Commit graph

99 commits

Author SHA1 Message Date
tnn
ad6ceadd25 Per the process outlined in revbump(1), perform a recursive revbump
on packages that are affected by the switch from the openssl 0.9.7
branch to the 0.9.8 branch. ok jlam@
2008-01-18 05:06:18 +00:00
heinz
6998a6d94f Corrected name of Apache license. 2008-01-09 19:09:22 +00:00
heinz
fc868defc9 Updated to version 3.2.4.
Pkgsrc changes:
  - Due to "user-destdir" mode not working yet switched to "destdir" mode
    for the time being.
  - Explicitly listed licence information.
  - Listed submitted bug identifiers for patch-ba and patch-bc.

Changes since version 3.2.3:
============================
3.2.4 is a major bug-fix release, with a few minor new features. Summary of
changes:

- bug 5599: allow load distribution of SA nameserver queries across all
  nameservers listed in resolv.conf, using 'dns_options rotate'. thanks
  to Pawel Sasin <hannibal /at/ wp-sa.pl>

- bug 5673: 'ALL' header was including spurious extra spaces between header
  names and values.  fix

- bug 5594: several major sa-compile fixes.  major increase in overall speed;
  cache results between runs to further increase speed; and fix a danger of
  massive memory usage

- bug 5556: fix a variety of sa-compile portability issues, and support for
  5.6.x perls

- bug 5514: make 'score set for a non-existent rule' a debug message, instead
  of a lint warning, since it's a very frequent FAQ

- bug 5493: sa-compile fails to correctly deal with escaped backslashes.  fix

- bug 5672: remove DNS_FROM_SECURITYSAGE (DNSBL lookups against
  securitysage.com) due to unreliability

- bug 5476: update Bonded Sender (now Sender Score Certified) rules, and add
  a rule for their strictly-confirmed-opt-in-required zone

- bug 5538: remove FORGED_MUA_AOL_FROM and FORGED_AOL_TAGS entirely; they're
  obsolete, given the current capabilities of AOL mail user agents

- bug 5632: remove all completewhois.com DNSBL lookups, site seems to have
  disappeared without warning

- bug 5715: allow for more than one sa-update MIRRORED.BY file host in DNS,
  for redundancy

- bug 5662: DKIM changes: recognize author signature and multiple signatures
  for whitelisting (with Mail::DKIM 0.29); disable useless
  "check_dkim_signsome"; new eval rules "check_dkim_valid_author_sig" and
  "check_dkim_valid" (an alias for a "check_dkim_verified" misnomer); new
  tags _DKIMIDENTITY_ and _DKIMDOMAIN_; updated terminology; verification
  speedup with Mail::DKIM 0.30 (or its pre-releases)

- bug 5696: sa-compile: cut regexp base strings at Unicode high codepoints,
  to avoid corruption of patterns containing UTF-8

- bug 5637: bayes_file_mode is handled incorrectly when creating bayes.mutex,
  resulting in incorrect permissions on that file; fix by Mihaly Barasz

- bug 5612: DB_File version 4.2.x has a bug that loops infinitely if files
  named '__db.{filename}' are present; work around.  thanks to J. Nick
  Koston for the report and fix

- bug 5606: too-early init_learner() call causes root's user prefs file to
  be read when spamd is started; this is inappropriate. fix

- bug 4179: if allow_user_rules is 1, user rules are not unique to each
  user; one user's user rules can appear in later scans for other users
  that are run using the same spamd process. fix

- bug 5680: ALL_TRUSTED can fire if a trusted MSA or webmail system receives
  the message from an untrusted X-Originating-IP: header. fix

- bug 5626: in the 'spamassassin' script, install a signal handler for SIGHUP,
  SIGINT, SIGTERM and SIGPIPE to ensure that temporary files are removed

- bug 5557: some temporary files are left not cleaned up on Windows; fix

- bug 5661: speed up Bayes SQL queries by allowing the use of indexes when
  expiring

- bug 5611: support 'spamd --nouser-config -u username', which setuids to
  'username' but does not read user_prefs files from anywhere

- bug 5665: spamd may fail to notice that a child has completed exiting,
  and keeps in the child list in state 'K', eventually filling up the
  child list with 'ghost' children.  fix

- bug 5735: spamc should allow retry_sleep 0

- bug 5728: spamd: require -u with --sql-config or --ldap-config

- bug 5682: remove FH_HOST_ALMOST_IP, FH_HOST_EQ_D_D_D_D, due to false
  positives and redundancy with RDNS_DYNAMIC; remove FH_HOST_EQ_D_D_D_DB
  due to no hits

- bug 5681: look up IP addresses found in 'X-Yahoo-Post-IP' and
  'X-SenderIP' headers, too, thanks to Martin Blapp

- Bug 5589: Refined async events handling and DNS lookup completions

- bug 5586: RDNS_NONE has false positives if the MTA doesn't put the hostname
  in the Received header, like Communigate Pro. add an exception for this

- bug 5748: fix locale problem with use of external sort in sa-compile
2008-01-09 15:55:51 +00:00
heinz
25f347a546 Updated to version 3.2.3.
Pkgsrc changes:
  - Added security/gnupg as a required package. Without it, sa-update does not
    work.
  - Added requirement for p5-INET6 which may be needed for IPv6 nameservers.
    Until now, this only worked because p5-Net-DNS already pulled in this
    package.
  - New option "inet6" (enabled by default) for switching off the requirement
    for p5-INET6.
  - Got rid of some backslashes in options.mk
  - patch-ba and patch-bc correct discrepancies between the man page
    and the code. Additionally, they adapt hard-coded paths to the actual
    installation. Submitted upstream.

Relevant changes since version 3.2.1:
=====================================
3.2.3 is a major bug-fix release.  Summary of changes:

- bug 5574: fix new setuid code to work with perl 5.6.1, and to support DCC and
  Pyzor in all releases of perl

- bug 5107: change default 'user_scores_ldap_username' to be the null string,
  allowing anonymous binding; fix 'schema' syntax error in LDAP config support

- zeroing an 'eval' rule's score did not stop it running.  fix, thanks to
  Richard Birkett <richard+spamassassin at musicbox.net>

- bug 5571: allow for new message ID format we have seen from Vista or Windows
  2003 Server MAPI to avoid false positives

- bug 5397: RDNS_DYNAMIC should never fire on a PTR with 'static' in it; thanks
  to Martin Blapp <mbr at freebsd.org>.  bug 5563: RDNS_DYNAMIC rules use
  order-dependent fields where it is unsafe to depend on this, fix.  bug 5564:
  __RDNS_DYNAMIC_IPADDR does not hit all of its test patterns, fix.

- bug 5475: fix FORGED_MUA_AOL_FROM to allow <*@{aol,cs}.*> addresses instead
  of just <*@{aol,cs}.com>


3.2.2 is a minor bug-fix release.  Summary of changes:

- bug 5548: Certain mail input can take a long time to scan with 100% CPU
  utilisation, due to backtracking in a rule's regexp. fix

- bugs 5510, 5518, 5529: fix 'make test' when running as root, needed for CPAN

- bug 5419: kill -HUP of pidof spamd causes the ps name to change from spamd
  to perl. fixed

- bug 5535: 'make test' errors in Windows caused by nonportable use of
  getpwuid

- bug 5462: multiple DNS records for a host name should allow use of spamd -H
  for load balancing installs to work

- bugs 5509, 5511: fix network lookup timeouts, where lookups were being lost
  once a timeout was hit; also fix code to match documentation on
  rbl_timeout's scaling and minimum duration of 1 second; and attempt to
  collect already-received DNS responses when the timeout is reached; improve
  related debugging output. Thanks to Mark Martinec

- bugs 5412, 5478, 5522: Fix problems using the spamc -x option with certain
  other options; 'spamc -x -R' always returned 0, instead of the exit code, on
  error.  Bug 5478: in addition, 'spamc -x -e /command' would still run the
  command, even if errors meant that the filtered text would be unavailable,
  which contradicted -x.

- bug 5445: body eval tests defined in user_rules cause ugly 'Subroutine
  _eval_tests_type11_prineg400_set3 redefined' warnings

- bug 5355: add in new entries for RegistrarBoundaries

- bug 5515: libsslspamc.so & libsslspamc.so can not build without -fPIC, but
  we were picking up the wrong CFLAGS to do this.

- bug 5501: zero score for FH_HAS_XID

- bug 5449: allow_user_rules causes sa-compile / Rule2XSBody plugin to emit
  spurious warnings; fix.  also, add a new 'user_conf_parsing_end' plugin
  hook, which is called after the per-user configuration is parsed

- bug 5182: update the sa-learn doc to mention that -u is only usable w/ sql

- bug 5534: fix harmless-but-ugly C compiler warning in sa-compile
2007-08-26 17:26:50 +00:00
joerg
27c42def9a Full DESTDIR supports works fine. 2007-08-23 12:39:17 +00:00
heinz
9b4630baf1 Updated to version 3.2.1.
Pkgsrc changes:
  - Added some comments to patch files.
  - Adapting patch-aq to changes in the README file.
  - Added forgotten direct requirement for p5-Compress-Zlib.
  - Since 3.2.0 at least version 3.43 of p5-HTML-Parser is needed.
  - Installation to DESTDIR is possible as root.
  - Substituted correct paths in spamc.pod (source file for spamc.1).
  - Added VARBASE to BUILD_DEFS to silence pkglint warnings.

Changes since version 3.2.0:
============================
3.2.1 is a major bug-fix release, including a potential local DoS.  The
major highlights are:

- bug 5480: fix for CVE-2007-2873: a local user symlink-attack DoS
  vulnerability. It only affects systems where spamd is run as root, is used
  with vpopmail or virtual users via the "-v"/"--vpopmail" OR
  "--virtual-config-dir" switch, AND with the "-x"/"--no-user-config AND
  WITHOUT the "-u"/"--username" switch AND with the "-l"/"--allow-tell" switch.
  This is not default on any distro package, and is not a common configuration.
  More details of the vulnerability can be read at
  <http://spamassassin.apache.org/advisories/cve-2007-2873.txt>.

- bug 5488: zero some rules causing false positives: FH_HOST_EQ_D_D_D_DB and
  FH_HOST_EQ_D_D_D_D.

- bug 5257: re-raise autolearn ham threshold to 1.0; the lower value
  used in 3.2.0 was creating problems.

- bug 5422: in spamd, deleting hash entries from the SIGCHLD signal handler is
  unsafe, causes corruption of the data structure, and results in 'prefork:
  ordered child N to accept, but they reported state '1', killing rogue'
  errors.  fix.

- bug 5102: tighten up regexp for FORGED_HOTMAIL_RCVD to avoid some FPs.

- bug 5457: spamc build and test should handle not having zlib available.

- bug 5379: spamd could crash at startup if its preloading temporary directory
  already exists. fix.

- bug 4616: spamc config can cause command line options to be ignored. fix.

- bug 5485: zero score DK/DKIM_POLICY_SIGNSOME rules since they'll always fire
  due to defaults (unless there's an explicit SIGNALL policy).

- bug 5492: VBounce rule was looking in header instead of body for whitelisted
  relays. fix.

- bug 5487: prevent multiple "urirhssub"s using the same zone from overwriting
  each other.

- bug 5432 - Change default in Win32 build to not build spamc.

- bug 5446: add --updatedir option to sa-compile and remove inaccurate re2c
  required version info from pod.

- bug 5436: add omitted "ifplugin" statements to the configuration, which would
  otherwise cause lint errors if the default plugins were disabled.

- bug 5477: prevent Rule2XSBody info message from appearing on stderr during
  spamd startup.
2007-06-12 21:43:30 +00:00
heinz
0e23fea29c Updated to version 3.2.0.
Pkgsrc changes:
  - Removed PKG_DESTDIR_SUPPORT until the issue with encoded ownership in
    +INSTALL files is resolved.
  - made pkglint shut up about some warnings (CONFIGURE_DIRS, BUILD_DIRS,
    hidden commands with @)
  - parse-rules-for-masses has moved in the source archive.
  - The directories "masses" and "tools" are no longer distributed in the
    archive so I simplified the post-install target.
  - Since "tools" is gone, the post-extract: target is obsolete.
  - MESSAGE now points at sa-compile.
  - Spamc depends on zlib now, so we needed the appropriate buildlink3 file.

Summary of changes since version 3.1.8:
=======================================
 * new behavior for trusted_networks/internal_networks: the 127.* network
 is now always considered trusted and internal, regardless of configuration.

 * bug 3109: short-circuiting of 'definite ham' or 'definite spam' messages
 based on individual short-circuit rules using the 'shortcircuit' setting,
 by Dallas Engelken <dallase /at/ uribl.com>.

 * bug 5305: implement 'msa_networks', for ISPs to specify their Mail
 Submission Agents, and extend network trust accordingly.

 * bug 4636: Add support for charset normalization, so rules can be written
 in UTF-8 to match text in other charsets.

 * sa-compile: compilation of SpamAssassin rules into a fast parallel-matching
 DFA, implemented in native code.

 * "tflags multiple": allow writing of rules that count multiple hits in a
 single message.

 * bug 4363: if a message uses CRLF for line endings, we should use it as
 well, otherwise stay with LF as usual; important for Windows users.

 * bug 4515: content preview was omitting first paragraph when no Subject:
 header was present.

 * The third-party modules used by sa-update are now required by the
 SpamAssassin package, instead of being optional.

 * Bug 5165: 'sa-update --checkonly' added to check for updates without
 applying them; thanks to <anomie /at/ users.sourceforge.net>

 * Bugs 4606, 4609: Adjust MIME parsing limits for nested multipart/* and
 message/rfc822 MIME parts.

 * bug 5295: add 'whitelist_auth', to whitelist addresses that send mail
 using sender-authorization systems like SPF, Domain Keys, and DKIM

 * Removed dependency on Text::Wrap CPAN module.

 * Received header parsing updates/fixes/additions.

Spamc / spamd:

 * bug 4603: Mail::SpamAssassin::Spamd::Apache2 -- mod_perl2 module,
 implementing spamd as a mod_perl module, contributed as a Google Summer of
 Code project by Radoslaw Zielinski.

 * bug 3991: spamd can now listen on UNIX domain, TCP, and SSL sockets
 simultaneously.  Command-line semantics extended slightly, although fully
 backwards compatibly; add the --ssl-port switch to allow TCP and SSL
 listening at the same time.

 * bug 3466: do Bayes expiration, if required, after results have been
 passed back to the client from spamd; this helps avoid client timeouts.

 * more complete IPv6 support.

 * spamc: Add '-K' switch, to ping spamd.

 * spamc: add '-z' switch, which compresses mails to be scanned using
 zlib compression; very useful for long-distance use of spamc over the
 internet.

 * bug 5296: spamc '--headers' switch, which scans messages and transmits
 back just rewritten headers.  This is more bandwidth-efficient than the
 normal mode of scanning, but only works for 'report_safe 0'.

 * Bump spamd's protocol version to 1.4, to reflect new HEADERS verb used
 for '--headers'.

Mail::SpamAssassin modules and API:

 * bug 4589: allow M::SA::Message to use IO::File objects to read in
 message (same as GLOB).

 * bug 4517: rule instrumentation plugin hooks, to measure performance,
 from John Gardiner Myers <jgmyers /at/ proofpoint.com>.

 * add two features to core rule-parsing code; 1. optional behaviour to
 recurse through subdirs looking for .cf/.pre's, to support rules compilers
 working on rulesrc dir.  2. call back into invoking code on lint failure,
 so rule compiler can detect which rules exactly fail the lint check.

 * bug 5206: detect duplicate rules, and silently merge them internally
 for greater efficiency.

 * bug 5243: add Plugin::register_method_priority() API, allowing plugins
 to control the relative ordering of plugin callbacks relative to other
 plugins' implementations.

 * Reduced memory footprint.

Plugins:

 * bug 5236: Support Mail::SPF replacement for Mail::SPF::Query.

 * bug 5127: allow mimeheader :raw rules to match newlines and folded-header
 whitespace in MIME header strings.

 * bug 4770: add ASN.pm plugin, contributed by Matthias Leisi <matthias at
 leisi.net>

 * bug 5271: move ImageInfo ruleset into 3.2.0 core rules, thanks to
 Dallas Engelken <dallase /at/ uribl.com>.

 * VBounce ruleset and plugin: detect spurious bounce messages sent by
 broken mail systems in response to spam or viruses.  (Based on Tim
 Jackson's "bogus-virus-warnings.cf" ruleset.)

 * DomainKeys/DKIM: Mail::DKIM is now preferred over Mail::DomainKeys,
 since the latter module is no longer actively maintained, and Mail::DKIM
 can handle both DomainKeys and DKIM signatures.

 * DKIM: separate signature verification from fetching a policy: can save
 a DNS lookup for each unverified message by setting score to 0 for all
 policy-related rules (DKIM_POLICY_SIGNALL, DKIM_POLICY_SIGNSOME, and
 DKIM_POLICY_TESTING). (thanks to Mark Martinec)

 * DKIM: support testing flags in the public key, as well as in the policy
 record. (thanks to Mark Martinec)

 * DKIM: skip fetching a policy (SSP) if a signature does verify, according
 to draft-allman-dkim-ssp-02 (thanks to Mark Martinec)

 * Move rule functionality and checking into separate Check plugin, allowing
 third parties to implement alternative scanner core algorithms.

 * core EvalTests code moved into various plugins.

* Plus lots of miscellaneous bug fixes.
2007-05-02 15:20:45 +00:00
heinz
f0beff447b Updated to version 3.1.8.
Pkgsrc changes:
  - some cleanup of the Makefile to shut up a few pkglint notes and warnings
    (USE_TOOLS, SUBST_CLASSES).

Changes since version 3.1.7:
============================
3.1.8 is a major bug-fix release, including a potential DoS.  The major
highlights are:

- bug 5318: fix for CVE-2007-0451: possible DoS due to incredibly
  long URIs found in the message content.
- bug 5240: disable perl module usage in update channels unless
  --allowplugins is specified
- bug 5288: files with names starting/ending in whitespace weren't usable
- bug 5056: remove Text::Wrap related code due to upstream issues
- bug 5145: update spamassassin and sa-learn to better deal with STDIN
- bug 5140 and 5179: improvements and bug fixes related to DomainKeys
  and DKIM support
- several updates for Received header parsing
- several documentation updates and random taint-variable related issues
2007-02-15 21:43:43 +00:00
ghen
2abdf30253 Put rule file updates in ${VARBASE}/spamassassin instead of ${VARBASE}. Bump
PKGREVISION.
2007-02-08 09:30:27 +00:00
joerg
5dfaaf310b DESTDIR support. 2006-11-05 17:06:43 +00:00
heinz
81df7778da Updated to version 3.1.7.
Pkgsrc changes:
  - none

Changes since version 3.1.6:
============================
3.1.7 is a "quick-fix" release; it contains only a fix for one bug,
introduced accidentally in 3.1.6:

- bug 5119: if admins had set rule scores in the site configuration in
  /etc, sa-update would fail.  Back out this change
2006-10-10 18:39:27 +00:00
mrg
28c17719b0 update this to spamassassin 3.1.6. changes include:
bug 5044: include local site config in sa-update lint checks
bug 5048: --lint should not use network rules or AWL
bug 5081: sometimes, SIGHUPing spamd would leave one child process still alive due to a race in the SIGHUP handler and the preforking code.  fixed
bug 5040: if in no-net scoreset, don't warn about net rules being zero-score dependencies of meta rules
bug 5105: M::SA::Client doesn't always catch failed connection to spamd, fixed
bug 5094: check for unit'd value used in AntiVirus.pm
bug 5089: enable adding headers with single digit zero value
bug 5077: fix false SPF_SOFTFAIL's when SPF queries timeout
bug 5080: fix bug in update RCVD_ILLEGAL_IP evaltest to properly deal with 127/8 fix
bug 5111: fix FORGED_JUNO_RCVD FP on webmail from untd.com's own systems
bug 4940: _get_date_header_time() should try dates one at a time not all dates joined together
bug 5098: add support for ecelerity Received headers, thanks to Joe Schaefer <joe+gmane at sunstarsys.com>
bug 4975: (trivial) avoid use of unit'd value in prefork warning message
bug 4418: remove no longer useful HTML_WEB_BUGS and HTML_LINK_IMAGE_BUG rules
bug 5101: fix bug in mbx code introduced in a backport of 3.2 AICache code
try to work around horribleness when checking in the entire built tree for the website update procedure
bug 5076: unescape hash characters in the config
add my nagios plugin for monitoring spamd to contrib/
2006-10-05 22:18:19 +00:00
mrg
4c9f1dc3a8 update to spamassassin 3.1.5. relevant changes:
bug 5018: update RegistrarBoundaries with new list of 2TLDs
	bug 5020: drop __OUTLOOK_DOLLARS_MSGID, replace with the superset
	rule __OE_MSGID_2
	update replace_license_blocks, have it deal with C-style comments
	better, put a sample commandline in place
	bug 4492: bayes_ignore_header was case sensitive
	add logging, enable zmi and doc mass-checks
	bug 5049: allow commented lines in gpgkeyfile and channelfile files
	bug 4952: set a default value for DEF_RULES_DIR_, LOCAL_RULES_DIR,
	and LOCAL_STATE_DIR.  this fixes an issue where third-party code
	which hasn't been updated to deal with LOCAL_STATE_DIR can still
	use updates.
	bug 4848: Pyzor, DCC, and SpamCop plugins weren't looking at the
	right place to see the 'dont_report_to_...' options
	bug 4843: skip text/calendar parts when generating the body text
	arrays
	bug 5013: deal octal obfuscation of IP addrs in URLs
	bug 5049: handle comments and whitespace in sa-update config files
	and fix an error in channel name validation
	bug 4981: remove broken urirhssub support for regexp subrule and
	make perldoc match the code
	bug 5060: backport ArchiveIterator changes for rule-QA system,
	namely: the AICache caching subsystem for faster mass-checks, support
	for combined --head/--tail semantics, more verbose 'showdots' to
	avoid buildbot timeouts, and a new intra-child IPC me chanism for
	multi-child mass-checks
	bug 5034: fix endless loop possible from bad input or network error
	bug 5065: implement whitelist_from_dk
	bug 4823: clarify M::SA::Plugin documentation
2006-08-31 22:00:48 +00:00
heinz
dd0521e542 Updated to version 3.1.4.
Pkgsrc changes:
  - Incorporated new version requirements for p5-Archive-Tar and p5-IO-Zlib.

Relevant changes since version 3.1.3:
=====================================

- bug 4941: if the first sa-update run failed and wasn't re-run to successful
  completion, the local state directory would exist, and therefore SA sees no
  rules.  now, wait as long as possible to create the directory, and try to
  remove it on failure.
- bug 4997: increase module version requirements for Archive::Tar to 1.23 and
  IO::Zlib to 1.04
- bug 4966: fix major BSMTP bug, which rendered SA unusable with exim4 when
  BSMTP is used.
- bug 4899: Windows had issues with single quotes around filenames so certain
  things like pyzor, etc, wouldn't function.
- bug 4958: sa-update should work on Windows
- bug 4908: gtube.t test failed in non-english locales
- bug 4488: deal with potential memory leak due to Bayes and BayesStore
  circular references
- bug 4862: update macro values in update channels (ie: @@CONTACT_ADDRESS@@)
2006-07-31 21:10:59 +00:00
heinz
114a49a67a Updated to version 3.1.3.
Pkgsrc changes:
  - patch-bb for no longer necessary (integrated upstream).

Changes since version 3.1.2:
============================
- bug 4926: given a certain set of parameters to spamd and a specially
  formatted input message, users could cause spamd to execute arbitrary
  commands as the spamd user
- bug 4932: the userstate dir and userprefs file would not be created
  under certain conditions.
2006-06-05 23:01:01 +00:00
heinz
866a921260 Updated to version 3.1.2.
Pkgsrc changes:
  - The updates for rule files go into $VARBASE/spamassassin/.
  - This above directory and the directory sa-update-keys for the GPG keys
    are now handled automatically by OWN_DIRS.
  - The growing number of *.pre files are managed in a loop in the Makefile.
    They are no longer contained in the static PLIST.
  - Removed some unnecessary trailing slashes.
  - Patching init.pre in order to disable the SPF plugin broke the spf.t
    test. This is now fixed, although in a rather ugly way :-/.
  - patch-ab no longer needs to use BSD_INSTALL_DATA_DIR because we create
    the directories through INSTALLATION_DIRS.
  - patch-ad and patch-az were removed (changes integrated upstream).
  - patch-bb fixes a small documentation error.
  - Fixed some warnings by pkglint about the SUBST framework in Makefile
    and options.mk.

Relevant changes since version 3.1.1:
=====================================

- bug 4802: implement DKIM plugin, including whitelist_from_dkim support
- bug 3838: work around Perl bug causing captured RE variables to become
  tainted -- thanks to Mark Martinec for pointing out the bug with
  Perl itself
- bug 4850: re-enable the Razor2 plugin by default due to a service
  policy change
- bug 4826: Razor2 plugin needs to load Mail::SpamAssassin::Timeout module
- bug 4827: M::SA::first_existing_path() would return the last array
  entry passed in if none of the paths were found.  Now return undef
  instead and handle the error when it happens.
- bug 4813: generally open RE causes sendmail received header get read
  in as qmail in error
- bug 4839: Logger.pm converts control chars including tab into
  underscores which confuses a bunch of users when checking debug output.
  Convert tab into space instead, etc.
- bug 4884: if a null message is passed in, there are several variables
  which end up undefined causing warnings.  fake an empty message if no
  input is given.
- bug 4793: when replacing tags in a message (_TAG_), leave the tags
  that don't exist alone instead of just removing them
- bug 4861, 4760: handle dccifd and dccproc failover properly, backport
  relays_internal and relays_external code, backport bug 4760 fix so
  that it's not possible to be in internal_networks without being in
  trusted_networks as well
- bug 4901: deal more properly with failures in bgsend().  also, use
  the proper variable to show when errors occur.
- bug 4867: fetchmail changed header formats at some point making Received
  parsing fail in certain conditions
- bug 4699: use M::SA::Timeout for spamd copy_config call and allow for
  empty $@ values
- bug 3754: if there's a problem opening a file via sa-learn or
  spamassassin, return an error exit value.
2006-05-26 20:53:00 +00:00
heinz
88651149bb Fixed one forgotten case of variable with underscore. This fixes PR
pkg/33139 by Ben Colver.
2006-03-24 19:46:10 +00:00
heinz
91b905e691 Updated to version 3.1.1.
Pkgsrc changes:
  - Generic option "online-tests" replaces "spamassassin-test-net".
  - Removed underscore from package-internal variables (pkglint
    complained).
  - patch-ay disables the SPF plugin to avoid confusing warnings in the log
    files.
  - patch-az fixes http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4826.

Relevant changes since version 3.1.0:
=====================================
 - better validate a number of different configuration options
 - support new Mail::DomainKeys API, which changed incompatibly between
   0.18 and 0.80 without warning
 - more properly handle new Received header formats
 - bug 4788: backport sa-update from 3.2 along with the local_state_dir
   code, etc.
 - bug 4760: strictly validate trusted/internal network configurations
 - bug 4696: consolidated fixes for timeout bugs
 - bug 3710: add timeout to connect so spamc -t works
 - bug 4363: if a message uses CRLF for line endings, use it for header
   rewrites as well
 - bug 4748: add ExpressionEngine and Google redirector patterns
 - bug 3815: add _RELAYCOUNTRY_ tag so that the RelayCountry plugin can
   put in the list of countries relayed through
 - bug 4090: x86_64 platforms (linux specifically) have an issue compiling
   libspamc.so causing RPM build failures
 - bug 4791: fix issue where perl would throw a UTF-8 warning for certain
   messages
 - bugs 4606, 4609: Adjust MIME parsing limits
 - bug 4780: fix IP_ADDRESS & LOCALHOST regexes to correctly parse IPv6
   addresses
 - bug 4728: DUL rules should only use the last external IP, not all but
   the first of the external IPs
 - bug 4700: certain privileged configuration settings can inject code,
   due to a bad fix for bug 3846.  Back that out
2006-03-13 21:11:57 +00:00
joerg
5911def816 Recursive revision bump / recommended bump for gettext ABI change. 2006-02-05 23:08:03 +00:00
jlam
dc9594e09d Remove USE_PKGINSTALL from pkgsrc now that mk/install/pkginstall.mk
automatically detects whether we want the pkginstall machinery to be
used by the package Makefile.
2005-12-29 06:21:30 +00:00
rillig
579e977969 Ran "pkglint --autofix", which corrected some of the quoting issues in
CONFIGURE_ARGS.
2005-12-05 23:55:01 +00:00
rillig
b71a1d488b Fixed pkglint warnings. The warnings are mostly quoting issues, for
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in

    http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html
2005-12-05 20:49:47 +00:00
rillig
835e577ea6 Removed patch-ar again, as I have found a way to exploit it. Bumped
PKGREVISION.
2005-11-22 13:03:22 +00:00
rillig
1f7e238c95 Bumped PKGREVISION because of the recent addition of patch-ar. 2005-11-22 10:37:39 +00:00
rillig
b3301f44a4 Added patch-ar, which fixes a Perl error in tainted mode. Removed the
checksum of the non-existant patch-ax from distinfo.
2005-11-22 10:35:00 +00:00
heinz
a415440a32 Updated to version 3.1.0.
Pkgsrc changes:
  - p5-Storable is no longer a necessary.
  - Let DragonFlyBSD also use the rc.d script (patch-ad).
  - Sa-update needs p5-libwww (for LWP::UserAgent, HTTP::Date),
    p5-Archive-Tar and p5-IO-Zlib.
  - Many of the plugins are available as pkgsrc packages (p5-Mail-SPF-Query,
    p5-IP-Country, p5-Net-Ident, ...) but are not required.
  - Renamed some options to follow the naming conventions described in the
    pkgsrc guide.
  - Removed patch-ax again; it is already incorporated in 3.1.0.

  - Reworked DESCR to use less than 25 lines.
  - Removed SPAMASSASSIN_VERSION for clarity of DISTNAME and PKGNAME.
  - Prepended variables internal to the package with an underscore.
  - Rearranged MAKE_PARAMS alphabetically.
  - Simplified some internal variables (concatenation instead of
    substitution: _EGDIR, _DOCDIR,...)
  - Loop variables use all lower-case now.
  - Added a rule to lower score for mail from pkgsrc-bugs in netbsd_lists.cf.
  - The test t/spf.t (fails for SPF_HELO_*) has a know problem (SA Bug 4685).

Relevant changes since version 3.0.4:
=====================================
- Apache preforking algorithm adopted; number of spamd child processes is now
  scaled, according to demand.  This provides better VM behaviour when not
  under peak load.

- Inclusion of sa-update script which will allow for updates of rules and
  scores in between code releases.

- added PostgreSQL, MySQL 4.1+, and local SDBM file Bayes storage modules. SQL
  storage is now recommended for Bayes, instead of DB_File. NDBM_File support
  has been dropped due to a major bug in that module.

- detect legitimate SMTP AUTH submission, to avoid false positives on
  Dynablock-style rules.

- new Advance Fee Fraud (419 scam) rules.

- removed use of the Storable module, due to several reported hangs on SMP
  Linux machines.

- Converted several rule/engine components into Plugins such as:
  AccessDB, AWL, Pyzor, Razor2, DCC, Bayes AutoLearn Determination, etc.

- new plugins: DomainKeys (off by default), MIMEHeader: a new plugin to perform
  tests against header in internal MIME structure, ReplaceTags: plugin by Felix
  Bauer to support fuzzy text matching, WhiteListSubject: plugin added to
  support user whitelists by Subject header.

- TextCat language guesser moved to a plugin.  (This means "ok_languages"
  is no longer part of the core engine by default.)

- Razor: disable Razor2 support by default per our policy, since the
  service is not free for non-personal use.  It's trivial to reenable.

- DCC: disable DCC for similar reasons, due to new license terms.

- Net::DNS bug: high load caused answer packets to be mixed up and delivered as
  answers to the wrong request, causing false positives.  worked around.

- DNSBL lookups and other DNS operations are now more efficient, by using a
  custom single-socket event-based model instead of Net::DNS.

- add support for accreditation services, including Habeas v2.

- better URI parsing -- many evasion tricks now caught.

- URIBL lookups are prioritized based on the location in the message
  the URI was found.

- mass-check now supports reusing realtime DNSBL hit results, and sample-based
  Bayes autolearning emulation, to reduce complexity.

- sa-learn, spamassassin and mass-check now have optional progress bars.

- modify header ordering for DomainKeys compatibility, by placing markup
  headers at the top of the message instead at the bottom of the list.

- spamd/spamc now support remote Bayes training, and reporting spam.

- spamc now supports reading its flags from a configuration file using the -F
  switch, contributed by John Madden.

- added SPF-based whitelisting.

- Polish rules contributed by Radoslaw Stachowiak.

- many rule changes and additions.
2005-11-13 22:48:32 +00:00
heinz
e8265013ad Added a patch to fix a potential DoS vulnerability (CVE-2005-3351).
See
  http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4570
  http://secunia.com/advisories/17386
2005-11-13 05:08:00 +00:00
rillig
a844ed5f9a Provide the PKG_SUGGESTED_OPTIONS instead of setting the user's
variable's default value.
2005-11-04 17:20:09 +00:00
rillig
77d62f5272 Explicitly set BUILD_DIRS to emphasize it is different from CONFIGURE_DIRS. 2005-11-04 11:09:07 +00:00
jlam
7fbb8d9527 Bump the PKGREVISIONs of all (638) packages that hardcode the locations
of Perl files to deal with the perl-5.8.7 update that moved all
pkgsrc-installed Perl files into the "vendor" directories.
2005-08-06 06:19:03 +00:00
jlam
7a6521287b Turn PERL5_PACKLIST into a relative path instead of an absolute path.
These paths are now relative to PERL5_PACKLIST_DIR, which currently
defaults to ${PERL5_SITEARCH}.  There is no change to the binary
packages.
2005-07-13 18:01:18 +00:00
heinz
6f31df205d Correct path for ASF MASTER_SITES (thanks to Mark Davies). 2005-06-22 20:43:19 +00:00
heinz
b7123d619d Update to version 3.0.4.
This solves the update request in PR pkg/30452.

No pkgsrc related changes. This release fixes a recently reported DoS
vulnerability.

Highlights of the release
-------------------------
 - Certain invalid "Content-Type" headers would cause SpamAssassin to
   incorrectly process parts of the message.
 - Certain long message headers could cause slowness when parsing the message.
 - Added in SURBL JP list.
 - URI anti-obfuscation updates.
 - Additional bug fixes.
2005-06-19 22:29:35 +00:00
reed
ee8be9d0c1 RCD_SCRIPTS_EXAMPLEDIR is no longer customizable.
And always is defined as share/examples/rc.d
which was the default before.

This rc.d scripts are not automatically added to PLISTs now also.
So add to each corresponding PLIST as required.

This was discussed on tech-pkg in late January and late April.

Todo: remove the RCD_SCRIPTS_EXAMPLEDIR uses in MESSAGES and elsewhere
and remove the RCD_SCRIPTS_EXAMPLEDIR itself.
2005-05-02 20:33:57 +00:00
heinz
a1e5cae8d3 Updated to version 3.0.3.
Merged the two rules in netbsd_lists.cf into one because problem reports
mostly do not contain "x-send-pr" anymore.

Disabled installation of netbsd_lists.cf in PKGSYSCONFDIR (it is still
included in the "examples" directory).

Changes since 3.0.2
===================

 - Fixed possible memory bloat from large AutoWhitelist db files

 - Fixed where user defined rules scores became ignored

 - Updated parsing code for several Received: header formats

 - Increased some BAYES_* scores for the network+bayes score set

 - Document set_tag for Plugin API and added get_tag

 - Additional bug fixes.
2005-04-29 08:48:40 +00:00
tv
f816d81489 Remove USE_BUILDLINK3 and NO_BUILDLINK; these are no longer used. 2005-04-11 21:44:48 +00:00
agc
8758983939 Add RMD160 digests. 2005-02-24 09:59:20 +00:00
heinz
448ecee5d5 After changing the SUBST-stage to 'pre-configure' for 3.0.2, Makefile.PL was
changed after perl5-configure had been run and the Makefile created.
For some people, this resulted in a message
  Makefile out-of-date with respect to Makefile.PL
at the build stage.
Omitting the first substitution (sa1) and the corresponding part of
patch-ab solved this. This patch had been unnecessary for some time
anyway.

This should resolve pkg/29255.
2005-02-13 21:20:25 +00:00
schmonz
f09b1533f1 Update to 3.0.2. From the changelog:
This release detects legitimate SMTP AUTH submission, to avoid
false positives on Dynablock-style rules. The URIDNSBL plugin has
been fixed to honor the uridnsbl_max_domains config option. Various
documentation and rule fixes. The ability to deal with 'rewrite_header
Subject' markup when no Subject header exists. 'make test' failure
on Solaris has been fixed.

pkgsrc changes:
* Use subst.mk in pre-configure, rather than post-patch, for easier
    regeneration of patches.

OK'd by heinz@.
2005-01-15 21:44:55 +00:00
reed
32d8f290c2 The default location of the pkgsrc-installed rc.d scripts is now
under share/examples/rc.d. The variable name already was named
RCD_SCRIPTS_EXAMPLEDIR.

This is from ideas from Greg Woods and others.

Also bumped PKGREVISION for all packages using RCD_SCRIPTS mechanism
(as requested by wiz).
2004-12-28 02:47:40 +00:00
xtraeme
54d05fa49a Remove obsolete variables. You'll want to use:
PKG_OPTIONS.<pkg>+= foo blah
2004-11-17 19:56:49 +00:00
mjl
84f0153bf2 Update to 3.0.1.
This is a minor maintenance release to 3.0.0 and the old
archive was no longer available on the primary sites.
2004-11-08 17:07:23 +00:00
heinz
925d3744c3 Update to version 3.0.0. Tested on NetBSD 1.6.2, Solaris 9 and Debian
3.0.

Important changes since 2.64 (for details see the file 'Changes')

- support for sender authentication using the Sender Policy Framework
  (SPF)
- checking for web links of known spam advertisers (SURBL)
- modular plugin architecture
- improved SQL database support for storing user data in server
  installations
- improved email classification
- SpamAssassin is now part of the Apache Foundation
2004-10-12 00:11:10 +00:00
tv
c487cb967a Libtool fix for PR pkg/26633, and other issues. Update libtool to 1.5.10
in the process.  (More information on tech-pkg.)

Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.

Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
2004-10-03 00:12:51 +00:00
heinz
e6a555d2bb Update to 2.64.
This also includes the fix for PR pkg/26386 (problems with
PKG_CONFIG=no).

Summary of major changes since 2.63
-----------------------------------

  - Security fix prevents a denial of service attack open to certain
    malformed messages; this DoS affects all SpamAssassin 2.5x
    and 2.6x versions to date.
  - Backported several very reliable rules from the SpamAssassin 3.0.0
    codebase.
2004-08-10 20:40:01 +00:00
schmonz
384af75e68 Packages no longer need to clean up *.subst.sav leftovers. 2004-06-06 04:29:17 +00:00
heinz
77210faa99 Correct bad substitution of @PREFIX@ in spamd.raw 2004-05-31 12:43:06 +00:00
reed
9c790735db mk/bsd.pkg.install.mk now automatically registers
the RCD_SCRIPTS rc.d script(s) to the PLIST.

This GENERATE_PLIST idea is part of Greg A. Woods'
PR #22954.

This helps when the RC_SCRIPTS are installed to
a different ${RCD_SCRIPTS_EXAMPLEDIR}. (Later,
the default RCD_SCRIPTS_EXAMPLEDIR will be changed
to be more clear that they are the examples.)

These patches also remove the etc/rc.d/ scripts from PLISTs
(of packages that use RCD_SCRIPTS). (This also removes
now unused references from openssh* makefiles. Note that
qmail package has not been changed yet.)

I have been doing automatic PLIST registration for RC_SCRIPTS
for over a year. Not all of these packages have been tested,
but many have been tested and used.

Somethings maybe to do:
- a few packages still manually install the rc.d scripts to
  hard-coded etc/rc.d. These need to be fixed.
- maybe  remove from mk/${OPSYS}.pkg.dist mtree specifications too.
2004-04-23 22:07:52 +00:00
seb
5c6df5a3f9 Introduce SPAMASSASSIN_VERSION. And most significantly use it instead of
PKGVERSION in DISTNAME's definition so PKGREVISION's value does not
render it useless.

Okay'ed by wiz@.
2004-03-26 16:42:42 +00:00
wiz
a661ce60c0 PKGREVISION bump after openssl-security-fix-update to 0.9.6m.
Buildlink files: RECOMMENDED version changed to current version.
2004-03-26 02:27:34 +00:00