWL storage, thanks to Michael Parker.
See sql/README.bayes and sql/README.awl for additional information.
- ground-up rewrite of the MIME parser. Now deals correctly with complex
MIME structures, including entire message/rfc822 message attachments.
- rules can now test the "MAIL FROM:" address used in the SMTP transaction,
if it was logged to the message headers, using the "EnvelopeFrom"
pseudoheader. This allows rules such as SPF to be applied.
- Added optional faster but NFS-unsafe Bayes locking mechanism, using
"lock_method flock"
- support for parsing mbx mailboxes, as used by UW IMAP. Thanks to John
Newman for this patch.
- refactored configuration parser to split parser code from configuration
settings.
- Bayes databases can now be backed up and restored using --backup and
--restore.
- Config files can now include other files using the "include" command.
- replaced GA-based evolver with fast Perceptron score generation tool by
Henry Stern; scores can now be generated much more quickly.
- The "spamassassin" script can now check collections of mail en masse. This
lets us do things like 'spamassassin -d --mbox file1' and have the
functionality go over the entire mbox file. same for checks, adding to
white/black-lists, etc.
- Windows support improved.
Translations:
- Dutch translation, thanks to Jesse Houwing
- Polish translations from Jerzy Szczudlowski and radek at alter dot pl
- French translations, Michel Bouissou
- German translations, Klaus Heinz
ApacheCon US 2004
Alexis Park Resort
Las Vegas, Nevada, USA
13-17 November 2004
The Apache Software Foundation invites you to ApacheCon U.S. 2004.
"The only sure thing in Las Vegas"
REGISTRATION IS NOW OPEN!
Please click on the 'Registry' link at the top of
<http://www.apachecon.com/>. You will need to log in to the site; if you
have never done so before, you will need to create an account. If you
already have an account in the ApacheCon system, please do not create
another one!
Presentations and Tutorials
All normal presentations, keynotes, and special events will be held
Monday, Tuesday, and Wednesday (November 15-17). The three days at
ApacheCon provide you with a choice of more than 65 talks.
The special in-depth tutorials will be held Saturday and Sunday (November
13-14). You can choose between 18 different tutorials.
SpamAssassin Sessions!
There will be three SpamAssassin sessions at ApacheCon 2004. There will
be one 3-hour tutorial and two 1-hour talks on SpamAssassin.
T09: SpamAssassin Tutorial
Day: Sun
Time: 09h00
Session chair: None assigned
Duration: 180 minutes
Style: Tutorial
Level: Novice
Audience: Technical
Categories: Anti-Spam, New Technologies, Performance, Perl
Speaker: Daniel Quinlan
Abstract:
SpamAssassin is perhaps the most widely deployed anti-spam tool in
the world and has long been the gold standard for spam filters. It's
open source, extensible, flexible, and very effective. This tutorial
will give you the tools you need to make SpamAssassin work well for
your site and your users.
Topics covered will include: how SpamAssassin works and the
SpamAssassin filtering model, SpamAssassin installation and set-up,
writing your own rules, debugging problems, analysis and
diagnostics, optimizing SpamAssassin performance, the development
process, and how to get involved. Also discussed will be current
anti-spam best practices that are important for both senders and
receivers of email.
MO09: New and upcoming features in SpamAssassin v3
Day: Mon
Time: 13h30
Session chair: None assigned
Duration: 60 minutes
Style: Presentation
Level: Novice
Audience: Technical
Categories: Anti-Spam, New Technologies
Speaker: Theo Van Dinter
Abstract:
Almost a year in the making, SpamAssassin v3.0 includes a large
number of modifications and new features. This session covers the
major changes and features found in v3.0, and will also include
discussion about ongoing work for v3.1 and beyond.
MO13: Storing SpamAssassin User Data in SQL Databases
Day: Mon
Time: 14h30
Session chair: None assigned
Duration: 60 minutes
Style: Presentation
Level: Experienced
Audience: Technical
Categories: Anti-Spam, Databases, New Technologies, Performance, Perl
Speaker: Michael Parker
Abstract:
With the release of SpamAssassin 3.0.0 virtually all user specific
data (preferences, AWL and bayes) can be stored in a SQL
database. This session will cover basic setup, usage and maintenance
of storing data in a SQL database as well as some convenient tools
to help. In addition, there will be some discussion about the
development process and design along with future directions of the
SQL based storage for SpamAssassin.
--
Daniel Quinlan
http://www.pathname.com/~quinlan/
---------------------------------------------------------------------
To unsubscribe, e-mail: announce-unsubscribe@spamassassin.apache.org
For additional commands, e-mail: announce-help@spamassassin.apache.org
*** THIS IS A PRE-RELEASE ONLY, NOT THE FINAL 3.0.0 RELEASE ***
SpamAssassin 3.0.0-pre1 is released! SpamAssassin 3.0 is a major update
and includes a number of new email and anti-spam technologies.
SpamAssassin is a mail filter which uses advanced statistical and
heuristic tests to identify spam (also known as unsolicited bulk email).
Highlights of the release
-------------------------
- SpamAssassin is now part of the Apache Software Foundation, bringing an
improved and clearer software license, the 2.0 version of the Apache
License.
- We added a new architecture which allows third-parties to easily add
plugin modules.
- There is now SQL database support for both the Bayes and auto-whitelist
subsystems, allowing more large sites to easily deploy SpamAssassin.
- A more accurate simulation of email client handling of MIME and HTML
improves our accuracy. In addition, there is better detection and
handling of spammer techniques used to trick email clients and filters.
- Web sites contained in the message body are checked against network
databases of domains that advertise with spam.
- SpamAssassin now includes support for SPF (the Sender Policy Framework,
http://spf.pobox.com/).
Downloading
-----------
Pick it up from:
http://SpamAssassin.org/released/Mail-SpamAssassin-3.0.0-pre1.tar.gz
http://SpamAssassin.org/released/Mail-SpamAssassin-3.0.0-pre1.tar.bz2
http://SpamAssassin.org/released/Mail-SpamAssassin-3.0.0-pre1.zip
md5sum:
bb42ada117c965bfa5b63046173cc4e0 Mail-SpamAssassin-3.000000-pre1.tar.gz
53ebc4b0527d8f99d9fc3b52781a8100 Mail-SpamAssassin-3.000000-pre1.tar.bz2
5f23d79ceaaa60ba4017cb067414dd01 Mail-SpamAssassin-3.000000-pre1.zip
sha1sum:
9b1e02af2ecc79fc8149f399fad4090bfb981767 Mail-SpamAssassin-3.000000-pre1.tar.gz
fb7fafb039dabba4d644d604c7a9dc056bd8b1b0 Mail-SpamAssassin-3.000000-pre1.tar.bz2
1f152f1834e8611dc47350594e920d65fef1143d Mail-SpamAssassin-3.000000-pre1.zip
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the wwwkeys.pgp.net key server, as well as
http://www.spamassassin.org/released/GPG-SIGNING-KEY
The key information is:
pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <release@spamassassin.org>
Key fingerprint =3D 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B
Important installation notes
----------------------------
- The SpamAssassin 2.6x release series was the last set of releases to
officially support perl versions earlier than perl 5.6.1. If you are
using an earlier version of perl, you will need to upgrade before you
can use the 3.0.0 version of SpamAssassin.
- SpamAssassin 3.0.0 has a significantly different API (Application
Program Interface) from the 2.x series of code. This means that if you
use SpamAssassin through a third-party utility (milter, etc,) you need
to make sure you have an updated version which supports 3.0.0.
- The --auto-whitelist and -a options for "spamd" and "spamassassin" to
turn on the auto-whitelist have been removed and replaced by the
"use_auto_whitelist" configuration option which is also now turned on by
default.
- The "rewrite_subject" configuration setting was deprecated and is now
removed. Instead, using "rewrite_header Subject [your desired setting]".
e.g.
rewrite_subject ****SPAM(_SCORE_)****
becomes
rewrite_header Subject ****SPAM(_SCORE_)****
- The Bayesian storage modules have been completely re-written and now
include Berkeley DB (DBM) storage as well as SQL based storage (see
sql/README.bayes for more information). In addition, a new format has
been introduced for the bayes database that stores tokens in fixed
length hashes. All DBM databases should be automatically converted to
this new format the first time they are opened for write. You can
manually perform the upgrade by running "sa-learn --sync" from the
command line.
The "sa-learn --rebuild" command has been deprecated; please use
"sa-learn --sync" instead. The --rebuild option will remain temporarily
for backwards compatibility.
- "spamd" now has a default max-children setting of 5; no more than 5
child scanner processes will be run in parallel. Previously, there was
no default limit unless you specified the "-m" switch when starting
spamd.
- If you are using a UNIX machine with all database files on local disks,
and no sharing of those databases across NFS filesystems, you can use a
more efficient, but non-NFS-safe, locking mechanism. Do this by adding
the line "lock_method flock" to the /etc/mail/spamassassin/local.cf
file. This is strongly recommended if you're not using NFS, as it is
much faster than the NFS-safe locker.
- Please note that the use of the following command line parameters for
spamassassin and spamd have been deprecated and are now removed. If you
currently use these flags, please remove them:
in the 2.6x series: --add-from, --pipe, -F, -P, --stop-at-threshold, -S
in the 3.0.x series: --auto-whitelist, -a
- The following flags are deprecated and will be removed in a future major
release: --whitelist-factory, -M, --warning-from, -w, --log-to-mbox, -l.
- SpamAssassin runs in "taint mode" by default for improved security.
Certain third-party modules, such as Razor v2, may be incompatible with
taint mode. For Razor v2, you will need to be using v2.40 of
razor-agents or higher which allows taint mode by default. Earlier
versions which are patched to allow taint mode may be used as well.
- Finally, 2.6x deprecated the use of the "check_bayes_db" script, and it
is now no longer available. Please see the sa-learn man/pod
documentation for more info.
Summary of major changes since 2.6x
-----------------------------------
Licensing:
- Relicensed using Apache License v2.0, instead of dual GPL/PAL licensing,
since we are now an Apache Incubator project.
New rules:
- SPF testing, if the Mail::SPF::Query module is installed.
- added new rules and code to combat Bayes poisoning text and random
hash-busters; Habeas rules now verify against the Habeas user
list, to combat forged marks used in spam.
- URIDNSBL rules. These do DNSBL lookups on URLs, allowing URLs found
in the message body to be used in spam determination. Added the SURBL
blocklist (http://www.surbl.org/).
- Spamhaus XBL and a variety of new DNSBL rules
- Hashcash support.
- added Bob Menschel's 'longwords' rules
- added 'backhair' rule, technique based on Jennifer Wheeler's ruleset
- added Matt Kettler's 'antidrug' ruleset
- added anti-fraud rules from Matt Yackley
- added some hostname-based blocklist tests based on the envelope
sender address.
- a *lot* of other new rules, too many to detail here
Spamd:
- spamd now uses a 'preforking' model instead of 'fork per message'.
- new log format, detailing message-id, resent-message-id, the tests hit,
autolearn status, and several other things in a mass-check compatible
format, to provide more information for spamd log-summarizer scripts.
Infrastructure:
- Plugins. Third-party modules can now be written and loaded dynamically
from inside SpamAssassin, to provide support for entirely new rule types
or eval tests.
- SQL support for Bayes and AWL storage, thanks to Michael Parker.
See sql/README.bayes and sql/README.awl for additional information.
- ground-up rewrite of the MIME parser. Now deals correctly with complex
MIME structures, including entire message/rfc822 message attachments.
- rules can now test the "MAIL FROM:" address used in the SMTP transaction,
if it was logged to the message headers, using the "EnvelopeFrom"
pseudoheader. This allows rules such as SPF to be applied.
- Added optional faster but NFS-unsafe Bayes locking mechanism, using
"lock_method flock"
- support for parsing mbx mailboxes, as used by UW IMAP. Thanks to John
Newman for this patch.
- refactored configuration parser to split parser code from configuration
settings.
- Bayes databases can now be backed up and restored using --backup and
--restore.
- Config files can now include other files using the "include" command.
- replaced GA-based evolver with fast Perceptron score generation tool by
Henry Stern; scores can now be generated much more quickly.
- The "spamassassin" script can now check collections of mail en masse. This
lets us do things like 'spamassassin -d --mbox file1' and have the
functionality go over the entire mbox file. same for checks, adding to
white/black-lists, etc.
Translations:
- Dutch translation, thanks to Jesse Houwing
- Polish translations from Jerzy Szczudlowski and radek at alter dot pl
- French translations, Michel Bouissou
- German translations, Daniel Roethlisberger
--
Daniel Quinlan
http://www.pathname.com/~quinlan/
---------------------------------------------------------------------
To unsubscribe, e-mail: spamassassin-announce-unsubscribe@incubator.apache.org
For additional commands, e-mail: spamassassin-announce-help@incubator.apache.org