Release Notes: An issue where a certain set of parameters to spamd and a specially formatted input message could allow users to execute arbitrary commands as the spamd user has been fixed.
Release Notes: This release fixes possible memory bloat from large AutoWhitelist db files. It fixes a bug where user defined rules scores became ignored. The parsing code for several Received: header formats has been updated. Some BAYES_* scores for the network+bayes score set have been increased. set_tag has been documented for the plugin API, and get_tag has been added. There are additional bugfixes.
Release Notes: This release detects legitimate SMTP AUTH submission, to avoid false positives on Dynablock-style rules. The URIDNSBL plugin has been fixed to honor the uridnsbl_max_domains config option. Various documentation and rule fixes. The ability to deal with 'rewrite_header Subject' markup when no Subject header exists. 'make test' failure on Solaris has been fixed.
No changes have been submitted for this release.
Release Notes: Now part of the ASF and uses the Apache License 2.0. Now includes support for SPF. Web site links contained in the message are checked against SURBL and SBL. The new 3.0 architecture allows third parties to easily add plugin modules. SQL database support for both the Bayes and auto-whitelist modules. A more accurate simulation of email client handling of MIME and HTML improves accuracy. Better detection and handling of spammer techniques that try to trick anti-spam software. A new logo.
Release Notes: A security fix prevented a denial of service attack open to certain malformed messages. Several very reliable rules were backported from the 3.0.0 codebase.
Release Notes: This release fixes three small bugs, one related to Perl 5.005 incompatibility, one related to untainting a file path, and one related to performance and not generating the same decoded message body more than once.
Release Notes: This release fixes a bug which caused report_safe_copy_headers to reverse the order of the Received headers, a bug which caused reporting to not remove message markup before being learned by Bayes, a bug which caused the spamd temporary init directory to not be removed in some situations, several bugs in the Bayes system caused by DB_File oddities, and two bugs related to Received line generation and parsing. It modifies HABEAS_SWE to function even if the Habeas headers are out of their normal order and modifies two rules to reduce false positives.
Release Notes: This release adds dramatically reduced memory usage of the Bayes expiry, avoidance of false positives on Outlook 2003 messages, messages from Mac, Palm, and localized versions of Eudora, several AOL MUAs, and newer versions of The Bat!, a new set of French translations, an update to reflect a new Dynablock DNSBL location, a fix for a possible hole that was giving AWL bonuses to spammer forgeries on some networks, and miscellaneous bugfixes.
Release Notes: The Bayes system was overhauled. The DB storage format was changed, and the journal/expire and tokenization algorithms were improved. spamd now supports UNIX-domain sockets. Better HTML parsing, detection of "invisible text", and other obfuscation techniques. DNS Blacklists were also overhauled with the addition of lots of new lists, removal of defunct lists, better timeout handling, and better header parsing. More flexible header and report rewriting options were implemented. Perl taint mode is now enabled by default for increased security.