Release Notes: A security fix prevented a denial of service attack open to certain malformed messages. Several very reliable rules were backported from the 3.0.0 codebase.
Release Notes: Spamhaus DBL was added as a URIBL_DBL_SPAM rule. The ImageInfo plugin was updated to the latest release. The RCVD_IN_CSS rule was fixed. 2tld and 3tld sub-domain hosters were listed for URIBL/SURBL/DBL queries. Other fixes were made.
Release Notes: Rules were updated and new scores are assigned by GA. Rules are no longer in the package, but installed by sa-update. A new function can() allows testing for capabilities offered. Support for IPv6 was greatly improved. When the time limit is exceeded, partial results are still returned. The timing report is now logged or offered as a tag. A caller may supply out-of-band data. Detection of URI was rewritten. The DKIM plugin now supports multiple signatures and ADSP with overrides. The FreeMail, PhishTag, and Reuse plugins were added. Error detection, handling, and reporting were improved to facilitate troubleshooting.
Release Notes: Newer gpg versions require keys to be cross-certified, so the sa-update public key was fixed accordingly. A perl version string was added to the storage area for compiled rulesets, to avoid crashes when perl is upgraded between major versions (e.g. perl 5.8.x to 5.10.0) and the ABI breaks. Some FORGED_MUA_OUTLOOK false positives were cleared on the new-format Message-ID generated by the Outlook Express version used in Windows XP service pack 3. Compatibility with Postgres 8.1.0 and later was fixed. Other miscellaneous fixes were done.
Release Notes: Major sa-compile fixes. Minor fixes in other departments. 'score set for a non-existent rule' has been made a debug message, instead of a lint warning, since it's a very frequent FAQ.
Release Notes: The new setuid code has been fixed to work with Perl 5.6.1 and to support DCC and Pyzor in all releases of Perl. The default 'user_scores_ldap_username' is now the null string, allowing anonymous binding. A 'schema' syntax error in LDAP config support has been fixed, along with an error where zeroing an 'eval' rule's score did not stop it from running. The new message ID format seen from Vista or Windows 2003 Server MAPI is now allowed to avoid false positives, and several issues with RDNS_DYNAMIC have been fixed.