head 1.82; access; symbols pkgsrc-2023Q4:1.82.0.4 pkgsrc-2023Q4-base:1.82 pkgsrc-2023Q3:1.82.0.2 pkgsrc-2023Q3-base:1.82 pkgsrc-2023Q2:1.81.0.6 pkgsrc-2023Q2-base:1.81 pkgsrc-2023Q1:1.81.0.4 pkgsrc-2023Q1-base:1.81 pkgsrc-2022Q4:1.81.0.2 pkgsrc-2022Q4-base:1.81 pkgsrc-2022Q3:1.80.0.2 pkgsrc-2022Q3-base:1.80 pkgsrc-2022Q2:1.79.0.6 pkgsrc-2022Q2-base:1.79 pkgsrc-2022Q1:1.79.0.4 pkgsrc-2022Q1-base:1.79 pkgsrc-2021Q4:1.79.0.2 pkgsrc-2021Q4-base:1.79 pkgsrc-2021Q3:1.77.0.4 pkgsrc-2021Q3-base:1.77 pkgsrc-2021Q2:1.77.0.2 pkgsrc-2021Q2-base:1.77 pkgsrc-2021Q1:1.76.0.2 pkgsrc-2021Q1-base:1.76 pkgsrc-2020Q4:1.75.0.8 pkgsrc-2020Q4-base:1.75 pkgsrc-2020Q3:1.75.0.6 pkgsrc-2020Q3-base:1.75 pkgsrc-2020Q2:1.75.0.4 pkgsrc-2020Q2-base:1.75 pkgsrc-2020Q1:1.75.0.2 pkgsrc-2020Q1-base:1.75 pkgsrc-2019Q4:1.72.0.12 pkgsrc-2019Q4-base:1.72 pkgsrc-2019Q3:1.72.0.8 pkgsrc-2019Q3-base:1.72 pkgsrc-2019Q2:1.72.0.6 pkgsrc-2019Q2-base:1.72 pkgsrc-2019Q1:1.72.0.4 pkgsrc-2019Q1-base:1.72 pkgsrc-2018Q4:1.72.0.2 pkgsrc-2018Q4-base:1.72 pkgsrc-2018Q3:1.71.0.6 pkgsrc-2018Q3-base:1.71 pkgsrc-2018Q2:1.71.0.4 pkgsrc-2018Q2-base:1.71 pkgsrc-2018Q1:1.71.0.2 pkgsrc-2018Q1-base:1.71 pkgsrc-2017Q4:1.70.0.6 pkgsrc-2017Q4-base:1.70 pkgsrc-2017Q3:1.70.0.4 pkgsrc-2017Q3-base:1.70 pkgsrc-2017Q2:1.69.0.6 pkgsrc-2017Q2-base:1.69 pkgsrc-2017Q1:1.69.0.4 pkgsrc-2017Q1-base:1.69 pkgsrc-2016Q4:1.69.0.2 pkgsrc-2016Q4-base:1.69 pkgsrc-2016Q3:1.68.0.6 pkgsrc-2016Q3-base:1.68 pkgsrc-2016Q2:1.68.0.4 pkgsrc-2016Q2-base:1.68 pkgsrc-2016Q1:1.68.0.2 pkgsrc-2016Q1-base:1.68 pkgsrc-2015Q4:1.66.0.2 pkgsrc-2015Q4-base:1.66 pkgsrc-2015Q3:1.65.0.2 pkgsrc-2015Q3-base:1.65 pkgsrc-2015Q2:1.64.0.6 pkgsrc-2015Q2-base:1.64 pkgsrc-2015Q1:1.64.0.4 pkgsrc-2015Q1-base:1.64 pkgsrc-2014Q4:1.64.0.2 pkgsrc-2014Q4-base:1.64 pkgsrc-2014Q3:1.62.0.4 pkgsrc-2014Q3-base:1.62 pkgsrc-2014Q2:1.62.0.2 pkgsrc-2014Q2-base:1.62 pkgsrc-2014Q1:1.61.0.4 pkgsrc-2014Q1-base:1.61 pkgsrc-2013Q4:1.61.0.2 pkgsrc-2013Q4-base:1.61 pkgsrc-2013Q3:1.60.0.2 pkgsrc-2013Q3-base:1.60 pkgsrc-2013Q2:1.58.0.4 pkgsrc-2013Q2-base:1.58 pkgsrc-2013Q1:1.58.0.2 pkgsrc-2013Q1-base:1.58 pkgsrc-2012Q4:1.57.0.12 pkgsrc-2012Q4-base:1.57 pkgsrc-2012Q3:1.57.0.10 pkgsrc-2012Q3-base:1.57 pkgsrc-2012Q2:1.57.0.8 pkgsrc-2012Q2-base:1.57 pkgsrc-2012Q1:1.57.0.6 pkgsrc-2012Q1-base:1.57 pkgsrc-2011Q4:1.57.0.4 pkgsrc-2011Q4-base:1.57 pkgsrc-2011Q3:1.57.0.2 pkgsrc-2011Q3-base:1.57 pkgsrc-2011Q2:1.56.0.4 pkgsrc-2011Q2-base:1.56 pkgsrc-2011Q1:1.56.0.2 pkgsrc-2011Q1-base:1.56 pkgsrc-2010Q4:1.55.0.4 pkgsrc-2010Q4-base:1.55 pkgsrc-2010Q3:1.55.0.2 pkgsrc-2010Q3-base:1.55 pkgsrc-2010Q2:1.52.0.4 pkgsrc-2010Q2-base:1.52 pkgsrc-2010Q1:1.52.0.2 pkgsrc-2010Q1-base:1.52 pkgsrc-2009Q4:1.51.0.2 pkgsrc-2009Q4-base:1.51 pkgsrc-2009Q3:1.49.0.16 pkgsrc-2009Q3-base:1.49 pkgsrc-2009Q2:1.49.0.14 pkgsrc-2009Q2-base:1.49 pkgsrc-2009Q1:1.49.0.12 pkgsrc-2009Q1-base:1.49 pkgsrc-2008Q4:1.49.0.10 pkgsrc-2008Q4-base:1.49 pkgsrc-2008Q3:1.49.0.8 pkgsrc-2008Q3-base:1.49 cube-native-xorg:1.49.0.6 cube-native-xorg-base:1.49 pkgsrc-2008Q2:1.49.0.4 pkgsrc-2008Q2-base:1.49 cwrapper:1.49.0.2 pkgsrc-2008Q1:1.47.0.2 pkgsrc-2008Q1-base:1.47 pkgsrc-2007Q4:1.46.0.4 pkgsrc-2007Q4-base:1.46 pkgsrc-2007Q3:1.46.0.2 pkgsrc-2007Q3-base:1.46 pkgsrc-2007Q2:1.45.0.2 pkgsrc-2007Q2-base:1.45 pkgsrc-2007Q1:1.43.0.2 pkgsrc-2007Q1-base:1.43 pkgsrc-2006Q4:1.42.0.2 pkgsrc-2006Q4-base:1.42 pkgsrc-2006Q3:1.40.0.2 pkgsrc-2006Q3-base:1.40 pkgsrc-2006Q2:1.38.0.2 pkgsrc-2006Q2-base:1.38 pkgsrc-2006Q1:1.36.0.2 pkgsrc-2006Q1-base:1.36 pkgsrc-2005Q4:1.34.0.2 pkgsrc-2005Q4-base:1.34 pkgsrc-2005Q3:1.30.0.4 pkgsrc-2005Q3-base:1.30 pkgsrc-2005Q2:1.30.0.2 pkgsrc-2005Q2-base:1.30 pkgsrc-2005Q1:1.28.0.2 pkgsrc-2005Q1-base:1.28 pkgsrc-2004Q4:1.25.0.2 pkgsrc-2004Q4-base:1.25 pkgsrc-2004Q3:1.23.0.2 pkgsrc-2004Q3-base:1.23 pkgsrc-2004Q2:1.22.0.2 pkgsrc-2004Q2-base:1.22 pkgsrc-2004Q1:1.21.0.2 pkgsrc-2004Q1-base:1.21 pkgsrc-2003Q4:1.17.0.2 pkgsrc-2003Q4-base:1.17 netbsd-1-6-1:1.12.0.2 netbsd-1-6-1-base:1.12 pkgsrc-base:1.1.1.2 TNF:1.1.1; locks; strict; comment @# @; 1.82 date 2023.08.15.10.20.00; author abs; state Exp; branches; next 1.81; commitid 020u1slSIFGKVRAE; 1.81 date 2022.12.17.14.29.33; author gdt; state Exp; branches; next 1.80; commitid pS23CDRGEVsE3V5E; 1.80 date 2022.08.16.14.21.48; author wiz; state Exp; branches; next 1.79; commitid 2LtMADz6PjRTX6QD; 1.79 date 2021.10.26.10.54.30; author nia; state Exp; branches; next 1.78; commitid 4oqMIfLoj7jhgjeD; 1.78 date 2021.10.07.14.25.48; author nia; state Exp; branches; next 1.77; commitid qxYyTRMxdIO13TbD; 1.77 date 2021.04.12.22.27.05; author gdt; state Exp; branches; next 1.76; commitid TWoi2QBP2KB2r3PC; 1.76 date 2021.03.24.16.13.52; author gdt; state Exp; branches; next 1.75; commitid Lw72RbIsp8CWYzMC; 1.75 date 2020.03.23.18.45.47; author gdt; state Exp; branches; next 1.74; commitid yY6NybnXHOzGzy1C; 1.74 date 2020.03.21.15.36.32; author taca; state Exp; branches; next 1.73; commitid cjssp0ewO6Q0Bh1C; 1.73 date 2020.03.21.15.29.37; author taca; state Exp; branches; next 1.72; commitid 0CYC85OGTrS4zh1C; 1.72 date 2018.10.18.19.54.32; author bsiegert; state Exp; branches; next 1.71; commitid 1qmstVy5pJTEJtWA; 1.71 date 2018.03.17.09.14.35; author tnn; state Exp; branches 1.71.6.1; next 1.70; commitid xCLQVUS1DJQ87NuA; 1.70 date 2017.07.09.22.12.12; author schmonz; state Exp; branches; next 1.69; commitid 3gV30qscTZCfuBYz; 1.69 date 2016.11.10.20.25.50; author roy; state Exp; branches; next 1.68; commitid EmxlBfqhF12PDCtz; 1.68 date 2016.02.05.16.08.54; author prlw1; state Exp; branches; next 1.67; commitid wkhqWD8QFvgMbKTy; 1.67 date 2016.02.05.16.06.08; author prlw1; state Exp; branches; next 1.66; commitid tfRPcLMt8QeWaKTy; 1.66 date 2015.11.03.23.27.21; author agc; state Exp; branches; next 1.65; commitid OJ0eRxlNlbZfDHHy; 1.65 date 2015.09.09.19.13.48; author christos; state Exp; branches; next 1.64; commitid w1pqXlGiiKVEZBAy; 1.64 date 2014.10.12.18.45.05; author tron; state Exp; branches; next 1.63; commitid ozoLOwXUmVkVvWTx; 1.63 date 2014.10.01.11.37.31; author tron; state Exp; branches; next 1.62; commitid TgCeqGegFfD3vuSx; 1.62 date 2014.04.26.13.55.10; author tron; state Exp; branches 1.62.4.1; next 1.61; commitid AEkt5CGzNvrrlcyx; 1.61 date 2013.12.04.15.14.19; author jperkin; state Exp; branches; next 1.60; commitid 2y4hstwAJqkfnPfx; 1.60 date 2013.08.01.10.29.00; author bouyer; state Exp; branches; next 1.59; commitid UBeUq594YWuyOJZw; 1.59 date 2013.07.24.16.17.02; author drochner; state Exp; branches; next 1.58; commitid C5s7Dw14GipEZJYw; 1.58 date 2013.02.25.18.41.45; author gdt; state Exp; branches 1.58.4.1; next 1.57; 1.57 date 2011.08.07.07.47.20; author tron; state Exp; branches; next 1.56; 1.56 date 2011.02.11.19.10.53; author tnn; state Exp; branches; next 1.55; 1.55 date 2010.10.06.21.27.30; author pettai; state Exp; branches; next 1.54; 1.54 date 2010.10.04.22.12.06; author pettai; state Exp; branches; next 1.53; 1.53 date 2010.10.03.21.53.17; author pettai; state Exp; branches; next 1.52; 1.52 date 2010.03.24.21.41.10; author heinz; state Exp; branches; next 1.51; 1.51 date 2010.01.02.03.48.40; author heinz; state Exp; branches; next 1.50; 1.50 date 2010.01.01.13.55.32; author heinz; state Exp; branches; next 1.49; 1.49 date 2008.06.22.22.41.01; author heinz; state Exp; branches; next 1.48; 1.48 date 2008.05.20.05.42.46; author ghen; state Exp; branches; next 1.47; 1.47 date 2008.01.09.15.55.51; author heinz; state Exp; branches; next 1.46; 1.46 date 2007.08.26.17.26.51; author heinz; state Exp; branches; next 1.45; 1.45 date 2007.06.12.21.43.30; author heinz; state Exp; branches; next 1.44; 1.44 date 2007.05.02.15.20.45; author heinz; state Exp; branches; next 1.43; 1.43 date 2007.02.15.21.43.43; author heinz; state Exp; branches 1.43.2.1; next 1.42; 1.42 date 2006.10.10.18.39.27; author heinz; state Exp; branches 1.42.2.1; next 1.41; 1.41 date 2006.10.05.22.18.19; author mrg; state Exp; branches; next 1.40; 1.40 date 2006.08.31.22.00.48; author mrg; state Exp; branches; next 1.39; 1.39 date 2006.07.31.21.10.59; author heinz; state Exp; branches; next 1.38; 1.38 date 2006.06.05.23.01.01; author heinz; state Exp; branches; next 1.37; 1.37 date 2006.05.26.20.53.00; author heinz; state Exp; branches; next 1.36; 1.36 date 2006.03.24.19.46.10; author heinz; state Exp; branches 1.36.2.1; next 1.35; 1.35 date 2006.03.13.21.11.57; author heinz; state Exp; branches; next 1.34; 1.34 date 2005.11.22.13.03.22; author rillig; state Exp; branches; next 1.33; 1.33 date 2005.11.22.10.35.00; author rillig; state Exp; branches; next 1.32; 1.32 date 2005.11.13.22.48.32; author heinz; state Exp; branches; next 1.31; 1.31 date 2005.11.13.05.08.00; author heinz; state Exp; branches; next 1.30; 1.30 date 2005.06.19.22.29.35; author heinz; state Exp; branches 1.30.4.1; next 1.29; 1.29 date 2005.04.29.08.48.40; author heinz; state Exp; branches; next 1.28; 1.28 date 2005.02.24.09.59.29; author agc; state Exp; branches; next 1.27; 1.27 date 2005.02.13.21.20.25; author heinz; state Exp; branches; next 1.26; 1.26 date 2005.01.15.21.44.55; author schmonz; state Exp; branches; next 1.25; 1.25 date 2004.11.08.17.07.23; author mjl; state Exp; branches; next 1.24; 1.24 date 2004.10.12.00.11.10; author heinz; state Exp; branches; next 1.23; 1.23 date 2004.08.10.20.40.01; author heinz; state Exp; branches; next 1.22; 1.22 date 2004.05.31.12.43.06; author heinz; state Exp; branches; next 1.21; 1.21 date 2004.01.21.22.19.30; author heinz; state Exp; branches; next 1.20; 1.20 date 2003.12.27.19.16.04; author heinz; state Exp; branches; next 1.19; 1.19 date 2003.12.02.12.36.00; author grant; state Exp; branches; next 1.18; 1.18 date 2003.12.01.16.04.40; author heinz; state Exp; branches; next 1.17; 1.17 date 2003.11.03.00.56.26; author heinz; state Exp; branches; next 1.16; 1.16 date 2003.09.03.13.08.05; author atatat; state Exp; branches; next 1.15; 1.15 date 2003.06.08.01.11.38; author heinz; state Exp; branches; next 1.14; 1.14 date 2003.05.22.11.41.02; author abs; state Exp; branches; next 1.13; 1.13 date 2003.04.15.00.02.24; author heinz; state Exp; branches; next 1.12; 1.12 date 2003.02.09.02.55.41; author heinz; state Exp; branches; next 1.11; 1.11 date 2003.02.02.19.38.39; author heinz; state Exp; branches; next 1.10; 1.10 date 2003.01.29.17.34.28; author tron; state Exp; branches; next 1.9; 1.9 date 2002.11.06.21.51.26; author heinz; state Exp; branches; next 1.8; 1.8 date 2002.10.20.20.09.05; author heinz; state Exp; branches; next 1.7; 1.7 date 2002.10.08.16.41.32; author heinz; state Exp; branches; next 1.6; 1.6 date 2002.10.08.00.49.19; author heinz; state Exp; branches; next 1.5; 1.5 date 2002.09.29.23.44.28; author simonb; state Exp; branches; next 1.4; 1.4 date 2002.08.26.16.00.52; author hubertf; state Exp; branches; next 1.3; 1.3 date 2002.08.26.15.55.58; author hubertf; state Exp; branches; next 1.2; 1.2 date 2002.08.25.22.44.23; author hubertf; state dead; branches; next 1.1; 1.1 date 2002.08.24.19.46.39; author hubertf; state Exp; branches 1.1.1.1; next ; 1.71.6.1 date 2018.10.20.15.59.14; author spz; state Exp; branches; next ; commitid i2Ot61qaBvhCnIWA; 1.62.4.1 date 2014.10.10.10.56.05; author spz; state Exp; branches; next ; commitid iOkjSlParmhbZDTx; 1.58.4.1 date 2013.08.01.12.51.53; author tron; state Exp; branches; next ; commitid VPMy3rfKnWfPBKZw; 1.43.2.1 date 2007.06.13.08.05.04; author ghen; state Exp; branches; next ; 1.42.2.1 date 2007.02.23.11.36.22; author ghen; state Exp; branches; next ; 1.36.2.1 date 2006.06.07.21.28.47; author salo; state Exp; branches; next ; 1.30.4.1 date 2005.11.22.00.34.24; author salo; state Exp; branches; next ; 1.1.1.1 date 2002.08.24.19.46.39; author hubertf; state Exp; branches; next 1.1.1.2; 1.1.1.2 date 2002.08.26.15.54.29; author hubertf; state Exp; branches; next ; desc @@ 1.82 log @Avoid deprecated warning from cron Patch from upstream, bump pkgrevision @ text @$NetBSD: distinfo,v 1.81 2022/12/17 14:29:33 gdt Exp $ BLAKE2s (Mail-SpamAssassin-4.0.0.tar.gz) = fdcc278214de88b9796e678b5902ded5100e2c30dbb5725c4b5aea027980e340 SHA512 (Mail-SpamAssassin-4.0.0.tar.gz) = db8e5d0249d9fabfa89bc4c7309a7eafd103ae07617ed9bd32e6b35473c5efc05b1a913b4a3d4bb0ff19093400e3510ae602bf9e96290c63e7946a1d0df6de47 Size (Mail-SpamAssassin-4.0.0.tar.gz) = 6779828 bytes BLAKE2s (Mail-SpamAssassin-rules-4.0.0.r1905950.tgz) = f69d64dbe6ac98e556013540cf61889b8013dbca890577a1142a4ef6f5d33a5f SHA512 (Mail-SpamAssassin-rules-4.0.0.r1905950.tgz) = 8ff0e68e18dc52a88fec83239bb9dc3a1d34f2dcb4c03cd6c566b97fa91242e3c8d006612aeb4df0acf43929eaaa59d542eb5cf904498343adf5eadefcb89255 Size (Mail-SpamAssassin-rules-4.0.0.r1905950.tgz) = 355737 bytes BLAKE2s (Mail-SpamAssassin-rules-4.0.0.r1905950.tgz.asc) = 445aee22649a330357df398cd0694535cd09e83abbaf8f3d338de5f842ed8160 SHA512 (Mail-SpamAssassin-rules-4.0.0.r1905950.tgz.asc) = 517dbf83b4cf984036cb7cbf92a290ea0c8eea1da87f80d202275e71d2823b7b2eed4efff2f71742ca28090d355a690346f1bf97cfc15a3ea26a6d52792b1882 Size (Mail-SpamAssassin-rules-4.0.0.r1905950.tgz.asc) = 833 bytes SHA1 (patch-Makefile.PL) = f190b064069506aa9afb1b6ecd8affea78104699 SHA1 (patch-README) = 5d2aaecc4791e4f76df1078c17036cc23a39a8d0 SHA1 (patch-ae) = e6e83c1de1002b8db647779d17740e67103b69d8 SHA1 (patch-sa-update) = bf19da673a44c1016692e8978b612067c9c071eb SHA1 (patch-spamc_libspamc.c) = 6e634b5e4e795bd1e2bddbe4b192e2826de8ba5a SHA1 (patch-spamd_netbsd-rc-script.sh) = 192fc1876ee30a4475c0efd9be6340e87d9fa2f4 @ 1.81 log @mail/spamassassin: Update to 4.0.0 Tested on NetBSD 9 amd64 with postfix and spamass-milter. NB the rule renaming below and the modified init.pre, which will not be merged by updating if init.pre is locally modifed. Upstream Release Notes: Introduction ------------ Apache SpamAssassin 4.0.0 contains numerous tweaks and bug fixes over the past releases. In particular, it includes major changes that significantly improve the handling of text in international language. As with any major release, there are countless functional patches and improvements to upgrade to 4.0.0. Apache SpamAssassin 4.0.0 includes several years of fixes that significantly improve classification and performance. It has been thoroughly tested in production systems. We strongly recommend upgrading as soon as possible. Notable features: ================= New plugins ----------- There are three new plugins added with this release: #1 Mail::SpamAssassin::Plugin::ExtractText This plugin uses external tools to extract text from message parts, and then sets the text as the rendered part. All SpamAssassin rules that apply to the rendered part will run on the extracted text as well. #2 Mail::SpamAssassin::Plugin::DMARC This plugin checks if emails match DMARC policy after parsing DKIM and SPF results. #3 Mail::SpamAssassin::Plugin::DecodeShortURLs This plugin looks for URLs shortened by a list of URL shortening services. Upon finding a matching URL, plugin will send a HTTP request to the shortening service and retrieve the Location-header which points to the actual shortened URL. It then adds this URL to the list of URIs extracted by SpamAssassin which can then be accessed by uri rules and plugins such as URIDNSBL. Removed plugin -------------- HashCash module, formerly deprecated, has now been removed completely Notable changes --------------- This release includes fixes for the following: - Support for international text such as UTF-8 rules has been completed and significantly improved to include native UTF-8 processing - Bayes plugin has been improved to skip common words aka noise words written in languages other than English - OLEVBMacro plugin has been improved in order to detect more Microsoft Office macros and dangerous content. It has also been improved to extract URIs from Office documents for automatic inclusion in rules such as RBL lookups. - You can now use Captured Tags to use tags “captured” in one rule inside other rules - sa-update(1) tool has been improved with three new options: #1 forcemirror: forces sa-update to use a specific mirror server, #2 score-multiplier: adjust all scores from update channel by a given multiplier to quickly level set scores to match your preferred threshold #3 score-limit adjusts all scores from update channel over a specified limit to a new limit * SSL client certificate support has been improved and made easier to implement with spamc/spamd * DKIM plugin can now detect ARC signatures * More work on improving the configuration and internal coding to use more inclusive and less divisive language * spamc(1) speed has been improved when both SSL and compression are used * The normalize_charset option is now enabled by default. NOTE: Rules should not expect specific non-UTF-8 or UTF-8 encoding in the body. Matching is done against the raw body, which may vary depending on normalize_charset setting and whether UTF-8 decoding was successful. * Mail::SPF is now the only supported module used by the SPF plugin. * Mail::SPF::Query use is deprecated, along with settings do_not_use_mail_spf, do_not_use_mail_spf_query. * SPF lookups are not done asynchronously and you may consider using an SPF filter at the MTA level (pypolicyd-spf / spf-engine / etc) which generates a Received-SPF header that can be parsed by SpamAssassin. * The default sa-update ruleset doesn't make ASN lookups or header additions anymore. Configure desired methods (asn_use_geodb / asn_use_dns) and add_header clauses manually, as described in documentation for the Mail::SpamAssassin::Plugin::ASN. New configuration options ------------------------- All rules, functions, command line options and modules that contain "whitelist" or "blacklist" have been renamed to "welcomelist" and "blocklist" terms Old options will continue to work for backwards compatibility until at least the Apache SpamAssassin version 4.1.0 release New tflag "nolog" added to hide info coming from rules in SpamAssassin reports New dns_options "nov4" and "nov6" added. IMPORTANT:; You must set nov6 if your DNS resolver is filtering IPv6 AAAA replies. Razor2 razor_fork option added. It will fork separate Razor2 process and read in the results later asynchronously, increasing throughput. When this is used, rule priorities are automatically adjusted to -100. Pyzor pyzor_fork option added. It will fork separate Pyzor process and read in the results later asynchronously, increasing throughput. When this is used, rule priorities are automatically adjusted to -100 urirhsbl and urirhssub rules now support "notrim" tflag, which forces querying the full hostname, instead of trimmed domain report_charset now defaults to UTF-8 which may change the rendering of SpamAssassin reports Notable Internal changes ------------------------ Meta rules no longer use priority values, they are evaluated dynamically when the rules they depend on are finished DNS and other asynchronous lookups like DCC or Razor2 plugins are now launched when priority -100 is reached. This allows short circuiting at lower priority without sending unneeded DNS queries New internal Mail::SpamAssassin::GeoDB module supporting RelayCountry and URILocalBL plugins provides a unified interface to Geographic IP modules. These include: MaxMind::DB::Reader (GeoIP2) Geo::IP IP::Country::DB_File IP::Country::Fast. Bayes and TxRep Message-ID tracking now uses a different hashing method Optimizations ------------- Apache SpamAssassin 4.0.0 represents years of work by the project with numerous improvements, new rule types, and internal native handling of messages in international languages. These three key optimizations will improve the efficiency of SpamAssassin: DNS queries are now done asynchronously for overall speed improvements DCC checks can now use dccifd asynchronously for improved throughput Pyzor and Razor fork use separate processes done asynchronously for increased throughput @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.80 2022/08/16 14:21:48 wiz Exp $ d15 1 a15 1 SHA1 (patch-sa-update) = 0cac6f2315db8f80cd313473e8d141b49edb791f @ 1.80 log @spamassassin: update to use latest rules file and install .asc file again This makes the package break later in 'make install' when it finds out that updates.spamassassin.org does not exist. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.79 2021/10/26 10:54:30 nia Exp $ d3 10 a12 10 BLAKE2s (Mail-SpamAssassin-3.4.6.tar.gz) = d330863c4775e9dfc3ffb8158e3b145a3e43ff9122e686a074be7c2d1a2cb65d SHA512 (Mail-SpamAssassin-3.4.6.tar.gz) = 7910852f04463a7363a2fc3b70a35adadf5714552e57c5b8ca57beaa534ee18d9f06526cdbcf8bcd5781e5ca778f98d2f84ef2efd1872fa550cfe1689440364a Size (Mail-SpamAssassin-3.4.6.tar.gz) = 6572574 bytes BLAKE2s (Mail-SpamAssassin-rules-3.4.6.r1888502.tgz) = 5ac6070924cf3093fda442bf1cbc059ea3dd98df0d9eea7eaad45eea6f7a177e SHA512 (Mail-SpamAssassin-rules-3.4.6.r1888502.tgz) = 29167c2ab50de26954181ad53395d4270b8b15b7d3bb13d6c62aa2f13ed3bb7a54adcda944bbd4c8d0cf4fe918a2eb0f542ef420af2bd96a121cb3d9b55dd572 Size (Mail-SpamAssassin-rules-3.4.6.r1888502.tgz) = 369768 bytes BLAKE2s (Mail-SpamAssassin-rules-3.4.6.r1888502.tgz.asc) = e1c0171d935698f2f3241a45ae16e34d990727ba8c0d6195e658eb77e4959b04 SHA512 (Mail-SpamAssassin-rules-3.4.6.r1888502.tgz.asc) = 97066dfe751aa067b14368ebd0388666522257945bd0fd37d921371682209be6bd658199ca817bb0dd345c4ddb1cebe02015ca9ca3a33f167d68b7d029a07b0c Size (Mail-SpamAssassin-rules-3.4.6.r1888502.tgz.asc) = 833 bytes SHA1 (patch-Makefile.PL) = bcf48afe3adce57fbe4ff0de583ca23bf5177aab d16 1 a16 1 SHA1 (patch-spamc_libspamc.c) = 757b845df445414d4ba0c2fb039dbc6d9e68b85f @ 1.79 log @mail: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes The following distfiles were unfetchable (possibly fetched conditionally?): ./mail/qmail/distinfo netqmail-1.05-TAI-leapsecs.patch @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.78 2021/10/07 14:25:48 nia Exp $ d6 6 a11 3 BLAKE2s (Mail-SpamAssassin-rules-3.4.4.r1873061.tgz) = a45930ab88019b844fe7128da7742fa5c6bf68c4d6a02543f10af103575cf525 SHA512 (Mail-SpamAssassin-rules-3.4.4.r1873061.tgz) = cc2f6949db4662cdcaf5dcef922e69d18320a591deb7fb98c1fb729d91d37f5164052ab6cd2e294657334874fbfc0cccdefc750910e0453cb8da0b3f263b3ede Size (Mail-SpamAssassin-rules-3.4.4.r1873061.tgz) = 315930 bytes @ 1.78 log @mail: Remove SHA1 hashes for distfiles @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.77 2021/04/12 22:27:05 gdt Exp $ d3 1 a3 1 RMD160 (Mail-SpamAssassin-3.4.6.tar.gz) = b16211c5402aac6f0e3f2d7a12cc1062968a6157 d6 1 a6 1 RMD160 (Mail-SpamAssassin-rules-3.4.4.r1873061.tgz) = fb8a8c71dbd6621ca7044600bf9a52f9398b6fcb @ 1.77 log @spamassassin: Update to 3.4.6 upstream: bugfixes @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.76 2021/03/24 16:13:52 gdt Exp $ a2 1 SHA1 (Mail-SpamAssassin-3.4.6.tar.gz) = 096fb58c8c41c87f7bbb99e9089208b21672b5bd a5 1 SHA1 (Mail-SpamAssassin-rules-3.4.4.r1873061.tgz) = ee022f1cc18a66d49c1954936c70c36049c37dcf @ 1.76 log @mail/spamassassin: Update to 3.4.5 This is a micro-update carrying a fix for https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-1946 Upstream changes: In addition to the CVE which shall be announced separately, this release includes fixes for the following: - Improvements to OLEVBMacro and AskDNS plugins - Received and EnvelopeFrom headers matching improvements - userpref SQL schema fixes - rbl and hashbl evaluation improvements - fix for non working TxRep tag names - man page fixes @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.75 2020/03/23 18:45:47 gdt Exp $ d3 4 a6 4 SHA1 (Mail-SpamAssassin-3.4.5.tar.gz) = e794b3031366a2c7ddd69c8dc1586c0721c102fb RMD160 (Mail-SpamAssassin-3.4.5.tar.gz) = 6c837a11e15dfdef1824adff6d608b29ffeceeca SHA512 (Mail-SpamAssassin-3.4.5.tar.gz) = 76323d8a5be1f5451375adc8b7989f183e72d0fa52848a1356c3b7fb3da9a9328fe9f91bcc941228c2cb91180ed49583a9a8bebf1f00caf7ad898251af3b9ba3 Size (Mail-SpamAssassin-3.4.5.tar.gz) = 6572220 bytes @ 1.75 log @mail/spamassassin: Update to 3.4.4 This is a micro update (actually 2) with security fixes, and is trivial except for hand-applying some patch hunks that have textual but not semantic conflicts. The upstream announcement hints at minor new features and a new plugin, but does not explain. (There is no NEWS file.) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.74 2020/03/21 15:36:32 taca Exp $ d3 4 a6 4 SHA1 (Mail-SpamAssassin-3.4.4.tar.gz) = 98ce46e464a3dd9d3bf83b8744eebcb109292a6d RMD160 (Mail-SpamAssassin-3.4.4.tar.gz) = 414fdfcb544afd44f3e17dbced145f26fe827e2e SHA512 (Mail-SpamAssassin-3.4.4.tar.gz) = b6efa1c733ddf810b189ec69445faeae6488ee2671f87f56b49ec3bf85690bf7950aa5ce251c1f1371b2bbe4fb88dbce0a162c9a24a48ed5e6584f9019611552 Size (Mail-SpamAssassin-3.4.4.tar.gz) = 3274482 bytes @ 1.74 log @mail/spamassassin: revert previous accidential commit Revert previous accidential commit by my mistake. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.73 2020/03/21 15:29:37 taca Exp $ d3 9 a11 9 SHA1 (Mail-SpamAssassin-3.4.2.tar.gz) = f24c471d6594f60f1a1146a11bcb1c2f5215de03 RMD160 (Mail-SpamAssassin-3.4.2.tar.gz) = dd3cbd744a642478d5773e2fb524461b2cd864e3 SHA512 (Mail-SpamAssassin-3.4.2.tar.gz) = 85e3d78bb885ad1d0bf2066d1bc919d6ad5e9f86795069397e7c28cc1ba02870566ec014c08c81f68e7ed03b7f60d2de0b9730b3415b35d848abde2c8920a28f Size (Mail-SpamAssassin-3.4.2.tar.gz) = 3185452 bytes SHA1 (Mail-SpamAssassin-rules-3.4.2.r1840640.tgz) = c93006e1572297f816a0e186a98cbbae246a4945 RMD160 (Mail-SpamAssassin-rules-3.4.2.r1840640.tgz) = d1f5d207176e51e37c346b2b6ce893b50341011d SHA512 (Mail-SpamAssassin-rules-3.4.2.r1840640.tgz) = 38b5f4dc6e6776937e787123c265ecd9a0a2f60aca1b57d6ed4a8f78cf81550478eddd0829b1255e9e8ce64421e06cc13ae82f1a597e893b65f0d07ba8c53a7f Size (Mail-SpamAssassin-rules-3.4.2.r1840640.tgz) = 284758 bytes SHA1 (patch-Makefile.PL) = f598b173e73130b55714413d5fc55e29ca6a3c4f d14 1 a14 1 SHA1 (patch-sa-update) = 59cba1287051042fc7f510f5e5ef462e2ee8d034 @ 1.73 log @mail/Makefile: delete ruby-actionmailer42 @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.72 2018/10/18 19:54:32 bsiegert Exp $ d3 9 a11 9 SHA1 (Mail-SpamAssassin-3.4.4.tar.gz) = 98ce46e464a3dd9d3bf83b8744eebcb109292a6d RMD160 (Mail-SpamAssassin-3.4.4.tar.gz) = 414fdfcb544afd44f3e17dbced145f26fe827e2e SHA512 (Mail-SpamAssassin-3.4.4.tar.gz) = b6efa1c733ddf810b189ec69445faeae6488ee2671f87f56b49ec3bf85690bf7950aa5ce251c1f1371b2bbe4fb88dbce0a162c9a24a48ed5e6584f9019611552 Size (Mail-SpamAssassin-3.4.4.tar.gz) = 3274482 bytes SHA1 (Mail-SpamAssassin-rules-3.4.4.r1873061.tgz) = ee022f1cc18a66d49c1954936c70c36049c37dcf RMD160 (Mail-SpamAssassin-rules-3.4.4.r1873061.tgz) = fb8a8c71dbd6621ca7044600bf9a52f9398b6fcb SHA512 (Mail-SpamAssassin-rules-3.4.4.r1873061.tgz) = cc2f6949db4662cdcaf5dcef922e69d18320a591deb7fb98c1fb729d91d37f5164052ab6cd2e294657334874fbfc0cccdefc750910e0453cb8da0b3f263b3ede Size (Mail-SpamAssassin-rules-3.4.4.r1873061.tgz) = 315930 bytes SHA1 (patch-Makefile.PL) = 8c866690cd40109dbeb31e475603255daba075e1 d14 1 a14 1 SHA1 (patch-sa-update) = 12f996b23ae05e1a5919a314e82dc66e28b8ef4c @ 1.72 log @Update spamassassin to 3.4.2. From Attila Fueloep in pull request NetBSD/pkgsrc#32. Apache SpamAssassin 3.4.2 contains numerous tweaks and bug fixes over the past three and 1/2 years. As we release 3.4.2, we are preparing 4.0.0 which will move us into a full UTF-8 environment. We expect one final 3.4.3 release. As with any release there are a number of functional patches, improvements as well as security reasons to upgrade to 3.4.2. In this case we have over 3 years of issues being resolved at once. And we are laying thr groundwork for version 4.0 which is is designed to more natively handle UTF-8. However, there is one specific pressing reason to upgrade. Specifically, we will stop producing SHA-1 signatures for rule updates. This means that while we produce rule updates with the focus on them working for any release from v3.3.2 forward, they will start failing SHA-1 validation for sa-update. *** If you do not update to 3.4.2, you will be stuck at the last ruleset with SHA-1 signatures in the near future. *** Full release notes at http://svn.apache.org/repos/asf/spamassassin/branches/3.4/build/announcements/3.4.2.txt. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.71 2018/03/17 09:14:35 tnn Exp $ d3 9 a11 9 SHA1 (Mail-SpamAssassin-3.4.2.tar.gz) = f24c471d6594f60f1a1146a11bcb1c2f5215de03 RMD160 (Mail-SpamAssassin-3.4.2.tar.gz) = dd3cbd744a642478d5773e2fb524461b2cd864e3 SHA512 (Mail-SpamAssassin-3.4.2.tar.gz) = 85e3d78bb885ad1d0bf2066d1bc919d6ad5e9f86795069397e7c28cc1ba02870566ec014c08c81f68e7ed03b7f60d2de0b9730b3415b35d848abde2c8920a28f Size (Mail-SpamAssassin-3.4.2.tar.gz) = 3185452 bytes SHA1 (Mail-SpamAssassin-rules-3.4.2.r1840640.tgz) = c93006e1572297f816a0e186a98cbbae246a4945 RMD160 (Mail-SpamAssassin-rules-3.4.2.r1840640.tgz) = d1f5d207176e51e37c346b2b6ce893b50341011d SHA512 (Mail-SpamAssassin-rules-3.4.2.r1840640.tgz) = 38b5f4dc6e6776937e787123c265ecd9a0a2f60aca1b57d6ed4a8f78cf81550478eddd0829b1255e9e8ce64421e06cc13ae82f1a597e893b65f0d07ba8c53a7f Size (Mail-SpamAssassin-rules-3.4.2.r1840640.tgz) = 284758 bytes SHA1 (patch-Makefile.PL) = f598b173e73130b55714413d5fc55e29ca6a3c4f d14 1 a14 1 SHA1 (patch-sa-update) = 59cba1287051042fc7f510f5e5ef462e2ee8d034 @ 1.71 log @spamassassin: use TLS instead of SSLv3. Fixes build with current openssl. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.70 2017/07/09 22:12:12 schmonz Exp $ d3 9 a11 9 SHA1 (Mail-SpamAssassin-3.4.1.tar.gz) = e7b342d30f4983f70f4234480b489ccc7d2aa615 RMD160 (Mail-SpamAssassin-3.4.1.tar.gz) = 4b7d6a6def068eb015e8d4699db410ade76b28f3 SHA512 (Mail-SpamAssassin-3.4.1.tar.gz) = 6a074f1a4177e1969cef575fe3b1b844d27c813d48fe1e07a46f56ffa728fc780897597d00f11acb269317a6308f284f0dee544d504da874d93b0549d094a6a3 Size (Mail-SpamAssassin-3.4.1.tar.gz) = 3174888 bytes SHA1 (Mail-SpamAssassin-rules-3.4.1.r1675274.tgz) = fcbcbf767f8c0b1b2ce2c3be4010cf6130f826b9 RMD160 (Mail-SpamAssassin-rules-3.4.1.r1675274.tgz) = 7ed097fa0b8fddc43f73985f0474c45b497c0d95 SHA512 (Mail-SpamAssassin-rules-3.4.1.r1675274.tgz) = b5822c116b5b3c558cbbc7a92dcf134a8e0338fa6e038e19ac34111d90c4fa0755111f36e61146674a9ad3b44c55a73941f103a12c4da50b17b05f95557efc6b Size (Mail-SpamAssassin-rules-3.4.1.r1675274.tgz) = 270622 bytes SHA1 (patch-Makefile.PL) = d322d7fb7286d5cf87ca775f9c381db32626e060 d13 1 a13 4 SHA1 (patch-ae) = d46b1d8f56c8c61936c307f74b39a49da1b1f353 SHA1 (patch-lib_Mail_SpamAssassin_DnsResolver.pm) = 129386c70010f6005ff93d4c237c219fe5b8a4a9 SHA1 (patch-lib_Mail_SpamAssassin_PerMsgStatus.pm) = 414255bf5ffb2083029950bb38309716616803ce SHA1 (patch-sa-compile) = e8a92060eefbc1c95b7b2c674fc69686a66f230b d15 1 a15 1 SHA1 (patch-spamc_libspamc.c) = 9175012a0e06faaf6a425da65438ba8e2c29f1f1 @ 1.71.6.1 log @Pullup ticket #5846 - requested by bsiegert mail/spamassassin: security update Revisions pulled up: - mail/spamassassin/Makefile 1.132 - mail/spamassassin/distinfo 1.72 - mail/spamassassin/patches/patch-Makefile.PL 1.3 - mail/spamassassin/patches/patch-ae 1.14 - mail/spamassassin/patches/patch-lib_Mail_SpamAssassin_DnsResolver.pm deleted - mail/spamassassin/patches/patch-lib_Mail_SpamAssassin_PerMsgStatus.pm deleted - mail/spamassassin/patches/patch-sa-compile deleted - mail/spamassassin/patches/patch-spamc_libspamc.c 1.2 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: bsiegert Date: Thu Oct 18 19:54:32 UTC 2018 Modified Files: pkgsrc/mail/spamassassin: Makefile distinfo pkgsrc/mail/spamassassin/patches: patch-Makefile.PL patch-ae patch-spamc_libspamc.c Removed Files: pkgsrc/mail/spamassassin/patches: patch-lib_Mail_SpamAssassin_DnsResolver.pm patch-lib_Mail_SpamAssassin_PerMsgStatus.pm patch-sa-compile Log Message: Update spamassassin to 3.4.2. From Attila Fueloep in pull request NetBSD/pkgsrc#32. Apache SpamAssassin 3.4.2 contains numerous tweaks and bug fixes over the past three and 1/2 years. As we release 3.4.2, we are preparing 4.0.0 which will move us into a full UTF-8 environment. We expect one final 3.4.3 release. As with any release there are a number of functional patches, improvements as well as security reasons to upgrade to 3.4.2. In this case we have over 3 years of issues being resolved at once. And we are laying thr groundwork for version 4.0 which is is designed to more natively handle UTF-8. However, there is one specific pressing reason to upgrade. Specifically, we will stop producing SHA-1 signatures for rule updates. This means that while we produce rule updates with the focus on them working for any release from v3.3.2 forward, they will start failing SHA-1 validation for sa-update. *** If you do not update to 3.4.2, you will be stuck at the last ruleset with SHA-1 signatures in the near future. *** Full release notes at http://svn.apache.org/repos/asf/spamassassin/branches/3.4/build/announcements/3.4.2.txt. To generate a diff of this commit: cvs rdiff -u -r1.131 -r1.132 pkgsrc/mail/spamassassin/Makefile cvs rdiff -u -r1.71 -r1.72 pkgsrc/mail/spamassassin/distinfo cvs rdiff -u -r1.2 -r1.3 pkgsrc/mail/spamassassin/patches/patch-Makefile.PL cvs rdiff -u -r1.13 -r1.14 pkgsrc/mail/spamassassin/patches/patch-ae cvs rdiff -u -r1.5 -r0 \ pkgsrc/mail/spamassassin/patches/patch-lib_Mail_SpamAssassin_DnsResolver.pm cvs rdiff -u -r1.3 -r0 \ pkgsrc/mail/spamassassin/patches/patch-lib_Mail_SpamAssassin_PerMsgStatus.pm cvs rdiff -u -r1.1 -r0 pkgsrc/mail/spamassassin/patches/patch-sa-compile cvs rdiff -u -r1.1 -r1.2 \ pkgsrc/mail/spamassassin/patches/patch-spamc_libspamc.c @ text @d1 1 a1 1 $NetBSD$ d3 9 a11 9 SHA1 (Mail-SpamAssassin-3.4.2.tar.gz) = f24c471d6594f60f1a1146a11bcb1c2f5215de03 RMD160 (Mail-SpamAssassin-3.4.2.tar.gz) = dd3cbd744a642478d5773e2fb524461b2cd864e3 SHA512 (Mail-SpamAssassin-3.4.2.tar.gz) = 85e3d78bb885ad1d0bf2066d1bc919d6ad5e9f86795069397e7c28cc1ba02870566ec014c08c81f68e7ed03b7f60d2de0b9730b3415b35d848abde2c8920a28f Size (Mail-SpamAssassin-3.4.2.tar.gz) = 3185452 bytes SHA1 (Mail-SpamAssassin-rules-3.4.2.r1840640.tgz) = c93006e1572297f816a0e186a98cbbae246a4945 RMD160 (Mail-SpamAssassin-rules-3.4.2.r1840640.tgz) = d1f5d207176e51e37c346b2b6ce893b50341011d SHA512 (Mail-SpamAssassin-rules-3.4.2.r1840640.tgz) = 38b5f4dc6e6776937e787123c265ecd9a0a2f60aca1b57d6ed4a8f78cf81550478eddd0829b1255e9e8ce64421e06cc13ae82f1a597e893b65f0d07ba8c53a7f Size (Mail-SpamAssassin-rules-3.4.2.r1840640.tgz) = 284758 bytes SHA1 (patch-Makefile.PL) = f598b173e73130b55714413d5fc55e29ca6a3c4f d13 4 a16 1 SHA1 (patch-ae) = e6e83c1de1002b8db647779d17740e67103b69d8 d18 1 a18 1 SHA1 (patch-spamc_libspamc.c) = 757b845df445414d4ba0c2fb039dbc6d9e68b85f @ 1.70 log @Apply upstream patch (SVN rev 1791010) to fix "Unescaped left brace in regex is deprecated here (and will be fatal in Perl 5.30)". While here, remove references to LOCALBASE. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.69 2016/11/10 20:25:50 roy Exp $ d18 1 @ 1.69 log @Add patch to fix SA working with >=Net::DNS-1.01, taken from upstream. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.68 2016/02/05 16:08:54 prlw1 Exp $ d15 1 @ 1.68 log @Fixed in 3.4 http://bz.apache.org/SpamAssassin/show_bug.cgi?id=6937 @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.67 2016/02/05 16:06:08 prlw1 Exp $ d14 1 @ 1.67 log @Use REPLACE_PERL rather than manual patch @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.66 2015/11/03 23:27:21 agc Exp $ a13 1 SHA1 (patch-lib_Mail_SpamAssassin_Message.pm) = 402b9769df65ae87c3beebcc9441e29619eed367 @ 1.66 log @Add SHA512 digests for distfiles for mail category Problems found locating distfiles: Package mutt: missing distfile patch-1.5.24.rr.compressed.gz Package p5-Email-Valid: missing distfile Email-Valid-1.198.tar.gz Package pine: missing distfile fancy.patch.gz Package postgrey: missing distfile targrey-0.31-postgrey-1.34.patch Package qmail: missing distfile badrcptto.patch Package qmail: missing distfile outgoingip.patch Package qmail: missing distfile qmail-1.03-realrcptto-2006.12.10.patch Package qmail: missing distfile qmail-smtpd-viruscan-1.3.patch Package thunderbird24: missing distfile enigmail-1.7.2.tar.gz Package thunderbird31: missing distfile enigmail-1.7.2.tar.gz Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.65 2015/09/09 19:13:48 christos Exp $ d16 1 a16 1 SHA1 (patch-sa-update) = 6ea354aa6b11740df1d25a807f5610115218294a @ 1.65 log @update to 3.4.1: - improved automation to help combat spammers that are abusing new top level domains; - tweaks to the SPF support to block more spoofed emails; - increased character set normalization to make rules easier to develop and stop spammers from using alternate character sets to bypass tests; - continued refinement to the native IPv6 support; and - improved Bayesian classification with better debugging and attachment hashing. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.64 2014/10/12 18:45:05 tron Exp $ d5 1 d9 1 @ 1.64 log @Remove checksum for deleted patch file. Problem pointed out by Petar Bogdanovic in private e-mail. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.63 2014/10/01 11:37:31 tron Exp $ d3 8 a10 13 SHA1 (Mail-SpamAssassin-3.4.0.tar.gz) = 4dac1384282b6201f7d80cea8295933ef08e7e28 RMD160 (Mail-SpamAssassin-3.4.0.tar.gz) = c3a9b4adaebfe62c279684349ce76ed36d304f26 Size (Mail-SpamAssassin-3.4.0.tar.gz) = 1269753 bytes SHA1 (Mail-SpamAssassin-rules-3.4.0.r1565117.tgz) = d71a64cab9f5454d3b164e44d3649bff9cb87f87 RMD160 (Mail-SpamAssassin-rules-3.4.0.r1565117.tgz) = fcf0bb481dee0fddc863ebab5772d6dbbde299f9 Size (Mail-SpamAssassin-rules-3.4.0.r1565117.tgz) = 247283 bytes SHA1 (Mail-SpamAssassin-rules-3.4.0.r1565117.tgz.asc) = 3a726149419ea2d23b28920582ac0921335966ac RMD160 (Mail-SpamAssassin-rules-3.4.0.r1565117.tgz.asc) = 0db3057f2af1c4cf16f8eb48457553c81f769eec Size (Mail-SpamAssassin-rules-3.4.0.r1565117.tgz.asc) = 823 bytes SHA1 (Mail-SpamAssassin-rules-3.4.0.r1565117.tgz.sha1) = 9b4fc4c3b3dea74f0337c6b4c914943375616663 RMD160 (Mail-SpamAssassin-rules-3.4.0.r1565117.tgz.sha1) = bab252971f0b1618ed5b28de9c377b10e54df169 Size (Mail-SpamAssassin-rules-3.4.0.r1565117.tgz.sha1) = 85 bytes SHA1 (patch-Makefile.PL) = 965e6aa223f2e714630db45131918485a5730c48 a11 2 SHA1 (patch-aq) = 3a273c7742275647c2334382fed29c0ea33dfbd8 SHA1 (patch-lib_Mail_SpamAssassin_DnsResolver.pm) = 0ed96e5c35fdd1dacd27b4d29119206b1d3d1f58 @ 1.63 log @Make the DNSRBL based plug-ins work with version 0.76 or newer of the "p5-Net-DNS" package. Patch taken from the SVN repository. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.62 2014/04/26 13:55:10 tron Exp $ a17 1 SHA1 (patch-ay) = ca8ea0b1e6d8fddd29d6ae960e1bf6e534d2f424 @ 1.62 log @Update "spamassassin" package to version 3.4.0: This is a major release. It introduces over two years of bug fixes and features since the release of SpamAssassin 3.3.2 on June 16, 2011. 3.4.0 includes the Bayes Redis (http://redis.io/) back-end (bug 6879), EDNS0 changes (bug 6910), native IPv6 support, numerous URIBL.pm changes or features and a small API change in libspamc (bug 6562) with many other subtle changes. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.61 2013/12/04 15:14:19 jperkin Exp $ d19 1 @ 1.62.4.1 log @Pullup ticket #4509 - requested by tron mail/spamassassin: bug fix Revisions pulled up: - mail/spamassassin/Makefile 1.115 - mail/spamassassin/distinfo 1.63 - mail/spamassassin/patches/patch-lib_Mail_SpamAssassin_DnsResolver.pm 1.3 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Wed Oct 1 11:37:31 UTC 2014 Modified Files: pkgsrc/mail/spamassassin: Makefile distinfo Added Files: pkgsrc/mail/spamassassin/patches: patch-lib_Mail_SpamAssassin_DnsResolver.pm Log Message: Make the DNSRBL based plug-ins work with version 0.76 or newer of the "p5-Net-DNS" package. Patch taken from the SVN repository. To generate a diff of this commit: cvs rdiff -u -r1.114 -r1.115 pkgsrc/mail/spamassassin/Makefile cvs rdiff -u -r1.62 -r1.63 pkgsrc/mail/spamassassin/distinfo cvs rdiff -u -r0 -r1.3 \ pkgsrc/mail/spamassassin/patches/patch-lib_Mail_SpamAssassin_DnsResolver.pm @ text @d1 1 a1 1 $NetBSD$ a18 1 SHA1 (patch-lib_Mail_SpamAssassin_DnsResolver.pm) = 0ed96e5c35fdd1dacd27b4d29119206b1d3d1f58 @ 1.61 log @Apply backported patch for SpamAssassin bug#6937 which resolves some issues running with perl 5.18. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.60 2013/08/01 10:29:00 bouyer Exp $ d3 13 a15 14 SHA1 (Mail-SpamAssassin-3.3.2.tar.gz) = de954f69e190496eff4a796a9bab61747f03072b RMD160 (Mail-SpamAssassin-3.3.2.tar.gz) = 78e22ba6ba62a48fb7d24c40170124881b975fd9 Size (Mail-SpamAssassin-3.3.2.tar.gz) = 1208182 bytes SHA1 (Mail-SpamAssassin-rules-3.3.2-r1104058.tar.gz) = a199d5f0f8c2381e3dfe421e7a774356b3ffda4b RMD160 (Mail-SpamAssassin-rules-3.3.2-r1104058.tar.gz) = 22843725705aca9a7c773d9cca50d6eb30ca295c Size (Mail-SpamAssassin-rules-3.3.2-r1104058.tar.gz) = 258995 bytes SHA1 (Mail-SpamAssassin-rules-3.3.2-r1104058.tar.gz.asc) = 102cbd61d3d37243d17a48748fc468a1a4e91d05 RMD160 (Mail-SpamAssassin-rules-3.3.2-r1104058.tar.gz.asc) = 764ea0f583c370c3c11f7245005327afa6c19988 Size (Mail-SpamAssassin-rules-3.3.2-r1104058.tar.gz.asc) = 823 bytes SHA1 (Mail-SpamAssassin-rules-3.3.2-r1104058.tar.gz.sha1) = 13003cfad508bd45863e02711aaee041ab9bc30e RMD160 (Mail-SpamAssassin-rules-3.3.2-r1104058.tar.gz.sha1) = aa218d53eb3dda0737171f75d63b7a64f97c2930 Size (Mail-SpamAssassin-rules-3.3.2-r1104058.tar.gz.sha1) = 88 bytes SHA1 (patch-aa) = 0fff97dee1153332471aeadc2b96c357d1925f5c SHA1 (patch-ab) = 84ebc0f611365c00205a85cb84970772a0931ef8 a18 4 SHA1 (patch-ba) = 1842e3fc17b3d23309336e542635eeacb67461e8 SHA1 (patch-lib_Mail_SpamAssassin_AsyncLoop.pm) = a305fc866785905bcb6b65b013525cb130ddf4a3 SHA1 (patch-lib_Mail_SpamAssassin_Conf_Parser.pm) = bbb41a5667f88d485b027860973d205f6ccec0d1 SHA1 (patch-lib_Mail_SpamAssassin_DnsResolver.pm) = ec66585e49d1cfa5acfb6989508958a75a824bc5 d20 3 a22 3 SHA1 (patch-lib_Mail_SpamAssassin_PerMsgStatus.pm) = 9eb3a5135ab7f2ca3aa18686bad9bbe818bdf761 SHA1 (patch-lib_Mail_SpamAssassin_Util.pm) = 930b99127847057aeadf6c2c6c9558afec2ff2c8 SHA1 (patch-sa-update) = 893d8c2ebe68524b620a438f30e2b9ba764aaa6e @ 1.60 log @Add a patch from the svn repository (via https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6872). Fix sa-update with new p5-Net-DNS. Bump PKGREVISION @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.59 2013/07/24 16:17:02 drochner Exp $ d21 6 @ 1.59 log @as in sysutils/duplicity, add a "gnupg2" option which makes that gnupg2 is used rather than gnupg1 (off per default) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.58 2013/02/25 18:41:45 gdt Exp $ d21 1 @ 1.58 log @Adjust comment in rc.d script for moved file. From Jan Danielsson. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.57 2011/08/07 07:47:20 tron Exp $ d20 1 @ 1.58.4.1 log @Pullup ticket #4195 - requested by bouyer mail/spamassassin: bug fix patch Revisions pulled up: - mail/spamassassin/Makefile 1.109 - mail/spamassassin/distinfo 1.60 via patch - mail/spamassassin/patches/patch-sa-update 1.1 --- Module Name: pkgsrc Committed By: bouyer Date: Thu Aug 1 10:29:00 UTC 2013 Modified Files: pkgsrc/mail/spamassassin: Makefile distinfo Added Files: pkgsrc/mail/spamassassin/patches: patch-sa-update Log Message: Add a patch from the svn repository (via https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6872). Fix sa-update with new p5-Net-DNS. Bump PKGREVISION @ text @d1 1 a1 1 $NetBSD$ a19 1 SHA1 (patch-sa-update) = 893d8c2ebe68524b620a438f30e2b9ba764aaa6e @ 1.57 log @Update "spamassassin" package to version 3.3.2. Changes since version 3.3.1: This is a minor release, primarily to support perl-5.12 and later. Additionally several other minor bugs are fixed. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.56 2011/02/11 19:10:53 tnn Exp $ d15 1 a15 1 SHA1 (patch-aa) = 2715638de88d0a299a65919cbf0d573699307100 @ 1.56 log @Add a small tweak to the rc script: Make an effort to pick up spamd_flags from the rc configuration when not running on NetBSD/DragonFlyBSD. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.55 2010/10/06 21:27:30 pettai Exp $ d3 12 a14 12 SHA1 (Mail-SpamAssassin-3.3.1.tar.gz) = 8b32a857cc89c8d057442400bc00f33fd703ce06 RMD160 (Mail-SpamAssassin-3.3.1.tar.gz) = 154fb16de88b3cc9fac41f721af21b181a2368f3 Size (Mail-SpamAssassin-3.3.1.tar.gz) = 1196842 bytes SHA1 (Mail-SpamAssassin-rules-3.3.1.r923114.tgz) = 7aeeb7abb2d727bb35d3a0927a1390ad3cddad59 RMD160 (Mail-SpamAssassin-rules-3.3.1.r923114.tgz) = 9b6e17e05b3a323ba820ec2dc432d8b7dfc4d0ac Size (Mail-SpamAssassin-rules-3.3.1.r923114.tgz) = 255548 bytes SHA1 (Mail-SpamAssassin-rules-3.3.1.r923114.tgz.asc) = 3e11775118e0e4be5720fdc3b99661e187943fd8 RMD160 (Mail-SpamAssassin-rules-3.3.1.r923114.tgz.asc) = bc9c1755977c0b8677a3a8e700068f0e7288f434 Size (Mail-SpamAssassin-rules-3.3.1.r923114.tgz.asc) = 823 bytes SHA1 (Mail-SpamAssassin-rules-3.3.1.r923114.tgz.sha1) = 949b64216a6bb6833bd4f2ccab18b53719dda311 RMD160 (Mail-SpamAssassin-rules-3.3.1.r923114.tgz.sha1) = 8b6c82596c158e5e010643a4d16a987dcc65244c Size (Mail-SpamAssassin-rules-3.3.1.r923114.tgz.sha1) = 84 bytes a19 6 SHA1 (patch-bf) = 8b68125be019e84fbc9886e6624f518c2117dc66 SHA1 (patch-bg) = 29a06349f3f34b5f5de5142c6c0ec4b3e9e14cab SHA1 (patch-bh) = 3fb1753552819bf1ae47a0275aac237b684d8d78 SHA1 (patch-bi) = 896a0eb836bf9227454cd947c3b4f09f010c1c2a SHA1 (patch-bj) = 0ea3dd23fa5505e0ac8ecbb4b8cc84205b3c41d8 SHA1 (patch-bk) = b93142e01e6a25a0143676866a6b717ab5f96497 @ 1.55 log @Yet another perl 5.12.x error fix Oked by wiz@@ @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.54 2010/10/04 22:12:06 pettai Exp $ d15 1 @ 1.54 log @Added comments to the new patches, requested by wiz@@ @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.53 2010/10/03 21:53:17 pettai Exp $ d24 1 @ 1.53 log @Fixes for spamassassin running on perl 5.12.x See: https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6392 https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6396 Oked by wiz@@ @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.52 2010/03/24 21:41:10 heinz Exp $ d19 5 a23 5 SHA1 (patch-bf) = 16289fcab8f216bb8fe345d190046b17fc39b73b SHA1 (patch-bg) = c0756a98e2fd38ef06894abb14afba252a6276ea SHA1 (patch-bh) = 28cea16c76d7cfbeb78b8512b43453d5260be570 SHA1 (patch-bi) = 0c9bf5d790968dbcb711fce3bc51877314c982f4 SHA1 (patch-bj) = 11cd24cf7b88abbc52f520bd395e4c43d6443d22 @ 1.52 log @Updated to version 3.3.1. Pkgsrc changes: - Removed most of the package options; using the options framework for those choices was not quite correct in the first place. Some have now fixed values (Perl warnings and taint checks always enabled), some got converted to variables settable from the make command line, see options.mk. - pkglint complained about the variable PLIST_ADD so I renamed it to DYNAMIC_PLIST. - SpamAssassin does not come with rules anymore. As a starting point the official archive of rules at the time of the SA release is included. At installation time this set of rules gets installed through the pkgsrc INSTALL file. - Removed patch-ba and patch-bc, both were integrated upstream. - Removed patch-be. The quick fix for the bad rule was replaced by a permanent solution. Summary of major changes since 3.3.0 ==================================== bug 6335: add Spamhaus DBL as URIBL_DBL_SPAM rule Bug 6370: update ImageInfo plugin to latest release bug 6215, bug 6294: RCVD_IN_CSS rule was broken. the check_rbl_sub() syntax was incorrect, resulting in missing hits bug 6361: list 2tld and 3tld sub-domain hosters for URIBL/SURBL/DBL queries; NOTE for SARE users: This file replaces the SARE file http://www.rulesemporium.com/rules/90_2tld.cf, which will be deprecated as from 2010-05-01. Bug 6369, 6356, 6373: WIN32 support for spamd improved Bug 6267: Solaris 10 requires --syslog-socket=native bug 6304 spamd is spawning and killing processes too often - Added spamd adjustments to info level and more information for administrators + small fix to Makefile.PL Bug 6310: sa-learn --import gives Insecure dependency in open Bug 6313: -Q or -q AND -x should not result in creation of a ~/.spamassassin dir; plus: taint issues fixed Bug 6342: make test failure on if_can under perl 5.6 Bug 6340: Impossible to find user home directory of VPOPMAIL alias Bug 6072, 6343: POD warnings, documentation fixes Bug 6304 (trivial), reduce sysadmin's stress level by lowercasing the 'INTERRUPTED' in a logged message: spamd: handled cleanup of child pid [...] due to SIGCHLD: INTERRUPTED Bug 6329: POSIX::strftime in call under Win32 ActivePerl causes Perl to hang up; formatting option %e is not in a POSIX standard, use %d instead and edit Bug 6322: In DKIM ADSP eval test check_dkim_adsp() the '*' is handled incorrectly Bug 6327: Fix calling argument in utility used to determine DCC's homedir Bug 6316: DCC.pm, wrong options for dcc_proc, (plus: avoid a warning on undef in logger when dccifd socket is not provided) Bug 6287: improved DKIM plugin debugging Bug 6321 - _TOKENSUMMARY_ not working in 3.3.0 (Plugin/Bayes.pm looks-up a tag from wrong location) Bug 6312 - uninitialized value $start_time in spamd bug 5761: trivial doc fix: document SPAMD_LOCALHOST test-control env variable Summary of major changes since 3.2.5 ==================================== COMPATIBILITY WITH 3.2.5 - rules are no longer distributed with the package, but installed by sa-update - either automatically fetched from the network (preferably) or from a tar archive, which is available for downloading separately (see below, section INSTALLING RULES); - CPAN module requirements: - minimum required version of ExtUtils::MakeMaker is 6.17; - modules now required: Time::HiRes, NetAddr::IP (4.000 or later), Archive::Tar (1.23 or later), IO::Zlib; - minimal version of Mail::DKIM is 0.31 (preferred: 0.37 or later); expect some tests in t/dkim2.t to fail with versions older than 0.36_5; - no longer used: Mail::DomainKeys, Mail::SPF::Query; - either Digest::SHA or the older Digest::SHA1 is required, though note that the DKIM plugin requires Digest::SHA for sha256 hashes and Razor agents still need Digest::SHA1; - some IPv6 functionality requires IO::Socket::INET6; - if keeping the AWL database in SQL, the field awl.ip must be extended to 40 characters. The change is necessary to allow AWL to keep track of IPv6 addresses which may appear in a mail header even on non-IPv6 -enabled host. While at it, consider also adding a field 'signedby' to the SQL table 'awl' (and adding 'auto_whitelist_distinguish_signed 1' to local.cf); see sql/README.awl for details. The change need not be undone even if downgrading back to 3.2.* for some reason; - fixing a protocol implementation error regarding a PING command required bumping up the SPAMC protocol version to 1.5. Spamd retains compatibility with older spamc clients. Combining new spamc clients with pre-3.3 versions of a spamd daemon is not supported (but happens to work, except for the PING and SKIP commands); - if using one of the plugins (FreeMail, PhishTag, Reuse) which were previously not part of the official package, please retire your local copy to avoid it conflicting with a new native plugin; - as the plugin AWL is no longer loaded by default, to continue using it the following line is needed in one of the .pre files (e.g. local.pre): loadplugin Mail::SpamAssassin::Plugin::AWL - it may be worth mentioning that a rule DKIM_VERIFIED has been renamed to DKIM_VALID to match its semantics; - the DKIM plugin is now enabled by default for new installs, if the perl module Mail::DKIM is installed. However, installation of SpamAssassin will not overwrite existing .pre configuration files, so to use DKIM when upgrading from a previous release that did not use DKIM, a directive: loadplugin Mail::SpamAssassin::Plugin::DKIM will need to be uncommented in file "v312.pre", or added to some other .pre file, such as local.pre; - due to changes in some internal data structures (like Bug 6185, 6254), some third-party plugins may need to be updated. One such example is the ClamAVPlugin plugin - please find a fresh version, which can be used with both SpamAssassin versions 3.2.5 and 3.3.0, on its wiki page at http://wiki.apache.org/spamassassin/ClamAVPlugin - versions of amavisd-new between 2.5.2 and 2.6.1 (inclusive) are incompatible with SpamAssassin 3.3; please upgrade amavisd to 2.6.2 or later, or apply a workaround https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6257 - support for versions of perl 5.6.* is being gradually revoked (may still work, but no promises and no support); - preferred versions of perl are 5.8.8, 5.8.9, and 5.10.1 or later; - on FreeBSD, please avoid using multithreaded versions of perl older than 5.10.0 due to small default main thread's stack size, which may not suffice for some regular expression evaluations; INSTALLING RULES Rules are normally installed by running a sa-update command. The version of sa-update program should match the version of SpamAssassin modules, so invoking sa-update should be performed only after installing or upgrading SpamAssassin code, not before. Installing rules from network is done with a single command, normally run as root: sa-update Installing rules from files: obtain all the following files: Mail-SpamAssassin-rules-xxx.tgz Mail-SpamAssassin-rules-xxx.tgz.asc Mail-SpamAssassin-rules-xxx.tgz.md5 Mail-SpamAssassin-rules-xxx.tgz.sha1 (where xxx may look something like '3.3.0.r893295') install rules from a compressed tar archive: sa-update --install Mail-SpamAssassin-rules-xxx.tgz (sa-update will need corresponding .asc and .sha1 files with the same base name in the same directory as the .tgz file) MAIN NEW FEATURES - IPv6 support was substantially improved (see below); - many improvements to the DKIM plugin (understands author domain signatures, supports multiple signatures, ADSP support with overrides) - (see below); - added 'if can(Class::method)' conditional statement, allowing configuration settings to be conditional on plugin capabilities without requiring new version releases to do so; - added a --verbose option to the sa-update utility to show updated channels; - added a configuration option 'time_limit', defaulting to 300 seconds or whatever the caller (like spamd) provides; attempting to gracefully terminate the checking when a time limit is reached, reporting the score and test hits that were collected so far, along with an added hit on a rule TIME_LIMIT_EXCEEDED; - more expensive code sections are now instrumented with timing measurements; timing report is logged as a debug message by the end of processing, and made available to a caller and to 'add_header' directives through a TIMING tag; - added a configuration option skip_uribl_checks to the URIDNSBL plugin, cross-documented it with skip_rbl_checks; - preserve order of declared 'add_header' header fields; - configurable network mask length for the AWL plugin (see below); - added support for DCC reputations (see below); - improved error handling and robustness (see below); - added timestamps when logging on stderr; - allowed debug areas to be excluded from debugging, e.g.: -D all,norules,noconfig,nodcc BUILDING AND PACKAGING - rules are no longer distributed with the package, but installed by sa-update - Makefile.PL has been simplified and a bug fixed in a DESTDIR support by increasing the minimum required version of ExtUtils::MakeMaker to 6.17 - tools check_whitelist and check_spamd are now included in the distribution, now called 'sa-awl' and 'sa-check_spamd' WORKAROUNDS TO PERL BUGS AND LIMITATIONS - modified the Check.pm plugin to produce smaller chunks of source code from rules (60 kB) to avoid Perl compiler crashing on exceeding stack size; - localized global variables $1, $2, etc at several places, avoiding taint issue from propagating; - avoided Perl I/O bug by replacing line-by-line reading with read() where suitable, or played down the EBADF status in other places and only report it as a dbg instead of a die - while also providing a little speedup (10 .. 25 %) on reading a message; - provided a new sub Message::split_into_array_of_short_lines to split a text into array of paragraph chunks of sizes between 1 kB and 2 kB, giving less opportunity to runaway regular expressions in rules; fixes bugs: 5717, 5644, 5795, 5486, 5801, 5041; MEMORY FOOTPRINT - as a side-effect of compiling rules in smaller chunks (to avoid compiler crashes), virtual memory footprint of SpamAssassin is reduced; - saved some memory by not importing the Pod::Usage unless it is needed; - saved 350k+ of memory in sa-compile by replacing DynaLoader with XSLoader; - removed unneeded index from MySQL bayes_token table; IPv6 SUPPORT - added IPv6 support for trusted_networks, internal_networks, msa_networks, whitelist_from_rcvd, and other stuff that uses NetSet and the Received header field parser, using NetAddr::IP; - allowed usage of a remote dccifd host through an INET or INET6 socket; - added IPv6 support to AWL plugin and its utility modules; a network mask length is now configurable and defaults to /48, which controls what data is stored in an AWL database; - sql/README.awl and sql/awl_*.sql: increased suggested awl.ip field width to 40 characters to be able to hold IPv6 addresses; - IP_PRIVATE now includes ipv6 variants of private address space, as well as the ipv6-mapped ipv4 addresses. - NetSet now understands that ::ffff:192.168.1.2 and 192.168.1.2 are the same address; - IPv6 addresses are now properly read from Received header fields; - when reading Received header fields, the "IPv6:" prefix is stripped from IPv6 addresses, and "::ffff:" is removed from IPv6-mapped IPv4 addresses (so strings can match them as simply IPv4 addresses); - ::1/128 is always included in the trusted_networks/internal_networks set similar to 127.0.0.0/8; - some of the IPv6 functionality in SpamAssassin requires that a perl module IO::Socket::INET6 is available (like accessing a DNS resolver over inet6, talking to a dccifd host over inet6 socket, SPAMC protocol); SPAMC - Mail::SpamAssasin::Client ping may erroneously result in broken pipe; bump spamc protocol version to 1.5, updated spamd, spamc and Client.pm; - added -n / --connect-timeout switch to spamc, allowing to separate a connection timeout from communication timeout; - added --filter-retries and --filter-retry-sleep; - increased allowed line length in spamc.conf files to 8 KiB and report an error when the limit is exceeded; - fixed issue where spamc would not time out connections to a hung spamd; - spamc client library leaked the zlib compression buffer if compression is used; - spamc long option '--dest' was broken; SPAMD - when spamd is started with the daemonize option do not exit the parent until a child signals that it has logged the pid, to allow a wrapper script to simply continue immediately after starting spamd; - additional tempfile cleanup in kill_handler; - added SPAMD_LOCALHOST option to "make test" to allow specifying non-127.0.0.1 IP address for use in FreeBSD jail; API - adding one optional argument to Mail::SpamAssassin::parse allows caller to pass additional out-of-band information to SpamAssassin (such as a deadline time, DKIM verification results, information about a SMTP session, or dynamic rule hits); this information is made available to plugins and the rest of the code through a 'suppl_attrib' hash; - added option 'master_deadline' to the suppl_attrib argument of a Mail::SpamAssassin::parse method, allowing the caller to override a time_limit configuration setting; - Plugin::Check - pick up 'rule_hits' from caller via the new mechanism and call got_hit() on them; - simplified adding dynamic score hits and dynamic rules by plugins (such as AWL, CRM114, FuzzyOcr, Check) by letting got_hit() accept options tflags and description, and letting it store a supplied dynamic score for proper reporting; - let the timing breakdown information be accessible to a caller through the existing get_tag mechanism (tag TIMING); - let the generated header fields ('add_header' configuration options) be accessible to a caller through the existing get_tag mechanism (tags ADDEDHEADER, ADDEDHEADERHAM, ADDEDHEADERSPAM); RULES - rules are no longer distributed with the package; - new scores were generated by a genetic algorithm (GA) and then manually tweaked based on cleaned datasets supplied by a dozen volunteers; - dropped redundant rules or rules causing too many false positives; - added or updated many rules; incomplete list in no particular order: vbounce, lotsa_money, muchmoney, image spam, fill_this_form, FreeMail, European Parliament, HTML attachments, uri_obfu*, urinsrhsbl, urinsrhssub, urifullnsrhsbl, URI_OBFU_X9_WS, rDNS=localhost, INVALID_DATE_TZ_ABSURD, RCVD_IN_PSBL, FRT_VALIUM*, BOUNCE_MESSAGE, VBOUNCE_MESSAGE, __BOUNCE_UNDELIVERABLE, HELO_STATIC_HOST, FILL_THIS_FORM_FRAUD_PHISH, CHALLENGE_RESPONSE, DKIM_VALID, DKIM_VALID_AU, DKIM_ADSP_*, NML_ADSP_CUSTOM_{LOW,MED,HIGH}, __VIA_ML, MIME_BASE64_TEXT, LOTTO_URI, FORGED_MUA_THEBAT_BOUN, FORGED_MUA_THEBAT_CS, UNRESOLVED_TEMPLATE, __THEBAT_MUA, __ANY_OUTLOOK_MUA, RP_MATCHES_RCVD, one-word X-Mailer, SPAN rules, skype and misquoted-HTML rules, HTML obfuscation and Google feedproxy URI rules, advance_fee updates including further evolved advance fee second-order metarules, test rule for postmaster+abuse missing, FROM_MISSPACED, fixed FROM_CONTAINS_TAB, a Facebook redirector pattern, fixed FPs with TVD_SPACE_RATIO regarding one-word emails and ISO-2022-JP, added exclusion for __ISO_2022_JP_DELIM to OBFUSCATING_COMMENT, GAPPY_SUBJECT, PLING_QUERY and FM_FRM_RN_L_BRACK rules, RATWARE_BOUNDARY plus variant, superseded all previous RATWARE_OUTLOOK stuff, resolved FP in obfuscated URI rule, fixed breakage in tbird image rule, fixed SUBJECT_FUZZY_MEDS FP on unobfuscated "meds", added misspaced From header field rule, numeric+cctld URI rule, updated FH_DATE_PAST_20XX, ... - added PSBL blacklist - http://psbl.surriel.com/ - added support for http://www.spamhaus.org/css/ - replaces HABEAS, BSP and SSC with RP CERTIFIED; - use ReturnPath's RNBL, replacing SSBL; - added rule for plain text attachments with octet-stream MIME type; - avoided false positives on ISO-2022-JP messages in several rules; - removed massmailers from uridnsbl_skip_domain in 25_uribl.cf; - updated various default whitelists, uridnsbl_skip_domain, adsp_override, ... PLUGINS - new plugins: FreeMail, PhishTag, Reuse; - now enabled by default: DKIM; - now disabled by default: AWL; - retired plugin: DomainKeys; AWL PLUGIN - plugin AWL is now disabled by default; - added new configuration options auto_whitelist_ipv4_mask_len and auto_whitelist_ipv6_mask_len to allow more control on what part of an IP address is stored into an AWL database; - README.awl: increased a suggested awl.ip field width to 40 characters to support IPv6 addresses; - AutoWhitelist.pm: allowed storing a canonicalized IPv6 address, cropped to a configurable network mask (previously causing SQL server errors: 'value too long'); - let AWL with SQL keep separate records for DKIM-signed and unsigned mail (when auto_whitelist_distinguish_signed configuration option is true, and a field awl.signedby exists); - avoided a race condition in SQLBasedAddrList.pm when multiple processes try to insert-or-update an awl SQL record: trying INSERT first, and if that fails go for UPDATE; - gracefully handle NaN from corrupted database or a broken emulator or virtualizer; DCC PLUGIN - added support for DCC reputations, added setting dcc_rep_percent, new test check_dcc_reputation_range(), new tag DCCREP (DCC servers supply reputation data only to licensed clients); - allowed usage of a remote dccifd host through an INET or INET6 socket; DKIM PLUGIN - the DKIM plugin is now enabled by default for new installs if the perl module Mail::DKIM is installed. However, installing SpamAssassin will not overwrite existing .pre configuration files, so to use DKIM when upgrading from a previous release that did not use DKIM, the directive: loadplugin Mail::SpamAssassin::Plugin::DKIM will need to be uncommented in file "v312.pre", or added to some other .pre file, such as local.pre; - absolute minimal version of Mail::DKIM is 0.31; support for ADSP requires Mail::DKIM 0.34; a DNS test (and rule) for NXDOMAIN is operational since Mail::DKIM 0.36_5, so effectively the recommended version is Mail::DKIM 0.37 or later; - a perl module Digest::SHA is required if the DKIM plugin is enabled. If a perl module Digest::SHA is available, the module Digest::SHA1 becomes optional as far as SpamAssassin is concerned, but is still needed by Razor agents; - added support for multiple signatures (useful for whitelisting); - plugin now distinguishes author domain signatures from third party signatures (useful for whitelisting); - provides a tag DKIMIDENTITY (in addition to DKIMDOMAIN); - DKIM now supports Author Domain Signing Practices - ADSP (RFC 5617); - use the Mail::DKIM::AuthorDomainPolicy instead of Mail::DKIM::DkimPolicy, when available (since Mail::DKIM 0.34); - implements an 'adsp_override' configuration directive and adds an eval:check_dkim_adsp check, which is used by new DKIM_ADSP_* rules; - rules contain an initial set of 'adsp_override' directives, listing some of the more popular target domains for phishing (applicable only to domains which sign all their direct mail with a DKIM or DK signature); - this plugin can now re-use Mail::DKIM verification results if made available by a caller, which saves resources and makes it possible for SpamAssassin to work on a truncated large mail without breaking DKIM signatures; - check_dkim_signed and check_dkim_adsp eval rules can now take an optional list of domain names, which limits their action to listed domains only. It facilitates building DKIM-based rules for specific domains, without having to resort to meta rules; - draft-ietf-dkim-ssp-10/RFC-5617 made Author Domain Signature based on 'd': updated ADSP code accordingly; changed whitelisting code to be based on SDID ('d') instead of AUID ('i'); - Plugin/DKIM.pm: terminology changes in comments and logging according to RFC 5617 and draft-ietf-dkim-rfc4871-errata-07; BUG FIXES - fixed Rule2XSBody segfaults; - no longer treat user data as perl booleans (a string "0" is a false); - avoid data from the wild be interpreted as perl regular expressions; - ArchiveIterator: prevent _scan_directory from passing directories to _scan_file (on NFS it would fail with EISDIR on read(2); - fixed inserting the SpamAssassin -generated header fields after a multiline Return-Path header field; - fixed vpopmail support; - fixed incorrect mode bits when creating lock files for AWL; - fixed some cases where :addr headers were parsed incorrectly; - fixed leakage of 'whitelist_from_rcvd' entries between spamd users; - fixing run_and_catch, which failed to catch a non-timed run; - 127/8 isn't an illegal IP; - reworked the M::S::Timeout module to deal with nested timers as one would expect: an inner timer shouldn't be able to extend an outer timer's limit; account for time elapsed in the submitted subroutine when restarting an outer timer; reset() should have accounted for time already spent; deal with nested timed runs where alarm(0) does not provide remaining time; - the 'exists:' evaluator in HEADER rules now works as documented and tests for existence of a header field, instead of testing for a header field body being nonempty; internally, the pms->get can also now distinguish between empty and nonexistent header fields; - applied fixes to header fields parsing in several places: header field names are case-insensitive, whitespace is not required after a colon, obsolete rfc822 syntax allowed whitespace before a colon; VBounce: match "Received:" only at the beginning of a line; - fixed bugs 6237 and 6295: 1.0.0.0/8 and 2.0.0.0/8 are now valid allocated address ranges, fixed a corresponding rule RCVD_ILLEGAL_IP; - fixed bug 6205 comment 5 in URIDetail.pm; - 'pyzor_options' in Plugin/Pyzor.pm was not untainted; - made the URIDetail plugin taint safe; - fixed parsing of multi-line Received header fields for BOUNCE_MESSAGE/VBOUNCE_MESSAGE et al; - Bug 6206, Bug 2536: spamd: untaint directory as obtained from a password file or from vpopmail utilities, avoid implicit untainting; report error if user preferences file exists but cannot be accessed; - avoided using raw data from DNS as a regexp in Plugin/ASN.pm; - ensured the dbg() and info() calls always return the same value (true) regardless of log level; - suppressed logging of $& when its value is not available (i.e. when no regexp has been evaluated during rule evaluation); - Exporter never really worked in SA, was not enclosed in BEGIN {}; - masses/runGA and masses/mk-baseline-results: prevent a shell 'source' command from loading an unrelated file named 'config' which happens to be in the current PATH - must use a ./ in an arg to a 'source' command; ERROR HANDLING, ROBUSTNESS - improved error detection and reporting: test status of all system calls and I/O operations (or explicitly document where not), and report unexpected failures; - eval calls now check for eval result instead of testing the $@@, which is not always reliable; - localized $@@ and $! in DESTROY methods to prevent potential calls to eval and calls to system routines in code executed from a DESTROY method from clobbering global variables $@@ and $!; - Util::helper_app_pipe_open_unix: contain a failing exec with an eval to prevent additional cases of process cloning. The exec could fail this way when given tainted arguments; - Util::helper_app_pipe_open_unix: flush stdout and stderr before forking, otherwise an error reported by exec (such as 'insecure dependency') was lost in a buffer; - eval-protected an open($fh,'-|') to capture implied fork failures due to lack of system resource; - explicit untainting: combine "use re 'taint'" with untaint_var(), avoiding implicit perl untainting, along with workarounds to prevent it; - added 'use strict' where missing; - avoided a bunch of warnings on "Use of uninitialized value"; - clearly report reasons for helper application process failures; - t/SATest.pm: provide information about the process failure reason if a system() call fails; improved its reporting of failures; - improved error reporting in Plugin/DCC.pm on finding a DCC home directory to facilitate troubleshooting; OTHER CHANGES - pseudoheader "ALL:raw" returns a pristine header section, and pseudoheader "ALL" returns a cleaned header section - total rewrite of URI detection in plain text body; - many updates to the list of top level domains; - added 'util_rb_3tld', allowing 3-level TLDs to be listed in URIBLs and allowing new 3TLDs to be added from rule updates; - avoided trusted_networks bog down due to O(n^2) loop with millions of entries; - applied fixes to Plugin/VBounce.pm, updated VBounce ruleset; - added support for a 'Communigate Pro' Received header field; - parse Communigate Pro "with HTTPU" auth token; - let DependencyInfo.pm understand a concept of recommended module version, besides a required version; - provided a workaround for Net::DNS::Packet::new inconsistency; - let SpamAssassin use either Digest::SHA or Digest::SHA1, whichever is available (the Digest::SHA is now a base module since perl 5.10.0); - improved parsing of eval-type rules: allow unquoted domain names as arguments, disallow unmatched quotes; - provided a new module Mail::SpamAssassin::BayesStore::BDB. It should be treated as alpha-quality (needs more testing) and is not yet ready for production use; - exposed existing function 'received_within_months' as an eval function in Plugin/HeaderEval.pm; - moved rc script to /var/lock/subsys/spamd instead of /var/lock/subsys/spamassassin so 'service spamd status' will work; - added feature to re-download MIRRRORED.BY files at least once a week, or if 'sa-update --refreshmirrors' switch is used; - input delimiter $/ can be corrupted by a plugin, localize $/ and $\ before calling a plugin; - bumped the retry counter to 180 seconds for starting spamd on slow machines; - resolved Bug 5325: syslog severity level in spamc/libspamc.c for max message size (changed LOG_ERR into LOG_NOTICE for the message: "skipped message, greater than max message size"); - added checker to avoid taint warnings if hostname is returned as '(none)'; - altered sa-update to produce an error message if a channel doesn't exist; - Bug 6150, Bug 6127, Bug 5981, Bug 5950, Bug 6191: let spamd log/report a child process exit status or aborting condition in an informative way; - added checker to detect accidental match-everything regexps in rules; - updated garescorer for 3.3.0: use more epochs in GA runs for better scores; clarify some mass-check warning output, ensure rule name always appears at start of line; if a rule had no default/existing score in 50_scores.cf, don't tell the GA that 1.0 is an appropriate default value, instead pick the midway point of its score range. this produces better results; remove some dead code from masses/score-ranges-from-freqs; - set garescorer.c to report performance as iterations per second; - added test to ensure that all config settings are correctly handled when switching between users; added more config setting type metadata to enable those tests to work; and fix URIDetail to store config on the {conf} object, not on the plugin; - moved 'release tests' to xt/ directory; mirror long-running, net-tests and stress tests with xt/50_testname.t scripts to enforce their run before a release; - made numerous additional and updated self-tests; - added a Test::Perl::Critic release-test; - cleaned up some code based on suggestions by perl module Test::Perl::Critic, among others: . enable TestingAndDebugging::ProhibitNoStrict test but allow the use of 'no strict "refs"'; . deal with BuiltinFunctions::RequireGlobFunction; . deal with ControlStructures::ProhibitMutatingListFunctions removing this exception from xt/60_perlcritic.t; . deal with BayesStore/BDB.pm, Variables::ProhibitConditionalDeclarations . now that the module Time::HiRes is a required module, we can afford to replace a select() with Time::HiRes::sleep, and remove exception BuiltinFunctions::ProhibitSleepViaSelect from xt/60_perlcritic.t; - updated documentation, fixing numerous typos and mistakes in documentation text and in log messages; - extensively improved development process: . automated testing through Hudson, a continuous integration tool; . improved mass-check system and rules oversight; @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.51 2010/01/02 03:48:40 heinz Exp $ d19 5 @ 1.51 log @Added fix for bad rule FH_DATE_PAST_20XX, triggering for every message since 2010-01-01. Ok by agc@@. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.50 2010/01/01 13:55:32 heinz Exp $ d3 13 a15 4 SHA1 (Mail-SpamAssassin-3.2.5.tar.gz) = 14b1f6eae0221a152176f7f597f55581445e800a RMD160 (Mail-SpamAssassin-3.2.5.tar.gz) = 5a72a97d124e72ff4da1627982748377f1e34128 Size (Mail-SpamAssassin-3.2.5.tar.gz) = 1223706 bytes SHA1 (patch-ab) = debb4851d063404e0a59557603cc08b259050b26 a18 3 SHA1 (patch-ba) = ea6b8eac3d9475641725dc4aa1e7a4d31912a044 SHA1 (patch-bc) = 71fcf6297eacbd69a5c5d5b1911f648e4011ce3e SHA1 (patch-be) = 42b9975742834e836159b754f4a50a0d68d8ea75 @ 1.50 log @Starting with ExtUtils::MakeMaker 6.43 some public variables (esp. Recognized_Att_Keys) were made private, which broke SpamAssassin's (ab)use of those variables. For details see https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6131. Perl 5.10.1 includes ExtUtils::MakeMaker 6.55_2 and consequently building SpamAssassin 3.2.5 with DESTDIR support in pkgsrc does not work anymore. The fix changes the decision whether the used EU::MM module has good enough DESTDIR support to depend only on the version number (ie. mm_has_good_destdir is true) instead of the availability of the key 'DESTDIR' in the (now non-public) Recognized_Att_Keys hash. Ok to commit during freeze by wiz@@ @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.49 2008/06/22 22:41:01 heinz Exp $ d12 1 @ 1.49 log @Updated to version 3.2.5. Pkgsrc changes: - p5-DB_File is now required on all systems, even those where Perl already detects the native db-functions (dbopen,...) and thus provides DB_File. This should prevent subtle errors like the one in PR pkg/37751 at the price of installing an additional package. - Added explanation to patch-ay. - patch-bc was adapted to the changes for the path of compiled rulesets. - patch-bd is no longer necessary, the public key is now cross-verified. - shut up some warnings from pkglint regarding "set -e" and quoted variables. Changes since version 3.2.4: ============================ 3.2.5 is a minor bug-fix release. Summary of changes: - bug 5775: newer gpg versions require keys to be cross-certified (backsig). Did a cross-verify on our sa-update public key and re-exported. (If you are already seeing "GPG validation failed" errors from sa-update, see http://wiki.apache.org/spamassassin/SaUpdateKeyNotCrossCertified .) - bug 5899: add perl version string to the storage area for compiled rulesets, to avoid crashes when perl is upgraded between major versions (e.g perl 5.8.x to 5.10.0) and the ABI breaks - bug 5496, bug 5910: clear some FORGED_MUA_OUTLOOK false positives, particularly on the new-format Message-ID generated by the Outlook Express version used in Windows XP service pack 3 - bug 5730: when using Postgres >= 8.1.0 with Bayes, this error occurs: 'WARNING: nonstandard use of \ in a string literal at character'. fix, thanks to Tomasz Ostrowski - bug 5769: fix 'sa-compile: eval failed: Can't find label NO' error, caused in rare circumstances when sa-compile attempted to deal with rules written using 'replace_rules' features - bug 5858: fix circular reference memory leak caused by some messages - bug 5815: update 2TLD list to include .rs CCTLD - bug 4706: remove HG_HORMOME rules due to poor performance - bug 5835: typo in POD docs for SPF plugin; thanks to Benny Pedersen for fix - bug 5839: a missing or failed eval rule function could mistakenly count as a rule hit, fixed - trivial bugfix for the VBounce ruleset: __BOUNCE_FROM_DAEMON incorrectly used + instead of *, so some From addresses were not being recognised as bounce senders @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.48 2008/05/20 05:42:46 ghen Exp $ d6 1 a6 1 SHA1 (patch-ab) = 9872b4c3e6d34cb58f84081554eff49efcfc6a6a @ 1.48 log @Update sa-update PGP key to fix GnuGP 1.4.9 "cross-certified" error (see http://wiki.apache.org/spamassassin/SaUpdateKeyNotCrossCertified). Bump PKGREVISION. Ok with pkgsrc-security. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.47 2008/01/09 15:55:51 heinz Exp $ d3 3 a5 3 SHA1 (Mail-SpamAssassin-3.2.4.tar.gz) = 5c0e01831256518b27139507a4ded38e582d8649 RMD160 (Mail-SpamAssassin-3.2.4.tar.gz) = 00ebd0dfa544079524bbb0918cc21b644b26ecff Size (Mail-SpamAssassin-3.2.4.tar.gz) = 1219161 bytes d9 1 a9 1 SHA1 (patch-ay) = 7d805e7ef86e279a19e7d3d2f03e2227624317f8 d11 1 a11 2 SHA1 (patch-bc) = d12de1f4d4cf3b475275d15b3b8edc37e3b05405 SHA1 (patch-bd) = eeeef0000912bd39ff6d943729e8c68bc31225bb @ 1.47 log @Updated to version 3.2.4. Pkgsrc changes: - Due to "user-destdir" mode not working yet switched to "destdir" mode for the time being. - Explicitly listed licence information. - Listed submitted bug identifiers for patch-ba and patch-bc. Changes since version 3.2.3: ============================ 3.2.4 is a major bug-fix release, with a few minor new features. Summary of changes: - bug 5599: allow load distribution of SA nameserver queries across all nameservers listed in resolv.conf, using 'dns_options rotate'. thanks to Pawel Sasin - bug 5673: 'ALL' header was including spurious extra spaces between header names and values. fix - bug 5594: several major sa-compile fixes. major increase in overall speed; cache results between runs to further increase speed; and fix a danger of massive memory usage - bug 5556: fix a variety of sa-compile portability issues, and support for 5.6.x perls - bug 5514: make 'score set for a non-existent rule' a debug message, instead of a lint warning, since it's a very frequent FAQ - bug 5493: sa-compile fails to correctly deal with escaped backslashes. fix - bug 5672: remove DNS_FROM_SECURITYSAGE (DNSBL lookups against securitysage.com) due to unreliability - bug 5476: update Bonded Sender (now Sender Score Certified) rules, and add a rule for their strictly-confirmed-opt-in-required zone - bug 5538: remove FORGED_MUA_AOL_FROM and FORGED_AOL_TAGS entirely; they're obsolete, given the current capabilities of AOL mail user agents - bug 5632: remove all completewhois.com DNSBL lookups, site seems to have disappeared without warning - bug 5715: allow for more than one sa-update MIRRORED.BY file host in DNS, for redundancy - bug 5662: DKIM changes: recognize author signature and multiple signatures for whitelisting (with Mail::DKIM 0.29); disable useless "check_dkim_signsome"; new eval rules "check_dkim_valid_author_sig" and "check_dkim_valid" (an alias for a "check_dkim_verified" misnomer); new tags _DKIMIDENTITY_ and _DKIMDOMAIN_; updated terminology; verification speedup with Mail::DKIM 0.30 (or its pre-releases) - bug 5696: sa-compile: cut regexp base strings at Unicode high codepoints, to avoid corruption of patterns containing UTF-8 - bug 5637: bayes_file_mode is handled incorrectly when creating bayes.mutex, resulting in incorrect permissions on that file; fix by Mihaly Barasz - bug 5612: DB_File version 4.2.x has a bug that loops infinitely if files named '__db.{filename}' are present; work around. thanks to J. Nick Koston for the report and fix - bug 5606: too-early init_learner() call causes root's user prefs file to be read when spamd is started; this is inappropriate. fix - bug 4179: if allow_user_rules is 1, user rules are not unique to each user; one user's user rules can appear in later scans for other users that are run using the same spamd process. fix - bug 5680: ALL_TRUSTED can fire if a trusted MSA or webmail system receives the message from an untrusted X-Originating-IP: header. fix - bug 5626: in the 'spamassassin' script, install a signal handler for SIGHUP, SIGINT, SIGTERM and SIGPIPE to ensure that temporary files are removed - bug 5557: some temporary files are left not cleaned up on Windows; fix - bug 5661: speed up Bayes SQL queries by allowing the use of indexes when expiring - bug 5611: support 'spamd --nouser-config -u username', which setuids to 'username' but does not read user_prefs files from anywhere - bug 5665: spamd may fail to notice that a child has completed exiting, and keeps in the child list in state 'K', eventually filling up the child list with 'ghost' children. fix - bug 5735: spamc should allow retry_sleep 0 - bug 5728: spamd: require -u with --sql-config or --ldap-config - bug 5682: remove FH_HOST_ALMOST_IP, FH_HOST_EQ_D_D_D_D, due to false positives and redundancy with RDNS_DYNAMIC; remove FH_HOST_EQ_D_D_D_DB due to no hits - bug 5681: look up IP addresses found in 'X-Yahoo-Post-IP' and 'X-SenderIP' headers, too, thanks to Martin Blapp - Bug 5589: Refined async events handling and DNS lookup completions - bug 5586: RDNS_NONE has false positives if the MTA doesn't put the hostname in the Received header, like Communigate Pro. add an exception for this - bug 5748: fix locale problem with use of external sort in sa-compile @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.46 2007/08/26 17:26:51 heinz Exp $ d12 1 @ 1.46 log @Updated to version 3.2.3. Pkgsrc changes: - Added security/gnupg as a required package. Without it, sa-update does not work. - Added requirement for p5-INET6 which may be needed for IPv6 nameservers. Until now, this only worked because p5-Net-DNS already pulled in this package. - New option "inet6" (enabled by default) for switching off the requirement for p5-INET6. - Got rid of some backslashes in options.mk - patch-ba and patch-bc correct discrepancies between the man page and the code. Additionally, they adapt hard-coded paths to the actual installation. Submitted upstream. Relevant changes since version 3.2.1: ===================================== 3.2.3 is a major bug-fix release. Summary of changes: - bug 5574: fix new setuid code to work with perl 5.6.1, and to support DCC and Pyzor in all releases of perl - bug 5107: change default 'user_scores_ldap_username' to be the null string, allowing anonymous binding; fix 'schema' syntax error in LDAP config support - zeroing an 'eval' rule's score did not stop it running. fix, thanks to Richard Birkett - bug 5571: allow for new message ID format we have seen from Vista or Windows 2003 Server MAPI to avoid false positives - bug 5397: RDNS_DYNAMIC should never fire on a PTR with 'static' in it; thanks to Martin Blapp . bug 5563: RDNS_DYNAMIC rules use order-dependent fields where it is unsafe to depend on this, fix. bug 5564: __RDNS_DYNAMIC_IPADDR does not hit all of its test patterns, fix. - bug 5475: fix FORGED_MUA_AOL_FROM to allow <*@@{aol,cs}.*> addresses instead of just <*@@{aol,cs}.com> 3.2.2 is a minor bug-fix release. Summary of changes: - bug 5548: Certain mail input can take a long time to scan with 100% CPU utilisation, due to backtracking in a rule's regexp. fix - bugs 5510, 5518, 5529: fix 'make test' when running as root, needed for CPAN - bug 5419: kill -HUP of pidof spamd causes the ps name to change from spamd to perl. fixed - bug 5535: 'make test' errors in Windows caused by nonportable use of getpwuid - bug 5462: multiple DNS records for a host name should allow use of spamd -H for load balancing installs to work - bugs 5509, 5511: fix network lookup timeouts, where lookups were being lost once a timeout was hit; also fix code to match documentation on rbl_timeout's scaling and minimum duration of 1 second; and attempt to collect already-received DNS responses when the timeout is reached; improve related debugging output. Thanks to Mark Martinec - bugs 5412, 5478, 5522: Fix problems using the spamc -x option with certain other options; 'spamc -x -R' always returned 0, instead of the exit code, on error. Bug 5478: in addition, 'spamc -x -e /command' would still run the command, even if errors meant that the filtered text would be unavailable, which contradicted -x. - bug 5445: body eval tests defined in user_rules cause ugly 'Subroutine _eval_tests_type11_prineg400_set3 redefined' warnings - bug 5355: add in new entries for RegistrarBoundaries - bug 5515: libsslspamc.so & libsslspamc.so can not build without -fPIC, but we were picking up the wrong CFLAGS to do this. - bug 5501: zero score for FH_HAS_XID - bug 5449: allow_user_rules causes sa-compile / Rule2XSBody plugin to emit spurious warnings; fix. also, add a new 'user_conf_parsing_end' plugin hook, which is called after the per-user configuration is parsed - bug 5182: update the sa-learn doc to mention that -u is only usable w/ sql - bug 5534: fix harmless-but-ugly C compiler warning in sa-compile @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.45 2007/06/12 21:43:30 heinz Exp $ d3 3 a5 3 SHA1 (Mail-SpamAssassin-3.2.3.tar.gz) = 93337a5cf6cc6f4980307c08ad65575fa08d1f54 RMD160 (Mail-SpamAssassin-3.2.3.tar.gz) = 776ad00e8e23d31e9f5d563649d65c8e16a2de89 Size (Mail-SpamAssassin-3.2.3.tar.gz) = 1202082 bytes d10 2 a11 2 SHA1 (patch-ba) = 62c2b8f4d9a7e54dd405910f5bd04659d159f65d SHA1 (patch-bc) = 190cc25eb0e91c660e08448b2667b675df835d60 @ 1.45 log @Updated to version 3.2.1. Pkgsrc changes: - Added some comments to patch files. - Adapting patch-aq to changes in the README file. - Added forgotten direct requirement for p5-Compress-Zlib. - Since 3.2.0 at least version 3.43 of p5-HTML-Parser is needed. - Installation to DESTDIR is possible as root. - Substituted correct paths in spamc.pod (source file for spamc.1). - Added VARBASE to BUILD_DEFS to silence pkglint warnings. Changes since version 3.2.0: ============================ 3.2.1 is a major bug-fix release, including a potential local DoS. The major highlights are: - bug 5480: fix for CVE-2007-2873: a local user symlink-attack DoS vulnerability. It only affects systems where spamd is run as root, is used with vpopmail or virtual users via the "-v"/"--vpopmail" OR "--virtual-config-dir" switch, AND with the "-x"/"--no-user-config AND WITHOUT the "-u"/"--username" switch AND with the "-l"/"--allow-tell" switch. This is not default on any distro package, and is not a common configuration. More details of the vulnerability can be read at . - bug 5488: zero some rules causing false positives: FH_HOST_EQ_D_D_D_DB and FH_HOST_EQ_D_D_D_D. - bug 5257: re-raise autolearn ham threshold to 1.0; the lower value used in 3.2.0 was creating problems. - bug 5422: in spamd, deleting hash entries from the SIGCHLD signal handler is unsafe, causes corruption of the data structure, and results in 'prefork: ordered child N to accept, but they reported state '1', killing rogue' errors. fix. - bug 5102: tighten up regexp for FORGED_HOTMAIL_RCVD to avoid some FPs. - bug 5457: spamc build and test should handle not having zlib available. - bug 5379: spamd could crash at startup if its preloading temporary directory already exists. fix. - bug 4616: spamc config can cause command line options to be ignored. fix. - bug 5485: zero score DK/DKIM_POLICY_SIGNSOME rules since they'll always fire due to defaults (unless there's an explicit SIGNALL policy). - bug 5492: VBounce rule was looking in header instead of body for whitelisted relays. fix. - bug 5487: prevent multiple "urirhssub"s using the same zone from overwriting each other. - bug 5432 - Change default in Win32 build to not build spamc. - bug 5446: add --updatedir option to sa-compile and remove inaccurate re2c required version info from pod. - bug 5436: add omitted "ifplugin" statements to the configuration, which would otherwise cause lint errors if the default plugins were disabled. - bug 5477: prevent Rule2XSBody info message from appearing on stderr during spamd startup. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.44 2007/05/02 15:20:45 heinz Exp $ d3 3 a5 3 SHA1 (Mail-SpamAssassin-3.2.1.tar.gz) = fbb5f538238e188f985c8e6672dad531fa035eea RMD160 (Mail-SpamAssassin-3.2.1.tar.gz) = bec56e47aabfd16e5c537a83ca79ed5ccf006445 Size (Mail-SpamAssassin-3.2.1.tar.gz) = 1193561 bytes d10 2 @ 1.44 log @Updated to version 3.2.0. Pkgsrc changes: - Removed PKG_DESTDIR_SUPPORT until the issue with encoded ownership in +INSTALL files is resolved. - made pkglint shut up about some warnings (CONFIGURE_DIRS, BUILD_DIRS, hidden commands with @@) - parse-rules-for-masses has moved in the source archive. - The directories "masses" and "tools" are no longer distributed in the archive so I simplified the post-install target. - Since "tools" is gone, the post-extract: target is obsolete. - MESSAGE now points at sa-compile. - Spamc depends on zlib now, so we needed the appropriate buildlink3 file. Summary of changes since version 3.1.8: ======================================= * new behavior for trusted_networks/internal_networks: the 127.* network is now always considered trusted and internal, regardless of configuration. * bug 3109: short-circuiting of 'definite ham' or 'definite spam' messages based on individual short-circuit rules using the 'shortcircuit' setting, by Dallas Engelken . * bug 5305: implement 'msa_networks', for ISPs to specify their Mail Submission Agents, and extend network trust accordingly. * bug 4636: Add support for charset normalization, so rules can be written in UTF-8 to match text in other charsets. * sa-compile: compilation of SpamAssassin rules into a fast parallel-matching DFA, implemented in native code. * "tflags multiple": allow writing of rules that count multiple hits in a single message. * bug 4363: if a message uses CRLF for line endings, we should use it as well, otherwise stay with LF as usual; important for Windows users. * bug 4515: content preview was omitting first paragraph when no Subject: header was present. * The third-party modules used by sa-update are now required by the SpamAssassin package, instead of being optional. * Bug 5165: 'sa-update --checkonly' added to check for updates without applying them; thanks to * Bugs 4606, 4609: Adjust MIME parsing limits for nested multipart/* and message/rfc822 MIME parts. * bug 5295: add 'whitelist_auth', to whitelist addresses that send mail using sender-authorization systems like SPF, Domain Keys, and DKIM * Removed dependency on Text::Wrap CPAN module. * Received header parsing updates/fixes/additions. Spamc / spamd: * bug 4603: Mail::SpamAssassin::Spamd::Apache2 -- mod_perl2 module, implementing spamd as a mod_perl module, contributed as a Google Summer of Code project by Radoslaw Zielinski. * bug 3991: spamd can now listen on UNIX domain, TCP, and SSL sockets simultaneously. Command-line semantics extended slightly, although fully backwards compatibly; add the --ssl-port switch to allow TCP and SSL listening at the same time. * bug 3466: do Bayes expiration, if required, after results have been passed back to the client from spamd; this helps avoid client timeouts. * more complete IPv6 support. * spamc: Add '-K' switch, to ping spamd. * spamc: add '-z' switch, which compresses mails to be scanned using zlib compression; very useful for long-distance use of spamc over the internet. * bug 5296: spamc '--headers' switch, which scans messages and transmits back just rewritten headers. This is more bandwidth-efficient than the normal mode of scanning, but only works for 'report_safe 0'. * Bump spamd's protocol version to 1.4, to reflect new HEADERS verb used for '--headers'. Mail::SpamAssassin modules and API: * bug 4589: allow M::SA::Message to use IO::File objects to read in message (same as GLOB). * bug 4517: rule instrumentation plugin hooks, to measure performance, from John Gardiner Myers . * add two features to core rule-parsing code; 1. optional behaviour to recurse through subdirs looking for .cf/.pre's, to support rules compilers working on rulesrc dir. 2. call back into invoking code on lint failure, so rule compiler can detect which rules exactly fail the lint check. * bug 5206: detect duplicate rules, and silently merge them internally for greater efficiency. * bug 5243: add Plugin::register_method_priority() API, allowing plugins to control the relative ordering of plugin callbacks relative to other plugins' implementations. * Reduced memory footprint. Plugins: * bug 5236: Support Mail::SPF replacement for Mail::SPF::Query. * bug 5127: allow mimeheader :raw rules to match newlines and folded-header whitespace in MIME header strings. * bug 4770: add ASN.pm plugin, contributed by Matthias Leisi * bug 5271: move ImageInfo ruleset into 3.2.0 core rules, thanks to Dallas Engelken . * VBounce ruleset and plugin: detect spurious bounce messages sent by broken mail systems in response to spam or viruses. (Based on Tim Jackson's "bogus-virus-warnings.cf" ruleset.) * DomainKeys/DKIM: Mail::DKIM is now preferred over Mail::DomainKeys, since the latter module is no longer actively maintained, and Mail::DKIM can handle both DomainKeys and DKIM signatures. * DKIM: separate signature verification from fetching a policy: can save a DNS lookup for each unverified message by setting score to 0 for all policy-related rules (DKIM_POLICY_SIGNALL, DKIM_POLICY_SIGNSOME, and DKIM_POLICY_TESTING). (thanks to Mark Martinec) * DKIM: support testing flags in the public key, as well as in the policy record. (thanks to Mark Martinec) * DKIM: skip fetching a policy (SSP) if a signature does verify, according to draft-allman-dkim-ssp-02 (thanks to Mark Martinec) * Move rule functionality and checking into separate Check plugin, allowing third parties to implement alternative scanner core algorithms. * core EvalTests code moved into various plugins. * Plus lots of miscellaneous bug fixes. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.43 2007/02/15 21:43:43 heinz Exp $ d3 6 a8 6 SHA1 (Mail-SpamAssassin-3.2.0.tar.gz) = af3941ab4f9548107d06966780ba71f751ab0216 RMD160 (Mail-SpamAssassin-3.2.0.tar.gz) = b696fb16cf736c239328e009c686d9684a1d76f0 Size (Mail-SpamAssassin-3.2.0.tar.gz) = 1290995 bytes SHA1 (patch-ab) = 07bfa923f603a0cbc38f9a5d1538ce6126e788c9 SHA1 (patch-ae) = a75a2fa44a314bb01bf2accbab119c399767bbf6 SHA1 (patch-aq) = 495a3ac94a05129520e5d7018fdd56b6dad3c951 @ 1.43 log @Updated to version 3.1.8. Pkgsrc changes: - some cleanup of the Makefile to shut up a few pkglint notes and warnings (USE_TOOLS, SUBST_CLASSES). Changes since version 3.1.7: ============================ 3.1.8 is a major bug-fix release, including a potential DoS. The major highlights are: - bug 5318: fix for CVE-2007-0451: possible DoS due to incredibly long URIs found in the message content. - bug 5240: disable perl module usage in update channels unless --allowplugins is specified - bug 5288: files with names starting/ending in whitespace weren't usable - bug 5056: remove Text::Wrap related code due to upstream issues - bug 5145: update spamassassin and sa-learn to better deal with STDIN - bug 5140 and 5179: improvements and bug fixes related to DomainKeys and DKIM support - several updates for Received header parsing - several documentation updates and random taint-variable related issues @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.42 2006/10/10 18:39:27 heinz Exp $ d3 5 a7 5 SHA1 (Mail-SpamAssassin-3.1.8.tar.gz) = 08f81f72d8a783887cf815dfc55ea38e3582b966 RMD160 (Mail-SpamAssassin-3.1.8.tar.gz) = 9e1af7219e3d6c1297181748b85853b812d2cdc4 Size (Mail-SpamAssassin-3.1.8.tar.gz) = 1173847 bytes SHA1 (patch-ab) = df95d87a2f2e7af238c27c3d5468d9aad7eb000d SHA1 (patch-ae) = 1461b24978c75c394c607ae1d49cb49dd086b563 @ 1.43.2.1 log @Pullup ticket 2111 - requested by heinz security update for spamassassin - pkgsrc/mail/spamassassin/Makefile patch - pkgsrc/mail/spamassassin/distinfo patch Update to SpamAssassin 3.1.9 to fix a denial of service vulnerability. The package has been updated to SpamAssassin 3.2.1 on pkgsrc-HEAD but this major new version will not be pulled up to the stable branch. Changes in Spamassassin 3.1.9: - bug 5480: fix for CVE-2007-2873: a local user symlink-attack DoS vulnerability. It only affects systems where spamd is run as root, is used with vpopmail or virtual users via the "-v"/"--vpopmail" OR "--virtual-config-dir" switch, AND with the "-x"/"--no-user-config AND WITHOUT the "-u"/"--username" switch AND with the "-l"/"--allow-tell" switch. This is not default on any distro package, and is not a common configuration. More details of the vulnerability can be read at . - bug 5353 - meta rule parsing should handle not equal ("!=") syntax. - set the score for URI_TRUNCATED to 0.001. - bug 5337: change the start order for Fedora such that spamd starts before the MTA. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.43 2007/02/15 21:43:43 heinz Exp $ d3 3 a5 3 SHA1 (Mail-SpamAssassin-3.1.9.tar.gz) = 181e0ca4e0568bb51e955b8b8e4595313fb7de8b RMD160 (Mail-SpamAssassin-3.1.9.tar.gz) = a955d6dd67e3fb35808f375d1c60c733c665bdfe Size (Mail-SpamAssassin-3.1.9.tar.gz) = 1174156 bytes @ 1.42 log @Updated to version 3.1.7. Pkgsrc changes: - none Changes since version 3.1.6: ============================ 3.1.7 is a "quick-fix" release; it contains only a fix for one bug, introduced accidentally in 3.1.6: - bug 5119: if admins had set rule scores in the site configuration in /etc, sa-update would fail. Back out this change @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.41 2006/10/05 22:18:19 mrg Exp $ d3 3 a5 3 SHA1 (Mail-SpamAssassin-3.1.7.tar.gz) = 3d31eff0eb9a158fab308958d65cdca81b8944bc RMD160 (Mail-SpamAssassin-3.1.7.tar.gz) = b5e5cffdbcfba6e58346bdd51c8adba1547fcca4 Size (Mail-SpamAssassin-3.1.7.tar.gz) = 1168183 bytes @ 1.42.2.1 log @Pullup ticket 2031 - requested by taca security update for spamassassin - pkgsrc/mail/spamassassin/Makefile 1.78-1.79 - pkgsrc/mail/spamassassin/distinfo 1.43 Module Name: pkgsrc Committed By: ghen Date: Thu Feb 8 09:30:27 UTC 2007 Modified Files: pkgsrc/mail/spamassassin: Makefile Log Message: Put rule file updates in ${VARBASE}/spamassassin instead of ${VARBASE}. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: heinz Date: Thu Feb 15 21:43:43 UTC 2007 Modified Files: pkgsrc/mail/spamassassin: Makefile distinfo Log Message: Updated to version 3.1.8. Pkgsrc changes: - some cleanup of the Makefile to shut up a few pkglint notes and warnings (USE_TOOLS, SUBST_CLASSES). Changes since version 3.1.7: ============================ 3.1.8 is a major bug-fix release, including a potential DoS. The major highlights are: - bug 5318: fix for CVE-2007-0451: possible DoS due to incredibly long URIs found in the message content. - bug 5240: disable perl module usage in update channels unless --allowplugins is specified - bug 5288: files with names starting/ending in whitespace weren't usable - bug 5056: remove Text::Wrap related code due to upstream issues - bug 5145: update spamassassin and sa-learn to better deal with STDIN - bug 5140 and 5179: improvements and bug fixes related to DomainKeys and DKIM support - several updates for Received header parsing - several documentation updates and random taint-variable related issues @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.43 2007/02/15 21:43:43 heinz Exp $ d3 3 a5 3 SHA1 (Mail-SpamAssassin-3.1.8.tar.gz) = 08f81f72d8a783887cf815dfc55ea38e3582b966 RMD160 (Mail-SpamAssassin-3.1.8.tar.gz) = 9e1af7219e3d6c1297181748b85853b812d2cdc4 Size (Mail-SpamAssassin-3.1.8.tar.gz) = 1173847 bytes @ 1.41 log @update this to spamassassin 3.1.6. changes include: bug 5044: include local site config in sa-update lint checks bug 5048: --lint should not use network rules or AWL bug 5081: sometimes, SIGHUPing spamd would leave one child process still alive due to a race in the SIGHUP handler and the preforking code. fixed bug 5040: if in no-net scoreset, don't warn about net rules being zero-score dependencies of meta rules bug 5105: M::SA::Client doesn't always catch failed connection to spamd, fixed bug 5094: check for unit'd value used in AntiVirus.pm bug 5089: enable adding headers with single digit zero value bug 5077: fix false SPF_SOFTFAIL's when SPF queries timeout bug 5080: fix bug in update RCVD_ILLEGAL_IP evaltest to properly deal with 127/8 fix bug 5111: fix FORGED_JUNO_RCVD FP on webmail from untd.com's own systems bug 4940: _get_date_header_time() should try dates one at a time not all dates joined together bug 5098: add support for ecelerity Received headers, thanks to Joe Schaefer bug 4975: (trivial) avoid use of unit'd value in prefork warning message bug 4418: remove no longer useful HTML_WEB_BUGS and HTML_LINK_IMAGE_BUG rules bug 5101: fix bug in mbx code introduced in a backport of 3.2 AICache code try to work around horribleness when checking in the entire built tree for the website update procedure bug 5076: unescape hash characters in the config add my nagios plugin for monitoring spamd to contrib/ @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.40 2006/08/31 22:00:48 mrg Exp $ d3 3 a5 3 SHA1 (Mail-SpamAssassin-3.1.6.tar.gz) = fbf7e7aac113313da3f7357260d1a295ff275eef RMD160 (Mail-SpamAssassin-3.1.6.tar.gz) = 38b4d38889a3db93b46a9096c2d7c12fa8228a20 Size (Mail-SpamAssassin-3.1.6.tar.gz) = 1168266 bytes @ 1.40 log @update to spamassassin 3.1.5. relevant changes: bug 5018: update RegistrarBoundaries with new list of 2TLDs bug 5020: drop __OUTLOOK_DOLLARS_MSGID, replace with the superset rule __OE_MSGID_2 update replace_license_blocks, have it deal with C-style comments better, put a sample commandline in place bug 4492: bayes_ignore_header was case sensitive add logging, enable zmi and doc mass-checks bug 5049: allow commented lines in gpgkeyfile and channelfile files bug 4952: set a default value for DEF_RULES_DIR_, LOCAL_RULES_DIR, and LOCAL_STATE_DIR. this fixes an issue where third-party code which hasn't been updated to deal with LOCAL_STATE_DIR can still use updates. bug 4848: Pyzor, DCC, and SpamCop plugins weren't looking at the right place to see the 'dont_report_to_...' options bug 4843: skip text/calendar parts when generating the body text arrays bug 5013: deal octal obfuscation of IP addrs in URLs bug 5049: handle comments and whitespace in sa-update config files and fix an error in channel name validation bug 4981: remove broken urirhssub support for regexp subrule and make perldoc match the code bug 5060: backport ArchiveIterator changes for rule-QA system, namely: the AICache caching subsystem for faster mass-checks, support for combined --head/--tail semantics, more verbose 'showdots' to avoid buildbot timeouts, and a new intra-child IPC me chanism for multi-child mass-checks bug 5034: fix endless loop possible from bad input or network error bug 5065: implement whitelist_from_dk bug 4823: clarify M::SA::Plugin documentation @ text @d1 1 a1 1 $NetBSD$ d3 3 a5 3 SHA1 (Mail-SpamAssassin-3.1.5.tar.gz) = 672399ab2e600ba2ae19d71f77974dc27512e837 RMD160 (Mail-SpamAssassin-3.1.5.tar.gz) = 69687421671125da2678f50713ac67209a71096d Size (Mail-SpamAssassin-3.1.5.tar.gz) = 1162519 bytes @ 1.39 log @Updated to version 3.1.4. Pkgsrc changes: - Incorporated new version requirements for p5-Archive-Tar and p5-IO-Zlib. Relevant changes since version 3.1.3: ===================================== - bug 4941: if the first sa-update run failed and wasn't re-run to successful completion, the local state directory would exist, and therefore SA sees no rules. now, wait as long as possible to create the directory, and try to remove it on failure. - bug 4997: increase module version requirements for Archive::Tar to 1.23 and IO::Zlib to 1.04 - bug 4966: fix major BSMTP bug, which rendered SA unusable with exim4 when BSMTP is used. - bug 4899: Windows had issues with single quotes around filenames so certain things like pyzor, etc, wouldn't function. - bug 4958: sa-update should work on Windows - bug 4908: gtube.t test failed in non-english locales - bug 4488: deal with potential memory leak due to Bayes and BayesStore circular references - bug 4862: update macro values in update channels (ie: @@@@CONTACT_ADDRESS@@@@) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.38 2006/06/05 23:01:01 heinz Exp $ d3 3 a5 3 SHA1 (Mail-SpamAssassin-3.1.4.tar.gz) = df88c2e27c1c8ede60a1b967443a3b16cc74cd9f RMD160 (Mail-SpamAssassin-3.1.4.tar.gz) = 8aebcc9fa4ed0eafadab85eaafd2f7b488a7ff91 Size (Mail-SpamAssassin-3.1.4.tar.gz) = 1142066 bytes @ 1.38 log @Updated to version 3.1.3. Pkgsrc changes: - patch-bb for no longer necessary (integrated upstream). Changes since version 3.1.2: ============================ - bug 4926: given a certain set of parameters to spamd and a specially formatted input message, users could cause spamd to execute arbitrary commands as the spamd user - bug 4932: the userstate dir and userprefs file would not be created under certain conditions. @ text @d1 1 a1 1 $NetBSD$ d3 3 a5 3 SHA1 (Mail-SpamAssassin-3.1.3.tar.gz) = ed9e18fae6db86d0b77ce48d8262194e06df9ef8 RMD160 (Mail-SpamAssassin-3.1.3.tar.gz) = e0312b9a4920d01d28fc75f5e613fa0f3e8a5612 Size (Mail-SpamAssassin-3.1.3.tar.gz) = 1134662 bytes @ 1.37 log @Updated to version 3.1.2. Pkgsrc changes: - The updates for rule files go into $VARBASE/spamassassin/. - This above directory and the directory sa-update-keys for the GPG keys are now handled automatically by OWN_DIRS. - The growing number of *.pre files are managed in a loop in the Makefile. They are no longer contained in the static PLIST. - Removed some unnecessary trailing slashes. - Patching init.pre in order to disable the SPF plugin broke the spf.t test. This is now fixed, although in a rather ugly way :-/. - patch-ab no longer needs to use BSD_INSTALL_DATA_DIR because we create the directories through INSTALLATION_DIRS. - patch-ad and patch-az were removed (changes integrated upstream). - patch-bb fixes a small documentation error. - Fixed some warnings by pkglint about the SUBST framework in Makefile and options.mk. Relevant changes since version 3.1.1: ===================================== - bug 4802: implement DKIM plugin, including whitelist_from_dkim support - bug 3838: work around Perl bug causing captured RE variables to become tainted -- thanks to Mark Martinec for pointing out the bug with Perl itself - bug 4850: re-enable the Razor2 plugin by default due to a service policy change - bug 4826: Razor2 plugin needs to load Mail::SpamAssassin::Timeout module - bug 4827: M::SA::first_existing_path() would return the last array entry passed in if none of the paths were found. Now return undef instead and handle the error when it happens. - bug 4813: generally open RE causes sendmail received header get read in as qmail in error - bug 4839: Logger.pm converts control chars including tab into underscores which confuses a bunch of users when checking debug output. Convert tab into space instead, etc. - bug 4884: if a null message is passed in, there are several variables which end up undefined causing warnings. fake an empty message if no input is given. - bug 4793: when replacing tags in a message (_TAG_), leave the tags that don't exist alone instead of just removing them - bug 4861, 4760: handle dccifd and dccproc failover properly, backport relays_internal and relays_external code, backport bug 4760 fix so that it's not possible to be in internal_networks without being in trusted_networks as well - bug 4901: deal more properly with failures in bgsend(). also, use the proper variable to show when errors occur. - bug 4867: fetchmail changed header formats at some point making Received parsing fail in certain conditions - bug 4699: use M::SA::Timeout for spamd copy_config call and allow for empty $@@ values - bug 3754: if there's a problem opening a file via sa-learn or spamassassin, return an error exit value. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.36 2006/03/24 19:46:10 heinz Exp $ d3 3 a5 3 SHA1 (Mail-SpamAssassin-3.1.2.tar.gz) = ea5e1e9755e294ee9edb238144ac831602d10027 RMD160 (Mail-SpamAssassin-3.1.2.tar.gz) = a93937a50eddc0333a344a32029a14fdf783bf39 Size (Mail-SpamAssassin-3.1.2.tar.gz) = 1134784 bytes a9 1 SHA1 (patch-bb) = 1875f4e31e6b9bb06939a76c7cd1f485d2e58206 @ 1.36 log @Fixed one forgotten case of variable with underscore. This fixes PR pkg/33139 by Ben Colver. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.35 2006/03/13 21:11:57 heinz Exp $ d3 4 a6 5 SHA1 (Mail-SpamAssassin-3.1.1.tar.gz) = cda06e3d38d831521c59e50ec024e468b76035cb RMD160 (Mail-SpamAssassin-3.1.1.tar.gz) = 35e3ff6f8396a9057d9f12acf62a304410d60096 Size (Mail-SpamAssassin-3.1.1.tar.gz) = 1129275 bytes SHA1 (patch-ab) = e1cebc78255d3a72b75b2494f6539957742b0cea SHA1 (patch-ad) = f519e7675785f471404fbc78704af99b5b997de0 d10 1 a10 1 SHA1 (patch-az) = c3ebb9a7ef3e4324d312c1c0d6e3342dea058ca7 @ 1.36.2.1 log @Pullup ticket 1693 - requested by heinz security update for spamassassin Revisions pulled up: - pkgsrc/mail/spamassassin/Makefile 1.71, 1.72 - pkgsrc/mail/spamassassin/PLIST 1.19 - pkgsrc/mail/spamassassin/distinfo 1.37, 1.38 - pkgsrc/mail/spamassassin/options.mk 1.6 - pkgsrc/mail/spamassassin/patches/patch-ab 1.12 - pkgsrc/mail/spamassassin/patches/patch-ad removed - pkgsrc/mail/spamassassin/patches/patch-az removed Module Name: pkgsrc Committed By: heinz Date: Fri May 26 20:53:00 UTC 2006 Modified Files: pkgsrc/mail/spamassassin: Makefile PLIST distinfo options.mk pkgsrc/mail/spamassassin/patches: patch-ab Added Files: pkgsrc/mail/spamassassin/patches: patch-bb Removed Files: pkgsrc/mail/spamassassin/patches: patch-ad patch-az Log Message: Updated to version 3.1.2. Pkgsrc changes: - The updates for rule files go into $VARBASE/spamassassin/. - This above directory and the directory sa-update-keys for the GPG keys are now handled automatically by OWN_DIRS. - The growing number of *.pre files are managed in a loop in the Makefile. They are no longer contained in the static PLIST. - Removed some unnecessary trailing slashes. - Patching init.pre in order to disable the SPF plugin broke the spf.t test. This is now fixed, although in a rather ugly way :-/. - patch-ab no longer needs to use BSD_INSTALL_DATA_DIR because we create the directories through INSTALLATION_DIRS. - patch-ad and patch-az were removed (changes integrated upstream). - patch-bb fixes a small documentation error. - Fixed some warnings by pkglint about the SUBST framework in Makefile and options.mk. Relevant changes since version 3.1.1: ===================================== - bug 4802: implement DKIM plugin, including whitelist_from_dkim support - bug 3838: work around Perl bug causing captured RE variables to become tainted -- thanks to Mark Martinec for pointing out the bug with Perl itself - bug 4850: re-enable the Razor2 plugin by default due to a service policy change - bug 4826: Razor2 plugin needs to load Mail::SpamAssassin::Timeout module - bug 4827: M::SA::first_existing_path() would return the last array entry passed in if none of the paths were found. Now return undef instead and handle the error when it happens. - bug 4813: generally open RE causes sendmail received header get read in as qmail in error - bug 4839: Logger.pm converts control chars including tab into underscores which confuses a bunch of users when checking debug output. Convert tab into space instead, etc. - bug 4884: if a null message is passed in, there are several variables which end up undefined causing warnings. fake an empty message if no input is given. - bug 4793: when replacing tags in a message (_TAG_), leave the tags that don't exist alone instead of just removing them - bug 4861, 4760: handle dccifd and dccproc failover properly, backport relays_internal and relays_external code, backport bug 4760 fix so that it's not possible to be in internal_networks without being in trusted_networks as well - bug 4901: deal more properly with failures in bgsend(). also, use the proper variable to show when errors occur. - bug 4867: fetchmail changed header formats at some point making Received parsing fail in certain conditions - bug 4699: use M::SA::Timeout for spamd copy_config call and allow for empty $@@ values - bug 3754: if there's a problem opening a file via sa-learn or spamassassin, return an error exit value. --- Module Name: pkgsrc Committed By: heinz Date: Mon Jun 5 23:01:01 UTC 2006 Modified Files: pkgsrc/mail/spamassassin: Makefile distinfo Removed Files: pkgsrc/mail/spamassassin/patches: patch-bb Log Message: Updated to version 3.1.3. Pkgsrc changes: - patch-bb for no longer necessary (integrated upstream). Changes since version 3.1.2: ============================ - bug 4926: given a certain set of parameters to spamd and a specially formatted input message, users could cause spamd to execute arbitrary commands as the spamd user - bug 4932: the userstate dir and userprefs file would not be created under certain conditions. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.38 2006/06/05 23:01:01 heinz Exp $ d3 5 a7 4 SHA1 (Mail-SpamAssassin-3.1.3.tar.gz) = ed9e18fae6db86d0b77ce48d8262194e06df9ef8 RMD160 (Mail-SpamAssassin-3.1.3.tar.gz) = e0312b9a4920d01d28fc75f5e613fa0f3e8a5612 Size (Mail-SpamAssassin-3.1.3.tar.gz) = 1134662 bytes SHA1 (patch-ab) = df95d87a2f2e7af238c27c3d5468d9aad7eb000d d11 1 @ 1.35 log @Updated to version 3.1.1. Pkgsrc changes: - Generic option "online-tests" replaces "spamassassin-test-net". - Removed underscore from package-internal variables (pkglint complained). - patch-ay disables the SPF plugin to avoid confusing warnings in the log files. - patch-az fixes http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4826. Relevant changes since version 3.1.0: ===================================== - better validate a number of different configuration options - support new Mail::DomainKeys API, which changed incompatibly between 0.18 and 0.80 without warning - more properly handle new Received header formats - bug 4788: backport sa-update from 3.2 along with the local_state_dir code, etc. - bug 4760: strictly validate trusted/internal network configurations - bug 4696: consolidated fixes for timeout bugs - bug 3710: add timeout to connect so spamc -t works - bug 4363: if a message uses CRLF for line endings, use it for header rewrites as well - bug 4748: add ExpressionEngine and Google redirector patterns - bug 3815: add _RELAYCOUNTRY_ tag so that the RelayCountry plugin can put in the list of countries relayed through - bug 4090: x86_64 platforms (linux specifically) have an issue compiling libspamc.so causing RPM build failures - bug 4791: fix issue where perl would throw a UTF-8 warning for certain messages - bugs 4606, 4609: Adjust MIME parsing limits - bug 4780: fix IP_ADDRESS & LOCALHOST regexes to correctly parse IPv6 addresses - bug 4728: DUL rules should only use the last external IP, not all but the first of the external IPs - bug 4700: certain privileged configuration settings can inject code, due to a bad fix for bug 3846. Back that out @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.34 2005/11/22 13:03:22 rillig Exp $ d7 1 a7 1 SHA1 (patch-ad) = 11c1af471e1215b489749648657e2252af828b5d @ 1.34 log @Removed patch-ar again, as I have found a way to exploit it. Bumped PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.33 2005/11/22 10:35:00 rillig Exp $ d3 3 a5 3 SHA1 (Mail-SpamAssassin-3.1.0.tar.gz) = d887cbae5962cb03e45aaf71cd93881a27cccc99 RMD160 (Mail-SpamAssassin-3.1.0.tar.gz) = 20dc1b8befcc72545b6136e58a9fcce143480ccd Size (Mail-SpamAssassin-3.1.0.tar.gz) = 1185499 bytes d7 1 a7 1 SHA1 (patch-ad) = 1949ac07780ed2c10cdff77ce2ac9982d18a9559 d10 2 @ 1.33 log @Added patch-ar, which fixes a Perl error in tainted mode. Removed the checksum of the non-existant patch-ax from distinfo. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.32 2005/11/13 22:48:32 heinz Exp $ a9 1 SHA1 (patch-ar) = f25adfc8ec072a0c82a0710651a60847c6d4bcb7 @ 1.32 log @Updated to version 3.1.0. Pkgsrc changes: - p5-Storable is no longer a necessary. - Let DragonFlyBSD also use the rc.d script (patch-ad). - Sa-update needs p5-libwww (for LWP::UserAgent, HTTP::Date), p5-Archive-Tar and p5-IO-Zlib. - Many of the plugins are available as pkgsrc packages (p5-Mail-SPF-Query, p5-IP-Country, p5-Net-Ident, ...) but are not required. - Renamed some options to follow the naming conventions described in the pkgsrc guide. - Removed patch-ax again; it is already incorporated in 3.1.0. - Reworked DESCR to use less than 25 lines. - Removed SPAMASSASSIN_VERSION for clarity of DISTNAME and PKGNAME. - Prepended variables internal to the package with an underscore. - Rearranged MAKE_PARAMS alphabetically. - Simplified some internal variables (concatenation instead of substitution: _EGDIR, _DOCDIR,...) - Loop variables use all lower-case now. - Added a rule to lower score for mail from pkgsrc-bugs in netbsd_lists.cf. - The test t/spf.t (fails for SPF_HELO_*) has a know problem (SA Bug 4685). Relevant changes since version 3.0.4: ===================================== - Apache preforking algorithm adopted; number of spamd child processes is now scaled, according to demand. This provides better VM behaviour when not under peak load. - Inclusion of sa-update script which will allow for updates of rules and scores in between code releases. - added PostgreSQL, MySQL 4.1+, and local SDBM file Bayes storage modules. SQL storage is now recommended for Bayes, instead of DB_File. NDBM_File support has been dropped due to a major bug in that module. - detect legitimate SMTP AUTH submission, to avoid false positives on Dynablock-style rules. - new Advance Fee Fraud (419 scam) rules. - removed use of the Storable module, due to several reported hangs on SMP Linux machines. - Converted several rule/engine components into Plugins such as: AccessDB, AWL, Pyzor, Razor2, DCC, Bayes AutoLearn Determination, etc. - new plugins: DomainKeys (off by default), MIMEHeader: a new plugin to perform tests against header in internal MIME structure, ReplaceTags: plugin by Felix Bauer to support fuzzy text matching, WhiteListSubject: plugin added to support user whitelists by Subject header. - TextCat language guesser moved to a plugin. (This means "ok_languages" is no longer part of the core engine by default.) - Razor: disable Razor2 support by default per our policy, since the service is not free for non-personal use. It's trivial to reenable. - DCC: disable DCC for similar reasons, due to new license terms. - Net::DNS bug: high load caused answer packets to be mixed up and delivered as answers to the wrong request, causing false positives. worked around. - DNSBL lookups and other DNS operations are now more efficient, by using a custom single-socket event-based model instead of Net::DNS. - add support for accreditation services, including Habeas v2. - better URI parsing -- many evasion tricks now caught. - URIBL lookups are prioritized based on the location in the message the URI was found. - mass-check now supports reusing realtime DNSBL hit results, and sample-based Bayes autolearning emulation, to reduce complexity. - sa-learn, spamassassin and mass-check now have optional progress bars. - modify header ordering for DomainKeys compatibility, by placing markup headers at the top of the message instead at the bottom of the list. - spamd/spamc now support remote Bayes training, and reporting spam. - spamc now supports reading its flags from a configuration file using the -F switch, contributed by John Madden. - added SPF-based whitelisting. - Polish rules contributed by Radoslaw Stachowiak. - many rule changes and additions. @ text @d1 1 a1 1 $NetBSD$ d10 1 a10 1 SHA1 (patch-ax) = d874d0b0b03a90e2db1242ec6c2f99f60452abc4 @ 1.31 log @Added a patch to fix a potential DoS vulnerability (CVE-2005-3351). See http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4570 http://secunia.com/advisories/17386 @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.30 2005/06/19 22:29:35 heinz Exp $ d3 7 a9 6 SHA1 (Mail-SpamAssassin-3.0.4.tar.gz) = df37b629ab7b8a3fbb370c16537c59749eac1927 RMD160 (Mail-SpamAssassin-3.0.4.tar.gz) = a2c975585f20cd9dba09b645ef69993faed17fb4 Size (Mail-SpamAssassin-3.0.4.tar.gz) = 1001430 bytes SHA1 (patch-ab) = 36280764366900829205be94466a77662c422524 SHA1 (patch-ae) = 7d57eb154af72ea82cb8fdafd7277823e33b7dd5 SHA1 (patch-aq) = c918a738e0c7048183f5efbb0b7265d355ded7b3 @ 1.30 log @Update to version 3.0.4. This solves the update request in PR pkg/30452. No pkgsrc related changes. This release fixes a recently reported DoS vulnerability. Highlights of the release ------------------------- - Certain invalid "Content-Type" headers would cause SpamAssassin to incorrectly process parts of the message. - Certain long message headers could cause slowness when parsing the message. - Added in SURBL JP list. - URI anti-obfuscation updates. - Additional bug fixes. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.29 2005/04/29 08:48:40 heinz Exp $ d9 1 @ 1.30.4.1 log @Pullup ticket 919 - requested by Klaus Heinz security fix for spamassassin Revisions pulled up: - pkgsrc/mail/spamassassin/Makefile 1.61 - pkgsrc/mail/spamassassin/distinfo 1.31 - pkgsrc/mail/spamassassin/patches/patch-ax 1.1 Module Name: pkgsrc Committed By: heinz Date: Sun Nov 13 05:08:00 UTC 2005 Modified Files: pkgsrc/mail/spamassassin: Makefile distinfo Added Files: pkgsrc/mail/spamassassin/patches: patch-ax Log Message: Added a patch to fix a potential DoS vulnerability (CVE-2005-3351). See http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4570 http://secunia.com/advisories/17386 @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.31 2005/11/13 05:08:00 heinz Exp $ a8 1 SHA1 (patch-ax) = d874d0b0b03a90e2db1242ec6c2f99f60452abc4 @ 1.29 log @Updated to version 3.0.3. Merged the two rules in netbsd_lists.cf into one because problem reports mostly do not contain "x-send-pr" anymore. Disabled installation of netbsd_lists.cf in PKGSYSCONFDIR (it is still included in the "examples" directory). Changes since 3.0.2 =================== - Fixed possible memory bloat from large AutoWhitelist db files - Fixed where user defined rules scores became ignored - Updated parsing code for several Received: header formats - Increased some BAYES_* scores for the network+bayes score set - Document set_tag for Plugin API and added get_tag - Additional bug fixes. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.28 2005/02/24 09:59:29 agc Exp $ d3 3 a5 3 SHA1 (Mail-SpamAssassin-3.0.3.tar.gz) = e31407b68bf362dfe53814c0af867e8134c9808b RMD160 (Mail-SpamAssassin-3.0.3.tar.gz) = 2791749672268bd9f8fc3c992a829032d24243f3 Size (Mail-SpamAssassin-3.0.3.tar.gz) = 999558 bytes @ 1.28 log @Add RMD160 digests. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.27 2005/02/13 21:20:25 heinz Exp $ d3 3 a5 3 SHA1 (Mail-SpamAssassin-3.0.2.tar.gz) = be69e72c7351df46de3eeed811219adf35b2964d RMD160 (Mail-SpamAssassin-3.0.2.tar.gz) = 8570a849b78a2f83cb02b9cdcc2c0e92ad066b1b Size (Mail-SpamAssassin-3.0.2.tar.gz) = 996164 bytes @ 1.27 log @After changing the SUBST-stage to 'pre-configure' for 3.0.2, Makefile.PL was changed after perl5-configure had been run and the Makefile created. For some people, this resulted in a message Makefile out-of-date with respect to Makefile.PL at the build stage. Omitting the first substitution (sa1) and the corresponding part of patch-ab solved this. This patch had been unnecessary for some time anyway. This should resolve pkg/29255. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.26 2005/01/15 21:44:55 schmonz Exp $ d4 1 @ 1.26 log @Update to 3.0.2. From the changelog: This release detects legitimate SMTP AUTH submission, to avoid false positives on Dynablock-style rules. The URIDNSBL plugin has been fixed to honor the uridnsbl_max_domains config option. Various documentation and rule fixes. The ability to deal with 'rewrite_header Subject' markup when no Subject header exists. 'make test' failure on Solaris has been fixed. pkgsrc changes: * Use subst.mk in pre-configure, rather than post-patch, for easier regeneration of patches. OK'd by heinz@@. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.25 2004/11/08 17:07:23 mjl Exp $ d5 1 a5 1 SHA1 (patch-ab) = 0922036370c492b980a731f8b802ff0b26e0a604 @ 1.25 log @Update to 3.0.1. This is a minor maintenance release to 3.0.0 and the old archive was no longer available on the primary sites. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.24 2004/10/12 00:11:10 heinz Exp $ d3 5 a7 5 SHA1 (Mail-SpamAssassin-3.0.1.tar.gz) = a3aebae1bf3c97830e540c42dc64791787d966c9 Size (Mail-SpamAssassin-3.0.1.tar.gz) = 991250 bytes SHA1 (patch-ab) = 09c57aa31e4f82c90cbbaac637fcbed1c730f0aa SHA1 (patch-ae) = 26c0589002413030bbfbb31069c82007b8fd0cf5 SHA1 (patch-aq) = 04c46e41dc008bc3bde5bebef33174305fcf7b89 @ 1.24 log @Update to version 3.0.0. Tested on NetBSD 1.6.2, Solaris 9 and Debian 3.0. Important changes since 2.64 (for details see the file 'Changes') - support for sender authentication using the Sender Policy Framework (SPF) - checking for web links of known spam advertisers (SURBL) - modular plugin architecture - improved SQL database support for storing user data in server installations - improved email classification - SpamAssassin is now part of the Apache Foundation @ text @d1 1 a1 1 $NetBSD$ d3 2 a4 2 SHA1 (Mail-SpamAssassin-3.0.0.tar.gz) = d52c317483483874f2b7e5dd544094249bedbdad Size (Mail-SpamAssassin-3.0.0.tar.gz) = 1072046 bytes a7 3 SHA1 (patch-au) = bc3f794596ef9d9608f7bf9646c572ce5a2a4ff8 SHA1 (patch-av) = 4b19e112ec572543d5ac6ceacdf8c2af0a4f4e44 SHA1 (patch-aw) = b08f22607ce805e5e04718979f6cf57fce43e70f @ 1.23 log @Update to 2.64. This also includes the fix for PR pkg/26386 (problems with PKG_CONFIG=no). Summary of major changes since 2.63 ----------------------------------- - Security fix prevents a denial of service attack open to certain malformed messages; this DoS affects all SpamAssassin 2.5x and 2.6x versions to date. - Backported several very reliable rules from the SpamAssassin 3.0.0 codebase. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.22 2004/05/31 12:43:06 heinz Exp $ d3 8 a10 7 SHA1 (Mail-SpamAssassin-2.64.tar.gz) = 7d5776a7c462c849bc48f12a48ed82dc929ac06f Size (Mail-SpamAssassin-2.64.tar.gz) = 826989 bytes SHA1 (patch-ab) = 655f860a71fd6a1b7adb2cb5194fc9563ead9529 SHA1 (patch-ae) = 681f777fb9967d61b9886e10046258657f4f492a SHA1 (patch-ak) = 815602ef71c8e01e4cfc2b51a7ac3f2676bc0ecc SHA1 (patch-al) = 75c22289726d3c7e39834cd164ca9f2220969e9e SHA1 (patch-aq) = 4ecd178997dc7060099ddde6b606cc9e2c0addeb @ 1.22 log @Correct bad substitution of @@PREFIX@@ in spamd.raw @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.21 2004/01/21 22:19:30 heinz Exp $ d3 2 a4 2 SHA1 (Mail-SpamAssassin-2.63.tar.gz) = 6bab68dfd6a5238fc84360ce08249657bed4bab3 Size (Mail-SpamAssassin-2.63.tar.gz) = 828596 bytes @ 1.21 log @Update to 2.63. Tested on NetBSD and Solaris 8. Summary of major changes since 2.62 ----------------------------------- - Fixed bug related to perl 5.005 which stopped SpamAssassin from being runnable - Fixed bug where "spamassassin -l" parameter wouldn't be untainted before being used - Added caching of body rendering results so that the message wouldn't be rendered the same way multiple times unnecessarily. Summary of major changes since 2.61 ----------------------------------- - Fixed two bugs related to Received line generation and parsing. - Modified two rules to reduce false positives. - Fixed bug where spamd temporary init directory wasn't removed in some situations. - Modified HABEAS_SWE to function even if the Habeas headers were out of their normal order. - Fixed bug where reporting wouldn't remove message markup before being learned by Bayes. - Fixed bug where report_safe_copy_headers would reverse the order of the Received headers. - Fixed several bugs in the Bayes system caused by DB_File oddities. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.20 2003/12/27 19:16:04 heinz Exp $ d9 1 a9 1 SHA1 (patch-aq) = fc6d8c0040d0cb5eb4ddcfd8232ae69acadecdbe @ 1.20 log @Update to version 2.61 Summary of major changes since 2.60 ----------------------------------- - Dramatically reduced memory usage of Bayes expiry. - avoid false positives on Outlook 2003 messages, mails from Mac, Palm, and localized versions of Eudora, several AOL MUAs, and newer versions of The Bat! - new set of French translations from Michel Bouissou - updated to reflect new Dynablock DNSBL location - avoids a possible hole that was giving AWL bonuses to spammer forgeries on some networks - miscellaneous bug fixes @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.19 2003/12/02 12:36:00 grant Exp $ d3 3 a5 3 SHA1 (Mail-SpamAssassin-2.61.tar.gz) = da8f10c1c7eb91f2fced05366f4d792bcb6255ec Size (Mail-SpamAssassin-2.61.tar.gz) = 828154 bytes SHA1 (patch-ab) = ce949ca9247bd98a0f991e10ad35ac6ae7bf93b2 @ 1.19 log @print correct path to config files in spamd usage message. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.18 2003/12/01 16:04:40 heinz Exp $ d3 5 a7 5 SHA1 (Mail-SpamAssassin-2.60.tar.gz) = 5d42b39430da13443dd94e78a2dad6c2b1c7cb5a Size (Mail-SpamAssassin-2.60.tar.gz) = 963215 bytes SHA1 (patch-ab) = 9f9d17bd2416584a693ef4757b2211968581983e SHA1 (patch-ae) = 4067380489f19fcbe76da56aa53fe2c9cdd396ee SHA1 (patch-ak) = 1b4669ec7ba136234c7d4be73e7ddfedab523be8 d9 1 a9 4 SHA1 (patch-aq) = c8401a1e609707754b781a98358b2dd93638840e SHA1 (patch-ar) = afbe3fa1c9c6ce4fe6df1f006d784d90de67ff13 SHA1 (patch-as) = 80363811bd1b2a8cba6d579e1a5534c001fdd238 SHA1 (patch-at) = d0c2f35536c5b66c9d5de688d104209176249c41 @ 1.18 log @Remove DNSBL rules using *.easynet.nl (shut down today, see http://abuse.easynet.nl/dynablocker.html @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.17 2003/11/03 00:56:26 heinz Exp $ d6 1 a6 1 SHA1 (patch-ae) = e87cdced71467baccdc1b6b837a350c6fa7e596f @ 1.17 log @Update to version 2.60 (fixes PR pkg/23318): Summary of changes since 2.5x ----------------------------------- - spamd supports UNIX-domain sockets - SSL support for spamc/spamd now usable - improved Bayes text analysis - improved expiration of Bayes-DB - better detection of 'invisible text' and other obfuscation techniques in HTML - new RBL (eg SORBS, SpamCop, Osirusoft dropped) - better handling of RBL timeouts - support for Razor V1 dropped - more flexible header and report rewriting - Perl taint mode enabled by default - bug fixes - new rules @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.14 2003/05/22 11:41:02 abs Exp $ d10 3 @ 1.16 log @Since osirusoft is dead now, we should remove all reference to it from spamassassin. These patches remove all references to osirusoft from the rules files (perhaps leaving some of the comments a tad stale), but leaving information about them in the stats files. This bumps us to 2.55nb2. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.15 2003/06/08 01:11:38 heinz Exp $ d3 7 a9 18 SHA1 (Mail-SpamAssassin-2.55.tar.gz) = 35aa4f2264694b656154ed5732e4ffecde08c76a Size (Mail-SpamAssassin-2.55.tar.gz) = 700610 bytes SHA1 (patch-aa) = e952d36e1ff2963ff1d3240a1bc64df9cc7701d0 SHA1 (patch-ab) = cec0052f7e3628fea466fe3b3d3bd5035d858598 SHA1 (patch-ac) = 140bee9b6699e9685436b7e621f965937917587b SHA1 (patch-ad) = 055d499f89bd5ec7f5c86ce5884c8192df6085f8 SHA1 (patch-ae) = d0f709a8c664481023be93a874afa4033ed4736c SHA1 (patch-af) = 1c7a1c1490515c8d9c34c8dfddc3b11d87f4c700 SHA1 (patch-ag) = 89d0459d2234ed9333ef2e1a31a619a184250f29 SHA1 (patch-ah) = 810e0eb865774d63181a29ccc031d4c15924b750 SHA1 (patch-ai) = 736bff61ab2b9a87d36bc69acbc86f33fa4edf0d SHA1 (patch-aj) = 56f47fc996636114e319e62672cbdd5fa3d6a04d SHA1 (patch-ak) = b27761cc977c17eb64da216c7927d75fe3f86459 SHA1 (patch-al) = a5d0512e60e31778d7c93cc6167102eb0ee6cc1d SHA1 (patch-am) = 77414a49041b8b4763c7789be3a28ce7415ec008 SHA1 (patch-an) = 2d3fea38aa8fa04aff24b1eed0c61ee16072cd0a SHA1 (patch-ao) = 6bde456f5fddefc60d4f4e9b61b86d7e7eb3a96f SHA1 (patch-ap) = 97837a522b94cd365b23ce731d49c4f0aaecbdf2 @ 1.15 log @- include patch from SA CVS repository to fix a bug with 'spamassassin -r' learning a message without Message-Id as ham (see bugzilla #2030) - depend on p5-IO-Socket-SSL>=0.92 because of bugs in earlier versions - bump revision @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.14 2003/05/22 11:41:02 abs Exp $ d12 8 @ 1.14 log @Update spamassassin to 2.55 Many small changes since 2.53, but difficult to pick out anything significant. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.13 2003/04/15 00:02:24 heinz Exp $ d12 1 @ 1.13 log @ Update to version 2.53. This also closes PR pkg/21114 (thanks to Todd Vierling for dynamic PLIST) Most serious bugs since release of SA 2.50 fixed (hence the 'long' delay for the Pkgsrc package). Dependence on procmail removed. You still need a mail delivery agent but procmail is only a recommendation, not a prerequisite. Runs on Solaris (somewhat tested on Solaris 8, feedback welcome). Includes some SSL support for spamc/spamd. Not yet recommended due to lurking bug(s) (SA bugzilla ID 1751). Uses Perl module DB_File now instead of NDBM_File. This changes the name and format of the auto-whitelist database ('auto-whitelist' instead of 'auto-whitelist.db' on NetBSD). ! This release adds/changes/removes configuration options, PLEASE use ! ! 'perldoc Mail::SpamAssassin::Conf' and make sure your mail ! ! configuration still works as expected. ! ========================================================================== Changes since 2.52: - corruption of Bayes db where nspam/nham was getting zeroed, fixed. - Bayes now has much lower lock timeouts for opportunistic expiry and auto-learning, to avoid overloading busy servers with an expiry run. (This may result in occasional "lock failed" messages in the syslog while you're doing manual sa-learn ops, but those are not serious; it just means that an auto-learn could not take place because the dbs were opened by you in another process.) - NDBM_File does not provide an EXISTS method, worked around. - BSMTP support (spamc -B) fixed. - Bayes allowed the user to 'forget' messages they hadn't learned. - sa-learn broken when installed in a non-standard location. - spamc was failing to dump message if out of memory. - add-all-addrs-to-blacklist was a no-op, fixed. - syslog-socket support was broken, fixed. - sslspamc compilation fixed. - SIGCHLD handling in spamd was causing an ugly warning on Red Hat 8. - user_prefs were left world-writable after auto-whitelist use. - Razor was zeroing %ENV; protected against this. - some test failures on 5.005 and with Razor fixed; some tests were also still using the user's Bayes dbs. - Windows portability fix in new Bayes journal code. - dialup_codes now a privileged setting. - clean PATH env variable immediately upon spamd start; fixed problem with taint mode failures when getting hostname in Perl 5.005. - NetBSD: fixed SSL support, spamd start script. - single-Received-header mails were not getting DNSBL checks. - some doco fixes. Changes since 2.51: - bug 1664: expiry imposed way too much load when a single site-wide Bayes db was used, fixed - bug 1672: a typo in a backported patch for 2.51 caused Bayes to sometimes not unlock the db, fixed - INSTALL now strongly recommends using DB_File - some NetBSD support fixes - bug 1601: option --syslog-socket wasn't implemented - bug 1260: corrected description of --nocreate-prefs option Changes since 2.50: - Bayes locking and concurrency issues fixed - Bayes expiration was not working; fixed - spamd was not enabling Bayes after auto-learning without restart; fixed - safer way to attach spams, for broken mail clients, using 'report_safe 2' - a few doco cleanups Main changes since 2.4x: - Bayesian filtering, using a Bayesian-style form of probability-analysis classification. This uses an algorithm based on the one detailed in Paul Graham's 'A Plan For Spam' paper, along with aspects taken from Graham Robinson's work, and the chi-combining technique developed by the SpamBayes project. - Auto-learning. This trains the Bayesian filter automatically, based on the results from traditional SpamAssassin diagnosis. It uses a set of heuristics and separate thresholds to ensure (as much as is possible) that it trains on guaranteed non-spam and spam. Old, unused tokens are automatically expired. - much-improved rule set. A whole new set of rules based on Message-Id analysis is now in place, which accurately detects forged headers from a wide range of spamware. Many inaccurate rules have been dropped. HTML tests much improved, with a set to detect image-only spam. - new default format for detected-spam messages; the message is encapsulated as a MIME part, with a preview and the spam report in the main part of the message. - Score sets. Based on whether you are using just SpamAssassin rules, adding network tests, and using a trained Bayesian database, SpamAssassin will use a set of scores appropriately to gain the maximum degree of accuracy. - Italian, Polish, Spanish, French and German rule sets and translations. - Much improved reliability with spamd. The problems with signals have been cleared up thanks to a pipe-based child tracking system, and all spamd-hanging bugs reported have proved unreproducable. - Unicode problems with Red Hat 8 and perl 5.8 fixed. Works on Perl 5.005, 5.6.x, and 5.8.x. - Taint-safe. SpamAssassin runs with perl's taint-checking enabled for better security. - Razor 1 support is now officially deprecated. - "spamc -c" was not working, fixed. This fix required increasing the revision of the spamd protocol; only difference is that now more than one protocol header can appear in the reply from spamd. - all fixes from 2.44 included. @ text @d1 1 a1 1 $NetBSD$ d3 9 a11 10 SHA1 (Mail-SpamAssassin-2.53.tar.gz) = 568d8c05cea13c1daa0be9ba2cfcd99f60e660b8 Size (Mail-SpamAssassin-2.53.tar.gz) = 700518 bytes SHA1 (patch-ab) = 0283d2c289d933ee165648d15f70a6a05a7bfddf SHA1 (patch-ae) = 97f9691c71d35274a21dc5710e5cfb273ecb0f63 SHA1 (patch-aj) = a0e1f3d04d17ef7010214e9af4036c94c040a42e SHA1 (patch-ak) = 39dee2951b24b26f12150cd12efc3eee9c1ed569 SHA1 (patch-al) = fe02e20d8c3fec4dad2e70daad1d6fa5bd25cab6 SHA1 (patch-am) = 92c0263112b8d164d306b1563ad3d4e2a6d118c2 SHA1 (patch-an) = 1da8574e8cb74d0bec2918d61967fa236436f3eb SHA1 (patch-ao) = ea46624d614412f5eb259282f5ef6ff5f1229d95 @ 1.12 log @Remove incorrect 'free()' from libspamc.c (used in 'spamc'). Patch copied from stable branch of SA CVS repository. On other operating systems 'spamc' was reported to cause a core dump if 'spamd' was not running. At least NetBSD/i386 1.5.3 seems not to be as severely affected, I only got 'spamc in free(): warning: junk pointer, too high to make sense.'. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.11 2003/02/02 19:38:39 heinz Exp $ d3 10 a12 9 SHA1 (Mail-SpamAssassin-2.44.tar.gz) = f5f1289b2ce29ff656f83c5f90908a6abf486606 Size (Mail-SpamAssassin-2.44.tar.gz) = 525059 bytes SHA1 (patch-ab) = df905aebb1e374a549808a5b925fbf9511dc3333 SHA1 (patch-ac) = 229d234f56d113022f08d5b3250c4f12d6808636 SHA1 (patch-ad) = 41a0130905fe000613a963acd7bb7cc8e743469c SHA1 (patch-ae) = 4866c0c3d6478671d67d2a83548a0a1b9603b8e7 SHA1 (patch-ag) = 59ae0f4f338d17ede8a944c99b1ad5437a6694c0 SHA1 (patch-ah) = 5b2af5a9304857aaf4569414144e6b99066d73e2 SHA1 (patch-ai) = 02129dfc207ec05402a11e2e1c535e59953459b4 @ 1.11 log @Maintenance update to 2.44 Parts of patch-ag and patch-ah as well as complete patch-aa could be removed again, they are now included in SA 2.44 (see below). #### official release announcement ############### This is a bug-fix release, which fixes the following bugs: - Backport fix for Bug 1306: Possible buffer overflow in libspamc when running in BSMTP mode (patch 1.15 -> 1.18) - Backport workaround from Bug 526: Failed sanity check because of clobbered STDOUT (patch 1.147 -> 1.148) - Backport fix for Debian Bug 160206: Insufficient buffer in libspamc (patch 1.8 -> 1.9) - Backport fix for warnings in sed_path (patch 1.141 -> 1.142) - Backport fix for Bug 1127: Existing lowercase x-spam-status header kills SpamAssassin (patch 1.40 -> 1.41) - localized %ENV to fix problem where Razor2 erases the PATH so DCC and pyzor don't work, etc. Note that this is *not* 2.50, which offers Bayesian filtering etc. These bugs are already fixed in the 2.50 CVS tree, but that is not yet ready for release. This is a stable maintainance release only. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.10 2003/01/29 17:34:28 tron Exp $ d11 1 @ 1.10 log @Fix buffer overflow in "spamc" program can be remotely exploited. Bump package revision. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.9 2002/11/06 21:51:26 heinz Exp $ d3 2 a4 3 SHA1 (Mail-SpamAssassin-2.43.tar.gz) = ffe0f4d80ab2367bb3df856ec777bafb6ac7616e Size (Mail-SpamAssassin-2.43.tar.gz) = 538505 bytes SHA1 (patch-aa) = 734d63b947e934eee8809bbd0b643bc6232f193c d8 3 a10 3 SHA1 (patch-ae) = 579b1705a3c56b822b5665b2c97c9989e2867e24 SHA1 (patch-ag) = c712835745c8f435c5d7f19baed8bebcc657ccc6 SHA1 (patch-ah) = e2db3d8c1c877be712f11b0eca674097821e6dcc @ 1.9 log @Changed the rc.d script to account for different behaviour of load_rc_config in NetBSD 1.6. This resolves PR pkg/18928 by Frank Cusack (fcusack at fcusack com). The rc.d script is now called on 'shutdown'. Included fixes from SA CVS repository (2002-10-21) to minimize impact of Razor2 on the environment vector, especially PATH. Bumped PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.8 2002/10/20 20:09:05 heinz Exp $ d5 1 @ 1.8 log @Update to 2.43 Item 1) was already provided by 'inofficial' patch-af for 2.42 (now removed). Two new patches (-ag and -ah) from the SpamAssassin-current repository work around a roblem with razor2 timeouts. Logo 'ninjabutton.png' is now in the correct html directory. Official changes: 1) AWL change reverted; instead of decreasing the AWL bias gradually to allow frequently-seen addresses to get into the "nonspam" area, it now behaves like 2.31 did, in that the AWL simply represents the long-term average score from that correspondent. 2) core-dump bug in spamd worked around, _except for the "-m" switch_. The "-m" switch relies on signal handling in the Perl interpreter, which seems to have some bugs we cannot work around reliably on some platforms, so its use is no longer recommended. 3) some portability fixes for SunOS. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.7 2002/10/08 16:41:32 heinz Exp $ d7 1 a7 1 SHA1 (patch-ad) = 3aea245cbe066f34004e019ea1bee5c3f62afad3 d9 2 a10 2 SHA1 (patch-ag) = 1fab0e1a0cc6845f2928ef4983a961ae8f8186f6 SHA1 (patch-ah) = aa91d70524284ba445e7535e808ce7c5b14d09bb @ 1.7 log @- Setting PKG_SYSCONFBASE in /etc/mk.conf works now (Thanks to Urban Boquist). - Included fix for bad AWL behaviour which will also be in 2.50 (maybe 2.43) (ie AWL works the same again as in SA 2.31). This causes revision bump. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.6 2002/10/08 00:49:19 heinz Exp $ d3 3 a5 3 SHA1 (Mail-SpamAssassin-2.42.tar.gz) = 2a08e271c3496eaacf15a06369972d3395b9b70e Size (Mail-SpamAssassin-2.42.tar.gz) = 532504 bytes SHA1 (patch-ab) = 696c68944717aeac1046e2eddf6d3cff426ce58b d8 3 a10 2 SHA1 (patch-ae) = 55f46734f460abb1611e0df07ca8a6091ab2eb43 SHA1 (patch-af) = f6159bf019ae7af56c132e224c9dfd205f222145 @ 1.6 log @Update to 2.42. Uses buildlink2 and module.mk. Some perl scripts for rule developers (in PREFIX/share/doc/spamassassin/{masses,tools}/) and a small SpamAssassin logo (PREFIX/share/doc/spamassassin/html/) are now included. New netbsd_lists.cf file to reduce false positives on NetBSD lists (so far, only some rules for netbsd-bugs). Changes: - bug fixes - new, better scores (intensive testing was done to improve on 2.40 and 2.41) - netbsd rc.d script works now with NetBSD 1.5 and 1.6 - management of addresses in the automatic whitlist now easier with dedicated options (--add-addr-to-whitelist, --remove-addr-from-whitelist) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.5 2002/09/29 23:44:28 simonb Exp $ d9 1 @ 1.5 log @Update spamassassin to 2.41. Major changes include: - SpamAssassin now *REQUIRES* procmail for local delivery support; "-P" option is now the default. Unless you use procmail, Mail::Audit, KMail, or an MTA-level integration, do not upgrade blindly, your mail *WILL* spill all over the floor in a big mess. - significant speed increases, mostly from Matt Sergeant and Dan Quinlan - bugs in whitelist_to, all_spam_to and friends fixed - rules which were causing too many false-positives removed or fixed: DOUBLE_CAPSWORD, UPPERCASE_25_50, PARTIAL_RFC_2369, MSGID_CHARS_SPAM, many others - lots of rule fixes, and lots of new rules @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.4 2002/08/26 16:00:52 hubertf Exp $ d3 6 a8 3 SHA1 (Mail-SpamAssassin-2.41.tar.gz) = 197a9625c66bda0e18dac95f2e72a7e8c847c162 Size (Mail-SpamAssassin-2.41.tar.gz) = 518310 bytes SHA1 (patch-aa) = 79a9f8589d6a99979bd2ff5dc56aff7ff9654ac7 @ 1.4 log @Rename pkgsrc/mail/p5-Mail-Spamassassin to pkgsrc/mail/spamassassin. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.7 2002/07/23 02:07:07 wiz Exp $ d3 2 a4 2 SHA1 (Mail-SpamAssassin-2.31.tar.gz) = d43295b0e3e49c60e8f91f7f7645a40db04965f1 Size (Mail-SpamAssassin-2.31.tar.gz) = 370237 bytes @ 1.3 log @Rename pkgsrc/mail/p5-Mail-Spamassassin to pkgsrc/mail/spamassassin. @ text @@ 1.2 log @spamassassin is already present as p5-Mail-SpamAssassin (how obvious... NOT!) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.1 2002/08/24 19:46:39 hubertf Exp $ d5 1 @ 1.1 log @Initial revision @ text @d1 1 a1 1 $NetBSD$ @ 1.1.1.1 log @Add spamassassin-2.31: Spam identifier and blocker SpamAssassin is a mail filter which attempts to identify spam using text analysis and several internet-based realtime blacklists. Using its rule base, it uses a wide range of heuristic tests on mail headers and body text to identify "spam", also known as unsolicited commercial email. Once identified, the mail can then be optionally tagged as spam for later filtering using the user's own mail user-agent application. In its most recent test, SpamAssassin differentiated between spam and non-spam mail correctly in 99.94% of cases. Since then, it's just been getting better and better! @ text @@ 1.1.1.2 log @Rename pkgsrc/mail/p5-Mail-Spamassassin to pkgsrc/mail/spamassassin. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.7 2002/07/23 02:07:07 wiz Exp $ a4 1 SHA1 (patch-aa) = 79a9f8589d6a99979bd2ff5dc56aff7ff9654ac7 @