All releases tagged Stable
Release Notes: Newer gpg versions require keys to be cross-certified, so the sa-update public key was fixed accordingly. A perl version string was added to the storage area for compiled rulesets, to avoid crashes when perl is upgraded between major versions (e.g. perl 5.8.x to 5.10.0) and the ABI breaks. Some FORGED_MUA_OUTLOOK false positives were cleared on the new-format Message-ID generated by the Outlook Express version used in Windows XP service pack 3. Compatibility with Postgres 8.1.0 and later was fixed. Other miscellaneous fixes were done.
Release Notes: Major sa-compile fixes. Minor fixes in other departments. 'score set for a non-existent rule' has been made a debug message, instead of a lint warning, since it's a very frequent FAQ.
Release Notes: The new setuid code has been fixed to work with Perl 5.6.1 and to support DCC and Pyzor in all releases of Perl. The default 'user_scores_ldap_username' is now the null string, allowing anonymous binding. A 'schema' syntax error in LDAP config support has been fixed, along with an error where zeroing an 'eval' rule's score did not stop it from running. The new message ID format seen from Vista or Windows 2003 Server MAPI is now allowed to avoid false positives, and several issues with RDNS_DYNAMIC have been fixed.
Release Notes: The "make test" rule was fixed when running as root; this is needed for CPAN. Certain mail input can take a long time to scan with 100% CPU utilization, due to backtracking in a rule's regexp. Sending a HUP signal to the spamd process causes the ps name to change from spamd to perl. "make test" errors in Windows caused by nonportable use of getpwuid were fixed. Multiple DNS records for a host name should allow use of spamd -H for load balancing installs to work. Network lookup timeouts were fixed, where lookups were being lost once a timeout was hit.
Release Notes: A local user symlink-attack DoS vulnerability (CVE-2007-2873) was fixed. It only affects systems where spamd is run as root, is used with vpopmail or virtual users via the "-v"/"--vpopmail" or "--virtual-config-dir" switch, and with the "-x"/"--no-user-config, and without the "-u"/"--username" switch, and with the "-l"/"--allow-tell" switch. This is not default on any distribution package, and is not a common configuration. Other miscellaneous bugs were also fixed.
Release Notes: Short-circuiting of "definite ham" or "definite spam" messages based on rules was added. Charset normalization was added, so rules can be written in UTF-8 to match text in other charsets. "sa-compile" was added to compile SpamAssassin rules into a fast parallel-matching DFA. "tflags multiple" was added, which allows rules that count multiple hits in a single message. "whitelist_auth" was added to whitelist addresses that send mail using sender-authorization systems like SPF, Domain Keys, and DKIM. Mail::SpamAssassin::Spamd::Apache2 provides spamd as a mod_perl module.
Release Notes: Fixes were made for a bug in date handling affecting DATE_IN_FUTURE_* and DATE_IN_PAST_* rules when more than one Resent-Date header is present. A race condition in spamd preforking code that sometimes left one child process running after sending SIGHUP to spamd was fixed. Hash characters in the config are now unescaped. False SPF_SOFTFAILs when SPF queries timeout were fixed. RCVD_ILLEGAL_IP evaltest was updated to properly deal with 127/8. Adding headers with a single digit zero value was enabled. Support for ecelerity Received headers was added. A bug introduced in 3.1.5 in mbx code was fixed.
Release Notes: All third-party code is now allowed to use rule updates by setting a default path when one is not passed in. Support for whitelisting with DomainKeys was added. Lots of other minor bugfixes and documentation updates were done.
Release Notes: A large number of bugs were fixed. sa-update will no longer leave SpamAssassin in an unusable state if the first use fails to download or install an update. sa-update will now be able to use GnuPG on Windows. Macros such as the one used by report_contact will be replaced when updates are installed. SpamAssassin was unusable with exim4 when BSMTP mode is used. A number of documentation updates were also made.
Release Notes: An issue where a certain set of parameters to spamd and a specially formatted input message could allow users to execute arbitrary commands as the spamd user has been fixed. An issue where the userstate directory and preference file weren't being created under certain conditions has been fixed.
