Pkgsrc changes:
- Incorporated new version requirements for p5-Archive-Tar and p5-IO-Zlib.
Relevant changes since version 3.1.3:
=====================================
- bug 4941: if the first sa-update run failed and wasn't re-run to successful
completion, the local state directory would exist, and therefore SA sees no
rules. now, wait as long as possible to create the directory, and try to
remove it on failure.
- bug 4997: increase module version requirements for Archive::Tar to 1.23 and
IO::Zlib to 1.04
- bug 4966: fix major BSMTP bug, which rendered SA unusable with exim4 when
BSMTP is used.
- bug 4899: Windows had issues with single quotes around filenames so certain
things like pyzor, etc, wouldn't function.
- bug 4958: sa-update should work on Windows
- bug 4908: gtube.t test failed in non-english locales
- bug 4488: deal with potential memory leak due to Bayes and BayesStore
circular references
- bug 4862: update macro values in update channels (ie: @@CONTACT_ADDRESS@@)
Pkgsrc changes:
- patch-bb for no longer necessary (integrated upstream).
Changes since version 3.1.2:
============================
- bug 4926: given a certain set of parameters to spamd and a specially
formatted input message, users could cause spamd to execute arbitrary
commands as the spamd user
- bug 4932: the userstate dir and userprefs file would not be created
under certain conditions.
Pkgsrc changes:
- The updates for rule files go into $VARBASE/spamassassin/.
- This above directory and the directory sa-update-keys for the GPG keys
are now handled automatically by OWN_DIRS.
- The growing number of *.pre files are managed in a loop in the Makefile.
They are no longer contained in the static PLIST.
- Removed some unnecessary trailing slashes.
- Patching init.pre in order to disable the SPF plugin broke the spf.t
test. This is now fixed, although in a rather ugly way :-/.
- patch-ab no longer needs to use BSD_INSTALL_DATA_DIR because we create
the directories through INSTALLATION_DIRS.
- patch-ad and patch-az were removed (changes integrated upstream).
- patch-bb fixes a small documentation error.
- Fixed some warnings by pkglint about the SUBST framework in Makefile
and options.mk.
Relevant changes since version 3.1.1:
=====================================
- bug 4802: implement DKIM plugin, including whitelist_from_dkim support
- bug 3838: work around Perl bug causing captured RE variables to become
tainted -- thanks to Mark Martinec for pointing out the bug with
Perl itself
- bug 4850: re-enable the Razor2 plugin by default due to a service
policy change
- bug 4826: Razor2 plugin needs to load Mail::SpamAssassin::Timeout module
- bug 4827: M::SA::first_existing_path() would return the last array
entry passed in if none of the paths were found. Now return undef
instead and handle the error when it happens.
- bug 4813: generally open RE causes sendmail received header get read
in as qmail in error
- bug 4839: Logger.pm converts control chars including tab into
underscores which confuses a bunch of users when checking debug output.
Convert tab into space instead, etc.
- bug 4884: if a null message is passed in, there are several variables
which end up undefined causing warnings. fake an empty message if no
input is given.
- bug 4793: when replacing tags in a message (_TAG_), leave the tags
that don't exist alone instead of just removing them
- bug 4861, 4760: handle dccifd and dccproc failover properly, backport
relays_internal and relays_external code, backport bug 4760 fix so
that it's not possible to be in internal_networks without being in
trusted_networks as well
- bug 4901: deal more properly with failures in bgsend(). also, use
the proper variable to show when errors occur.
- bug 4867: fetchmail changed header formats at some point making Received
parsing fail in certain conditions
- bug 4699: use M::SA::Timeout for spamd copy_config call and allow for
empty $@ values
- bug 3754: if there's a problem opening a file via sa-learn or
spamassassin, return an error exit value.
Pkgsrc changes:
- Generic option "online-tests" replaces "spamassassin-test-net".
- Removed underscore from package-internal variables (pkglint
complained).
- patch-ay disables the SPF plugin to avoid confusing warnings in the log
files.
- patch-az fixes http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4826.
Relevant changes since version 3.1.0:
=====================================
- better validate a number of different configuration options
- support new Mail::DomainKeys API, which changed incompatibly between
0.18 and 0.80 without warning
- more properly handle new Received header formats
- bug 4788: backport sa-update from 3.2 along with the local_state_dir
code, etc.
- bug 4760: strictly validate trusted/internal network configurations
- bug 4696: consolidated fixes for timeout bugs
- bug 3710: add timeout to connect so spamc -t works
- bug 4363: if a message uses CRLF for line endings, use it for header
rewrites as well
- bug 4748: add ExpressionEngine and Google redirector patterns
- bug 3815: add _RELAYCOUNTRY_ tag so that the RelayCountry plugin can
put in the list of countries relayed through
- bug 4090: x86_64 platforms (linux specifically) have an issue compiling
libspamc.so causing RPM build failures
- bug 4791: fix issue where perl would throw a UTF-8 warning for certain
messages
- bugs 4606, 4609: Adjust MIME parsing limits
- bug 4780: fix IP_ADDRESS & LOCALHOST regexes to correctly parse IPv6
addresses
- bug 4728: DUL rules should only use the last external IP, not all but
the first of the external IPs
- bug 4700: certain privileged configuration settings can inject code,
due to a bad fix for bug 3846. Back that out
Pkgsrc changes:
- p5-Storable is no longer a necessary.
- Let DragonFlyBSD also use the rc.d script (patch-ad).
- Sa-update needs p5-libwww (for LWP::UserAgent, HTTP::Date),
p5-Archive-Tar and p5-IO-Zlib.
- Many of the plugins are available as pkgsrc packages (p5-Mail-SPF-Query,
p5-IP-Country, p5-Net-Ident, ...) but are not required.
- Renamed some options to follow the naming conventions described in the
pkgsrc guide.
- Removed patch-ax again; it is already incorporated in 3.1.0.
- Reworked DESCR to use less than 25 lines.
- Removed SPAMASSASSIN_VERSION for clarity of DISTNAME and PKGNAME.
- Prepended variables internal to the package with an underscore.
- Rearranged MAKE_PARAMS alphabetically.
- Simplified some internal variables (concatenation instead of
substitution: _EGDIR, _DOCDIR,...)
- Loop variables use all lower-case now.
- Added a rule to lower score for mail from pkgsrc-bugs in netbsd_lists.cf.
- The test t/spf.t (fails for SPF_HELO_*) has a know problem (SA Bug 4685).
Relevant changes since version 3.0.4:
=====================================
- Apache preforking algorithm adopted; number of spamd child processes is now
scaled, according to demand. This provides better VM behaviour when not
under peak load.
- Inclusion of sa-update script which will allow for updates of rules and
scores in between code releases.
- added PostgreSQL, MySQL 4.1+, and local SDBM file Bayes storage modules. SQL
storage is now recommended for Bayes, instead of DB_File. NDBM_File support
has been dropped due to a major bug in that module.
- detect legitimate SMTP AUTH submission, to avoid false positives on
Dynablock-style rules.
- new Advance Fee Fraud (419 scam) rules.
- removed use of the Storable module, due to several reported hangs on SMP
Linux machines.
- Converted several rule/engine components into Plugins such as:
AccessDB, AWL, Pyzor, Razor2, DCC, Bayes AutoLearn Determination, etc.
- new plugins: DomainKeys (off by default), MIMEHeader: a new plugin to perform
tests against header in internal MIME structure, ReplaceTags: plugin by Felix
Bauer to support fuzzy text matching, WhiteListSubject: plugin added to
support user whitelists by Subject header.
- TextCat language guesser moved to a plugin. (This means "ok_languages"
is no longer part of the core engine by default.)
- Razor: disable Razor2 support by default per our policy, since the
service is not free for non-personal use. It's trivial to reenable.
- DCC: disable DCC for similar reasons, due to new license terms.
- Net::DNS bug: high load caused answer packets to be mixed up and delivered as
answers to the wrong request, causing false positives. worked around.
- DNSBL lookups and other DNS operations are now more efficient, by using a
custom single-socket event-based model instead of Net::DNS.
- add support for accreditation services, including Habeas v2.
- better URI parsing -- many evasion tricks now caught.
- URIBL lookups are prioritized based on the location in the message
the URI was found.
- mass-check now supports reusing realtime DNSBL hit results, and sample-based
Bayes autolearning emulation, to reduce complexity.
- sa-learn, spamassassin and mass-check now have optional progress bars.
- modify header ordering for DomainKeys compatibility, by placing markup
headers at the top of the message instead at the bottom of the list.
- spamd/spamc now support remote Bayes training, and reporting spam.
- spamc now supports reading its flags from a configuration file using the -F
switch, contributed by John Madden.
- added SPF-based whitelisting.
- Polish rules contributed by Radoslaw Stachowiak.
- many rule changes and additions.
This solves the update request in PR pkg/30452.
No pkgsrc related changes. This release fixes a recently reported DoS
vulnerability.
Highlights of the release
-------------------------
- Certain invalid "Content-Type" headers would cause SpamAssassin to
incorrectly process parts of the message.
- Certain long message headers could cause slowness when parsing the message.
- Added in SURBL JP list.
- URI anti-obfuscation updates.
- Additional bug fixes.
And always is defined as share/examples/rc.d
which was the default before.
This rc.d scripts are not automatically added to PLISTs now also.
So add to each corresponding PLIST as required.
This was discussed on tech-pkg in late January and late April.
Todo: remove the RCD_SCRIPTS_EXAMPLEDIR uses in MESSAGES and elsewhere
and remove the RCD_SCRIPTS_EXAMPLEDIR itself.
Merged the two rules in netbsd_lists.cf into one because problem reports
mostly do not contain "x-send-pr" anymore.
Disabled installation of netbsd_lists.cf in PKGSYSCONFDIR (it is still
included in the "examples" directory).
Changes since 3.0.2
===================
- Fixed possible memory bloat from large AutoWhitelist db files
- Fixed where user defined rules scores became ignored
- Updated parsing code for several Received: header formats
- Increased some BAYES_* scores for the network+bayes score set
- Document set_tag for Plugin API and added get_tag
- Additional bug fixes.
changed after perl5-configure had been run and the Makefile created.
For some people, this resulted in a message
Makefile out-of-date with respect to Makefile.PL
at the build stage.
Omitting the first substitution (sa1) and the corresponding part of
patch-ab solved this. This patch had been unnecessary for some time
anyway.
This should resolve pkg/29255.
This release detects legitimate SMTP AUTH submission, to avoid
false positives on Dynablock-style rules. The URIDNSBL plugin has
been fixed to honor the uridnsbl_max_domains config option. Various
documentation and rule fixes. The ability to deal with 'rewrite_header
Subject' markup when no Subject header exists. 'make test' failure
on Solaris has been fixed.
pkgsrc changes:
* Use subst.mk in pre-configure, rather than post-patch, for easier
regeneration of patches.
OK'd by heinz@.
under share/examples/rc.d. The variable name already was named
RCD_SCRIPTS_EXAMPLEDIR.
This is from ideas from Greg Woods and others.
Also bumped PKGREVISION for all packages using RCD_SCRIPTS mechanism
(as requested by wiz).
3.0.
Important changes since 2.64 (for details see the file 'Changes')
- support for sender authentication using the Sender Policy Framework
(SPF)
- checking for web links of known spam advertisers (SURBL)
- modular plugin architecture
- improved SQL database support for storing user data in server
installations
- improved email classification
- SpamAssassin is now part of the Apache Foundation
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
This also includes the fix for PR pkg/26386 (problems with
PKG_CONFIG=no).
Summary of major changes since 2.63
-----------------------------------
- Security fix prevents a denial of service attack open to certain
malformed messages; this DoS affects all SpamAssassin 2.5x
and 2.6x versions to date.
- Backported several very reliable rules from the SpamAssassin 3.0.0
codebase.
the RCD_SCRIPTS rc.d script(s) to the PLIST.
This GENERATE_PLIST idea is part of Greg A. Woods'
PR #22954.
This helps when the RC_SCRIPTS are installed to
a different ${RCD_SCRIPTS_EXAMPLEDIR}. (Later,
the default RCD_SCRIPTS_EXAMPLEDIR will be changed
to be more clear that they are the examples.)
These patches also remove the etc/rc.d/ scripts from PLISTs
(of packages that use RCD_SCRIPTS). (This also removes
now unused references from openssh* makefiles. Note that
qmail package has not been changed yet.)
I have been doing automatic PLIST registration for RC_SCRIPTS
for over a year. Not all of these packages have been tested,
but many have been tested and used.
Somethings maybe to do:
- a few packages still manually install the rc.d scripts to
hard-coded etc/rc.d. These need to be fixed.
- maybe remove from mk/${OPSYS}.pkg.dist mtree specifications too.
Summary of major changes since 2.62
-----------------------------------
- Fixed bug related to perl 5.005 which stopped SpamAssassin from being
runnable
- Fixed bug where "spamassassin -l" parameter wouldn't be untainted before
being used
- Added caching of body rendering results so that the message wouldn't
be rendered the same way multiple times unnecessarily.
Summary of major changes since 2.61
-----------------------------------
- Fixed two bugs related to Received line generation and parsing.
- Modified two rules to reduce false positives.
- Fixed bug where spamd temporary init directory wasn't removed in some
situations.
- Modified HABEAS_SWE to function even if the Habeas headers were out of
their normal order.
- Fixed bug where reporting wouldn't remove message markup before being
learned by Bayes.
- Fixed bug where report_safe_copy_headers would reverse the order of the
Received headers.
- Fixed several bugs in the Bayes system caused by DB_File oddities.
Summary of major changes since 2.60
-----------------------------------
- Dramatically reduced memory usage of Bayes expiry.
- avoid false positives on Outlook 2003 messages, mails from Mac, Palm, and
localized versions of Eudora, several AOL MUAs, and newer versions of The
Bat!
- new set of French translations from Michel Bouissou
- updated to reflect new Dynablock DNSBL location
- avoids a possible hole that was giving AWL bonuses to
spammer forgeries on some networks
- miscellaneous bug fixes
Summary of changes since 2.5x
-----------------------------------
- spamd supports UNIX-domain sockets
- SSL support for spamc/spamd now usable
- improved Bayes text analysis
- improved expiration of Bayes-DB
- better detection of 'invisible text' and other obfuscation techniques
in HTML
- new RBL (eg SORBS, SpamCop, Osirusoft dropped)
- better handling of RBL timeouts
- support for Razor V1 dropped
- more flexible header and report rewriting
- Perl taint mode enabled by default
- bug fixes
- new rules
