Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

perl-Mail-SpamAssassin-3.4.6-71.2 RPM for noarch

From OpenSuSE Ports Tumbleweed for noarch

Name: perl-Mail-SpamAssassin Distribution: openSUSE:Factory:zSystems
Version: 3.4.6 Vendor: obs://
Release: 71.2 Build date: Mon Oct 18 03:18:02 2021
Group: Development/Libraries/Perl Build host: s390zl22
Size: 4113413 Source RPM: spamassassin-3.4.6-71.2.src.rpm
Summary: Perl Modules For Using Spamassassin Within An Own Perl Script
This package contains the perl modules for the spamassassin, including
the filter rules. This package is required for the package
"spamassassin", the commandline tool.






* Thu Sep 09 2021 Peter Varkoly <>
  - spamassassin: sa-update.timer does not work
    Remove sence less SPAM_SA_UPDATE
    Document how to use sa-update.service
* Tue Apr 13 2021 Arjen de Korte <>
  - update spamassassin to 3.4.6
    * Fixed URIDNSBL not triggering meta rules
    * Fix false positive in T_KAM_HTML_FONT_INVALID on CSS color !important
* Wed Mar 24 2021 Arjen de Korte <>
  - update spamassassin to 3.4.5
    * In this release, there are bug fixes for one CVE:
      CVE-2020-1946 for Malicious rule configuration (.cf) files can
      be configured to run system commands (boo#1184221)
    * Improvements to OLEVBMacro and AskDNS plugins
    * Received and EnvelopeFrom headers matching improvements
    * userpref SQL schema fixes
    * rbl and hashbl evaluation improvements
    * fix for non working TxRep tag names
    * man page fixes
  - Update download links
* Fri Feb 12 2021 Pedro Monreal <>
  - Relax the crypto policies for the test-suite. This will allow the
    tests that use certificates with small key lengths to pass.
* Wed Dec 23 2020 Arjen de Korte <>
  - Require perl(Mail::SpamAssassin) instead of perl-spamassassin
  - Don't use BerkeleyDB (not even for unit test)
  - Don't use is_opensuse conditional
* Sat Dec 19 2020 Thorsten Kukuk <>
  - Move spamc into an own sub-package to avoid the full spamassassin
    installation on every client if there is a spamd server
* Thu Dec 17 2020 Arjen de Korte <>
  - Compile rules in %post if Perl and/or spamassassin version changed
    and SPAM_SA_COMPILE=yes
  - Enable test (add basic-lint-without-sandbox.patch)
  - Ignore known warnings (add spamassassin-rpmlintrc)
* Wed Jan 29 2020 Arjen de Korte <>
  - update spamassassin to 3.4.4
    * In this release, there are bug fixes for two CVEs:
      CVE-2020-1931 for Nefarious rule configuration (.cf) files can
      be configured to run system commands with warnings.
      CVE-2020-1930 for Nefarious rule configuration (.cf) files can
      be configured to run system commands with sa-compile.
    * Improvements to OLEVBMacro
    * Fix for CRLF handling with SpamAssMilter & DKIM
    * Small fix for a regexp to provide Perl 5.8.x compatability again
    * Increased fns_extrachars default value to 50
    * Fixed nosubject and maxhits tflags when sa-compile is used
    * Limited the Bayes parsed token count
    * Improvements to whitespace trimming
* Sat Dec 14 2019 Arjen de Korte <>
  - remove old (compiled) rules in /var/lib/spamassassin directory
    after package upgrade and remove entirely upon package removal
  - add BuildRequires for perl(Archive::Zip) and perl(IO::String)
* Thu Dec 12 2019 Arjen de Korte <>
  - update spamassassin to 3.4.3
    * There is one new plugin (disabled by default)
      OLEVBMacro - Detects both OLE macros and VB code inside Office
    * Two CVE security bug fixes are included in this release
      CVE-2019-12420 for Multipart Denial of Service Vulnerability
      CVE-2018-11805 for nefarious CF files can be configured to
      run system commands without any output or errors
    * Safer and faster scanning of large emails using
      body_part_scan_size and rawbody_part_scan_size settings.
    * New tflag "nosubject" for 'body' rules, to stop matching the
      Subject header which is part of the body text.
    * Security updates include deprecation of the unsafe sa-update
      '--allowplugins' option, which now prints a warning that
      '--reallyallowplugins' is required to use it.
* Tue Dec 10 2019 Dirk Stoecker <>
  - Increase maximum size for spampd to 7168
* Sat Nov 09 2019 Arjen de Korte <>
  - Change architecture of perl modules to 'noarch'
* Fri Nov 08 2019 Arjen de Korte <>
  - Fix extraction command for default rules (proper fix for
    boo#911355, rather than a workaround)
  - Don't unconditionally run sa-update on spamd and spampd service
    start as this doesn't honor the settings in /etc/sysconfig/spamd
  - After running sa-update, only restart services if they were
    running before
  - Fix name in logging timed-sa-update (suse.cron-sa-update
    doesn't exist anymore)
* Sun Oct 27 2019 Arjen de Korte <>
  - update spampd to 2.53
    * Fix LMTP delivery with multiple recipients
    * Fix Warning for "Use of uninitialized value in string"
    update spampd to 2.52
    * Override Net::Server's HUP handling, just restart children
    * Add --version option to print information about SpamPD,
      Net::Server, SpamAssassin, and Perl.
    * Add warnings about using deprecated options.
    * Documentation updates and code cosmetics.
  - Update download links (add for spampd and iXhash2 sources)
  - Add source verification (add spamassassin.keyring)
  - Add %{perl_requires} for perl-Mail-SpamAssassin
  - Fix "PIDFile= references a path below legacy directory /var/run/"
    (change /var/run/ -> /run/)
  - Don't package README.SuSE which documents an init script that
    was never bundled boo#1068469
* Tue Jun 11 2019 Dominique Leuenberger <>
  - BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to
    shortcut the build queues by allowing usage of systemd-mini
* Wed Jan 16 2019 Jan Engelhardt <>
  - Reduce boilerplate generated by %service_*.
* Wed Jan 16 2019 Peter Varkoly <>
  - bsc#1115411 spamassassin: migrate from cron to systemd timers
  - Apply %license macro
* Tue Sep 18 2018 Arjen de Korte <>
  - update spamassassin to 3.4.2
    * There are four new plugins (disabled by default)
      HashBL - interface to The Email Blocklist (EBL)
      ResourceLimits - assure your spamd child processes do not exceed
      specified CPU or memory limit
      FromNameSpoof - detection of the From:name field being used to
      Phishing - finds uris used in phishing campaigns detected by
      OpenPhish ( or PhishTank
      ( feeds
    * For security reasons SSLv3 support has been removed from spamc(1).
    * Four CVE security bug fixes are included in this release for and the SA core: CVE-2017-15705, CVE-2016-1238,
      CVE-2018-11780 & CVE-2018-11781.
    * In sa-update script, optional support for SHA-256 / SHA-512 in
      addition to or instead of SHA1 has been added for better validation
      of rules.
    * GeoIP2 support has been added to RelayCountry and URILocalBL plugins
      due to GeoIP legacy API deprecations.
    * several new or enhanced configuration options
  - update spampd to 2.51
    * Replace IO::Socket::INET with IO::Socket::IP for IPv6 support
    * Unix ports (ability to listen on UNIX sockets)
    * Add X-Envelope-* headers before Received
    * Add /usr/local/bin and /usr/local/sbin to PATH
    * Add --setsid option to start server with setsid if running in
  - Removed patches (are now in upstream):
    * 0001-bug-7361-Allow-building-against-OpenSSL-1.1.0.patch
    * 0001-Fix-bug-7367-Don-t-assume-cwd-.-is-in-INC-it-may-be-.patch
    * DNS-resolver-recursion-desired-not-set.patch
    * spamassassin-dont_use_SSLv3_methods.patch
    * spampd-2.42_git_20170226.patch
    * Unescaped_left_brace_in_regex_is_deprecated.patch
* Mon Sep 17 2018 Arjen de Korte <>
  - Revert incompatibility-with-NET-DNS.patch (this patch attempts to
    fix a problem that was already solved by bsc#1059210)
* Thu Sep 13 2018
  - bsc#1107765 - spamassassin: incompatibility with Net::DNS >= 1.01
    - Add upstream patch:
* Sun Sep 09 2018
  - bsc#1069831 Running sa-update from spamassassin gives warning
    about deprecated regex
    o remove deprecated-regex.patch and apply upstream patch:
    This patch also fixes the bug PerMsgStatus Warning
* Mon Feb 19 2018
  - bsc#1069831 Running sa-update from spamassassin gives warning about deprecated regex
    o add deprecated-regex.patch
* Thu Jan 18 2018
  - bsc#1059210 spamassassin perl dns resolver recursion desired not set
    o add DNS-resolver-recursion-desired-not-set.patch
* Mon Dec 11 2017
  - Replace %__-type macro indirections.
    Replace old $RPM_ shell variables.
* Thu Nov 23 2017
  - Replace references to /var/adm/fillup-templates with new
    %_fillupdir macro (boo#1069468)
* Tue Nov 21 2017
  - Update umask in cronjob (boo#861539)
  - Make sure that spamd can start (boo#961291)
* Wed Aug 30 2017
  - Add support for building with OpenSSL 1.1 (bsc#1055252)
    * add 0001-bug-7361-Allow-building-against-OpenSSL-1.1.0.patch
    * add spamassassin-dont_use_SSLv3_methods.patch
  - Fix build with Perl 5.26
    * add 0001-Fix-bug-7367-Don-t-assume-cwd-.-is-in-INC-it-may-be-.patch
* Sun Feb 26 2017
  - SPAMPD: add spampd-2.42_git_20170226.patch - support IPv6 with IO::Socket::IP
  - Drop old init system support (systems before 12.x)
* Mon Feb 20 2017
  - Don't call/require insserv if we use systemd
* Tue Jan 12 2016
  - use service command to restart spamd and amavis (boo#961279)
* Sun Nov 29 2015
  - change default spampd settings to properly support IPv6 and allow larger SPAM
* Wed Aug 26 2015
  - disable again "make test" (seems not to like being run offline)
* Thu Jul 09 2015
  - update to 3.4.1
    * new plugins (disabled by default)
      TxRep -substantially improved replacement of AWL plugin
      PDFInfo - help detecting spam with attached PDF files
      URILocalBL - new rule test types for URIs in html message parts
    * several new or enhanced configuration options, e.g.:
      normalize_charset - reimplemented, see Mail::SpamAssassin::Conf
      bayes_token_sources - more control on sources of tokens for Bayes plugin
    * internal change, probably only affecting 3rd party plugins:
      Util::RegistrarBoundaries is being replaced by RegistryBoundaries
    * rule updates, improvements, optimizations, bug fixes
  - patch-utf8 removed, cf.
  - re-enable "make test" for 13.2 and up
* Mon Feb 02 2015
  - Enable reload in unit files (boo#915736)
* Tue Jan 06 2015
  - Fix for boo#911355
  - Don't install init files when service files are installed
  - Create symlinks for rcspamd and rcspampd when systemd is used
  - Remove unnecessary cleanup section from spec files
* Fri Aug 01 2014
  - bnc#889004 - Package 'spamassassin' contains 'SuSE' spelling in a filename and/or SPEC file
* Mon Jul 07 2014
  - make init scripts executable to fix build
* Tue Feb 25 2014
  - Use perl(IO::Socket::IP) only for openSUSE 12.2+, because it requires
    a version minimum version of perl(IO::Socket) of 1.97 which is not available.
    Spamassassin will fallback to use perl(IO::Socket::INET6) or
    perl(IO::Socket::INET) instead.
* Thu Feb 13 2014
  - Update to 3.4.0
    o DNS queries generated by SpamAssassin now enable option EDNS0 in query
      packets and specify a buffer size of 4096 bytes by default.
    o A default setting for option 'dns_available' was changed from 'test' to
      'yes' (bug 6770, bug 6769), so SpamAssassin now assumes by default that
      it is running on a host with an internet connection and a working DNS resolver.
    o The sa-update program now avoids repeatedly downloading same rules if
      subsequent unpacking of rules and updating fails. Documented in bug 6655.
    o Several incompatibilities with newer versions of a perl module Net::DNS
      as used by sa-update and by the SpamAssassin library were fixed.
    o A perl module Razor agent clobbers entropy of a random number generator by
      re-initializing the generator on every call. The SpamAssassin Razor plugin
      now provides a workaround, preserving entropy across calls to Razor2 agent.
    o Redis database backend for a Bayes database
    o Improved support for IPv6
    o New command-line options:
    - -listen (or -i), spamd
      Can be specified multiple times and allows spamd to accept requests
      over multiple INET (IPv4) or INET6 (IPv6) or UNIX sockets.
    - X (or --unavailable-tempfail), spamc
      Allows return EX_TEMPFAIL instead of EX_UNAVAILABLE when using option -x.
    - 4 and -6 were added to programs spamassassin, spamd, spamc, and sa-update.
    - v or --verbose,  sa-update
      Can now take multiple -v or --verbose options to increase verbosity.
    - -max-size, sa-learn
    o New configuration options
    - Plugin/URIDNSBL: new tflags options 'a' and 'ns' were introduced. They are
      documented in the Mail::SpamAssassin::Plugin::URIDNSBL POD or man page.
    - Plugin/AutoLearnThreshold: new option autolearn_force was added. It is
      documented in the Mail::SpamAssassin::Plugin::AutoLearnThreshold POD or
      man page.
    - Plugin/ASN: new options asn_prefix and clear_asn_lookups were added.
      They are documented in Mail::SpamAssassin::Plugin::ASN POD or man page.
    - ArchiveIterator has new options opt_max_size and opt_from_regex. They are
      documented in Mail::SpamAssassin::ArchiveIterator POD or man page.
    - A new tag (macro) _RULESVERSION_ was added. It expands to a comma-separated
      list of rules versions, retrieved from an '# UPDATE version' comment in
      rules files and can be used in an 'add_header' configuration setting.
      The following new options, as implemented by various plugins or by
      other modules, are all documented in the Mail::SpamAssassin::Conf POD
      or man page:
    - Plugin/WLBLEval: new configuration options were added: enlist_uri_host,
      delist_uri_host, with shorthands blacklist_uri_host and whitelist_uri_host
      and an associated eval rule check_uri_host_listed.
    - Configuration options dns_query_restriction (allow|deny) and
      clear_dns_query_restriction were added (bug 6884).
    - A 'dns_options' setting accepts new sub-options 'dns0x20' and 'edns'.
    - Added option 'dns_server' which specifies an IP address of a recursive
      DNS server (i.e. DNS resolver) and optionally its port number.
    - Added options dns_local_ports_permit, dns_local_ports_avoid and
      dns_local_ports_none to control source port local ranges available to
      DNS queries
    - Added the following sub-options to the tflags setting: autolearn_force,
      maxhits=N, ips_only, domains_only, a, ns.
    - The option whitelist_from_rcvd can now take an IP address as its second
      argument (instead of a domain name), which can be useful for whitelisting
      a sending mailer which has no reverse DNS mapping.
    o New plugins
      A new plugin AskDNS was introduced.
* Fri Jan 31 2014
  - set default homedir to override invalid default in spampd file
* Sun Dec 08 2013
  - update spampd to version 2.42 (GIT version)
* Thu May 30 2013
  - Do not use or Requires in systemd units.
* Sat May 25 2013
  - increase maximum message size from 250 to 512 KB for spampd, as SPAM message size increased a lot
* Wed Mar 27 2013
  - remove 'BuildRequires: perl-macros' from spec file, because perl
    included in openSUSE > 1210 deprecates perl-macros which causes a
    build failure.
* Mon Feb 25 2013
  - Install spamd.service and spampd.service accordingly (/usr/lib/systemd
    for 12.3 and up or /lib/systemd for older versions).
* Wed Sep 26 2012
  - replace iXhash with the inofficial, but recommended, version iXhash2
* Wed Jul 11 2012
  -  768582 - suse.cron-sa-update should allow to restart spamd after a successful run of sa-update
* Tue Jul 03 2012
  - killproc can not stop spamd
* Tue Jun 26 2012
  - Add systemd service files for spamd and spampd
    bnc#768581 - rcspamd stop doesn't terminate spamd
* Tue Dec 20 2011
  - bnc#737637 - IPv6 support in spamassassin not functional
* Thu Oct 06 2011
  - bnc#720220 - spampd, installed by pkg:spamassassin, FAILs to launch,
    uses non-existent/un-installed 'user'
* Fri Sep 16 2011
  - fix perl requires
* Fri Jun 24 2011
  - update to 3.3.2:
    * various fixes, fix support with perl 5.12
  - remove upstreamed patches
* Wed Apr 20 2011
  - Fix the sa-update cronjob
* Sun Apr 10 2011
  - bnc#676667 - sa-update cronjob should allow amavisd restart
* Wed Dec 01 2010
  - switch to perl_requires macro
* Fri Nov 12 2010
  - bnc#650645 - Spamassassin Bug 6392
* Wed Oct 13 2010
  - fix build
    o mkdir /etc/cron.daily ->
      {__install} -d $RPM_BUILD_ROOT/etc/cron.daily/
    o removed from filelist
      dir /etc/cron.daily/ (provided by filesystem)
* Fri Oct 08 2010
  - Add script to call sa-update
* Wed Oct 06 2010
  - add missing requires for spampd
* Thu Jun 24 2010
  - Update the rules
  - Fix the spec file
  - bnc#582111 - Spamassassin. spamd doesn't start.
* Thu Apr 01 2010
  - update sa to 3.3.1
  - update rules to 3.3.1.r923257
  - cleanup spec
    o removed comments
  - added deprecated patch for suse_version > 1120 (perl 5.12)
    o used stuff from combo patch
  - added MIMEEval patch
* Sun Mar 21 2010
  - added perl-Net-Ident for Build/Recommends
  - fix build for SLE_10
* Sat Mar 20 2010
  - bzipped Source Mail-SpamAssassin-rules...
  - removed patch4
    o Mail-SpamAssassin-3.2.5.diff
  - build with ssl support
    o ENABLE_SSL="yes"
  - renamed subpackages
    o perl-spamassassin > perl-Mail-SpamAssassin
    o new sub package perl-Mail-SpamAssassin-Plugin-iXhash
  - fixed deps
    o moved most deps over to perl-Mail-SpamAssassin
  - some rpmlint fixes
    o wrong-file-end-of-line-encoding {IXHASH}/CHANGELOG
    o fix build without RPM_OPT_FLAGS
* Fri Mar 19 2010
  - cleanup spec
    o sort TAGS
    o redefine SOURCES
    - added iXhash-1.5.5.tgz
    - added spampd-2.20.tar.gz
    - removed
    - removed spampd
    o macros
    - added perl-macros
    o cleanup install section
* Fri Mar 19 2010
  - updated iXhash module to 1.5.5
    - iXhash is now a sourceforge project (
* Thu Mar 18 2010
  - added original SOURCES
    o spampd-2.20.tar.gz
  - renewed Mail-SpamAssassin-3.3.0.tar.bz2
    o wget Mail-SpamAssassin-3.3.0.tar.gz + bznew
  - some spec mods
    o macros {__make}, {__install} ...
    o perl_make_install
    o added check
  - some rpmlint fixes
    o invalid-suse-version-check 1120
* Wed Mar 17 2010
  - update to 3.3.0
  - add ixHash module (not activated by default)
  - add additional spampd tool
    - better performance than spamd
  - fixed deps
    - added perl-NetAddr-IP
  - fixed Summary
* Sun Jan 03 2010
  - apply rules update (bnc#567849)
* Thu Dec 24 2009
  - fix install
* Tue Nov 10 2009
  - bnc#551880 – spamassassin package should require re2c
  - bnc#552035 – install of spamassassin corrupts /etc/sysconfig/spamd
* Mon Jan 26 2009
  - no reason to hide the init-script from !root
* Fri Nov 07 2008
  - (bnc#440529) - spamd init-script should support reload
* Wed Sep 10 2008
  - (bnc#420649) - rcspamd restart is broken
* Tue Jul 01 2008
  - update to 3.2.5
    * bug 5775: newer gpg versions require keys to be cross-certified (backsig).
    * bug 5899: add perl version string to the storage area for compiled rulesets,
      to avoid crashes when perl is upgraded between major versions (e.g perl 5.8.x to 5.10.0) and the ABI breaks
    * bug 5496, bug 5910: clear some FORGED_MUA_OUTLOOK false positives, particularly
      on the new-format Message-ID generated by the Outlook Express version used in Windows XP service pack 3
    * bug 5730: when using Postgres >= 8.1.0 with Bayes, this error occurs:
      'WARNING:  nonstandard use of \ in a string literal at character'.
    * bug 5769: fix 'sa-compile: eval failed: Can't find label NO' error, caused
      in rare circumstances when sa-compile attempted to deal with rules written using 'replace_rules' features
    * bug 5858: fix circular reference memory leak caused by some messages
    * bug 5815: update 2TLD list to include .rs CCTLD
    * bug 4706: remove HG_HORMOME rules due to poor performance
    * bug 5835: typo in POD docs for SPF plugin; thanks to Benny Pedersen for fix
    * bug 5839: a missing or failed eval rule function could mistakenly count as a rule hit, fixed
    * trivial bugfix for the VBounce ruleset: __BOUNCE_FROM_DAEMON incorrectly used + instead of *,
      so some From addresses were not being recognised as bounce senders
* Tue Jan 08 2008
  - update to 3.2.4:
    * bug 5599: allow load distribution of SA nameserver queries across all
      nameservers listed in resolv.conf, using 'dns_options rotate'. thanks to
      Pawel Sasin <hannibal /at/>
    * bug 5673: 'ALL' header was including spurious extra spaces between header
      names and values.  fix
    * bug 5594: several major sa-compile fixes.  major increase in overall speed;
      cache results between runs to further increase speed; and fix a danger of
      massive memory usage
    * bug 5556: fix a variety of sa-compile portability issues, and support for
      5.6.x perls
    * bug 5514: make 'score set for a non-existent rule' a debug message, instead
      of a lint warning, since it's a very frequent FAQ
    * bug 5493: sa-compile fails to correctly deal with escaped backslashes.  fix
    * bug 5672: remove DNS_FROM_SECURITYSAGE (DNSBL lookups against due to unreliability
    * bug 5476: update Bonded Sender (now Sender Score Certified) rules, and add
      a rule for their strictly-confirmed-opt-in-required zone
    * bug 5538: remove FORGED_MUA_AOL_FROM and FORGED_AOL_TAGS entirely; they're
      obsolete, given the current capabilities of AOL mail user agents
    * bug 5632: remove all DNSBL lookups, site seems to have
      disappeared without warning
    * bug 5715: allow for more than one sa-update MIRRORED.BY file host in DNS,
      for redundancy
    * bug 5662: DKIM changes: recognize author signature and multiple signatures
      for whitelisting (with Mail::DKIM 0.29); disable useless
      "check_dkim_signsome"; new eval rules "check_dkim_valid_author_sig" and
      "check_dkim_valid" (an alias for a "check_dkim_verified" misnomer); new
      tags _DKIMIDENTITY_ and _DKIMDOMAIN_; updated terminology; verification
      speedup with Mail::DKIM 0.30 (or its pre-releases)
    * bug 5696: sa-compile: cut regexp base strings at Unicode high codepoints,
      to avoid corruption of patterns containing UTF-8
    * bug 5637: bayes_file_mode is handled incorrectly when creating bayes.mutex,
      resulting in incorrect permissions on that file; fix by Mihaly Barasz
    * bug 5612: DB_File version 4.2.x has a bug that loops infinitely if files
      named '__db.{filename}' are present; work around.  thanks to J. Nick Koston
      for the report and fix
    * bug 5606: too-early init_learner() call causes root's user prefs file to be
      read when spamd is started; this is inappropriate. fix
    * bug 4179: if allow_user_rules is 1, user rules are not unique to each user;
      one user's user rules can appear in later scans for other users that are
      run using the same spamd process. fix
    * bug 5680: ALL_TRUSTED can fire if a trusted MSA or webmail system receives
      the message from an untrusted X-Originating-IP: header. fix
    * bug 5626: in the 'spamassassin' script, install a signal handler for
      SIGHUP, SIGINT, SIGTERM and SIGPIPE to ensure that temporary files are
    * bug 5557: some temporary files are left not cleaned up on Windows; fix
    * bug 5661: speed up Bayes SQL queries by allowing the use of indexes when
    * bug 5611: support 'spamd --nouser-config -u username', which setuids to
      'username' but does not read user_prefs files from anywhere
    * bug 5665: spamd may fail to notice that a child has completed exiting, and
      keeps in the child list in state 'K', eventually filling up the child list
      with 'ghost' children.  fix
    * bug 5735: spamc should allow retry_sleep 0
    * bug 5728: spamd: require -u with --sql-config or --ldap-config
    * bug 5682: remove FH_HOST_ALMOST_IP, FH_HOST_EQ_D_D_D_D, due to false
      positives and redundancy with RDNS_DYNAMIC; remove FH_HOST_EQ_D_D_D_DB due
      to no hits
    * bug 5681: look up IP addresses found in 'X-Yahoo-Post-IP' and 'X-SenderIP'
      headers, too, thanks to Martin Blapp
    * Bug 5589: Refined async events handling and DNS lookup completions
    * bug 5586: RDNS_NONE has false positives if the MTA doesn't put the hostname
      in the Received header, like Communigate Pro. add an exception for this
    * bug 5748: fix locale problem with use of external sort in sa-compile
* Sun Aug 12 2007
  - update to 3.2.3:
    * bug 5574: fix new setuid code to work with perl 5.6.1, and to support DCC and
    Pyzor in all releases of perl
    * bug 5107: change default 'user_scores_ldap_username' to be the null string,
    allowing anonymous binding; fix 'schema' syntax error in LDAP config support
    * zeroing an 'eval' rule's score did not stop it running.  fix, thanks to
    Richard Birkett <richard+spamassassin at>
    * bug 5571: allow for new message ID format we have seen from Vista or Windows
    2003 Server MAPI to avoid false positives
    * bug 5397: RDNS_DYNAMIC should never fire on a PTR with 'static' in it; thanks
    to Martin Blapp <mbr at>.  bug 5563: RDNS_DYNAMIC rules use
    order-dependent fields where it is unsafe to depend on this, fix.  bug 5564:
    __RDNS_DYNAMIC_IPADDR does not hit all of its test patterns, fix.
    * bug 5475: fix FORGED_MUA_AOL_FROM to allow <*@{aol,cs}.*> addresses instead
    of just <*@{aol,cs}.com>
* Thu Aug 02 2007
  - update to 3.2.2:
    * bug 5548: Certain mail input can take a long time to scan with 100% CPU
    utilisation, due to backtracking in a rule's regexp. fix
    * bugs 5510, 5518, 5529: fix 'make test' when running as root, needed for CPAN
    * bug 5419: kill -HUP of pidof spamd causes the ps name to change from spamd
    to perl. fixed
    * bug 5535: 'make test' errors in Windows caused by nonportable use of
    * bug 5462: multiple DNS records for a host name should allow use of spamd -H
    for load balancing installs to work
    * bugs 5509, 5511: fix network lookup timeouts, where lookups were being lost
    once a timeout was hit; also fix code to match documentation on
    rbl_timeout's scaling and minimum duration of 1 second; and attempt to
    collect already-received DNS responses when the timeout is reached; improve
    related debugging output. Thanks to Mark Martinec
    * bugs 5412, 5478, 5522: Fix problems using the spamc -x option with certain
    other options; 'spamc -x -R' always returned 0, instead of the exit code, on
    error.  Bug 5478: in addition, 'spamc -x -e /command' would still run the
    command, even if errors meant that the filtered text would be unavailable,
    which contradicted -x.
    * bug 5445: body eval tests defined in user_rules cause ugly 'Subroutine
    _eval_tests_type11_prineg400_set3 redefined' warnings
    * bug 5355: add in new entries for RegistrarBoundaries
    * bug 5515: & can not build without -fPIC, but
    we were picking up the wrong CFLAGS to do this.
    * bug 5501: zero score for FH_HAS_XID
    * bug 5449: allow_user_rules causes sa-compile / Rule2XSBody plugin to emit
    spurious warnings; fix.  also, add a new 'user_conf_parsing_end' plugin
    hook, which is called after the per-user configuration is parsed
    * bug 5182: update the sa-learn doc to mention that -u is only usable w/ sql
    * bug 5534: fix harmless-but-ugly C compiler warning in sa-compile
* Thu Jul 26 2007
  - #278626 - SpamAssassin + Mailman + The Bat! = false positive
* Thu Jun 14 2007
  - UPDATE to version 3.2.1
  - bug 5480: fix for CVE-2007-2873: a local user symlink-attack DoS
    vulnerability. It only affects systems where spamd is run as root, is used
    with vpopmail or virtual users via the "-v"/"--vpopmail" OR
    "--virtual-config-dir" switch, AND with the "-x"/"--no-user-config AND
    WITHOUT the "-u"/"--username" switch AND with the "-l"/"--allow-tell" switch.
    This is not default on any distro package, and is not a common configuration.
    More details of the vulnerability can be read at
  - bug 5488: zero some rules causing false positives: FH_HOST_EQ_D_D_D_DB and
  - bug 5257: re-raise autolearn ham threshold to 1.0; the lower value
    used in 3.2.0 was creating problems.
  - bug 5422: in spamd, deleting hash entries from the SIGCHLD signal handler is
    unsafe, causes corruption of the data structure, and results in 'prefork:
    ordered child N to accept, but they reported state '1', killing rogue'
    errors.  fix.
  - bug 5102: tighten up regexp for FORGED_HOTMAIL_RCVD to avoid some FPs.
  - bug 5457: spamc build and test should handle not having zlib available.
  - bug 5379: spamd could crash at startup if its preloading temporary directory
    already exists. fix.
  - bug 4616: spamc config can cause command line options to be ignored. fix.
  - bug 5485: zero score DK/DKIM_POLICY_SIGNSOME rules since they'll always fire
    due to defaults (unless there's an explicit SIGNALL policy).
  - bug 5492: VBounce rule was looking in header instead of body for whitelisted
    relays. fix.
  - bug 5487: prevent multiple "urirhssub"s using the same zone from overwriting
    each other.
  - bug 5432 - Change default in Win32 build to not build spamc.
  - bug 5446: add --updatedir option to sa-compile and remove inaccurate re2c
    required version info from pod.
  - bug 5436: add omitted "ifplugin" statements to the configuration, which would
    otherwise cause lint errors if the default plugins were disabled.
  - bug 5477: prevent Rule2XSBody info message from appearing on stderr during
    spamd startup.
* Thu May 03 2007
  - update to 3.2.0
      Summary of major changes since 3.1.8
    - -----------------------------------
      Changes to the core code:
    * new behavior for trusted_networks/internal_networks: the 127.* network
      is now always considered trusted and internal, regardless of configuration.
    * bug 3109: short-circuiting of 'definite ham' or 'definite spam' messages
      based on individual short-circuit rules using the 'shortcircuit' setting,
      by Dallas Engelken <dallase /at/>.
    * bug 5305: implement 'msa_networks', for ISPs to specify their Mail Submission
      Agents, and extend network trust accordingly.
    * bug 4636: Add support for charset normalization, so rules can be written
      in UTF-8 to match text in other charsets.
    * sa-compile: compilation of SpamAssassin rules into a fast parallel-matching DFA,
      implemented in native code.
    * "tflags multiple": allow writing of rules that count multiple hits in a single message.
    * bug 4363: if a message uses CRLF for line endings, we should use it as well,
      otherwise stay with LF as usual; important for Windows users.
    * bug 4515: content preview was omitting first paragraph when no Subject: header was present.
    * The third-party modules used by sa-update are now required by the SpamAssassin package,
      instead of being optional.
    * Bug 5165: 'sa-update --checkonly' added to check for updates without applying them;
      thanks to <anomie /at/>
    * Bugs 4606, 4609: Adjust MIME parsing limits for nested multipart/* and message/rfc822 MIME parts.
    * bug 5295: add 'whitelist_auth', to whitelist addresses that send mail using
      sender-authorization systems like SPF, Domain Keys, and DKIM
    * Removed dependency on Text::Wrap CPAN module.
    * Received header parsing updates/fixes/additions.
      Spamc / spamd:
    * bug 4603: Mail::SpamAssassin::Spamd::Apache2 -- mod_perl2 module, implementing spamd
      as a mod_perl module, contributed as a Google Summer of Code project by Radoslaw Zielinski.
    * bug 3991: spamd can now listen on UNIX domain, TCP, and SSL sockets simultaneously.
      Command-line semantics extended slightly, although fully backwards compatibly;
      add the --ssl-port switch to allow TCP and SSL listening at the same time.
    * bug 3466: do Bayes expiration, if required, after results have been passed back
      to the client from spamd; this helps avoid client timeouts.
    * more complete IPv6 support.
    * spamc: Add '-K' switch, to ping spamd.
    * spamc: add '-z' switch, which compresses mails to be scanned using zlib compression;
      very useful for long-distance use of spamc over the internet.
    * bug 5296: spamc '--headers' switch, which scans messages and transmits back just rewritten headers.
      This is more bandwidth-efficient than the normal mode of scanning, but only works for 'report_safe 0'.
    * Bump spamd's protocol version to 1.4, to reflect new HEADERS verb used for '--headers'.
      Mail::SpamAssassin modules and API:
    * bug 4589: allow M::SA::Message to use IO::File objects to read in message (same as GLOB).
    * bug 4517: rule instrumentation plugin hooks, to measure performance,
      from John Gardiner Myers <jgmyers /at/>.
    * add two features to core rule-parsing code; 1. optional behaviour to recurse through subdirs
      looking for .cf/.pre's, to support rules compilers working on rulesrc dir.  2. call back
      into invoking code on lint failure, so rule compiler can detect which rules exactly fail the lint check.
    * bug 5206: detect duplicate rules, and silently merge them internally for greater efficiency.
    * bug 5243: add Plugin::register_method_priority() API, allowing plugins to control the relative
      ordering of plugin callbacks relative to other plugins' implementations.
    * Reduced memory footprint.
    * bug 5236: Support Mail::SPF replacement for Mail::SPF::Query.
    * bug 5127: allow mimeheader :raw rules to match newlines and folded-header whitespace
      in MIME header strings.
    * bug 4770: add plugin, contributed by Matthias Leisi <matthias at>
    * bug 5271: move ImageInfo ruleset into 3.2.0 core rules, thanks to Dallas Engelken <dallase /at/>.
    * VBounce ruleset and plugin: detect spurious bounce messages sent by broken mail systems
      in response to spam or viruses.  (Based on Tim Jackson's "" ruleset.)
    * DomainKeys/DKIM: Mail::DKIM is now preferred over Mail::DomainKeys, since the latter module
      is no longer actively maintained, and Mail::DKIM can handle both DomainKeys and DKIM signatures.
    * DKIM: separate signature verification from fetching a policy: can save a DNS lookup for each
      unverified message by setting score to 0 for all policy-related rules (DKIM_POLICY_SIGNALL,
      DKIM_POLICY_SIGNSOME, and DKIM_POLICY_TESTING). (thanks to Mark Martinec)
    * DKIM: support testing flags in the public key, as well as in the policy record. (thanks to Mark Martinec)
    * DKIM: skip fetching a policy (SSP) if a signature does verify, according to draft-allman-dkim-ssp-02
      (thanks to Mark Martinec)
    * Move rule functionality and checking into separate Check plugin, allowing third parties
      to implement alternative scanner core algorithms.
    * core EvalTests code moved into various plugins.
    * Plus lots of miscellaneous bug fixes.
* Fri Apr 20 2007
  - removed bad /tmp usage.
* Wed Mar 28 2007
  - #249652 - spamassassin missing dependencies
* Mon Feb 19 2007
  - update to 3.1.8:
    * fix for CVE-2007-0451: possible DoS due to incredibly
      long URIs found in the message content.
    * disable perl module usage in update channels unless
    - -allowplugins is specified
    * files with names starting/ending in whitespace weren't usable
    * remove Text::Wrap related code due to upstream issues
    * update spamassassin and sa-learn to better deal with STDIN
    * improvements and bug fixes related to DomainKeys
      and DKIM support
    * several updates for Received header parsing
    * several documentation updates and random taint-variable related
* Fri Feb 09 2007
  - fixing: Bug 225248 - Problem in SpamAssassin: if spamassassin configuration
    is stored in postgresql the search in the table userpref delivers
    results in wrong order.
  - fixing: Bug 218272 - SpamAssassin URIDNSBL plugin tries to lookup
    libraries (,, ...) via nameserver
* Fri Dec 22 2006
  - Enhancing for the plugin Mail::SpamAssassin::Plugin::URIDNSBL
    to skip the novell and suse domains from spam checks and to give
    examples for problems like #218272 "SpamAssassin URIDNSBL plugin tries to
    lookup libraries (,, ...) via nameserver"
* Mon Dec 04 2006
  - update to "hot-fix" 3.1.7:
    * fix sa-update failure when rule scores ae set
* Wed Nov 15 2006
  - fixing bug: 215722 BUG in archive (SpamAssassin)
* Mon Oct 09 2006
  - update to version 3.1.6: This is a maintenance release of the 3.1.x branch.
    * fixes to bug in date handling affecting DATE_IN_FUTURE_*
    and DATE_IN_PAST_* rules when more than one Resent-Date header is
    * include local site config in sa-update lint checks
    * fix race condition in spamd preforking code that sometimes left
      one child process running after SIGHUPing spamd
    * unescape hash characters in the config
    * fix false SPF_SOFTFAIL's when SPF queries timeout
    * update RCVD_ILLEGAL_IP evaltest to properly deal with 127/8
    * enable adding headers with single digit zero value
    * add support for ecelerity Received headers
    * fix a bug, introduced in 3.1.5, in mbx code
    * M::SA::Client doesn't always catch failed connection
      to spamd, fixed
* Sun Aug 06 2006
  - update to version 3.1.4:
    * bug 4941: if the first sa-update run failed and wasn't re-run to successful
    completion, the local state directory would exist, and therefore SA sees no
    rules.  now, wait as long as possible to create the directory, and try to
    remove it on failure.
    * bug 4997: increase module version requirements for Archive::Tar to 1.23 and
    IO::Zlib to 1.04
    * bug 4966: fix major BSMTP bug, which rendered SA unusable with exim4 when
    BSMTP is used.
    * bug 4899: Windows had issues with single quotes around filenames so certain
    things like pyzor, etc, wouldn't function.
    * bug 4958: sa-update should work on Windows
    * bug 4908: gtube.t test failed in non-english locales
    * bug 4488: deal with potential memory leak due to Bayes and BayesStore
    circular references
    * bug 4862: update macro values in update channels
* Thu Jun 22 2006
  - remove selfprovides
* Fri Jun 09 2006
  - * Fixing Requiers tag in spec file
      The missed packages are: perl-libwww-perl and perl-IO-Zlib
* Tue Jun 06 2006
  - update to version 3.1.3:
    * #181157: VUL-0: spamassassin: remote root
    * 4879: add in pointer to the wiki to find out more about debug channels
* Mon May 29 2006
  - update to version 3.1.2:
    * bug 4802: implement DKIM plugin, including whitelist_from_dkim support
    * bug 3838: work around Perl bug causing captured RE variables to become
    tainted -- thanks to Mark Martinec for pointing out the bug with
    Perl itself
    * bug 4850: re-enable the Razor2 plugin by default due to a service
    policy change
    * bug 4826: Razor2 plugin needs to load Mail::SpamAssassin::Timeout module
    * bug 4827: M::SA::first_existing_path() would return the last array
    entry passed in if none of the paths were found.  Now return undef
    instead and handle the error when it happens.
    * bug 4813: generally open RE causes sendmail received header get read
    in as qmail in error
    * bug 4839: converts control chars including tab into
    underscores which confuses a bunch of users when checking debug output.
    Convert tab into space instead, etc.
    * bug 4884: if a null message is passed in, there are several variables
    which end up undefined causing warnings.  fake an empty message if no
    input is given.
    * bug 4793: when replacing tags in a message (_TAG_), leave the tags
    that don't exist alone instead of just removing them
    * bug 4861, 4760: handle dccifd and dccproc failover properly, backport
    relays_internal and relays_external code, backport bug 4760 fix so
    that it's not possible to be in internal_networks without being in
    trusted_networks as well
    * bug 4901: deal more properly with failures in bgsend().  also, use
    the proper variable to show when errors occur.
    * bug 4867: fetchmail changed header formats at some point making Received
    parsing fail in certain conditions
    * bug 4699: use M::SA::Timeout for spamd copy_config call and allow
    for empty $@ values
    * bug 3754: if there's a problem opening a file via sa-learn or
    spamassassin, return an error exit value.
* Fri Mar 17 2006
  - Adjust BuildRequires
* Tue Mar 14 2006
  - update to version 3.1.1:
    * bug 4760: strictly validate trusted network configurations
    * bug 4363: honor CRLF settings
    * bug 4748: Update rules to catch Google redirector
    * bug 4791: fix handling of invalid encoded utf8 messages
    * bug 4809: add TLD for Greece
    * bug 4606: Adjust MIME parsing limits (possible DoS)
    * bug 4795: Improved validation of the score option
    * fix fd leak in Bayes token DB handling
    * bug 4780: fix IP_ADDRESS & LOCALHOST IPv6 support
    * bug 4735: lack of network interfaces crashes in
    * bug 4700: prevent arbitrary code injection
    * bug 4704,4686,4627,4690: Fixed Received: headers parsing
* Wed Jan 25 2006
  - converted neededforbuild to BuildRequires
* Thu Jan 12 2006
  - fixing bug #138545
* Thu Jan 12 2006
  - fixing bug #141557
* Wed Oct 26 2005
  - bugfix for init-script: tell spamd to use a pidfile
* Fri Sep 16 2005
  - update to version 3.1.0
* Mon Aug 08 2005
  - fixed a license problem.
    See Bug #102221
* Thu Jun 23 2005
  - use RPM_OPT_FLAGS (for spamc).
* Wed Jun 08 2005
  - Update to version 3.0.4
* Mon May 02 2005
  - Update to version 3.0.3
* Fri Apr 22 2005
  - Bugfix ID#79285 - spamd: "short" description missing
* Wed Jan 12 2005
  - cleaned up build process, now properly using ExtUtils::MakeMaker
    following the PACKAGING readme
* Mon Dec 20 2004
  - Update to version 3.0.2
* Thu Nov 25 2004
  - removed superfluous line:
    test -d /root/.spamassassin || mkdir /root/.spamassassin
    from init script
* Tue Oct 26 2004
  - Update to version 3.0.1
  - specfile can now also be used on older SuSE Linux versions
* Thu Sep 23 2004
  - Update to version 3.0.0
* Fri Aug 06 2004
  - Upgraded to security / bugfix release 2.64. #43546
* Sat Mar 27 2004
  - added directory /etc/mail to filelist
* Tue Jan 27 2004
  - Update to version 2.63
* Sat Jan 03 2004
  - References to %version have to go below the Version: tag
* Wed Dec 31 2003
  - Update to version 2.61
* Sun Dec 07 2003
  - The perl-spamassassin version should be the same as the spam-
    assassin version.
* Sat Oct 18 2003
  - Not necessary to explicitly tell SA not to query Osirusoft
    blocklist anymore
* Fri Oct 17 2003
  - Don't build as root
  - Update to version 2.60
* Tue Oct 14 2003
  - Bugfix Bugzilla ID#32025, spamd is not started because of a bug
    in the init-script
  - Bugfix Bugzilla ID#31867, spamassassin -lint reports errors because
    of outdated configuration options
* Thu Sep 04 2003
  - Michael fixed MakeMaker PITA again
* Tue Sep 02 2003
  - Don't query Osirusoft blocklist anymore, see for more details.
    Bugzilla ID#29566
* Wed Aug 20 2003
  - require the perl version we build with
* Thu Aug 14 2003
  - Bugfix Bugzilla ID#28942:
    missing activation metadata in sysconfig template
* Wed Jul 30 2003
  - new macros for stop/restart of services on rpm update/removal
* Thu Jul 17 2003
  - use install_vendor and new %perl_process_packlist macro
* Tue Jul 01 2003
  - don't use PREFIX in 'perl Makefile.PL'
  - don't set LOCAL_RULES_DIR using %buildroot as prefix
* Tue Jun 17 2003
  - updated filelist
* Wed May 28 2003
  - Update to 2.55
* Tue May 13 2003
  - Update to 2.54
  - Move %defattr to cover all files
  - Remove unwanted files
* Sun Apr 06 2003
  - Update to version 2.53 which fixes some major bugs in earlier
    2.5x releases
* Fri Mar 28 2003
  - spamassassin and perl-spamassassin should not both own
* Tue Mar 25 2003
  - update to version 2.52
* Mon Mar 24 2003
  - use pid files in runlevel script (patch from Dirk Mueller #25767)
* Sun Mar 23 2003
  - adding perl-HTML-Parser to neededforbuild
* Fri Mar 21 2003
  - update to version 2.51
* Sun Mar 02 2003
  - Disabling HABEAS_HIL test turned out to be just a bandaid. It still
    stalls for longer periods, so add "-L" switch so it only performs
    local tests. Subsequently remove the score HABEAS_HIL 0 in
* Tue Feb 25 2003
  - Disable the HABEAS_HIL test (sender is on Habeas
      Infringer List) since it made each test last ~30 seconds.
  - Default-Start: should be "3 5" not ""
* Fri Feb 21 2003
  - update to version 2.50
    * fixing crash on x86_64 [#22015]
* Thu Feb 20 2003
  - Add sysconfig metadata [#22690]
* Mon Feb 03 2003
  - update to version 2.44
    * obsoletes security fix
* Wed Jan 29 2003
  - update to version 2.43
* Tue Jan 28 2003
  - remove off-by-one bo -> spamassassin-ob1-security.diff
* Tue Oct 15 2002
  - fixed requires typo
* Tue Oct 08 2002
  - add missing requires
  - update to version 2.42
* Tue Sep 17 2002
  - removed bogus self-provides
* Tue Aug 20 2002
  - Correct PreReq
* Mon Jul 29 2002
  - fixed neededforbuild for perl-5.8.0
* Fri Jul 12 2002
  - update to most recent version
  - added perl-Time-HiRes to requires
  - removed DOSWIN_EXECUTABLE patch
* Fri May 10 2002
  - Add rule to filter mails with files having names with DOS/Win
    suffixes (DOSWIN_EXECUTABLE), default score 4.6
  - Provide init script for spamd
  - Install READMEs as %doc
  - Move spamc/d/proxy/assassin man pages to spamassassin package
  - Configuration of spamd in sysconfig/spamd
* Wed May 08 2002
  - Update to version 2.20.
* Tue Apr 16 2002
  - fix file list (/usr/share/spamassassin)
    add more convenient defaults to /etc/mail/spamassassin/
* Tue Apr 09 2002
  - initial package, version 2.11.



Generated by rpm2html 1.8.1

Fabrice Bellet, Sun Jan 9 14:21:14 2022