|
[-]
[+]
|
Changed |
spamassassin.changes
|
|
|
|
[-]
[+]
|
Changed |
spamassassin.spec
^
|
|
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/Changes
^
|
| @@ -1,4 +1,367 @@
------------------------------------------------------------------------
+r660442 | jm | 2008-05-27 09:21:57 +0000 (Tue, 27 May 2008) | 3 lines
+
+bug 5899: add perl version string to the storage
+area for compiled rulesets, to avoid crashes when perl is upgraded between
+major versions and the ABI breaks
+------------------------------------------------------------------------
+r660135 | jm | 2008-05-26 09:02:36 +0000 (Mon, 26 May 2008) | 1 line
+
+bug 5730: when using Postgres >= 8.1.0 with Bayes, this error occurs: 'WARNING: nonstandard use of \ in a string literal at character'. fix, thanks to Tomasz Ostrowski
+------------------------------------------------------------------------
+r660133 | jm | 2008-05-26 09:01:12 +0000 (Mon, 26 May 2008) | 1 line
+
+bug 5769: fix 'sa-compile: eval failed: Can't find label NO' error, caused in rare circumstances when sa-compile attempted to deal with rules written using 'replace_rules' features
+------------------------------------------------------------------------
+r659531 | jm | 2008-05-23 13:05:42 +0000 (Fri, 23 May 2008) | 1 line
+
+bug 5858: fix circular reference caused by some messages
+------------------------------------------------------------------------
+r658745 | jm | 2008-05-21 16:31:04 +0000 (Wed, 21 May 2008) | 1 line
+
+trivial bugfix: __BOUNCE_FROM_DAEMON incorrectly used + instead of *, so some From addresses were not being recognised as bounce senders
+------------------------------------------------------------------------
+r658010 | jm | 2008-05-19 22:35:18 +0000 (Mon, 19 May 2008) | 1 line
+
+bug 5496, bug 5910: clear some FORGED_MUA_OUTLOOK false positives, particularly on the new-format Message-ID generated by the Outlook Express version used in Windows XP service pack 3
+------------------------------------------------------------------------
+r657560 | jm | 2008-05-18 13:43:10 +0000 (Sun, 18 May 2008) | 1 line
+
+remove OUTLOOK_3416, due to FP in bug 5650
+------------------------------------------------------------------------
+r632902 | mmartinec | 2008-03-03 01:03:59 +0000 (Mon, 03 Mar 2008) | 1 line
+
+A missing or failed eval rule function can mistakenly count as a rule hit, bug 5839
+------------------------------------------------------------------------
+r630925 | jm | 2008-02-25 16:37:34 +0000 (Mon, 25 Feb 2008) | 1 line
+
+bug 5835: typo in POD docs for SPF plugin; thanks to Benny Pedersen for fix
+------------------------------------------------------------------------
+r630870 | jm | 2008-02-25 15:09:15 +0000 (Mon, 25 Feb 2008) | 1 line
+
+bug 5815: update 2TLD list to include .rs CCTLD
+------------------------------------------------------------------------
+r629596 | jm | 2008-02-20 19:54:57 +0000 (Wed, 20 Feb 2008) | 1 line
+
+bug 5833: update ECCN status for SpamAssassin to note 5D002 status
+------------------------------------------------------------------------
+r629057 | jm | 2008-02-19 10:34:32 +0000 (Tue, 19 Feb 2008) | 1 line
+
+bug 5825: backport changes to support nested 'if' conditionals in rulesrc files
+------------------------------------------------------------------------
+r620371 | mmartinec | 2008-02-11 01:09:10 +0000 (Mon, 11 Feb 2008) | 1 line
+
+t/dnsbl.t: no need to disable a test with new/fixed versions of Sys::Hostname::Long, bug 3806
+------------------------------------------------------------------------
+r620364 | mmartinec | 2008-02-11 00:53:35 +0000 (Mon, 11 Feb 2008) | 1 line
+
+DnsResolver: bump up resolver receive buffer size to 32kB if smaller, bug 5790
+------------------------------------------------------------------------
+r620358 | jm | 2008-02-10 23:38:10 +0000 (Sun, 10 Feb 2008) | 1 line
+
+bug 5764: fix test failure in t/dcc.t on Solaris 10
+------------------------------------------------------------------------
+r619567 | sidney | 2008-02-07 18:55:46 +0000 (Thu, 07 Feb 2008) | 1 line
+
+bug 5666: expose gated_through_received_hdr_remover to be used as an eval rule, and the rule changes that it has been exposed for
+------------------------------------------------------------------------
+r619403 | mmartinec | 2008-02-07 13:22:49 +0000 (Thu, 07 Feb 2008) | 1 line
+
+bug 5786: fix for missing From with DKIM; remove empty lines from SPF test mail header
+------------------------------------------------------------------------
+r619283 | sidney | 2008-02-07 06:16:02 +0000 (Thu, 07 Feb 2008) | 1 line
+
+bug 4706: remove HG_HORMOME rules due to poor performance
+------------------------------------------------------------------------
+r613052 | felicity | 2008-01-18 04:40:04 +0000 (Fri, 18 Jan 2008) | 3 lines
+
+Update the sa-learn man page to include information about bayes version 3.
+
+
+------------------------------------------------------------------------
+r611968 | jm | 2008-01-14 23:18:13 +0000 (Mon, 14 Jan 2008) | 1 line
+
+bug 5783: update MANIFEST to add new file
+------------------------------------------------------------------------
+r611818 | jm | 2008-01-14 14:44:23 +0000 (Mon, 14 Jan 2008) | 1 line
+
+add a file to contain the list of deleted rules; fixes warnings from 3.2.3 and earlier about scores set for nonexistent rules in latest update
+------------------------------------------------------------------------
+r610699 | felicity | 2008-01-10 07:17:04 +0000 (Thu, 10 Jan 2008) | 1 line
+
+bug 5775: newer gpg versions require keys to be cross-certified (backsig). Did a cross-verify on our update public key and re-exported.
+------------------------------------------------------------------------
+r609982 | jm | 2008-01-08 13:43:45 +0000 (Tue, 08 Jan 2008) | 1 line
+
+remove now-deleted rules from active.list
+------------------------------------------------------------------------
+r609969 | jm | 2008-01-08 13:29:18 +0000 (Tue, 08 Jan 2008) | 1 line
+
+remove scores for FM_DDDD_TIMES_2, FM_SEX_HOSTDDDD
+------------------------------------------------------------------------
+r609898 | sidney | 2008-01-08 07:42:40 +0000 (Tue, 08 Jan 2008) | 1 line
+
+bug 5666: recognize message-id from sympatico.ca that was causing FORGED_MUA_OUTLOOK FP
+------------------------------------------------------------------------
+r609710 | jm | 2008-01-07 17:32:47 +0000 (Mon, 07 Jan 2008) | 1 line
+
+add Sidney's suggested step for the next release; copying the release announcement to the voting site
+------------------------------------------------------------------------
+r609709 | jm | 2008-01-07 17:28:27 +0000 (Mon, 07 Jan 2008) | 1 line
+
+back-merge from trunk
+------------------------------------------------------------------------
+r609708 | jm | 2008-01-07 17:24:33 +0000 (Mon, 07 Jan 2008) | 1 line
+
+fix bugs in build/README
+------------------------------------------------------------------------
+r609689 | jm | 2008-01-07 17:02:00 +0000 (Mon, 07 Jan 2008) | 1 line
+
+3.2.5 devel cycle started
+------------------------------------------------------------------------
+r609688 | jm | 2008-01-07 17:01:24 +0000 (Mon, 07 Jan 2008) | 1 line
+
+3.2.4 RELEASED
+------------------------------------------------------------------------
+r609222 | jm | 2008-01-05 21:31:04 +0000 (Sat, 05 Jan 2008) | 1 line
+
+update build procedures to remove a redundant step
+------------------------------------------------------------------------
+r609216 | jm | 2008-01-05 21:08:24 +0000 (Sat, 05 Jan 2008) | 1 line
+
+preparing to re-cut 3.2.4, with the fix for bug 5762 included
+------------------------------------------------------------------------
+r608672 | mmartinec | 2008-01-03 23:28:38 +0000 (Thu, 03 Jan 2008) | 1 line
+
+AsyncLoop: call clock_getres only if Time::HiRes makes it available
+------------------------------------------------------------------------
+r607918 | jm | 2008-01-01 21:15:44 +0000 (Tue, 01 Jan 2008) | 1 line
+
+preparing to release 3.2.4
+------------------------------------------------------------------------
+r607910 | jm | 2008-01-01 20:59:55 +0000 (Tue, 01 Jan 2008) | 1 line
+
+preparing for 3.2.4 release
+------------------------------------------------------------------------
+r607761 | sidney | 2007-12-31 18:08:46 +0000 (Mon, 31 Dec 2007) | 1 line
+
+bug 5748: fix locale problem with use of external sort by not sorting because the sort was not needed anyway
+------------------------------------------------------------------------
+r607612 | sidney | 2007-12-30 23:21:25 +0000 (Sun, 30 Dec 2007) | 1 line
+
+Bug 5599: implement DNS server load distribution
+------------------------------------------------------------------------
+r607590 | jm | 2007-12-30 21:07:41 +0000 (Sun, 30 Dec 2007) | 1 line
+
+bug 5673: 'ALL' header was including spurious extra spaces between header names and values. fix
+------------------------------------------------------------------------
+r607589 | jm | 2007-12-30 21:04:39 +0000 (Sun, 30 Dec 2007) | 1 line
+
+bug 5715: allow for more than one sa-update MIRRORED.BY file host in DNS, for redundancy
+------------------------------------------------------------------------
+r607297 | mmartinec | 2007-12-28 17:31:23 +0000 (Fri, 28 Dec 2007) | 1 line
+
+bug 5662: recognize author signature and multiple signatures for whitelisting (with Mail::DKIM 0.29); disable useless "check_dkim_signsome"; new eval rules "check_dkim_valid_author_sig" and "check_dkim_valid" (an alias for a "check_dkim_verified" misnomer); new tags _DKIMIDENTITY_ and _DKIMDOMAIN_; updated terminology; verification speedup with Mail::DKIM 0.30 (or its pre-releases)
+------------------------------------------------------------------------
+r607239 | jm | 2007-12-28 13:17:26 +0000 (Fri, 28 Dec 2007) | 1 line
+
+bug 5696: cut regexp base strings at Unicode high codepoints, to avoid corruption of patterns containing UTF-8
+------------------------------------------------------------------------
+r607236 | jm | 2007-12-28 13:15:46 +0000 (Fri, 28 Dec 2007) | 1 line
+
+bug 5637: bayes_file_mode is handled incorrectly when creating bayes.mutex, resulting in incorrect permissions on that file; fix by Mihaly Barasz
+------------------------------------------------------------------------
+r607235 | jm | 2007-12-28 13:14:06 +0000 (Fri, 28 Dec 2007) | 1 line
+
+bug 5612: DB_File version 4.2.x has a bug that loops infinitely if files named '__db.{filename}' are present; work around. thanks to J. Nick Koston for the report and fix
+------------------------------------------------------------------------
+r607233 | jm | 2007-12-28 13:12:14 +0000 (Fri, 28 Dec 2007) | 1 line
+
+bug 5606: too-early init_learner() call causes root's user prefs file to be read when spamd is started; this is inappropriate. fix
+------------------------------------------------------------------------
+r607232 | jm | 2007-12-28 13:10:16 +0000 (Fri, 28 Dec 2007) | 1 line
+
+bug 4179: if allow_user_rules is 1, user rules are not unique to each user; one user's user rules can appear in later scans for other users that are run using the same spamd process. fix
+------------------------------------------------------------------------
+r607225 | jm | 2007-12-28 12:37:13 +0000 (Fri, 28 Dec 2007) | 1 line
+
+note that dkim.t has been broken by external changes, annoyingly
+------------------------------------------------------------------------
+r606498 | sidney | 2007-12-22 21:43:27 +0000 (Sat, 22 Dec 2007) | 1 line
+
+bug 5705: use the correct perl binary to lint parse-rules-for-masses in the meta tests
+------------------------------------------------------------------------
+r606150 | jm | 2007-12-21 09:57:22 +0000 (Fri, 21 Dec 2007) | 1 line
+
+bug 5680: ALL_TRUSTED can fire if a trusted MSA or webmail system receives the message from an untrusted X-Originating-IP: header
+------------------------------------------------------------------------
+r606149 | jm | 2007-12-21 09:53:24 +0000 (Fri, 21 Dec 2007) | 1 line
+
+bug 5626: in the 'spamassassin' script, install a signal handler for SIGHUP, SIGINT, SIGTERM and SIGPIPE to ensure that temporary files are removed
+------------------------------------------------------------------------
+r605203 | jm | 2007-12-18 13:05:54 +0000 (Tue, 18 Dec 2007) | 1 line
+
+bug 3811: silence noise emitted during 'perl Makefile.PL' caused by ExtUtils::MakeMaker and/or CPAN.pm bugs
+------------------------------------------------------------------------
+r605054 | sidney | 2007-12-18 00:29:39 +0000 (Tue, 18 Dec 2007) | 1 line
+
+bug 5608 - more correct wording in POD documentation
+------------------------------------------------------------------------
+r604716 | jm | 2007-12-16 21:40:14 +0000 (Sun, 16 Dec 2007) | 1 line
+
+bug 5594: several major sa-compile fixes. major increase in overall speed; cache results between runs to further increase speed; and fix a danger of massive memory usage
+------------------------------------------------------------------------
+r604715 | jm | 2007-12-16 21:33:52 +0000 (Sun, 16 Dec 2007) | 1 line
+
+bug 5557: some temporary files are left not cleaned up on Windows; fix
+------------------------------------------------------------------------
+r604713 | jm | 2007-12-16 21:30:05 +0000 (Sun, 16 Dec 2007) | 1 line
+
+bug 5661: speed up Bayes SQL queries by allowing the use of indexes when expiring
+------------------------------------------------------------------------
+r604711 | jm | 2007-12-16 21:27:57 +0000 (Sun, 16 Dec 2007) | 1 line
+
+bug 5611: support 'spamd --nouser-config -u username', which setuids to 'username' but does not read user_prefs files from anywhere
+------------------------------------------------------------------------
+r604710 | jm | 2007-12-16 21:26:37 +0000 (Sun, 16 Dec 2007) | 1 line
+
+bug 5577: spamc on win32 reports corrupt error messages if spamd host is unresolveable or unconnectable. fix
+------------------------------------------------------------------------
+r604709 | jm | 2007-12-16 21:25:32 +0000 (Sun, 16 Dec 2007) | 1 line
+
+bug 5556: fix a variety of sa-compile portability issues, and support for 5.6.x perls
+------------------------------------------------------------------------
+r604708 | jm | 2007-12-16 21:22:28 +0000 (Sun, 16 Dec 2007) | 1 line
+
+bug 5514: make 'score set for a non-existent rule' a debug message, instead of a lint warning, since it's a very frequent FAQ
+------------------------------------------------------------------------
+r604707 | jm | 2007-12-16 21:21:18 +0000 (Sun, 16 Dec 2007) | 1 line
+
+bug 5493: sa-compile fails to correctly deal with escaped backslashes. fix
+------------------------------------------------------------------------
+r604706 | jm | 2007-12-16 21:19:59 +0000 (Sun, 16 Dec 2007) | 1 line
+
+bug 5665: spamd may fail to notice that a child has completed exiting, and keeps in the child list in state 'K', eventually filling up the child list with 'ghost' children. fix
+------------------------------------------------------------------------
+r604705 | jm | 2007-12-16 21:18:11 +0000 (Sun, 16 Dec 2007) | 1 line
+
+bug 5677: update TLD list in RegistrarBoundaries with latest feedback from Alex, Jeff and Dallas
+------------------------------------------------------------------------
+r604555 | sidney | 2007-12-16 05:56:36 +0000 (Sun, 16 Dec 2007) | 1 line
+
+remove score for DRUG_RA_PRICE because the rule no longer exists
+------------------------------------------------------------------------
+r604549 | sidney | 2007-12-16 03:40:59 +0000 (Sun, 16 Dec 2007) | 1 line
+
+bug 5586: fix typo in the fix that was checked in to branch 3.2
+------------------------------------------------------------------------
+r604547 | sidney | 2007-12-16 03:05:48 +0000 (Sun, 16 Dec 2007) | 1 line
+
+test case number was not incrememnted last time a test case was added
+------------------------------------------------------------------------
+r600712 | duncf | 2007-12-03 22:20:13 +0000 (Mon, 03 Dec 2007) | 2 lines
+
+bug 5735: spamc should allow retry_sleep 0
+
+------------------------------------------------------------------------
+r599208 | duncf | 2007-11-28 23:58:28 +0000 (Wed, 28 Nov 2007) | 1 line
+
+bug 5728: require -u with --sql-config or --ldap-config
+------------------------------------------------------------------------
+r590056 | jm | 2007-10-30 13:05:54 +0000 (Tue, 30 Oct 2007) | 1 line
+
+bug 5682: remove FH_HOST_ALMOST_IP, FH_HOST_EQ_D_D_D_D, due to false positives and redundancy with RDNS_DYNAMIC; remove FH_HOST_EQ_D_D_D_DB due to no hits
+------------------------------------------------------------------------
+r586471 | jm | 2007-10-19 14:21:07 +0000 (Fri, 19 Oct 2007) | 1 line
+
+backport changes to SVN-only build/mkrules script from trunk, to support new rulesrc/scores dir
+------------------------------------------------------------------------
+r586009 | jm | 2007-10-18 15:37:51 +0000 (Thu, 18 Oct 2007) | 1 line
+
+bug 5681: look up IP addresses found in 'X-Yahoo-Post-IP' and 'X-SenderIP' headers, too, thanks to Martin Blapp
+------------------------------------------------------------------------
+r586008 | jm | 2007-10-18 15:36:50 +0000 (Thu, 18 Oct 2007) | 1 line
+
+bug 5492: use get_pristine_body() API instead of more complex get_pristine() usage in VBounce plugin, thanks to Henrik Krohns
+------------------------------------------------------------------------
+r585950 | mmartinec | 2007-10-18 12:52:52 +0000 (Thu, 18 Oct 2007) | 1 line
+
+Unhelpful diagnostics when site rules directory is inaccessible, Bug 5507
+------------------------------------------------------------------------
+r585895 | mmartinec | 2007-10-18 08:16:27 +0000 (Thu, 18 Oct 2007) | 1 line
+
+Another unparsed Received line, Bug 5583, including a test case
+------------------------------------------------------------------------
+r585580 | mmartinec | 2007-10-17 17:16:16 +0000 (Wed, 17 Oct 2007) | 1 line
+
+Bug 5589: Refined async events handling and DNS lookup completions
+------------------------------------------------------------------------
+r585506 | jm | 2007-10-17 13:48:50 +0000 (Wed, 17 Oct 2007) | 1 line
+
+bug 5527: add AOL WebMail received header support, thanks to Steve Freegard
+------------------------------------------------------------------------
+r585501 | jm | 2007-10-17 13:44:44 +0000 (Wed, 17 Oct 2007) | 1 line
+
+bug 5672: remove DNS_FROM_SECURITYSAGE (DNSBL lookups against securitysage.com) due to unreliability
+------------------------------------------------------------------------
+r585434 | jm | 2007-10-17 10:11:01 +0000 (Wed, 17 Oct 2007) | 1 line
+
+bug 5687: fix bug where duplicate loadplugin line results in eval rule method registered with invalid $self object
+------------------------------------------------------------------------
+r583975 | jm | 2007-10-11 22:12:28 +0000 (Thu, 11 Oct 2007) | 1 line
+
+bug 5568: ensure read-receipt messages are not tagged with BOUNCE_MESSAGE
+------------------------------------------------------------------------
+r583857 | jm | 2007-10-11 15:41:23 +0000 (Thu, 11 Oct 2007) | 1 line
+
+bug 5676: trivial fix to POD documentation; the topic is 'whitelist_bounce_relays', not 'whitelist_from'
+------------------------------------------------------------------------
+r582914 | jm | 2007-10-08 17:52:03 +0000 (Mon, 08 Oct 2007) | 1 line
+
+backport score changes to 3.2.0, to match rules deleted from sandboxes
+------------------------------------------------------------------------
+r581301 | jm | 2007-10-02 16:54:20 +0000 (Tue, 02 Oct 2007) | 3 lines
+
+bug 5476: update Bonded Sender (now Sender Score
+Certified) rules, and add a rule for their strictly-confirmed-opt-in-required
+zone
+------------------------------------------------------------------------
+r578929 | jm | 2007-09-24 19:37:37 +0000 (Mon, 24 Sep 2007) | 1 line
+
+remove localized descriptions for FORGED_AOL_TAGS and FORGED_MUA_AOL_FROM
+------------------------------------------------------------------------
+r578885 | jm | 2007-09-24 17:34:43 +0000 (Mon, 24 Sep 2007) | 1 line
+
+bug 5538: remove FORGED_MUA_AOL_FROM and FORGED_AOL_TAGSentirely; they're obsolete, given the current capabilities of AOL mail user agents
+------------------------------------------------------------------------
+r578787 | jm | 2007-09-24 12:31:20 +0000 (Mon, 24 Sep 2007) | 1 line
+
+remove score for nonexistent rules; forgotten backport from 3.2.x rule updates SVN dir
+------------------------------------------------------------------------
+r578785 | jm | 2007-09-24 12:27:30 +0000 (Mon, 24 Sep 2007) | 1 line
+
+bug 5632: remove all completewhois.com DNSBL lookups, site seems to have disappeared without warning
+------------------------------------------------------------------------
+r578778 | jm | 2007-09-24 12:17:05 +0000 (Mon, 24 Sep 2007) | 1 line
+
+bug 5586: RDNS_NONE has false positives if the MTA doesn't put the hostname in the Received header, like Communigate Pro. add an exception for this
+------------------------------------------------------------------------
+r564346 | jm | 2007-08-09 19:32:45 +0000 (Thu, 09 Aug 2007) | 1 line
+
+3.2.4 devel cycle started
+------------------------------------------------------------------------
+r564345 | jm | 2007-08-09 19:32:15 +0000 (Thu, 09 Aug 2007) | 1 line
+
+3.2.3 RELEASED
+------------------------------------------------------------------------
+r563875 | jm | 2007-08-08 13:38:40 +0000 (Wed, 08 Aug 2007) | 1 line
+
+doc: minor fixes to build procedure doc
+------------------------------------------------------------------------
+r563848 | jm | 2007-08-08 13:16:52 +0000 (Wed, 08 Aug 2007) | 1 line
+
+preparing to release 3.2.3
+------------------------------------------------------------------------
r563591 | jm | 2007-08-07 17:49:55 +0000 (Tue, 07 Aug 2007) | 1 line
bug 5107: change default user_scores_ldap_username to be the null string, allowing anonymous binding; fix 'schema' syntax error in LDAP config support
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/MANIFEST
^
|
| @@ -504,3 +504,7 @@
t/spamc_x_e.t
t/root_spamd_u.t
t/root_spamd_u_dcc.t
+t/spamd_user_rules_leak.t
+t/get_all_headers.t
+t/data/Dumpheaders.pm
+rules/72_removed.cf
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/Makefile.PL
^
|
| @@ -5,7 +5,18 @@
use warnings;
use Config;
-use ExtUtils::MakeMaker 5.45;
+use ExtUtils::MakeMaker;
+
+# Store the version for later use
+my $mm_version = $ExtUtils::MakeMaker::VERSION;
+
+# avoid stupid 'Argument "6.30_01" isn't numeric in numeric ge (>=)' warnings;
+# strip off the beta subversion noise that causes the trouble.
+$mm_version =~ s/_\S+$//; # "6.30_01" => "6.30"
+
+if ($mm_version+0 < 5.45) {
+ die "SpamAssassin Makefile.PL requires at least ExtUtils::MakeMaker v5.45";
+}
use constant RUNNING_ON_WINDOWS => ($^O =~ /^(mswin|dos|os2)/oi);
use constant HAS_DBI => eval { require DBI; };
@@ -120,16 +131,12 @@
# Gather some information about what EU::MM offers and/or needs
my(
- $mm_version,
$mm_knows_destdir,
$mm_has_destdir,
$mm_has_good_destdir,
$mm_needs_destdir,
);
-# Store the version for later use
-$mm_version = $ExtUtils::MakeMaker::VERSION;
-
# MakeMaker prior to 6.11 doesn't support DESTDIR which is needed for
# packaging with builddir!=destdir. See bug 2388.
$mm_knows_destdir = $ExtUtils::MakeMaker::Recognized_Att_Keys{DESTDIR};
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/NOTICE
^
|
| @@ -2,3 +2,34 @@
Foundation (http://www.apache.org/).
SpamAssassin is a trademark of the Apache Software Foundation.
+
+This distribution includes cryptographic software. The country in
+which you currently reside may have restrictions on the import,
+possession, use, and/or re-export to another country, of
+encryption software. BEFORE using any encryption software, please
+check your country's laws, regulations and policies concerning the
+import, possession, or use, and re-export of encryption software, to
+see if this is permitted. See <http://www.wassenaar.org/> for more
+information.
+
+The U.S. Government Department of Commerce, Bureau of Industry and
+Security (BIS), has classified this software as Export Commodity
+Control Number (ECCN) 5D002.C.1, which includes information security
+software using or performing cryptographic functions with asymmetric
+algorithms. The form and manner of this Apache Software Foundation
+distribution makes it eligible for export under the License Exception
+ENC Technology Software Unrestricted (TSU) exception (see the BIS
+Export Administration Regulations, Section 740.13) for both object
+code and source code.
+
+The following provides more details on the included cryptographic
+software:
+
+The OpenSSL Project - http://www.openssl.org/source/
+
+spamc and libspamc use OpenSSL to perform SSL encryption.
+
+Steffen Ullrich - http://search.cpan.org/%7esullr/
+
+spamd uses IO::Socket::SSL to perform SSL encryption.
+
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/build/mkrules
^
|
| @@ -270,7 +270,7 @@
return if (!-f $path);
# limit what will be copied from sandboxes
- return if ($path =~ /sandbox/ && !/(?:\d.*\.cf|\.pm)$/i);
+ return if ($path =~ /(?:sandbox|scores)/ && !/(?:\d.*\.cf|\.pm)$/i);
# a bit of sanity please - no svn metadata ;)
return if ($path =~ /\.svn/);
@@ -343,7 +343,12 @@
plugin_file_compile($entry);
}
elsif ($entry->{dir} =~ /sandbox/) {
- rule_file_compile($f, $t, $entry->{filename}, 1);
+ rule_file_compile($f, $t, $entry->{filename},
+ { issandbox => 1 });
+ }
+ elsif ($entry->{dir} =~ /scores/) {
+ rule_file_compile($f, $t, $entry->{filename},
+ { issandbox => 1, isscores => 1 });
}
elsif ($entry->{dir} =~ /extra/) {
# 'extra' rulesets; not built by default (TODO)
@@ -352,7 +357,7 @@
else {
# rules in "core" and "lang" are always copied
if ($needs_rebuild) {
- rule_file_compile($f, $t, $entry->{filename}, 0);
+ rule_file_compile($f, $t, $entry->{filename}, { });
}
}
}
@@ -373,7 +378,9 @@
# appended to the rule name, sanitised.
sub rule_file_compile {
- my ($f, $t, $filename, $issandbox) = @_;
+ my ($f, $t, $filename, $flags) = @_;
+ my $issandbox = $flags->{issandbox};
+ my $isscores = $flags->{isscores};
open (IN, "<$f") or die "cannot read $f";
@@ -423,8 +430,17 @@
}
# non-sandbox rules always use the same name
+ # comment "score" lines for sandbox rules (bug 5558)
+ # use generated scores, though, if the rule is active
+ if ($type eq 'score' && $issandbox &&
+ !($isscores && $active_rules->{$name}))
+ {
+ $orig =~ s/^/#/g;
+ }
+
if (!$rules->{$name}) { $rules->{$name} = rule_entry_create(); }
$rules->{$name}->{issandbox} = $issandbox;
+ $rules->{$name}->{isscores} = $isscores;
$rules->{$name}->{origname} = $origname;
$rules->{$name}->{cond} ||= $current_conditional;
$rules->{$name}->{text} .= $current_comments . $orig;
@@ -512,7 +528,11 @@
\s+(.*?)$
/x)
{
- $current_conditional = $orig;
+ if ($current_conditional) {
+ $current_conditional .= "#|#".$orig;
+ } else {
+ $current_conditional = $orig;
+ }
}
elsif (/^endif\b/x)
{
@@ -589,7 +609,7 @@
my $cond;
if ($current_conditional) {
- $name = $current_conditional; $name =~ s/\s+/ /gs;
+ $name = $current_conditional; $name =~ s/\#\|\#/ /gs; $name =~ s/\s+/ /gs;
$cond = $current_conditional;
}
@@ -728,7 +748,14 @@
$rules->{$ifplugin_text_name}->{output_file} = $pubfile;
}
- $rules->{$name}->{output_text} = "\n".$cond.$text."endif\n";
+ # ensure we produce enough "endif"s to match however many
+ # nested conditions there are
+ my $endifs = "endif\n";
+ while ($cond =~ s/\#\|\#//) {
+ $endifs .= "endif\n";
+ }
+
+ $rules->{$name}->{output_text} = "\n".$cond.$text.$endifs;
} else {
$rules->{$name}->{output_text} = $text;
@@ -765,8 +792,10 @@
if (!$pubfile) {
if ($active_rules->{$name} # is active
|| $rules->{$name}->{forceactive} # or is forced to be
- || (!$rules->{$name}->{found_definition} && !$rules->{$name}->{iscommand}))
+ || (!$rules->{$name}->{found_definition} && !$rules->{$name}->{iscommand}
+ && !$rules->{$name}->{isscores}))
# or is a rule-related setting in reference to an unknown rule
+ # but isn't a generated score
{
$pubfile = $opt_out.'/'.$opt_activeout;
}
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/build/preprocessor
^
|
| @@ -178,6 +178,9 @@
$perl_version = sprintf("%i.%03i%03i", $v[0] || 0, $v[1] || 0, $v[2] || 0);
}
+ $] =~ /^(\d\.\d\d\d)/ or die "bad perl ver $]";
+ $defines{PERL_MAJOR_VER} = $1;
+
# Grab active plugin list
my @plugin_pod = ();
if (open(INIT, "rules/init.pre")) {
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin.pm
^
|
| @@ -74,6 +74,7 @@
use Mail::SpamAssassin::PluginHandler;
use Mail::SpamAssassin::DnsResolver;
+use Errno qw(ENOENT EACCES);
use File::Basename;
use File::Path;
use File::Spec 0.8;
@@ -94,7 +95,7 @@
@site_rules_path
};
-$VERSION = "3.002003"; # update after release (same format as perl $])
+$VERSION = "3.002005"; # update after release (same format as perl $])
# $IS_DEVEL_BUILD = 1; # change for release versions
# Used during the prerelease/release-candidate part of the official release
@@ -105,11 +106,11 @@
@ISA = qw();
# SUB_VERSION is now just <yyyy>-<mm>-<dd>
-$SUB_VERSION = (split(/\s+/,'$LastChangedDate: 2007-08-08 06:16:52 -0700 (Wed, 08 Aug 2007) $ updated by SVN'))[1];
+$SUB_VERSION = (split(/\s+/,'$LastChangedDate: 2008-06-10 09:13:55 +0000 (Tue, 10 Jun 2008) $ updated by SVN'))[1];
if (defined $IS_DEVEL_BUILD && $IS_DEVEL_BUILD) {
push(@EXTRA_VERSION,
- ('r' . qw{$LastChangedRevision: 563848 $ updated by SVN}[1]));
+ ('r' . qw{$LastChangedRevision: 666026 $ updated by SVN}[1]));
}
sub Version {
@@ -1705,6 +1706,7 @@
$path =~ s/__def_rules_dir__/$self->{DEF_RULES_DIR} || ''/ges;
$path =~ s{__prefix__}{$self->{PREFIX} || $Config{prefix} || '/usr'}ges;
$path =~ s{__userstate__}{$self->get_and_create_userstate_dir() || ''}ges;
+ $path =~ s{__perl_major_ver__}{$self->get_perl_major_version()}ges;
$path =~ s/__version__/${VERSION}/gs;
$path =~ s/^\~([^\/]*)/$self->expand_name($1)/es;
@@ -1713,12 +1715,23 @@
return $path;
}
+sub get_perl_major_version {
+ my $self = shift;
+ $] =~ /^(\d\.\d\d\d)/ or die "bad perl ver $]";
+ return $1;
+}
+
sub first_existing_path {
my $self = shift;
my $path;
foreach my $p (@_) {
$path = $self->sed_path ($p);
- if (defined $path && -e $path) { return $path; }
+ if (defined $path) {
+ my($errn) = stat($path) ? 0 : 0+$!;
+ if ($errn == ENOENT) { } # does not exist
+ elsif ($errn) { warn "config: path \"$path\" is inaccessible: $!\n" }
+ else { return $path }
+ }
}
return;
}
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/AsyncLoop.pm
^
|
| @@ -42,6 +42,21 @@
our @ISA = qw();
+# Load Time::HiRes if it's available
+BEGIN {
+ use vars qw($timer_resolution);
+ eval {
+ require Time::HiRes or die "Error loading Time::HiRes: $@, $!";
+ Time::HiRes->import( qw(time) );
+ $timer_resolution = Time::HiRes->can('clock_getres')
+ ? Time::HiRes::clock_getres(Time::HiRes::CLOCK_REALTIME())
+ : 0.001; # wild guess, assume resolution is better than 1s
+ 1;
+ } or do {
+ $timer_resolution = 1; # Perl's builtin timer ticks at one second
+ };
+}
+
#############################################################################
sub new {
@@ -51,11 +66,12 @@
my ($main) = @_;
my $self = {
main => $main,
- last_count => 0,
- times_count_was_same => 0,
queries_started => 0,
queries_completed => 0,
- pending_lookups => { }
+ total_queries_started => 0,
+ total_queries_completed => 0,
+ pending_lookups => { },
+ timing_by_query => { },
};
bless ($self, $class);
@@ -102,11 +118,48 @@
=item completed_callback (optional)
-A code reference, which will be called when the lookup has been reported as
-complete via C<set_response_packet()> or C<report_id_complete()>.
+A code reference which will be called when an asynchronous task (e.g. a
+DNS lookup) is completed, either normally, or aborted, e.g. by a timeout.
+
+When a task has been reported as completed via C<set_response_packet()>
+the response (as provided to C<set_response_packet()>) is stored in
+$ent->{response_packet} (possibly undef, its semantics is defined by the
+caller). When completion is reported via C<report_id_complete()> or a
+task was aborted, the $ent->{response_packet} is guaranteed to be undef.
+If it is necessary to distinguish between the last two cases, the
+$ent->{status} may be examined for a string 'ABORTING' or 'FINISHED'.
The code reference will be called with one argument, the C<$ent> object.
+=item zone (optional)
+
+A zone specification (typically a DNS zone name - e.g. host, domain, or RBL)
+which may be used as a key to look up per-zone settings. No semantics on this
+parameter is imposed by this module.
+
+=item timeout_initial (optional)
+
+An initial value of elapsed time for which we are willing to wait for a
+response (time in seconds, floating point value is allowed). When elapsed
+time since a query started exceeds the timeout value and there are no other
+queries to wait for, the query is aborted. The actual timeout value ranges
+from timeout_initial and gradually approaches timeout_min (see next parameter)
+as the number of already completed queries approaches the number of all
+queries started.
+
+If a caller does not explicitly provide this parameter or its value is
+undefined, a default initial timeout value is settable by a configuration
+variable rbl_timeout.
+
+If a value of the timeout_initial parameter is below timeout_min, the initial
+timeout is set to timeout_min.
+
+=item timeout_min (optional)
+
+A lower bound (in seconds) to which the actual timeout approaches as the
+number of queries completed approaches the number of all queries started.
+Defaults to 0.2 * timeout_initial.
+
=back
C<$obj> is returned by this method.
@@ -120,9 +173,58 @@
die "oops, no key" unless $ent->{key};
die "oops, no type" unless $ent->{type};
+ my $now = time;
+ my $key = $ent->{key};
+ my $id = $ent->{id};
+ $ent->{status} = 'STARTED';
+ $ent->{start_time} = $now if !defined $ent->{start_time};
+
+ # are there any applicable per-zone settings?
+ my $zone = $ent->{zone};
+ my $settings; # a ref to a by-zone or to global settings
+ my $conf_by_zone = $self->{main}->{conf}->{by_zone};
+ if (defined $zone && $conf_by_zone) {
+ # dbg("async: searching for by_zone settings for $zone");
+ $zone =~ s/^\.//; $zone =~ s/\.\z//; # strip leading and trailing dot
+ for (;;) { # 2.10.example.com, 10.example.com, example.com, com, ''
+ if (exists $conf_by_zone->{$zone}) {
+ $settings = $conf_by_zone->{$zone};
+ dbg("async: applying by_zone settings for $zone");
+ last;
+ } elsif ($zone eq '') {
+ last;
+ } else { # strip one level, careful with address literals
+ $zone = ($zone =~ /^( (?: [^.] | \[ (?: \\. | [^\]\\] )* \] )* )
+ \. (.*) \z/xs) ? $2 : '';
+ }
+ }
+ }
+
+ my $t_init = $ent->{timeout_initial}; # application-specified has precedence
+ $t_init = $settings->{rbl_timeout} if $settings && !defined $t_init;
+ $t_init = $self->{main}->{conf}->{rbl_timeout} if !defined $t_init;
+ $t_init = 0 if !defined $t_init; # last-resort default, just in case
+
+ my $t_end = $ent->{timeout_min}; # application-specified has precedence
+ $t_end = $settings->{rbl_timeout_min} if $settings && !defined $t_end;
+ $t_end = 0.2 * $t_init if !defined $t_end;
+ $t_end = 0 if $t_end < 0; # just in case
+
+ $t_init = $t_end if $t_init < $t_end;
+ $ent->{timeout_initial} = $t_init;
+ $ent->{timeout_min} = $t_end;
+
+ $ent->{display_id} = # identifies entry in debug logging and similar
+ join(", ", grep { defined }
+ map { ref $ent->{$_} ? @{$ent->{$_}} : $ent->{$_} }
+ qw(sets rules rulename type key) );
+
$self->{queries_started}++;
- $self->{pending_lookups}->{$ent->{key}} = $ent;
- $self->{last_start_lookup_time} = time;
+ $self->{total_queries_started}++;
+ $self->{pending_lookups}->{$key} = $ent;
+
+ dbg("async: starting: %s (timeout %.1fs, min %.1fs)",
+ $ent->{display_id}, $ent->{timeout_initial}, $ent->{timeout_min});
$ent;
}
@@ -164,6 +266,22 @@
# ---------------------------------------------------------------------------
+=item $async->log_lookups_timing()
+
+Log sorted timing for all completed lookups.
+
+=cut
+
+sub log_lookups_timing {
+ my ($self) = @_;
+ my $timings = $self->{timing_by_query};
+ for my $key (sort { $timings->{$a} <=> $timings->{$b} } keys %$timings) {
+ dbg("async: timing: %.3f %s", $timings->{$key}, $key);
+ }
+}
+
+# ---------------------------------------------------------------------------
+
=item $alldone = $async->complete_lookups()
Perform a poll of the pending lookups, to see if any are completed; if they
@@ -176,92 +294,134 @@
=cut
sub complete_lookups {
- my ($self, $timeout) = @_;
- my %typecount = ();
- my $stillwaiting = 0;
+ my ($self, $timeout, $allow_aborting_of_expired) = @_;
+ my $alldone = 0;
+ my $anydone = 0;
+ my $waiting_time = 0;
+ my $allexpired = 1;
+ my %typecount;
my $pending = $self->{pending_lookups};
- if (scalar keys %{$pending} <= 0) {
- return 1; # nothing left to do
- }
-
$self->{queries_started} = 0;
$self->{queries_completed} = 0;
+ my $now = time;
+
+ if (defined $timeout && $timeout > 0 &&
+ %$pending && $self->{total_queries_started} > 0)
+ {
+ # shrink a 'select' timeout if a caller specified unnecessarily long
+ # value beyond the latest deadline of any outstanding request;
+ # can save needless wait time (up to 1 second in harvest_dnsbl_queries)
+ my $r = $self->{total_queries_completed} / $self->{total_queries_started};
+ my $r2 = $r * $r; # 0..1
+ my $max_deadline;
+ while (my($key,$ent) = each %$pending) {
+ my $t_init = $ent->{timeout_initial};
+ my $dt = $t_init - ($t_init - $ent->{timeout_min}) * $r2;
+ my $deadline = $ent->{start_time} + $dt;
+ $max_deadline = $deadline if !defined $max_deadline ||
+ $deadline > $max_deadline;
+ }
+ if (defined $max_deadline) {
+ # adjust to timer resolution, only deals with 1s and with fine resolution
+ $max_deadline = 1 + int $max_deadline
+ if $timer_resolution == 1 && $max_deadline > int $max_deadline;
+ my $sufficient_timeout = $max_deadline - $now;
+ $sufficient_timeout = 0 if $sufficient_timeout < 0;
+ if ($timeout > $sufficient_timeout) {
+ dbg("async: reducing select timeout from %.1f to %.1f s",
+ $timeout, $sufficient_timeout);
+ $timeout = $sufficient_timeout;
+ }
+ }
+ }
+
# trap this loop in an eval { } block, as Net::DNS could throw
# die()s our way; in particular, process_dnsbl_results() has
# thrown die()s before (bug 3794).
eval {
- my $nfound = $self->{main}->{resolver}->poll_responses($timeout);
- $nfound ||= 'no';
- dbg ("async: select found $nfound socks ready");
-
- foreach my $key (keys %{$pending}) {
- my $ent = $pending->{$key};
+ if (%$pending) { # any outstanding requests still?
+ $self->{last_poll_responses_time} = $now;
+ my $nfound = $self->{main}->{resolver}->poll_responses($timeout);
+ dbg("async: select found %s responses ready (t.o.=%.1f)",
+ !$nfound ? 'no' : $nfound, $timeout);
+ }
+ $now = time; # capture new timestamp, after possible sleep in 'select'
- # call a "poll_callback" sub, if one exists
- if (defined $ent->{poll_callback}) {
+ while (my($key,$ent) = each %$pending) {
+ my $id = $ent->{id};
+ if (defined $ent->{poll_callback}) { # call a "poll_callback" if exists
+ # be nice, provide fresh info to a callback routine
+ $ent->{status} = 'FINISHED' if exists $self->{finished}->{$id};
+ # a callback might call set_response_packet() or report_id_complete()
+ # dbg("async: calling poll_callback on key $key");
$ent->{poll_callback}->($ent);
}
-
- my $type = $ent->{type};
- if (!exists ($self->{finished}->{$ent->{id}})) {
- $typecount{$type}++;
- next;
- }
-
- $ent->{response_packet} = delete $self->{finished}->{$ent->{id}};
- if (defined $ent->{completed_callback}) {
- $ent->{completed_callback}->($ent);
+ my $finished = exists $self->{finished}->{$id};
+ if ($finished) {
+ $anydone = 1;
+ delete $self->{finished}->{$id};
+ $ent->{status} = 'FINISHED';
+ $ent->{finish_time} = $now if !defined $ent->{finish_time};
+ my $elapsed = $ent->{finish_time} - $ent->{start_time};
+ dbg("async: completed in %.3f s: %s", $elapsed, $ent->{display_id});
+
+ # call a "completed_callback" sub, if one exists
+ if (defined $ent->{completed_callback}) {
+ # dbg("async: calling completed_callback on key $key");
+ $ent->{completed_callback}->($ent);
+ }
+ $self->{timing_by_query}->{". $key"} += $elapsed;
+ $self->{queries_completed}++;
+ $self->{total_queries_completed}++;
+ delete $pending->{$key};
}
-
- $self->{queries_completed}++;
- delete $self->{pending_lookups}->{$key};
}
- dbg("async: queries completed: ".$self->{queries_completed}.
- " started: ".$self->{queries_started});
-
- if (1) {
- dbg("async: queries active: ".
- join (' ', map { "$_=$typecount{$_}" } sort keys %typecount)." at ".
- localtime(time));
+ if (%$pending) { # still any requests outstanding? are they expired?
+ my $r =
+ !$allow_aborting_of_expired || !$self->{total_queries_started} ? 1.0
+ : $self->{total_queries_completed} / $self->{total_queries_started};
+ my $r2 = $r * $r; # 0..1
+ while (my($key,$ent) = each %$pending) {
+ $typecount{$ent->{type}}++;
+ my $t_init = $ent->{timeout_initial};
+ my $dt = $t_init - ($t_init - $ent->{timeout_min}) * $r2;
+ # adjust to timer resolution, only deals with 1s and fine resolution
+ $dt = 1 + int $dt if $timer_resolution == 1 && $dt > int $dt;
+ $allexpired = 0 if $now <= $ent->{start_time} + $dt;
+ }
+ dbg("async: queries completed: %d, started: %d",
+ $self->{queries_completed}, $self->{queries_started});
}
# ensure we don't get stuck if a request gets lost in the ether.
- if (!$stillwaiting) {
- my $numkeys = scalar keys %{$self->{pending_lookups}};
- if ($numkeys == 0) {
- $stillwaiting = 0;
-
- } else {
- $stillwaiting = 1;
-
- # avoid looping forever if we haven't got all results.
- if ($self->{last_count} == $numkeys) {
- $self->{times_count_was_same}++;
- if ($self->{times_count_was_same} > 20)
- {
- dbg("async: escaping: must have lost requests");
- $self->abort_remaining_lookups();
- $stillwaiting = 0;
- }
- } else {
- $self->{last_count} = $numkeys;
- $self->{times_count_was_same} = 0;
- }
- }
+ if (! %$pending) {
+ $alldone = 1;
+ }
+ elsif ($allexpired && $allow_aborting_of_expired) {
+ # avoid looping forever if we haven't got all results.
+ dbg("async: escaping: lost or timed out requests or responses");
+ $self->abort_remaining_lookups();
+ $alldone = 1;
}
+ else {
+ dbg("async: queries active: %s%s at %s",
+ join (' ', map { "$_=$typecount{$_}" } sort keys %typecount),
+ $allexpired ? ', all expired' : '', scalar(localtime(time)));
+ $alldone = 0;
+ }
+ 1;
+ } or do {
+ my $eval_stat = $@ ne '' ? $@ : "errno=$!"; chomp $eval_stat;
+ dbg("async: caught complete_lookups death, aborting: $eval_stat");
+ $alldone = 1; # abort remaining
};
- if ($@) {
- dbg("async: caught complete_lookups death, aborting: $@");
- $stillwaiting = 0; # abort remaining
- }
-
- return (!$stillwaiting);
+ return wantarray ? ($alldone,$anydone,$waiting_time) : $alldone;
}
# ---------------------------------------------------------------------------
@@ -276,27 +436,45 @@
my ($self) = @_;
my $pending = $self->{pending_lookups};
- my $foundone = 0;
- foreach my $key (keys %{$pending})
- {
- if (!$foundone) {
- dbg("async: aborting remaining lookups");
- $foundone = 1;
+ my $foundcnt = 0;
+ my $now = time;
+ while (my($key,$ent) = each %$pending) {
+ dbg("async: aborting after %.3f s, %s: %s",
+ $now - $ent->{start_time},
+ (defined $ent->{timeout_initial} &&
+ $now > $ent->{start_time} + $ent->{timeout_initial}
+ ? 'past original deadline' : 'deadline shrunk'),
+ $ent->{display_id} );
+ $foundcnt++;
+ $self->{timing_by_query}->{"X $key"} = $now - $ent->{start_time};
+
+ if (defined $ent->{completed_callback}) {
+ $ent->{finish_time} = $now if !defined $ent->{finish_time};
+ $ent->{response_packet} = undef;
+ $ent->{status} = 'ABORTING';
+ # to avoid breaking third-party plugins which may not test for undefined
+ # 'response_packet', avoid the callback on aborts for now (3.2.4);
+ # the following call will be enabled for 3.3.0 :
+ # $ent->{completed_callback}->($ent);
}
delete $pending->{$key};
}
- delete $self->{last_start_lookup_time};
+ dbg("async: aborted %d remaining lookups", $foundcnt) if $foundcnt > 0;
+ delete $self->{last_poll_responses_time};
$self->{main}->{resolver}->bgabort();
+ 1;
}
# ---------------------------------------------------------------------------
-=item $async->set_response_packet($id, $pkt)
+=item $async->set_response_packet($id, $pkt, $key, $timestamp)
Register a "response packet" for a given query. C<$id> is the ID for the
query, and must match the C<id> supplied in C<start_lookup()>. C<$pkt> is the
-packet object for the response.
+packet object for the response. A parameter C<$key> identifies an entry in a
+hash %{$self->{pending_lookups}} where the object which spawned this query can
+be found, and through which futher information about the query is accessible.
If this was called, C<$pkt> will be available in the C<completed_callback>
function as C<$ent-<gt>{response_packet}>.
@@ -307,11 +485,36 @@
=cut
sub set_response_packet {
- my ($self, $id, $pkt) = @_;
- $self->{finished}->{$id} = $pkt;
+ my ($self, $id, $pkt, $key, $timestamp) = @_;
+ $self->{finished}->{$id} = 1; # only key existence matters, any value
+ $timestamp = time if !defined $timestamp;
+ my $pending = $self->{pending_lookups};
+ if (!defined $key) { # backwards compatibility with 3.2.3 and older plugins
+ # a third-party plugin did not provide $key in a call, search for it:
+ if ($id eq $pending->{$id}->{id}) { # I feel lucky, key==id ?
+ $key = $id;
+ } else { # then again, maybe not, be more systematic
+ for my $tkey (keys %$pending) {
+ if ($id eq $pending->{$tkey}->{id}) { $key = $tkey; last }
+ }
+ }
+ dbg("async: got response on id $id, search found key $key");
+ }
+ if (!defined $key) {
+ info("async: no key, response packet not remembered, id $id");
+ } else {
+ my $ent = $pending->{$key};
+ if ($id ne $ent->{id}) {
+ info("async: ignoring response, mismatched id $id, expected $ent->{id}");
+ } else {
+ $ent->{finish_time} = $timestamp;
+ $ent->{response_packet} = $pkt;
+ }
+ }
+ 1;
}
-=item $async->report_id_complete($id)
+=item $async->report_id_complete($id,$key,$key,$timestamp)
Register that a query has completed, and is no longer "pending". C<$id> is the
ID for the query, and must match the C<id> supplied in C<start_lookup()>.
@@ -322,27 +525,26 @@
=cut
sub report_id_complete {
- my ($self, $id) = @_;
- $self->{finished}->{$id} = undef;
+ my ($self, $id, $key, $timestamp) = @_;
+ $self->set_response_packet($id, undef, $key, $timestamp);
}
# ---------------------------------------------------------------------------
-=item $time = $async->get_last_start_lookup_time()
+=item $time = $async->last_poll_responses_time()
-Get the time of the last call to C<start_lookup()>. If C<start_lookup()> was
-never called or C<abort_remaining_lookups()> has been called
-C<get_last_start_lookup_time()> will return undef.
+Get the time of the last call to C<poll_responses()> (which is called
+from C<complete_lookups()>. If C<poll_responses()> was never called or
+C<abort_remaining_lookups()> has been called C<last_poll_responses_time()>
+will return undef.
=cut
-sub get_last_start_lookup_time {
+sub last_poll_responses_time {
my ($self) = @_;
- return $self->{last_start_lookup_time};
+ return $self->{last_poll_responses_time};
}
-# ---------------------------------------------------------------------------
-
1;
=back
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/BayesStore/DBM.pm
^
|
| @@ -279,7 +279,11 @@
my $name = $path.'_'.$dbname;
my $db_var = 'db_'.$dbname;
dbg("bayes: tie-ing to DB file R/W $name");
- tie %{$self->{$db_var}},$self->DBM_MODULE,$name, O_RDWR|O_CREAT,
+
+ ($self->DBM_MODULE eq 'DB_File') and
+ Mail::SpamAssassin::Util::avoid_db_file_locking_bug ($name);
+
+ tie %{$self->{$db_var}},$self->DBM_MODULE, $name, O_RDWR|O_CREAT,
(oct($main->{conf}->{bayes_file_mode}) & 0666)
or goto failed_to_tie;
}
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/BayesStore/PgSQL.pm
^
|
| @@ -729,7 +729,7 @@
my $tokenarray = join(",", map { '"' . _quote_bytea($_) . '"' } sort @{$tokens});
- my $sth = $self->{_dbh}->prepare("select touch_tokens($self->{_userid}, '{$tokenarray}', $atime)");
+ my $sth = $self->{_dbh}->prepare("select touch_tokens($self->{_userid}, $self->{_esc_prefix}'{$tokenarray}', $atime)");
unless (defined($sth)) {
dbg("bayes: tok_touch_all: SQL error: ".$self->{_dbh}->errstr());
@@ -890,6 +890,12 @@
dbg("bayes: database connection established");
}
+ if ( $dbh->{pg_server_version} >= 80100 ) {
+ $self->{_esc_prefix} = 'E';
+ } else {
+ $self->{_esc_prefix} = '';
+ }
+
$self->{_dbh} = $dbh;
return 1;
@@ -933,7 +939,7 @@
}
my $escaped_token = _quote_bytea($token);
- my $sth = $self->{_dbh}->prepare("select put_tokens($self->{_userid},'{$escaped_token}',
+ my $sth = $self->{_dbh}->prepare("select put_tokens($self->{_userid},$self->{_esc_prefix}'{$escaped_token}',
$spam_count,$ham_count,$atime)");
unless (defined($sth)) {
@@ -997,7 +1003,7 @@
my $tokenarray = join(",", map { '"' . _quote_bytea($_) . '"' } sort keys %{$tokens});
- my $sth = $self->{_dbh}->prepare("select put_tokens($self->{_userid}, '{$tokenarray}',
+ my $sth = $self->{_dbh}->prepare("select put_tokens($self->{_userid}, $self->{_esc_prefix}'{$tokenarray}',
$spam_count, $ham_count, $atime)");
unless (defined($sth)) {
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/BayesStore/SQL.pm
^
|
| @@ -240,7 +240,7 @@
my $sql = "SELECT count(*)
FROM bayes_token
WHERE id = ?
- AND (? - atime) > ?";
+ AND atime < ?";
my $sth = $self->{_dbh}->prepare_cached($sql);
@@ -250,7 +250,7 @@
}
for (my $i = 1; $i <= $max_expire_mult; $i<<=1) {
- my $rc = $sth->execute($self->{_userid}, $newest_atime, $start * $i);
+ my $rc = $sth->execute($self->{_userid}, $newest_atime - $start * $i);
unless ($rc) {
dbg("bayes: calculate_expire_delta: SQL error: ".$self->{_dbh}->errstr());
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/Conf.pm
^
|
| @@ -1247,6 +1247,28 @@
}
});
+=item dns_options rotate (default: empty)
+
+If set to 'rotate', this causes SpamAssassin to choose a DNS server at random
+from all servers listed in C</etc/resolv.conf> every 'dns_test_interval'
+seconds, effectively spreading the load over all currently available DNS
+servers when there are many spamd workers.
+
+=cut
+
+ push (@cmds, {
+ setting => 'dns_options',
+ code => sub {
+ my ($self, $key, $value, $line) = @_;
+ my $allowed_opts = "rotate";
+
+ foreach my $option (split (/\s+/, $value)) {
+ if ($allowed_opts !~ /^$option$/) { return $INVALID_VALUE; }
+ else { $self->{dns_options}->{$option} = 1; }
+ }
+ }
+ });
+
=back
=head2 LEARNING OPTIONS
@@ -2411,25 +2433,35 @@
}
});
-=item rbl_timeout n (default: 15)
+=item rbl_timeout t [t_min] [zone] (default: 15 3)
-All DNS queries are made at the beginning of a check and we try to read the
-results at the end. This value specifies the maximum period of time to wait
-for an DNS query. If most of the DNS queries have succeeded for a particular
-message, then SpamAssassin will not wait for the full period to avoid wasting
-time on unresponsive server(s). For the default 15 second timeout, here is a
-chart of queries remaining versus the effective timeout in seconds:
-
- queries left 100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0%
- timeout 15 15 14 14 13 11 10 8 5 3 0
-
-In addition, whenever the effective timeout is lowered due to additional query
-results returning, the remaining queries are always given at least one more
-second before timing out, but the wait time will never exceed rbl_timeout.
-
-For example, if 20 queries are made at the beginning of a message check and 16
-queries have returned (leaving 20%), the remaining 4 queries must finish
-within 5 seconds of the beginning of the check or they will be timed out.
+All DNS queries are made at the beginning of a check and we try to read
+the results at the end. This value specifies the maximum period of time
+(in seconds) to wait for an DNS query. If most of the DNS queries have
+succeeded for a particular message, then SpamAssassin will not wait for
+the full period to avoid wasting time on unresponsive server(s), but will
+shrink the timeout according to a percentage of queries already completed.
+As the number of queries remaining approaches 0, the timeout value will
+gradually approach a t_min value, which is an optional second parameter
+and defaults to 0.2 * t. If t is smaller than t_min, the initial timeout
+is set to t_min. Here is a chart of queries remaining versus the timeout
+in seconds, for the default 15 second / 3 second timeout setting:
+
+ queries left 100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0%
+ timeout 15 14.9 14.5 13.9 13.1 12.0 10.7 9.1 7.3 5.3 3
+
+For example, if 20 queries are made at the beginning of a message check
+and 16 queries have returned (leaving 20%), the remaining 4 queries should
+finish within 7.3 seconds since their query started or they will be timed out.
+Note that timed out queries are only aborted when there is nothing else left
+for SpamAssassin to do - long evaluation of other rules may grant queries
+additional time.
+
+If a parameter 'zone' is specified (it must end with a letter, which
+distinguishes it from other numeric parametrs), then the setting only
+applies to DNS queries against the specified DNS domain (host, domain or
+RBL (sub)zone). Matching is case-insensitive, the actual domain may be a
+subdomain of the specified zone.
=cut
@@ -2437,7 +2469,29 @@
setting => 'rbl_timeout',
is_admin => 1,
default => 15,
- type => $CONF_TYPE_NUMERIC
+ code => sub {
+ my ($self, $key, $value, $line) = @_;
+ unless (defined $value && $value !~ /^$/) {
+ return $MISSING_REQUIRED_VALUE;
+ }
+ local ($1,$2,$3);
+ unless ($value =~ /^ ( [+-]? \d+ (?: \. \d*)? )
+ (?: \s+ ( [+-]? \d+ (?: \. \d*)? ) )?
+ (?: \s+ (\S* [a-zA-Z]) )? $/xs) {
+ return $INVALID_VALUE;
+ }
+ my $zone = $3;
+ if (!defined $zone) { # a global setting
+ $self->{rbl_timeout} = $1+0;
+ $self->{rbl_timeout_min} = $2+0 if defined $2;
+ }
+ else { # per-zone settings
+ $zone =~ s/^\.//; $zone =~ s/\.$//; # strip leading and trailing dot
+ $zone = lc $zone;
+ $self->{by_zone}{$zone}{rbl_timeout} = $1+0;
+ $self->{by_zone}{$zone}{rbl_timeout_min} = $2+0 if defined $2;
+ }
+ }
});
=item util_rb_tld tld1 tld2 ...
@@ -2537,7 +2591,7 @@
setting => 'bayes_file_mode',
is_admin => 1,
default => '0700',
- type => $CONF_TYPE_NUMERIC
+ type => $CONF_TYPE_STRING
});
=item bayes_store_module Name::Of::BayesStore::Module
@@ -3127,7 +3181,7 @@
$self->{regression_tests} = { };
$self->{rewrite_header} = { };
- $self->{user_rules_to_compile} = { };
+ $self->{want_rebuild_for_type} = { };
$self->{user_defined_rules} = { };
$self->{headers_spam} = { };
$self->{headers_ham} = { };
@@ -3485,10 +3539,13 @@
$dest = $self;
}
- # keys that should not be copied in ->clone()
+ # keys that should not be copied in ->clone().
+ # bug 4179: include want_rebuild_for_type, so that if a user rule
+ # is defined, its method will be recompiled for future scans in
+ # order to *remove* the generated method calls
my @NON_COPIED_KEYS = qw(
main eval_plugins plugins_loaded registered_commands sed_path_cache parser
- scoreset scores
+ scoreset scores want_rebuild_for_type
);
# keys that should can be copied using a ->clone() method, in ->clone()
@@ -3509,6 +3566,26 @@
$done{$var} = undef;
}
+ # bug 4179: be smarter about cloning the rule-type structures;
+ # some are like this: $self->{type}->{priority}->{name} = 'value';
+ # which is an extra level that the below code won't deal with
+ foreach my $t (@rule_types) {
+ foreach my $k (keys %{$source->{$t}}) {
+ my $v = $source->{$t}->{$k};
+ my $i = ref $v;
+ if ($i eq 'HASH') {
+ %{$dest->{$t}->{$k}} = %{$v};
+ }
+ elsif ($i eq 'ARRAY') {
+ @{$dest->{$t}->{$k}} = @{$v};
+ }
+ else {
+ $dest->{$t}->{$k} = $v;
+ }
+ }
+ $done{$t} = undef;
+ }
+
# and now, copy over all the rest -- the less complex cases.
while(my($k,$v) = each %{$source}) {
next if exists $done{$k}; # we handled it above
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/Conf/Parser.pm
^
|
| @@ -532,7 +532,8 @@
while ( my($sk) = each %{$conf->{scores}} ) {
if (!exists $conf->{tests}->{$sk}) {
- $self->lint_warn("config: warning: score set for non-existent rule $sk\n", $sk);
+ # bug 5514: not a lint warning any more
+ dbg("config: warning: score set for non-existent rule $sk");
}
}
}
@@ -1053,8 +1054,21 @@
$conf->{if_stack}->{$name} = $self->get_if_stack_as_string();
}
+ # if we found this rule in a user_prefs file, it's a user rule -- note that
+ # we may need to recompile the rule code for this type (if they've already
+ # been compiled, e.g. in spamd).
+ #
+ # Note: the want_rebuild_for_type 'flag' is actually a counter; it is decremented
+ # after each scan. This ensures that we always recompile at least once more;
+ # once to *define* the rule, and once afterwards to *undefine* the rule in the
+ # compiled ruleset again.
+ #
+ # If two consecutive scans use user rules, that's ok -- the second one will
+ # reset the counter, and we'll still recompile just once afterwards to undefine
+ # the rule again.
+ #
if ($self->{scoresonly}) {
- $conf->{user_rules_to_compile}->{$type} = 1;
+ $conf->{want_rebuild_for_type}->{$type} = 2;
$conf->{user_defined_rules}->{$name} = 1;
}
}
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/DBBasedAddrList.pm
^
|
| @@ -82,15 +82,19 @@
dbg("auto-whitelist: tie-ing to DB file of type $dbm_module $mod1 in $path");
+ ($self->{is_locked} && $dbm_module eq 'DB_File') and
+ Mail::SpamAssassin::Util::avoid_db_file_locking_bug ($path);
+
if (! tie %{ $self->{accum} }, $dbm_module, $path, $mod2,
- oct($main->{conf}->{auto_whitelist_file_mode}) ) {
- my $err = $!; # might get overwritten later
- if ($self->{is_locked}) {
- $self->{main}->{locker}->safe_unlock($self->{locked_file});
- $self->{is_locked} = 0;
- }
- die "auto-whitelist: cannot open auto_whitelist_path $path: $err\n";
+ oct($main->{conf}->{auto_whitelist_file_mode}) )
+ {
+ my $err = $!; # might get overwritten later
+ if ($self->{is_locked}) {
+ $self->{main}->{locker}->safe_unlock($self->{locked_file});
+ $self->{is_locked} = 0;
}
+ die "auto-whitelist: cannot open auto_whitelist_path $path: $err\n";
+ }
}
bless ($self, $class);
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/Dns.pm
^
|
| @@ -107,6 +107,7 @@
my $ent = {
key => $key,
+ zone => $host, # may serve to fetch other per-zone settings
type => "DNSBL-".$type,
sets => [ ], # filled in below
rules => [ ], # filled in below
@@ -114,10 +115,9 @@
};
my $id = $self->{resolver}->bgsend($host, $type, undef, sub {
- my $pkt = shift;
- my $id = shift;
+ my ($pkt, $id, $timestamp) = @_;
$self->process_dnsbl_result($ent, $pkt);
- $self->{async}->report_id_complete($id);
+ $self->{async}->report_id_complete($id,$key,$timestamp);
});
$ent->{id} = $id; # tie up the loose end
@@ -156,16 +156,16 @@
my $ent = {
key => $key,
+ zone => $host, # may serve to fetch other per-zone settings
type => "DNSBL-".$type,
rules => [ $rule ],
# id is filled in after we send the query below
};
my $id = $self->{resolver}->bgsend($host, $type, undef, sub {
- my $pkt = shift;
- my $id = shift;
+ my ($pkt, $id, $timestamp) = @_;
$self->process_dnsbl_result($ent, $pkt);
- $self->{async}->report_id_complete($id);
+ $self->{async}->report_id_complete($id,$key,$timestamp);
});
$ent->{id} = $id; # tie up the loose end
@@ -328,101 +328,78 @@
sub harvest_until_rule_completes {
my ($self, $rule) = @_;
- return if !defined $self->{async}->get_last_start_lookup_time();
+ dbg("dns: harvest_until_rule_completes");
+ my $result = 0;
+ my $total_waiting_time = 0;
+
+ for (my $first=1; ; $first=0) {
+ # complete_lookups() may call completed_callback(), which may
+ # call start_lookup() again (like in Plugin::URIDNSBL)
+ my ($alldone,$anydone,$waiting_time) =
+ $self->{async}->complete_lookups($first ? 0 : 1.0, 1);
+ $total_waiting_time += $waiting_time;
- my $deadline = $self->{conf}->{rbl_timeout} + $self->{async}->get_last_start_lookup_time();
- my $now = time;
-
- # should not give up before at least attempting to collect some responses
- # even if previous checks already exceeded rbl_timeout
- my $notbefore = $now + 1.2; # at least 1 second from now (time is integer)
-
- my @left = $self->{async}->get_pending_lookups();
- my $total = scalar @left;
-
- while ( (($now < $deadline) || ($now < $notbefore)) &&
- !$self->{async}->complete_lookups(1))
- {
- dbg(sprintf("dns: harvest_until_rule_completes: on extended time, ".
- "overdue by %.3f s, still %.3f s",
- $now-$deadline, $notbefore-$now)) if $now >= $deadline;
-
- if ($self->is_rule_complete($rule)) {
- return 1;
- }
+ $result = 1 if $self->is_rule_complete($rule);
+ last if $result || $alldone;
+ dbg("dns: harvest_until_rule_completes - check_tick");
$self->{main}->call_plugins ("check_tick", { permsgstatus => $self });
- @left = $self->{async}->get_pending_lookups();
-
- # complete_lookups could cause a change in get_last_start_lookup_time
- $deadline = $self->{conf}->{rbl_timeout} +
- $self->{async}->get_last_start_lookup_time();
-
- # dynamic timeout
- my $dynamic = (int($self->{conf}->{rbl_timeout}
- * (1 - 0.7*(($total - @left) / $total) ** 2) + 1)
- + $self->{async}->get_last_start_lookup_time());
- $deadline = $dynamic if ($dynamic < $deadline);
- $now = time;
}
+ dbg("dns: timing: %.3f s sleeping in harvest_until_rule_completes",
+ $total_waiting_time) if $total_waiting_time > 0;
+
+ return $result;
}
sub harvest_dnsbl_queries {
my ($self) = @_;
- return if !defined $self->{async}->get_last_start_lookup_time();
+ dbg("dns: harvest_dnsbl_queries");
+ my $total_waiting_time = 0;
- my $deadline = $self->{conf}->{rbl_timeout} + $self->{async}->get_last_start_lookup_time();
- my $now = time;
+ for (my $first=1; ; $first=0) {
- # should not give up before at least attempting to collect some responses
- # (which may have arrived by now), even if previous checks (like Razor,
- # dcc, Botnet, rules) already exceeded rbl_timeout
- my $notbefore = $now + 1.2; # at least 1 second from now (time is integer)
+ # complete_lookups() may call completed_callback(), which may
+ # call start_lookup() again (like in Plugin::URIDNSBL)
- my @left = $self->{async}->get_pending_lookups();
- my $total = scalar @left;
+ # the first time around we specify a 0 timeout, which gives
+ # complete_lookups a chance to ripe any available results and
+ # abort overdue requests, without needlessly waiting for more
- while ( (($now < $deadline) || ($now < $notbefore)) &&
- !$self->{async}->complete_lookups(1))
- {
- dbg(sprintf("dns: harvest_dnsbl_queries: on extended time, ".
- "overdue by %.3f s, still %.3f s",
- $now-$deadline, $notbefore-$now)) if $now >= $deadline;
+ my ($alldone,$anydone,$waiting_time) =
+ $self->{async}->complete_lookups($first ? 0 : 1.0, 1);
+ $total_waiting_time += $waiting_time;
- $self->{main}->call_plugins ("check_tick", { permsgstatus => $self });
- @left = $self->{async}->get_pending_lookups();
+ last if $alldone;
- # complete_lookups() may have called completed_callback, which may call
- # start_lookup() again (like in URIDNSBL), so get_last_start_lookup_time
- # may have changed and deadline needs to be recomputed
- $deadline = $self->{conf}->{rbl_timeout} +
- $self->{async}->get_last_start_lookup_time();
-
- # dynamic timeout
- my $dynamic = (int($self->{conf}->{rbl_timeout}
- * (1 - 0.7*(($total - @left) / $total) ** 2) + 1)
- + $self->{async}->get_last_start_lookup_time());
- $deadline = $dynamic if ($dynamic < $deadline);
- $now = time; # and loop again
- }
-
- dbg("dns: success for " . ($total - @left) . " of $total queries");
-
- # timeouts
- @left = $self->{async}->get_pending_lookups();
- $now = time;
- for my $query (@left) {
- my $string = join(", ", grep { defined }
- map { ref $query->{$_} ? @{$query->{$_}} : $query->{$_} }
- qw(sets rules rulename type key) );
- my $delay = $now - $self->{async}->get_last_start_lookup_time();
- dbg("dns: timeout for $string after $delay seconds");
+ dbg("dns: harvest_dnsbl_queries - check_tick");
+ $self->{main}->call_plugins ("check_tick", { permsgstatus => $self });
}
- # and explicitly abort anything left
+ # explicitly abort anything left
$self->{async}->abort_remaining_lookups();
+ $self->{async}->log_lookups_timing();
$self->mark_all_async_rules_complete();
+ dbg("dns: timing: %.3f s sleeping in harvest_dnsbl_queries",
+ $total_waiting_time) if $total_waiting_time > 0;
+ 1;
+}
+
+# collect and process whatever DNS responses have already arrived,
+# don't waste time waiting for more, don't poll too often.
+# don't abort any queries even if overdue,
+sub harvest_completed_queries {
+ my ($self) = @_;
+
+ # don't bother collecting responses too often
+ my $last_poll_time = $self->{async}->last_poll_responses_time();
+ return if defined $last_poll_time && time - $last_poll_time < 0.1;
+
+ my ($alldone,$anydone) = $self->{async}->complete_lookups(0, 0);
+ if ($anydone) {
+ dbg("dns: harvested completed queries");
+# $self->{main}->call_plugins ("check_tick", { permsgstatus => $self });
+ }
}
sub set_rbl_tag_data {
@@ -458,6 +435,12 @@
return $self->{resolver}->load_resolver();
}
+sub clear_resolver {
+ my ($self) = @_;
+ $self->{main}->{resolver}->{res} = undef;
+ return 0;
+}
+
sub lookup_ns {
my ($self, $dom) = @_;
@@ -480,11 +463,12 @@
}
}
$nsrecords = $self->{dnscache}->{NS}->{$dom} = [ @nses ];
- };
- if ($@) {
- dbg("dns: NS lookup failed horribly, perhaps bad resolv.conf setting? ($@)");
+ 1;
+ } or do {
+ my $eval_stat = $@ ne '' ? $@ : "errno=$!"; chomp $eval_stat;
+ dbg("dns: NS lookup failed horribly, perhaps bad resolv.conf setting? ($eval_stat)");
return undef;
- }
+ };
}
$nsrecords;
@@ -514,11 +498,12 @@
}
$mxrecords = $self->{dnscache}->{MX}->{$dom} = [ @ips ];
- };
- if ($@) {
- dbg("dns: MX lookup failed horribly, perhaps bad resolv.conf setting? ($@)");
+ 1;
+ } or do {
+ my $eval_stat = $@ ne '' ? $@ : "errno=$!"; chomp $eval_stat;
+ dbg("dns: MX lookup failed horribly, perhaps bad resolv.conf setting? ($eval_stat)");
return undef;
- }
+ };
}
$mxrecords;
@@ -572,12 +557,12 @@
}
$name = $self->{dnscache}->{PTR}->{$dom} = $name;
- };
-
- if ($@) {
- dbg("dns: PTR lookup failed horribly, perhaps bad resolv.conf setting? ($@)");
+ 1;
+ } or do {
+ my $eval_stat = $@ ne '' ? $@ : "errno=$!"; chomp $eval_stat;
+ dbg("dns: PTR lookup failed horribly, perhaps bad resolv.conf setting? ($eval_stat)");
return undef;
- }
+ };
}
dbg("dns: PTR for '$dom': '$name'");
@@ -614,12 +599,12 @@
}
}
$self->{dnscache}->{A}->{$name} = [ @addrs ];
- };
-
- if ($@) {
- dbg("dns: A lookup failed horribly, perhaps bad resolv.conf setting? ($@)");
+ 1;
+ } or do {
+ my $eval_stat = $@ ne '' ? $@ : "errno=$!"; chomp $eval_stat;
+ dbg("dns: A lookup failed horribly, perhaps bad resolv.conf setting? ($eval_stat)");
return undef;
- }
+ };
}
dbg("dns: A records for '$name': ".join (' ', @addrs));
@@ -639,7 +624,8 @@
# working DNS and our check interval time has passed
if ($dnsopt eq "test" && $diff > $dnsint) {
$IS_DNS_AVAILABLE = undef;
- dbg("dns: is_dns_available() last checked $diff seconds ago; re-checking");
+ dbg("dns: is_dns_available() last checked %.1f seconds ago; re-checking",
+ $diff);
}
return $IS_DNS_AVAILABLE if (defined $IS_DNS_AVAILABLE);
@@ -655,12 +641,6 @@
# DNS if we're only supposed to be looking at local tests.
goto done if ($self->{main}->{local_tests_only});
- if ($dnsopt eq "yes") {
- $IS_DNS_AVAILABLE = 1;
- dbg("dns: dns_available set to yes in config file, skipping test");
- return $IS_DNS_AVAILABLE;
- }
-
# Check version numbers - runtime check only
if (defined $Net::DNS::VERSION) {
if (Mail::SpamAssassin::Util::am_running_on_windows()) {
@@ -677,8 +657,25 @@
}
}
+ $self->clear_resolver();
goto done unless $self->load_resolver();
+ my @nameservers = $self->{resolver}->nameservers();
+
+ # optionally shuffle the list of nameservers to distribute the load
+ if ($self->{conf}->{dns_options}->{rotate}) {
+ Mail::SpamAssassin::Util::fisher_yates_shuffle(\@nameservers);
+ dbg("dns: shuffled NS list: ".join(", ", @nameservers));
+ $self->{resolver}->nameservers(@nameservers);
+ $self->{resolver}->connect_sock();
+ }
+
+ if ($dnsopt eq "yes") {
+ $IS_DNS_AVAILABLE = 1;
+ dbg("dns: dns_available set to yes in config file, skipping test");
+ return $IS_DNS_AVAILABLE;
+ }
+
if ($dnsopt =~ /test:\s+(.+)$/) {
my $servers=$1;
dbg("dns: servers: $servers");
@@ -688,15 +685,11 @@
@domains = @EXISTING_DOMAINS;
}
- # TODO: retry every now and again if we get this far, but the
- # next test fails? could be because the ethernet cable has
- # simply fallen out ;)
-
# Net::DNS::Resolver scans a list of nameservers when it does a foreground query
# but only uses the first in a background query like we use.
# Try the different nameservers here in case the first one is not woorking
-
- my @nameservers = $self->{resolver}->nameservers();
+
+ my @good_nameservers = ();
dbg("dns: testing resolver nameservers: ".join(", ", @nameservers));
my $ns;
while( $ns = shift(@nameservers)) {
@@ -708,6 +701,7 @@
if (scalar @$result > 0) {
dbg("dns: NS lookup of $domain using $ns succeeded => DNS available (set dns_available to override)");
$IS_DNS_AVAILABLE = 1;
+ push(@good_nameservers, $ns);
last;
}
else {
@@ -721,13 +715,18 @@
last;
}
}
- last if $IS_DNS_AVAILABLE;
- dbg("dns: NS lookups failed, removing nameserver $ns from list");
$self->{resolver}->nameservers(@nameservers);
$self->{resolver}->connect_sock(); # reconnect socket to new nameserver
}
- dbg("dns: all NS queries failed => DNS unavailable (set dns_available to override)") if ($IS_DNS_AVAILABLE == 0);
+ if ($IS_DNS_AVAILABLE == 1)
+ {
+ dbg("dns: NS list: ".join(", ", @good_nameservers));
+ $self->{resolver}->nameservers(@good_nameservers);
+ $self->{resolver}->connect_sock();
+ } else {
+ dbg("dns: all NS queries failed => DNS unavailable (set dns_available to override)");
+ }
done:
# jm: leaving this in!
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/DnsResolver.pm
^
|
| @@ -42,6 +42,7 @@
use Mail::SpamAssassin;
use Mail::SpamAssassin::Logger;
+use Socket;
use IO::Socket::INET;
use Errno qw(EADDRINUSE EACCES);
@@ -49,6 +50,12 @@
our @ISA = qw();
+# Load Time::HiRes if it's available
+BEGIN {
+ eval { require Time::HiRes };
+ Time::HiRes->import( qw(time) ) unless $@;
+}
+
###########################################################################
sub new {
@@ -233,6 +240,26 @@
goto no_sock;
}
+ eval {
+ my($bufsiz,$newbufsiz);
+ $bufsiz = $sock->sockopt(Socket::SO_RCVBUF)
+ or die "Can't get a resolver socket rx buffer size: $!";
+ if ($bufsiz >= 32*1024) {
+ dbg("dns: resolver socket rx buffer size is %d bytes", $bufsiz);
+ } else {
+ $sock->sockopt(Socket::SO_RCVBUF, 32*1024)
+ or die "Can't set a resolver socket rx buffer size: $!";
+ $newbufsiz = $sock->sockopt(Socket::SO_RCVBUF)
+ or die "Can't get a resolver socket rx buffer size: $!";
+ dbg("dns: resolver socket rx buffer size changed from %d to %d bytes",
+ $bufsiz, $newbufsiz);
+ }
+ 1;
+ } or do {
+ my $eval_stat = $@ ne '' ? $@ : "errno=$!"; chomp $eval_stat;
+ info("dns: socket buffer size error: $eval_stat");
+ };
+
$self->{sock} = $sock;
$self->{sock_as_vec} = $self->fhs_to_vec($self->{sock});
return;
@@ -293,13 +320,14 @@
# a bit noisy, so commented by default...
#dbg("dns: new DNS packet time=".time()." host=$host type=$type id=".$packet->id);
- };
-
- if ($@) {
+ 1;
+ } or do {
+ my $eval_stat = $@ ne '' ? $@ : "errno=$!"; chomp $eval_stat;
# this can happen if Net::DNS isn't available -- but in this
# case this function should never be called!
- warn "dns: cannot create Net::DNS::Packet, but new_dns_packet() was called: $@ $!";
- }
+ warn "dns: cannot create Net::DNS::Packet, but new_dns_packet() was called: $eval_stat";
+ };
+
return $packet;
}
@@ -338,18 +366,19 @@
Note that C<$type> and C<$class> may be C<undef>, in which case they
will default to C<A> and C<IN>, respectively.
-The callback sub will be called with two arguments -- the packet that was
-delivered and an id string that fingerprints the query packet and the expected reply.
-It is expected that a closure callback be used, like so:
+The callback sub will be called with three arguments -- the packet that was
+delivered, and an id string that fingerprints the query packet and the expected
+reply. The third argument is a timestamp (Unix time, floating point), captured
+at the time the packet was collected. It is expected that a closure callback
+be used, like so:
my $id = $self->{resolver}->bgsend($host, $type, undef, sub {
- my $reply = shift;
- my $reply_id = shift;
+ my ($reply, $reply_id, $timestamp) = @_;
$self->got_a_reply ($reply, $reply_id);
});
-The callback can ignore the reply as an invalid packet sent to the listening port
-if the reply id does not match the return value from bgsend.
+The callback can ignore the reply as an invalid packet sent to the listening
+port if the reply id does not match the return value from bgsend.
=cut
@@ -384,46 +413,53 @@
my ($self, $timeout) = @_;
return if $self->{no_resolver};
return if !$self->{sock};
+ my $cnt = 0;
+ my $waiting_time = 0;
my $rin = $self->{sock_as_vec};
my $rout;
- my ($nfound, $timeleft) = select($rout=$rin, undef, undef, $timeout);
- if (!defined $nfound || $nfound < 0) {
- warn "dns: select failed: $!";
- return;
- }
+ for (;;) {
+ my $now_before = time;
+ my ($nfound, $timeleft) = select($rout=$rin, undef, undef, $timeout);
+ if (!defined $nfound || $nfound < 0) {
+ warn "dns: select failed: $!";
+ return;
+ }
- if ($nfound == 0) {
- return 0; # nothing's ready yet
- }
+ my $now = time;
+ if ($now > $now_before && (!defined($timeout) || $timeout > 0)) {
+ $waiting_time += $now - $now_before;
+ }
+ $timeout = 0; # next time around collect whatever is available, then exit
+ last if $nfound == 0;
- my $packet = $self->{res}->bgread($self->{sock});
- my $err = $self->{res}->errorstring;
+ my $packet = $self->{res}->bgread($self->{sock});
+ my $err = $self->{res}->errorstring;
- if (defined $packet &&
- defined $packet->header &&
- defined $packet->question &&
- defined $packet->answer)
- {
- my $id = $self->_packet_id($packet);
-
- my $cb = delete $self->{id_to_callback}->{$id};
- if (!$cb) {
- dbg("dns: no callback for id: $id, ignored; packet: ".
- ($packet ? $packet->string : "undef"));
- return 0;
+ if (defined $packet &&
+ defined $packet->header &&
+ defined $packet->question &&
+ defined $packet->answer)
+ {
+ my $id = $self->_packet_id($packet);
+
+ my $cb = delete $self->{id_to_callback}->{$id};
+ if (!$cb) {
+ dbg("dns: no callback for id: %s, ignored; packet: %s",
+ $id, $packet ? $packet->string : "undef" );
+ } else {
+ $cb->($packet, $id, $now);
+ $cnt++;
+ }
+ }
+ else {
+ dbg("dns: no packet! err=%s packet=%s",
+ $err, $packet ? $packet->string : "undef" );
}
-
- $cb->($packet, $id);
- return 1;
- }
- else {
- dbg("dns: no packet! err=$err packet=".
- ($packet ? $packet->string : "undef"));
}
- return 0;
+ return wantarray ? ($cnt, $waiting_time) : $cnt;
}
###########################################################################
@@ -457,6 +493,7 @@
my $retries = $self->{retry};
my $timeout = $retrans;
my $answerpkt;
+ my $answerpkt_avail = 0;
for (my $i = 0;
(($i < $retries) && !defined($answerpkt));
++$i, $retrans *= 2, $timeout = $retrans) {
@@ -464,18 +501,18 @@
$timeout = 1 if ($timeout < 1);
# note nifty use of a closure here. I love closures ;)
$self->bgsend($name, $type, $class, sub {
- $answerpkt = shift;
+ my ($reply, $reply_id, $timestamp) = @_;
+ $answerpkt = $reply; $answerpkt_avail = 1;
});
my $now = time;
my $deadline = $now + $timeout;
- while (($now < $deadline) && (!defined($answerpkt))) {
+ while (!$answerpkt_avail) {
+ if ($now >= $deadline) { $self->{send_timed_out} = 1; last }
$self->poll_responses(1);
- last if defined $answerpkt;
$now = time;
}
- $self->{send_timed_out} = 1 unless ($now < $deadline);
}
return $answerpkt;
}
@@ -539,8 +576,11 @@
my $rin = '';
foreach my $sock (@fhlist) {
my $fno = fileno($sock);
- warn "dns: oops! fileno now undef for $sock" unless defined($fno);
- vec ($rin, $fno, 1) = 1;
+ if (!defined $fno) {
+ warn "dns: oops! fileno now undef for $sock";
+ } else {
+ vec ($rin, $fno, 1) = 1;
+ }
}
return $rin;
}
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/Locker/Flock.pm
^
|
| @@ -53,7 +53,7 @@
$max_retries ||= 30;
$mode ||= 0600;
- $mode = oct $mode if $mode =~ /^0/; # accept number or string
+ $mode = oct $mode;
my $lock_file = "$path.mutex";
my $umask = umask(~$mode);
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/Logger.pm
^
|
| @@ -194,9 +194,10 @@
# remember to avoid deep recursion, my friend
sub _log {
- my ($level, $message) = @_;
+ my ($level, $message, @args) = @_;
my $facility = "generic";
+ local ($1,$2);
if ($message =~ /^(\S+?): (.*)/s) {
$facility = $1;
$message = $2;
@@ -209,6 +210,7 @@
$LOG_SA{facility}->{$facility});
}
+ if (@args && index($message,'%') >= 0) { $message = sprintf($message,@args) }
$message =~ s/\n+$//s;
$message =~ s/^/${facility}: /mg;
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/Message.pm
^
|
| @@ -524,12 +524,6 @@
# Clean ourself up
$self->finish_metadata();
- # delete temporary files
- if ($self->{'tmpfiles'}) {
- unlink @{$self->{'tmpfiles'}};
- delete $self->{'tmpfiles'};
- }
-
# These will only be in the root Message node
delete $self->{'mime_boundary_state'};
delete $self->{'mbox_sep'};
@@ -543,6 +537,17 @@
# Go ahead and clean up all of the Message::Node parts
while (my $part = shift @toclean) {
+ # bug 5557: windows requires tmp file be closed before it can be rm'd
+ if (ref $part->{'raw'} eq 'GLOB') {
+ close ($part->{'raw'});
+ }
+
+ # bug 5858: avoid memory leak with deep MIME structure
+ if (defined ($part->{metadata})) {
+ $part->{metadata}->finish();
+ delete $part->{metadata};
+ }
+
delete $part->{'headers'};
delete $part->{'raw_headers'};
delete $part->{'header_order'};
@@ -560,6 +565,12 @@
delete $part->{'body_parts'};
}
}
+
+ # delete temporary files
+ if ($self->{'tmpfiles'}) {
+ unlink @{$self->{'tmpfiles'}};
+ delete $self->{'tmpfiles'};
+ }
}
# also use a DESTROY method, just to ensure (as much as possible) that
@@ -634,7 +645,11 @@
# If it's not multipart, go ahead and just deal with it.
$self->_parse_normal($toparse);
- if ($toparse->[0]->{'type'} =~ /^message\b/i && ($toparse->[3] > 0)) {
+ # bug 5041: exclude message/partial messages, however
+ if ($toparse->[0]->{'type'} =~ /^message\b/i &&
+ $toparse->[0]->{'type'} !~ /^message\/partial$/i &&
+ ($toparse->[3] > 0))
+ {
# Just decode the part, but we don't care about the result here.
$toparse->[0]->decode(0);
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/Message/Metadata/Received.pm
^
|
| @@ -106,10 +106,24 @@
}
}
+ my $IP_ADDRESS = IP_ADDRESS;
my $IP_PRIVATE = IP_PRIVATE;
my $LOCALHOST = LOCALHOST;
- foreach my $line ( $msg->get_header('Received') ) {
+ my @hdrs = $msg->get_header('Received');
+
+ # Now add the single line headers like X-Originating-IP. (bug 5680)
+ # we convert them into synthetic "Received" headers so we can share
+ # code below.
+ for my $header ('X-Yahoo-Post-IP', 'X-Originating-IP',
+ 'X-Apparently-From', 'X-SenderIP')
+ {
+ my $str = $msg->get_header($header);
+ next unless ($str && $str =~ m/($IP_ADDRESS)/);
+ push @hdrs, "from X-Originating-IP: $1\n";
+ }
+
+ foreach my $line ( @hdrs ) {
# qmail-scanner support hack: we may have had one of these set from the
# previous (read: more recent) Received header. if so, add it on to this
@@ -288,6 +302,7 @@
sub parse_received_line {
my ($self) = shift;
local ($_) = shift;
+ local ($1,$2,$3,$4,$5,$6);
s/\s+/ /g;
s/^ //;
@@ -333,7 +348,8 @@
# Received: from virtual-access.org by bolero.conactive.com ; Thu, 20 Feb 2003 23:32:58 +0100
# Received: FROM ca-ex-bridge1.nai.com BY scwsout1.nai.com ; Fri Feb 07 10:18:12 2003 -0800
- if (/^from \S+ by [^\s;]+ ?;/i) { return 0; }
+ # but not: Received: from [86.122.158.69] by mta2.iomartmail.com; Thu, 2 Aug 2007 21:50:04 -0200
+ if (/^from (\S+) by [^\s;]+ ?;/i && $1 !~ /^\[[\d.]+\]$/) { return 0; }
# ---------------------------------------------------------------------------
@@ -403,6 +419,14 @@
return 0;
}
+ # AOL WebMail headers
+ if (/aol\.com/ && /with HTTP \(WebMailUI\)/) {
+ # Received: from 82.135.198.129 by FWM-M18.sysops.aol.com (64.12.168.82) with HTTP (WebMailUI); Tue, 19 Jun 2007 11:16:54 -0400
+ if(/(${IP_ADDRESS}) by (\S+) \(${IP_ADDRESS}\) with HTTP \(WebMailUI\)/) {
+ $ip = $1; $by = $2; goto enough;
+ }
+ }
+
# catch MS-ish headers here
if (/ SMTPSVC/) {
# MS servers using this fmt do not lookup the rDNS.
@@ -1013,6 +1037,12 @@
goto enough;
}
+ # a synthetic header, generated internally:
+ # Received: X-Originating-IP: 1.2.3.4
+ if (/^X-Originating-IP: (\S+)$/) {
+ $ip = $1; $by = ''; goto enough;
+ }
+
## STUFF TO IGNORE ##
# Received: from raptor.research.att.com (bala@localhost) by
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/Message/Node.pm
^
|
| @@ -331,7 +331,6 @@
$self->{'decoded'} = Mail::SpamAssassin::Util::base64_decode($raw);
}
- # If it's a type text or message, split it into an array of lines
if ( $self->{'type'} =~ m@^(?:text|message)\b/@i ) {
$self->{'decoded'} =~ s/\015\012/\012/gs;
}
@@ -688,7 +687,7 @@
$self->{'truncated_header'} = 1;
last HEADER;
}
- $lines[$position] = $self->{header_order}->[$position] . ": $contents";
+ $lines[$position] = $self->{header_order}->[$position].":".$contents;
}
}
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/Plugin/ASN.pm
^
|
| @@ -212,13 +212,19 @@
# do the DNS query, have the callback process the result rather than poll for them later
my $zone_index = $index;
- my $id = $scanner->{main}->{resolver}->bgsend("${reversed_ip_quad}.$entry->{zone}", 'TXT', undef, sub {
- my $pkt = shift;
+ my $zone = $reversed_ip_quad . '.' . $entry->{zone};
+ my $key = "asnlookup-${zone_index}-$entry->{zone}";
+ my $id = $scanner->{main}->{resolver}->bgsend($zone, 'TXT', undef, sub {
+ my ($pkt, $id, $timestamp) = @_;
+ $scanner->{async}->set_response_packet($id, $pkt, $key, $timestamp);
$self->process_dns_result($scanner, $pkt, $zone_index);
});
-
- $scanner->{async}->start_lookup({ key=>"asnlookup-${zone_index}-$entry->{zone}", id=>$id, type=>'TXT' });
- dbg("asn: launched DNS TXT query for ${reversed_ip_quad}.$entry->{zone} in background");
+ my $ent = {
+ key=>$key, id=>$id, type=>'TXT',
+ zone => $zone, # serves to fetch other per-zone settings
+ };
+ $scanner->{async}->start_lookup($ent);
+ dbg("asn: launched DNS TXT query for $reversed_ip_quad.$entry->{zone} in background");
$index++;
}
@@ -233,7 +239,7 @@
my $asn_tag = $conf->{asnlookups}[$zone_index]->{asn_tag};
my $route_tag = $conf->{asnlookups}[$zone_index]->{route_tag};
- my @answer = $response->answer;
+ my @answer = !defined $response ? () : $response->answer;
foreach my $rr (@answer) {
dbg("asn: $zone: lookup result packet: '".$rr->string."'");
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/Plugin/BodyRuleBaseExtractor.pm
^
|
| @@ -31,6 +31,8 @@
use Mail::SpamAssassin::Logger;
use Mail::SpamAssassin::Util::Progress;
+use Data::Dumper;
+
use strict;
use warnings;
use bytes;
@@ -103,7 +105,7 @@
my @failed = ();
my $yes = 0;
my $no = 0;
-
+ my $count = 0;
my $start = time;
$self->{main} = $conf->{main}; # for use in extract_hints()
info ("extracting from rules of type $ruletype");
@@ -115,21 +117,51 @@
# require this many chars in a base string for it to be viable
my $min_chars = 3;
- my $count = 0;
my $progress;
-
$self->{show_progress} and $progress = Mail::SpamAssassin::Util::Progress->new({
- total => scalar keys %{$rules},
+ total => (scalar keys %{$rules} || 1),
itemtype => 'rules',
});
+ my $cached = { };
+ my $cachefile;
+
+ if ($self->{main}->{bases_cache_dir}) {
+ $cachefile = $self->{main}->{bases_cache_dir}."/rules.$ruletype";
+ $cached = $self->read_cachefile($cachefile);
+ }
+
+NEXT_RULE:
foreach my $name (keys %{$rules}) {
- my $rule = $rules->{$name};
$self->{show_progress} and $progress->update(++$count);
+ my $rule = $rules->{$name};
+ my $cachekey = join "#", $name, $rule;
+
+ my $cent = $cached->{rule_bases}->{$cachekey};
+ if (defined $cent) {
+ if (defined $cent->{g}) {
+ dbg("zoom: YES (cached) $rule");
+ foreach my $ent (@{$cent->{g}}) {
+ # note: we have to copy these, since otherwise later
+ # modifications corrupt the cached data
+ push @good_bases, {
+ base => $ent->{base}, orig => $ent->{orig}, name => $ent->{name}
+ };
+ }
+ $yes++;
+ }
+ else {
+ dbg("zoom: NO (cached) $rule");
+ push @failed, { orig => $rule }; # no need to cache this
+ $no++;
+ }
+ next NEXT_RULE;
+ }
+
# ignore ReplaceTags rules
# TODO: need cleaner way to do this
- next if ($conf->{rules_to_replace}->{$name});
+ goto NO if ($conf->{rules_to_replace}->{$name});
my ($qr, $mods) = $self->simplify_and_qr_regexp($rule);
@@ -163,15 +195,22 @@
}
}
+ my @forcache = ();
+
foreach my $base (@bases) {
next if $subsumed{$base};
push @good_bases, { base => $base, orig => $rule, name => $name };
+ # *separate* copies for cache -- we modify the @good_bases entry
+ push @forcache, { base => $base, orig => $rule, name => $name };
}
+ $cached->{rule_bases}->{$cachekey} = { g => \@forcache };
$yes++;
}
else {
+NO:
dbg("zoom: NO $rule");
push @failed, { orig => $rule };
+ $cached->{rule_bases}->{$cachekey} = { };
$no++;
}
}
@@ -220,48 +259,73 @@
$count = 0;
$self->{show_progress} and $progress = Mail::SpamAssassin::Util::Progress->new({
- total => scalar @good_bases,
+ total => (scalar @good_bases || 1),
itemtype => 'bases',
});
+ # this bit is annoyingly O(N^2). Rewrite the data -- the @good_bases
+ # array -- into a more efficient format, using arrays and with a little
+ # bit of precomputation, to go (quite a bit) faster
+
+ my @rewritten = ();
foreach my $set1 (@good_bases) {
- $self->{show_progress} and $progress->update(++$count);
+ my $base = $set1->{base};
+ next if (!$base || !$set1->{name});
+ push @rewritten, [
+ $base, # 0
+ $set1->{name}, # 1
+ $set1->{orig}, # 2
+ length $base, # 3
+ qr/\Q$base\E/, # 4
+ 0 # 5, has_multiple flag
+ ];
+ }
+ @good_bases = @rewritten;
- my $base1 = $set1->{base};
- my $orig1 = $set1->{orig};
- my $name1 = $set1->{name};
- next if ($base1 eq '' or $name1 eq '');
+ foreach my $set1 (@good_bases) {
+ $self->{show_progress} and $progress->update(++$count);
+ my $base1 = $set1->[0]; next unless $base1;
+ my $name1 = $set1->[1];
+ my $orig1 = $set1->[2];
$conf->{base_orig}->{$ruletype}->{$name1} = $orig1;
+ my $len1 = $set1->[3];
foreach my $set2 (@good_bases) {
next if ($set1 == $set2);
- my $base2 = $set2->{base};
- my $name2 = $set2->{name};
+ my $base2 = $set2->[0]; next unless $base2;
+ my $name2 = $set2->[1];
# clobber exact dups; this can happen if a regexp outputs the
# same base string multiple times
- if ($orig1 eq $set2->{orig} &&
- $base1 eq $base2 &&
- $name1 eq $name2)
+ if ($base1 eq $base2 &&
+ $name1 eq $name2 &&
+ $orig1 eq $set2->[2])
{
- $set2->{name} = ''; # clobber
- $set2->{base} = '';
+ $set2->[0] = ''; # clobber
+ next;
}
- # skip if either already contains the other rule's name
- next if ($name1 =~ /\b\Q$name2\E\b/);
- next if ($name2 =~ /\b\Q$name1\E\b/);
+ # skip if it's too short to contain the other base string
+ next if ($len1 < $set2->[3]);
- next if ($base2 eq '');
- next if (length $base1 < length $base2);
- next if ($base1 !~ /\Q$base2\E/);
+ # skip if either already contains the other rule's name
+ # optimize: this can only happen if the base has more than
+ # one rule already attached, ie [5]
+ next if ($set2->[5] && $name2 =~ /(?: |^)\Q$name1\E(?: |$)/);
+
+ # don't use $name1 here, since another base in the set2 loop
+ # may have added $name2 since we set that
+ next if ($set1->[5] && $set1->[1] =~ /(?: |^)\Q$name2\E(?: |$)/);
- $set1->{name} .= " ".$name2;
+ # and finally check to see if it *does* contain the other base string
+ next if ($base1 !~ $set2->[4]);
# base2 is just a subset of base1
- # dbg("zoom: subsuming '$base2' into '$base1': $set1->{name}");
+ # dbg("zoom: subsuming '$base2' ($name2) into '$base1': [1]=$set1->[1] [5]=$set1->[5]");
+ $set1->[1] .= " ".$name2;
+ $set1->[5] = 1;
}
}
@@ -270,31 +334,31 @@
# the above search hasn't found. Collapse them here with a hash
my %bases = ();
foreach my $set (@good_bases) {
- my $base = $set->{base};
+ my $base = $set->[0];
next unless $base;
+
if (defined $bases{$base}) {
- $bases{$base} .= " ".$set->{name};
+ $bases{$base} .= " ".$set->[1];
} else {
- $bases{$base} = $set->{name};
+ $bases{$base} = $set->[1];
}
}
+ undef @good_bases;
foreach my $base (keys %bases) {
# uniq the list, since there are probably dup rules listed
- my @list = split (' ', $bases{$base});
- my @uniqed;
-
- {
- my %u=(); @uniqed = grep {defined} map {
- if (exists $u{$_}) { undef; } else { $u{$_}=undef;$_; }
- } @list; undef %u;
+ my %u = ();
+ for my $i (split ' ', $bases{$base}) {
+ next if exists $u{$i}; undef $u{$i};
}
-
- my $key = join ' ', sort @uniqed;
- $conf->{base_string}->{$ruletype}->{$base} = $key;
+ $conf->{base_string}->{$ruletype}->{$base} = join ' ', sort keys %u;
}
$self->{show_progress} and $progress->final();
+ if ($cachefile) {
+ $self->write_cachefile ($cachefile, $cached);
+ }
+
my $elapsed = time - $start;
info ("$ruletype: ".
(scalar keys %{$conf->{base_string}->{$ruletype}}).
@@ -417,7 +481,7 @@
}
}
}
- print $tmpfh "m".$quos.$rule.$quos.$mods;
+ print $tmpfh "use bytes; m".$quos.$rule.$quos.$mods;
close $tmpfh or die "cannot write to $tmpf";
my $perl = $self->get_perl();
@@ -519,8 +583,13 @@
# we can do both, since we canonicalize to lc.
if (!$spcs && $item =~ /^EXACT/ && $args =~ /<(.*)>/)
{
- $buf .= $1;
- if (length $1 >= 55 && $buf =~ s/\.\.\.$//) {
+ my $str = $1;
+ $buf .= $str;
+ if ($buf =~ s/\\x\{[0-9a-fA-F]{4,}\}.*$//) {
+ # a high Unicode codepoint, interpreted by perl 5.8.x. cut and stop
+ $add_candidate->();
+ }
+ if (length $str >= 55 && $buf =~ s/\.\.\.$//) {
# perl 5.8.x truncates with a "..." here! cut and stop
$add_candidate->();
}
@@ -880,4 +949,33 @@
###########################################################################
+sub read_cachefile {
+ my ($self, $cachefile) = @_;
+ if (open(IN, "<".$cachefile)) {
+ my $str = join("", <IN>);
+ close IN;
+ $str =~ /^(.*)$/s;
+ my $untainted = $1;
+
+ my $VAR1; # Data::Dumper
+ if (eval $untainted) {
+ return $VAR1; # Data::Dumper's naming
+ }
+ }
+ return { };
+}
+
+sub write_cachefile {
+ my ($self, $cachefile, $cached) = @_;
+
+ my $dump = Data::Dumper->new ([ $cached ]);
+ $dump->Deepcopy(1);
+ $dump->Purity(1);
+ $dump->Indent(1);
+ mkdir ($self->{main}->{bases_cache_dir});
+ open (CACHE, ">$cachefile") or warn "cannot write to $cachefile";
+ print CACHE $dump->Dump, ";1;";
+ close CACHE or warn "cannot close $cachefile";
+}
+
1;
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/Plugin/Check.pm
^
|
| @@ -91,29 +91,41 @@
$pms->{resolver}->finish_socket() if $pms->{resolver};
}
+ $pms->harvest_completed_queries();
# allow other, plugin-defined rule types to be called here
$self->{main}->call_plugins ("check_rules_at_priority",
{ permsgstatus => $pms, priority => $priority, checkobj => $self });
# do head tests
$self->do_head_tests($pms, $priority);
+ $pms->harvest_completed_queries();
$self->do_head_eval_tests($pms, $priority);
+ $pms->harvest_completed_queries();
$self->do_body_tests($pms, $priority, $decoded);
+ $pms->harvest_completed_queries();
$self->do_uri_tests($pms, $priority, @uris);
+ $pms->harvest_completed_queries();
$self->do_body_eval_tests($pms, $priority, $decoded);
+ $pms->harvest_completed_queries();
$self->do_rawbody_tests($pms, $priority, $bodytext);
+ $pms->harvest_completed_queries();
$self->do_rawbody_eval_tests($pms, $priority, $bodytext);
+ $pms->harvest_completed_queries();
$self->do_full_tests($pms, $priority, \$fulltext);
+ $pms->harvest_completed_queries();
$self->do_full_eval_tests($pms, $priority, \$fulltext);
+ $pms->harvest_completed_queries();
$self->do_meta_tests($pms, $priority);
+ $pms->harvest_completed_queries();
# we may need to call this more often than once through the loop, but
# it needs to be done at least once, either at the beginning or the end.
$self->{main}->call_plugins ("check_tick", { permsgstatus => $pms });
+ $pms->harvest_completed_queries();
}
# sanity check, it is possible that no rules >= HARVEST_DNSBL_PRIORITY ran so the harvest
@@ -142,6 +154,18 @@
$pms->learn();
$self->{main}->call_plugins ("check_post_learn", { permsgstatus => $pms });
+ # track user_rules recompilations; each scanned message is 1 tick on this counter
+ if ($self->{done_user_rules}) {
+ my $counters = $pms->{conf}->{want_rebuild_for_type};
+ foreach my $type (keys %{$self->{done_user_rules}}) {
+ if ($counters->{$type} > 0) {
+ $counters->{$type}--;
+ }
+ dbg("rules: user rules done; ticking want_rebuild counter for type $type to ".
+ $counters->{$type});
+ }
+ }
+
return 1;
}
@@ -200,7 +224,8 @@
$pms->{test_log_msgs} = (); # clear test state
my $conf = $pms->{conf};
- my $doing_user_rules = $conf->{user_rules_to_compile}->{$opts{consttype}};
+ my $doing_user_rules = $conf->{want_rebuild_for_type}->{$opts{consttype}};
+ if ($doing_user_rules) { $self->{done_user_rules}->{$opts{consttype}}++; }
# clean up priority value so it can be used in a subroutine name
my $clean_priority;
@@ -823,7 +848,8 @@
{ permsgstatus => $pms });
my $conf = $pms->{conf};
- my $doing_user_rules = $conf->{user_rules_to_compile}->{$testtype};
+ my $doing_user_rules = $conf->{want_rebuild_for_type}->{$testtype};
+ if ($doing_user_rules) { $self->{done_user_rules}->{$testtype}++; }
# clean up priority value so it can be used in a subroutine name
my $clean_priority;
@@ -925,9 +951,11 @@
$evalstr .= '
eval {
- $result = $self->' . $function . ' (@extraevalargs '. $argstr .' );
+ $result = $self->' . $function . ' (@extraevalargs '. $argstr .' ); 1;
+ } or do {
+ $result = 0;
+ $self->handle_eval_rule_errors($rulename);
};
- if ($@) { $self->handle_eval_rule_errors($rulename); }
';
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/Plugin/DKIM.pm
^
|
| @@ -23,26 +23,43 @@
loadplugin Mail::SpamAssassin::Plugin::DKIM [/path/to/DKIM.pm]
- full DOMAINKEY_DOMAIN eval:check_dkim_verified()
+ full DKIM_VALID eval:check_dkim_valid()
+ full DKIM_VALID_AU eval:check_dkim_valid_author_sig()
+
+(for compatibility, a check_dkim_verified is a synonym for check_dkim_valid)
=head1 DESCRIPTION
-This SpamAssassin plugin implements DKIM lookups as described by the current
-draft specs: draft-ietf-dkim-base-10, as well as DomainKeys lookups, as
-described in draft-delany-domainkeys-base-06, thanks to the support for both
-types of signatures by newer versions of module Mail::DKIM (0.22 or later).
+This SpamAssassin plugin implements DKIM lookups as described by the RFC 4871,
+as well as historical DomainKeys lookups, as described by RFC 4870, thanks
+to the support for both types of signatures by newer versions of module
+Mail::DKIM (0.22 or later).
It requires the C<Mail::DKIM> CPAN module to operate. Many thanks to Jason Long
for that module.
-Note that if C<Mail::DKIM> version 0.20 or later is installed, this plugin will
-also perform Domain Key lookups on DomainKey-Signature headers.
+=head1 TAGS
+
+The following tags are added to the set, available for use in reports,
+header fields, other plugins, etc.:
+
+ _DKIMIDENTITY_ signing identities (the 'i' tag) from valid signatures;
+ _DKIMDOMAIN_ signing domains (the 'd' tag) from valid signatures;
+
+Identities and domains from signatures which failed verification are not
+included in these tags. Duplicates are eliminated (e.g. when there are two or
+more valid signatures from the same signer, only one copy makes it into a tag).
+Note that there may be more than one signature in a message - currently they
+are provided as a space-separated list, although this behaviour may change.
=head1 SEE ALSO
C<Mail::DKIM>, C<Mail::SpamAssassin::Plugin>
http://jason.long.name/dkimproxy/
+ http://tools.ietf.org/rfc/rfc4871.txt
+ http://tools.ietf.org/rfc/rfc4870.txt
+ http://ietf.org/html.charters/dkim-charter.html
=cut
@@ -72,7 +89,9 @@
bless ($self, $class);
$self->register_eval_rule ("check_dkim_signed");
- $self->register_eval_rule ("check_dkim_verified");
+ $self->register_eval_rule ("check_dkim_verified"); # old synonym for _valid
+ $self->register_eval_rule ("check_dkim_valid");
+ $self->register_eval_rule ("check_dkim_valid_author_sig");
$self->register_eval_rule ("check_dkim_signsome");
$self->register_eval_rule ("check_dkim_testing");
$self->register_eval_rule ("check_dkim_signall");
@@ -88,47 +107,51 @@
sub set_config {
my($self, $conf) = @_;
- my @cmds = ();
+ my @cmds;
=head1 USER SETTINGS
=over 4
-=item whitelist_from_dkim add@ress.com [identity]
-
-Use this to supplement the whitelist_from addresses with a check to make sure
-the message has been signed by a Domain Keys Identified Mail (DKIM) signature
-that can be verified against the From: domain's DKIM public key.
-
-In order to support optional identities, only one whitelist entry is allowed
-per line, exactly like C<whitelist_from_rcvd>. Multiple C<whitelist_from_dkim>
-lines are allowed. File-glob style meta characters are allowed for the From:
-address, just like with C<whitelist_from_rcvd>. The optional identity
-parameter must match from the right-most side, also like in
-C<whitelist_from_rcvd>.
+=item whitelist_from_dkim author@example.com [signing-identity]
-If no identity parameter is specified the domain of the address parameter
-specified will be used instead.
+Use this to supplement the whitelist_from addresses with a check to make
+sure the message with a given From address (the author's address) carries a
+valid Domain Keys Identified Mail (DKIM) signature by a verifier-acceptable
+signing-identity (the i= tag).
+
+Only one whitelist entry is allowed per line, as in C<whitelist_from_rcvd>.
+Multiple C<whitelist_from_dkim> lines are allowed. File-glob style characters
+are allowed for the From address (the first parameter), just like with
+C<whitelist_from_rcvd>. The second parameter does not accept wildcards.
+
+If no signing identity parameter is specified, the only acceptable signature
+will be a first-party signature, i.e. the so called author signature, which
+is a signature where the signing identity of a signature matches the author
+address (i.e. the address in a From header field).
-The From: address is obtained from a signed part of the message (ie. the
-"From:" header), not from envelope data that is possible to forge.
+Since this whitelist requires a DKIM check to be made, network tests must
+be enabled.
-Since this whitelist requires an DKIM check to be made, network tests must be
-enabled.
-
-Examples:
+Examples of whitelisting based on an author signature (first-party):
whitelist_from_dkim joe@example.com
whitelist_from_dkim *@corp.example.com
+ whitelist_from_dkim *@*.example.com
+
+Examples of whitelisting based on third-party signatures:
- whitelist_from_dkim jane@example.net example.org
- whitelist_from_dkim dick@example.net richard@example.net
+ whitelist_from_dkim rick@example.net richard@example.net
+ whitelist_from_dkim rick@sub.example.net example.net
+ whitelist_from_dkim jane@example.net example.org
+ whitelist_from_dkim *@info.example.com example.com
+ whitelist_from_dkim *@* remailer.example.com
-=item def_whitelist_from_dkim add@ress.com [identity]
+=item def_whitelist_from_dkim author@example.com [signing-identity]
Same as C<whitelist_from_dkim>, but used for the default whitelist entries
in the SpamAssassin distribution. The whitelist score is lower, because
-these are often targets for spammer spoofing.
+these are often targets for abuse of public mailers which sign their mail.
=cut
@@ -136,6 +159,7 @@
setting => 'whitelist_from_dkim',
code => sub {
my ($self, $key, $value, $line) = @_;
+ local ($1,$2);
unless (defined $value && $value !~ /^$/) {
return $Mail::SpamAssassin::Conf::MISSING_REQUIRED_VALUE;
}
@@ -143,20 +167,17 @@
return $Mail::SpamAssassin::Conf::INVALID_VALUE;
}
my $address = $1;
- my $identity = (defined $2 ? $2 : $1);
-
- unless (defined $2) {
- $identity =~ s/^.*(@.*)$/$1/;
- }
- $self->{parser}->add_to_addrlist_rcvd ('whitelist_from_dkim',
- $address, $identity);
+ my $identity = defined $2 ? $2 : ''; # empty implies author signature
+ $self->{parser}->add_to_addrlist_rcvd('whitelist_from_dkim',
+ $address, $identity);
}
});
push (@cmds, {
- setting => 'def_whitelist_from_dkim',,
+ setting => 'def_whitelist_from_dkim',
code => sub {
my ($self, $key, $value, $line) = @_;
+ local ($1,$2);
unless (defined $value && $value !~ /^$/) {
return $Mail::SpamAssassin::Conf::MISSING_REQUIRED_VALUE;
}
@@ -164,13 +185,9 @@
return $Mail::SpamAssassin::Conf::INVALID_VALUE;
}
my $address = $1;
- my $identity = (defined $2 ? $2 : $1);
-
- unless (defined $2) {
- $identity =~ s/^.*(@.*)$/$1/;
- }
- $self->{parser}->add_to_addrlist_rcvd ('def_whitelist_from_dkim',
- $address, $identity);
+ my $identity = defined $2 ? $2 : ''; # empty implies author signature
+ $self->{parser}->add_to_addrlist_rcvd('def_whitelist_from_dkim',
+ $address, $identity);
}
});
@@ -205,16 +222,33 @@
return $scan->{dkim_signed};
}
+
+sub check_dkim_valid_author_sig {
+ my ($self, $scan) = @_;
+ $self->_check_dkim_signature($scan) unless $scan->{dkim_checked_signature};
+ return $scan->{dkim_valid_author_sig};
+}
+
+sub check_dkim_valid {
+ my ($self, $scan) = @_;
+ $self->_check_dkim_signature($scan) unless $scan->{dkim_checked_signature};
+ return $scan->{dkim_valid};
+}
+
+# mosnomer, old synonym for check_dkim_valid, kept for compatibility
sub check_dkim_verified {
my ($self, $scan) = @_;
$self->_check_dkim_signature($scan) unless $scan->{dkim_checked_signature};
- return $scan->{dkim_verified};
+ return $scan->{dkim_valid};
}
+# useless, semantically always true according to the current SSP draft
sub check_dkim_signsome {
my ($self, $scan) = @_;
- $self->_check_dkim_policy($scan) unless $scan->{dkim_checked_policy};
- return $scan->{dkim_signsome};
+# $self->_check_dkim_policy($scan) unless $scan->{dkim_checked_policy};
+# return $scan->{dkim_signsome};
+ # just return false to avoid rule DKIM_POLICY_SIGNSOME always firing
+ return 0;
}
sub check_dkim_signall {
@@ -238,15 +272,17 @@
}
sub check_for_dkim_whitelist_from {
- my ($self, $scanner) = @_;
- $self->_check_dkim_whitelist($scanner, 0) unless $scanner->{dkim_whitelist_from_checked};
- $scanner->{dkim_whitelist_from};
+ my ($self, $scan) = @_;
+ $self->_check_dkim_whitelist($scan) unless $scan->{whitelist_checked};
+ return $scan->{dkim_match_in_whitelist_from_dkim} ||
+ $scan->{dkim_match_in_whitelist_auth};
}
sub check_for_def_dkim_whitelist_from {
- my ($self, $scanner) = @_;
- $self->_check_dkim_whitelist($scanner, 1) unless $scanner->{def_dkim_whitelist_from_checked};
- $scanner->{def_dkim_whitelist_from};
+ my ($self, $scan) = @_;
+ $self->_check_dkim_whitelist($scan) unless $scan->{whitelist_checked};
+ return $scan->{dkim_match_in_def_whitelist_from_dkim} ||
+ $scan->{dkim_match_in_def_whitelist_auth};
}
# ---------------------------------------------------------------------------
@@ -256,31 +292,37 @@
$scan->{dkim_checked_signature} = 1;
$scan->{dkim_signed} = 0;
- $scan->{dkim_verified} = 0;
+ $scan->{dkim_valid} = 0;
+ $scan->{dkim_valid_author_sig} = 0;
$scan->{dkim_key_testing} = 0;
+ $scan->{dkim_author_address} =
+ $scan->get('from:addr') if !defined $scan->{dkim_author_address};
+
+# my $timemethod = $self->{main}->time_method("check_dkim_signature");
- my $message = Mail::DKIM::Verifier->new_object();
- if (!$message) {
+# my $verifier = Mail::DKIM::Verifier->new(); # per new docs
+ my $verifier = Mail::DKIM::Verifier->new_object(); # old style???
+ if (!$verifier) {
dbg("dkim: cannot create Mail::DKIM::Verifier");
return;
}
- $scan->{dkim_object} = $message;
+ $scan->{dkim_object} = $verifier;
# feed content of message into verifier, using \r\n endings,
# required by Mail::DKIM API (see bug 5300)
# note: bug 5179 comment 28: perl does silly things on non-Unix platforms
# unless we use \015\012 instead of \r\n
eval {
- foreach my $line (split(/\n/s, $scan->{msg}->get_pristine)) {
- $line =~ s/\r?$/\015\012/s; # ensure \015\012 ending
- $message->PRINT($line);
- }
- };
-
- if ($@) { # intercept die() exceptions and render safe
- dbg ("dkim: verification failed, intercepted error: $@");
+ my $str = $scan->{msg}->get_pristine;
+ $str =~ s/\r?\n/\015\012/sg; # ensure \015\012 ending
+ # feeding large chunks to Mail::DKIM is much faster than line-by-line feed
+ $verifier->PRINT($str);
+ 1;
+ } or do { # intercept die() exceptions and render safe
+ my $eval_stat = $@ ne '' ? $@ : "errno=$!"; chomp $eval_stat;
+ dbg("dkim: verification failed, intercepted error: $eval_stat");
return 0; # cannot verify message
- }
+ };
my $timeout = $scan->{conf}->{dkim_timeout};
@@ -288,52 +330,96 @@
my $err = $timer->run_and_catch(sub {
dbg("dkim: performing public key lookup and signature verification");
- $message->CLOSE(); # the action happens here
+ $verifier->CLOSE(); # the action happens here
- $scan->{dkim_address} = ($message->message_originator ? $message->message_originator->address() : '');
- dbg("dkim: originator address: ".($scan->{dkim_address} ? $scan->{dkim_address} : 'none'));
-
- $scan->{dkim_identity} = '';
- if ($message->signature) {
+ my $author = $verifier->message_originator;
+ $author = $author->address() if $author;
+ $author = '' if !defined $author; # when a From header field is missing
+ # Mail::DKIM sometimes leaves leading or trailing whitespace in address
+ $author =~ s/^[ \t]+//s; $author =~ s/[ \t]+\z//s; # trim
+ if ($author ne $scan->{dkim_author_address}) {
+ dbg("dkim: author parsing inconsistency, SA: <%s>, DKIM: <%s>",
+ $author, $scan->{dkim_author_address});
+ # currently SpamAssassin's parsing is better than Mail::Address parsing
+ # $scan->{dkim_author_address} = $author;
+ }
+
+ $scan->{dkim_signatures} = [];
+
+ # versions before 0.29 only provided a public interface to fetch one
+ # signature, new versions allow access to all signatures of a message
+ my @signatures = Mail::DKIM->VERSION >= 0.29 ? $verifier->signatures
+ : $verifier->signature;
+ @signatures = grep { defined } @signatures; # just in case
+ my $has_author_sig = 0;
+ foreach my $signature (@signatures) {
# i= Identity of the user or agent (e.g., a mailing list manager) on
# behalf of which this message is signed (dkim-quoted-printable;
# OPTIONAL, default is an empty local-part followed by an "@"
# followed by the domain from the "d=" tag).
- $scan->{dkim_identity} = $message->signature->identity();
- if ($scan->{dkim_identity} eq '') {
- $scan->{dkim_identity} = '@' . $message->signature->domain();
+ my $identity = $signature->identity;
+ dbg("dkim: signing identity: %s, d=%s, a=%s, c=%s",
+ $identity, $signature->domain,
+ $signature->algorithm, scalar($signature->canonicalization));
+ if (!defined $identity || $identity eq '') { # just in case
+ $identity = '@' . $signature->domain;
+ $signature->identity($identity);
+ } elsif ($identity !~ /\@/) { # just in case
+ $identity = '@' . $identity;
+ $signature->identity($identity);
+ }
+ if ($signature->result eq 'pass') {
+ local ($1); # check if we have a valid first-party signature
+ if ($identity =~ /.\@[^@]*\z/s) { # identity has a localpart
+ $has_author_sig = 1 if lc($author) eq lc($identity);
+ } elsif ($author =~ /^.*?(\@[^\@]*)?\z/s && lc($1) eq lc($identity)) {
+ # ignoring localpart if identity doesn't have a localpart
+ $has_author_sig = 1;
+ }
}
- dbg("dkim: signature identity: ".$scan->{dkim_identity});
}
+ $scan->{dkim_signatures} = \@signatures;
+ { my (%seen1,%seen2);
+ my @valid_s = grep { $_->result eq 'pass' } @signatures;
+ $scan->set_tag('DKIMIDENTITY',
+ join(" ", grep { !$seen1{$_}++ } map { $_->identity } @valid_s));
+ $scan->set_tag('DKIMDOMAIN',
+ join(" ", grep { !$seen2{$_}++ } map { $_->domain } @valid_s));
+ }
+ # corresponds to 'best' result in case of multiple signatures
+ my $result = $verifier->result();
+ my $detail = $verifier->result_detail();
+ # let the result stand out more clearly in the log, use uppercase
+ dbg("dkim: signature verification result: ".
+ ($detail eq 'none' ? $detail : uc $detail));
- my $result = $message->result();
- my $detail = $message->result_detail();
- dbg("dkim: signature verification result: $detail");
-
- # extract the actual lookup results
+ # check and remember verification results
if ($result eq 'pass') {
$scan->{dkim_signed} = 1;
- $scan->{dkim_verified} = 1;
+ $scan->{dkim_valid} = 1;
+ $scan->{dkim_valid_author_sig} = $has_author_sig;
}
elsif ($result eq 'fail') {
$scan->{dkim_signed} = 1;
- }
- elsif ($result eq 'none') {
- # no-op, this is the default state
+ # Returned if a valid DKIM-Signature header was found, but the
+ # signature does not contain a correct value for the message.
}
elsif ($result eq 'invalid') {
+ $scan->{dkim_signed} = 1;
# Returned if no valid DKIM-Signature headers were found,
# but there is at least one invalid DKIM-Signature header.
- dbg("dkim: invalid DKIM-Signature: $detail");
+ }
+ elsif ($result eq 'none') {
+ # no signatures, this is a default state
}
});
if ($timer->timed_out()) {
- dbg("dkim: public key lookup timed out after $timeout seconds");
+ dbg("dkim: public key lookup or verification timed out after $timeout s");
} elsif ($err) {
chomp $err;
- dbg("dkim: public key lookup failed: $err");
+ dbg("dkim: public key lookup or verification failed: $err");
}
}
@@ -344,22 +430,26 @@
$scan->{dkim_signsome} = 0;
$scan->{dkim_signall} = 0;
$scan->{dkim_policy_testing} = 0;
+ $scan->{dkim_author_address} =
+ $scan->get('from:addr') if !defined $scan->{dkim_author_address};
# must check the message first to obtain signer, domain, and verif. status
$self->_check_dkim_signature($scan) unless $scan->{dkim_checked_signature};
- my $message = $scan->{dkim_object};
+ my $verifier = $scan->{dkim_object};
- if (!$message) {
+# my $timemethod = $self->{main}->time_method("check_dkim_policy");
+
+ if (!$verifier) {
dbg("dkim: policy: dkim object not available (programming error?)");
} elsif (!$scan->is_dns_available()) {
dbg("dkim: policy: not retrieved, no DNS resolving available");
- } elsif ($scan->{dkim_verified}) { # no need to fetch policy when verifies
- # draft-allman-dkim-ssp-02: If the message contains a valid Originator
+ } elsif ($scan->{dkim_valid_author_sig}) { # don't fetch policy when valid
+ # draft-allman-dkim-ssp: If the message contains a valid Author
# Signature, no Sender Signing Practices check need be performed:
# the Verifier SHOULD NOT look up the Sender Signing Practices
# and the message SHOULD be considered non-Suspicious.
- dbg("dkim: policy: not retrieved, signature does verify");
+ dbg("dkim: policy: not retrieved, author signature is valid");
} else {
my $timeout = $scan->{conf}->{dkim_timeout};
@@ -369,16 +459,18 @@
dbg("dkim: policy: performing lookup");
my $policy;
- eval { $policy = $message->fetch_author_policy };
- if ($@ ne '') {
+ eval {
+ $policy = $verifier->fetch_author_policy; 1;
+ } or do {
# fetching or parsing a policy may throw an error, ignore such policy
- chomp($@); dbg("dkim: policy: fetch or parse failed: $@");
+ my $eval_stat = $@ ne '' ? $@ : "errno=$!"; chomp $eval_stat;
+ dbg("dkim: policy: fetch or parse failed: $eval_stat");
undef $policy;
- }
+ };
if (!$policy) {
dbg("dkim: policy: none");
} else {
- my $policy_result = $policy->apply($message);
+ my $policy_result = $policy->apply($verifier);
dbg("dkim: policy result $policy_result: ".$policy->as_string());
# extract the flags we expose, from the policy
@@ -405,120 +497,176 @@
}
sub _check_dkim_whitelist {
- my ($self, $scanner, $default) = @_;
+ my ($self, $scan) = @_;
- return unless $scanner->is_dns_available();
+ $scan->{whitelist_checked} = 1;
+ return unless $scan->is_dns_available();
- # trigger a DKIM check so we can get address/identity info,
- # if verification failed only continue if we want the debug info
- unless ($self->check_dkim_verified($scanner)) {
- unless (would_log("dbg", "dkim")) {
- return;
- }
+ my $author = $scan->{dkim_author_address};
+ if (!defined $author) {
+ $scan->{dkim_author_address} = $author = $scan->get('from:addr');
}
-
- unless ($scanner->{dkim_address}) {
- dbg("dkim: ". ($default ? "def_" : "") ."whitelist_from_dkim: could not find originator address");
+ if (!defined $author || $author eq '') {
+ dbg("dkim: check_dkim_whitelist: could not find author address");
return;
}
- unless ($scanner->{dkim_identity}) {
- dbg("dkim: ". ($default ? "def_" : "") ."whitelist_from_dkim: could not find identity");
+
+ # collect whitelist entries matching the author from all lists
+ my @acceptable_identity_tuples;
+ $self->_wlcheck_acceptable_signature($scan, \@acceptable_identity_tuples,
+ 'def_whitelist_from_dkim');
+ $self->_wlcheck_author_signature($scan, \@acceptable_identity_tuples,
+ 'def_whitelist_auth');
+ $self->_wlcheck_acceptable_signature($scan, \@acceptable_identity_tuples,
+ 'whitelist_from_dkim');
+ $self->_wlcheck_author_signature($scan, \@acceptable_identity_tuples,
+ 'whitelist_auth');
+ if (!@acceptable_identity_tuples) {
+ dbg("dkim: no wl entries match author $author, no need to verify sigs");
return;
}
- if ($default) {
- $scanner->{def_dkim_whitelist_from_checked} = 1;
- $scanner->{def_dkim_whitelist_from} =
- $self->_wlcheck_domain($scanner,'def_whitelist_from_dkim');
-
- if (!$scanner->{def_dkim_whitelist_from}) {
- $scanner->{def_dkim_whitelist_from} =
- $self->_wlcheck_no_domain($scanner,'def_whitelist_auth');
- }
- } else {
- $scanner->{dkim_whitelist_from_checked} = 1;
- $scanner->{dkim_whitelist_from} =
- $self->_wlcheck_domain($scanner,'whitelist_from_dkim');
-
- if (!$scanner->{dkim_whitelist_from}) {
- $scanner->{dkim_whitelist_from} =
- $self->_wlcheck_no_domain($scanner,'whitelist_auth');
- }
- }
+ # if the message doesn't pass DKIM validation, it can't pass DKIM whitelist
- # if the message doesn't pass DKIM validation, it can't pass an DKIM whitelist
- if ($default) {
- if ($scanner->{def_dkim_whitelist_from}) {
- if ($self->check_dkim_verified($scanner)) {
- dbg("dkim: address: $scanner->{dkim_address} identity: ".
- "$scanner->{dkim_identity} is in user's DEF_WHITELIST_FROM_DKIM and ".
- "passed DKIM verification");
- } else {
- dbg("dkim: address: $scanner->{dkim_address} identity: ".
- "$scanner->{dkim_identity} is in user's DEF_WHITELIST_FROM_DKIM but ".
- "failed DKIM verification");
- $scanner->{def_dkim_whitelist_from} = 0;
- }
- } else {
- dbg("dkim: address: $scanner->{dkim_address} identity: ".
- "$scanner->{dkim_identity} is not in user's DEF_WHITELIST_FROM_DKIM");
- }
+ # trigger a DKIM check so we can get address/identity info;
+ # continue if one or more signatures are valid or we want the debug info
+ return unless $self->check_dkim_valid($scan) || would_log("dbg","dkim");
+
+ # now do all the matching in one go, against all signatures in a message
+ my($any_match_at_all, $any_match_by_wl_ref) =
+ _wlcheck_list($self, $scan, \@acceptable_identity_tuples);
+
+ my(@valid,@fail);
+ foreach my $wl (keys %$any_match_by_wl_ref) {
+ my $match = $any_match_by_wl_ref->{$wl};
+ if (defined $match) {
+ $scan->{"dkim_match_in_$wl"} = 1 if $match;
+ if ($match) { push(@valid,$wl) } else { push(@fail,$wl) }
+ }
+ }
+ if (@valid) {
+ dbg("dkim: author %s, WHITELISTED by %s", $author, join(", ",@valid));
+ } elsif (@fail) {
+ dbg("dkim: author %s, found in %s BUT IGNORED", $author, join(", ",@fail));
} else {
- if ($scanner->{dkim_whitelist_from}) {
- if ($self->check_dkim_verified($scanner)) {
- dbg("dkim: address: $scanner->{dkim_address} identity: ".
- "$scanner->{dkim_identity} is in user's WHITELIST_FROM_DKIM and ".
- "passed DKIM verification");
- } else {
- dbg("dkim: address: $scanner->{dkim_address} identity: ".
- "$scanner->{dkim_identity} is in user's WHITELIST_FROM_DKIM but ".
- "failed DKIM verification");
- $scanner->{dkim_whitelist_from} = 0;
- }
- } else {
- dbg("dkim: address: $scanner->{dkim_address} identity: ".
- "$scanner->{dkim_identity} is not in user's WHITELIST_FROM_DKIM");
- }
+ dbg("dkim: author %s, not in any dkim whitelist", $author);
}
}
-
-sub _wlcheck_domain {
- my ($self, $scan, $wl) = @_;
-
+# check for verifier-acceptable signatures; an empty (or undefined) signing
+# identity in a whitelist implies checking for an author signature
+#
+sub _wlcheck_acceptable_signature {
+ my ($self, $scan, $acceptable_identity_tuples_ref, $wl) = @_;
+ my $author = $scan->{dkim_author_address};
foreach my $white_addr (keys %{$scan->{conf}->{$wl}}) {
my $re = qr/$scan->{conf}->{$wl}->{$white_addr}{re}/i;
- foreach my $domain (@{$scan->{conf}->{$wl}->{$white_addr}{domain}}) {
- $self->_wlcheck_one_dom($scan, $wl, $white_addr, $domain, $re) and return 1;
+ if ($author =~ $re) {
+ foreach my $acc_id (@{$scan->{conf}->{$wl}->{$white_addr}{domain}}) {
+ push(@$acceptable_identity_tuples_ref, [$acc_id,$wl,$re] );
+ }
}
}
- return 0;
}
-sub _wlcheck_one_dom {
- my ($self, $scan, $wl, $white_addr, $domain, $re) = @_;
- if ($scan->{dkim_address} =~ $re) {
- if ($scan->{dkim_identity} =~ /(?:^|\.|(?:@(?!@)|(?=@)))\Q${domain}\E$/i)
- {
- dbg("dkim: address: $scan->{dkim_address} matches $wl $re $domain");
- return 1;
+# use a traditional whitelist_from -style addrlist, the only acceptable DKIM
+# signature is an Author Signature. Note: don't pre-parse and store the
+# domains; that's inefficient memory-wise and only saves one m//
+#
+sub _wlcheck_author_signature {
+ my ($self, $scan, $acceptable_identity_tuples_ref, $wl) = @_;
+ my $author = $scan->{dkim_author_address};
+ foreach my $white_addr (keys %{$scan->{conf}->{$wl}}) {
+ my $re = $scan->{conf}->{$wl}->{$white_addr};
+ if ($author =~ $re) {
+ push(@$acceptable_identity_tuples_ref, [undef,$wl,$re] );
}
}
- return 0;
}
-# use a traditional whitelist_from-style addrlist, and infer the
-# domain from each address on the fly. Note: don't pre-parse and
-# store the domains; that's inefficient memory-wise and only saves 1 m//
-sub _wlcheck_no_domain {
- my ($self, $scan, $wl) = @_;
+sub _wlcheck_list {
+ my ($self, $scan, $acceptable_identity_tuples_ref) = @_;
- foreach my $white_addr (keys %{$scan->{conf}->{$wl}}) {
- my $domain = ($white_addr =~ /\@(.*?)$/) ? $1 : $white_addr;
- my $re = $scan->{conf}->{$wl}->{$white_addr};
- $self->_wlcheck_one_dom($scan, $wl, $white_addr, $domain, $re) and return 1;
+ my %any_match_by_wl;
+ my $any_match_at_all = 0;
+ my $expiration_supported = Mail::DKIM->VERSION >= 0.29 ? 1 : 0;
+ my $author = $scan->{dkim_author_address}; # address in a From header field
+
+ # walk through all signatures present in a message
+ foreach my $signature (@{$scan->{dkim_signatures}}) {
+ local ($1,$2);
+
+ my $valid = $signature->result eq 'pass';
+
+ my $expiration_time;
+ $expiration_time = $signature->expiration if $expiration_supported;
+ my $expired = defined $expiration_time &&
+ $expiration_time =~ /^\d{1,12}\z/ && time > $expiration_time;
+
+ my $identity = $signature->identity;
+ # split identity into local part and domain
+ $identity =~ /^ (.*?) \@ ([^\@]*) $/xs;
+ my($identity_mbx, $identity_dom) = ($1,$2);
+
+ my $author_matching_part = $author;
+ if ($identity =~ /^\@/) { # empty localpart in signing identity
+ $author_matching_part =~ s/^.*?(\@[^\@]*)?$/$1/s; # strip localpart
+ }
+
+ my $info = ''; # summary info string to be used for logging
+ $info .= ($valid ? 'VALID' : 'FAILED') . ($expired ? ' EXPIRED' : '');
+ $info .= lc $identity eq lc $author_matching_part ? ' author'
+ : ' third-party';
+ $info .= " signature by id " . $identity;
+
+ foreach my $entry (@$acceptable_identity_tuples_ref) {
+ my($acceptable_identity, $wl, $re) = @$entry;
+ # $re and $wl are here for logging purposes only, $re already checked.
+ # The $acceptable_identity is a verifier-acceptable signing identity.
+ # When $acceptable_identity is undef or an empty string it implies an
+ # author signature check.
+
+ my $matches = 0;
+ if (!defined $acceptable_identity || $acceptable_identity eq '') {
+
+ # An "Author Signature" (also called a first-party signature) is
+ # any Valid Signature where the signing identity matches the Author
+ # Address. If the signing identity does not include a localpart,
+ # then only the domains must match; otherwise, the two addresses
+ # must be identical.
+
+ # checking for author signature
+ $matches = 1 if lc $identity eq lc $author_matching_part;
+ }
+ else { # checking for verifier-acceptable signature
+ if ($acceptable_identity !~ /\@/) {
+ $acceptable_identity = '@' . $acceptable_identity;
+ }
+ # split into local part and domain
+ $acceptable_identity =~ /^ (.*?) \@ ([^\@]*) $/xs;
+ my($accept_id_mbx, $accept_id_dom) = ($1,$2);
+
+ # let's take a liberty and compare local parts case-insensitively
+ if ($accept_id_mbx ne '') { # local part exists, full id must match
+ $matches = 1 if lc $identity eq lc $acceptable_identity;
+ } else { # any local part in signing identity is acceptable
+ # as long as domain matches or is a subdomain
+ $matches = 1 if $identity_dom =~ /(^|\.)\Q$accept_id_dom\E\z/i;
+ }
+ }
+ if ($matches) {
+ dbg("dkim: $info, author $author, MATCHES $wl $re");
+ # a defined value indicates at least a match, not necessarily valid
+ $any_match_by_wl{$wl} = 0 if !exists $any_match_by_wl{$wl};
+ }
+ # only valid signature can cause whitelisting
+ $matches = 0 if !$valid || $expired;
+
+ $any_match_by_wl{$wl} = $any_match_at_all = 1 if $matches;
+ }
+ dbg("dkim: $info, author $author, no valid matches") if !$any_match_at_all;
}
- return 0;
+ return ($any_match_at_all, \%any_match_by_wl);
}
1;
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/Plugin/DNSEval.pm
^
|
| @@ -168,7 +168,7 @@
# X-Sender: has a very low bang-for-buck for me
my $IP_ADDRESS = IP_ADDRESS;
my @originating = ();
- for my $header ('X-Originating-IP', 'X-Apparently-From') {
+ for my $header ('X-Yahoo-Post-IP', 'X-Originating-IP', 'X-Apparently-From', 'X-SenderIP') {
my $str = $pms->get($header);
next unless $str;
push (@originating, ($str =~ m/($IP_ADDRESS)/g));
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/Plugin/Rule2XSBody.pm
^
|
| @@ -63,7 +63,7 @@
my $conf = $params->{conf};
my $instdir = $conf->{main}->sed_path
- ('__local_state_dir__/compiled/__version__');
+ ('__local_state_dir__/compiled/__perl_major_ver__/__version__');
unshift @INC, $instdir, "$instdir/auto";
dbg "zoom: loading compiled ruleset from $instdir";
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/Plugin/SPF.pm
^
|
| @@ -156,7 +156,7 @@
type => $Mail::SpamAssassin::Conf::CONF_TYPE_BOOL,
});
-=item do_not_use_mail_spq_query (0|1) (default: 0)
+=item do_not_use_mail_spf_query (0|1) (default: 0)
As above, but instead stop the plugin from trying to use Mail::SPF::Query and
cause it to only try to use Mail::SPF.
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm
^
|
| @@ -473,7 +473,9 @@
return if $scanner->{async}->get_lookup($key);
# dig $dom ns
- my $ent = $self->start_lookup ($scanner, 'NS', $self->res_bgsend($scanner, $dom, 'NS'), $key);
+ my $ent = $self->start_lookup($scanner, $dom, 'NS',
+ $self->res_bgsend($scanner, $dom, 'NS', $key),
+ $key);
$ent->{obj} = $obj;
}
@@ -481,7 +483,7 @@
my ($self, $scanner, $ent, $dom) = @_;
my $packet = $ent->{response_packet};
- my @answer = $packet->answer;
+ my @answer = !defined $packet ? () : $packet->answer;
my $IPV4_ADDRESS = IPV4_ADDRESS;
my $IP_PRIVATE = IP_PRIVATE;
@@ -517,14 +519,18 @@
return if $scanner->{async}->get_lookup($key);
# dig $hname a
- my $ent = $self->start_lookup ($scanner, 'A', $self->res_bgsend($scanner, $hname, 'A'), $key);
+ my $ent = $self->start_lookup($scanner, $hname, 'A',
+ $self->res_bgsend($scanner, $hname, 'A', $key),
+ $key);
$ent->{obj} = $obj;
}
sub complete_a_lookup {
my ($self, $scanner, $ent, $hname) = @_;
- foreach my $rr ($ent->{response_packet}->answer) {
+ my $packet = $ent->{response_packet};
+ my @answer = !defined $packet ? () : $packet->answer;
+ foreach my $rr (@answer) {
my $str = $rr->string;
$self->log_dns_result ("A for NS $hname: $str");
@@ -558,8 +564,9 @@
my $item = $lookupstr.".".$dnsbl;
# dig $ip txt
- my $ent = $self->start_lookup ($scanner, 'DNSBL',
- $self->res_bgsend($scanner, $item, $qtype), $key);
+ my $ent = $self->start_lookup($scanner, $item, 'DNSBL',
+ $self->res_bgsend($scanner, $item, $qtype, $key),
+ $key);
$ent->{obj} = $obj;
$ent->{rulename} = $rulename;
$ent->{zone} = $dnsbl;
@@ -574,7 +581,7 @@
my $rulecf = $conf->{uridnsbls}->{$rulename};
my $packet = $ent->{response_packet};
- my @answer = $packet->answer;
+ my @answer = !defined $packet ? () : $packet->answer;
my $uridnsbl_subs = $conf->{uridnsbl_subs}->{$ent->{zone}};
foreach my $rr (@answer)
@@ -645,15 +652,18 @@
# ---------------------------------------------------------------------------
sub start_lookup {
- my ($self, $scanner, $type, $id, $key) = @_;
+ my ($self, $scanner, $zone, $type, $id, $key) = @_;
my $ent = {
key => $key,
+ zone => $zone, # serves to fetch other per-zone settings
type => "URI-".$type,
id => $id,
completed_callback => sub {
my $ent = shift;
- $self->completed_lookup_callback ($scanner, $ent);
+ if (defined $ent->{response_packet}) { # not aborted or empty
+ $self->completed_lookup_callback ($scanner, $ent);
+ }
}
};
$scanner->{async}->start_lookup($ent);
@@ -674,21 +684,17 @@
}
elsif ($type eq 'URI-DNSBL') {
$self->complete_dnsbl_lookup ($scanner, $ent, $val);
- my $totalsecs = (time - $ent->{obj}->{querystart});
- dbg("uridnsbl: query for ".$ent->{obj}->{dom}." took ".
- $totalsecs." seconds to look up ($val)");
}
}
# ---------------------------------------------------------------------------
sub res_bgsend {
- my ($self, $scanner, $host, $type) = @_;
+ my ($self, $scanner, $host, $type, $key) = @_;
return $self->{main}->{resolver}->bgsend($host, $type, undef, sub {
- my $pkt = shift;
- my $id = shift;
- $scanner->{async}->set_response_packet($id, $pkt);
+ my ($pkt, $id, $timestamp) = @_;
+ $scanner->{async}->set_response_packet($id, $pkt, $key, $timestamp);
});
}
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/Plugin/VBounce.pm
^
|
| @@ -75,7 +75,7 @@
Regular expressions are not used for security reasons.
Multiple addresses per line, separated by spaces, is OK. Multiple
-C<whitelist_from> lines is also OK.
+C<whitelist_bounce_relays> lines are also OK.
=cut
@@ -114,19 +114,8 @@
# now check any "message/anything" attachment MIME parts, too.
# don't use the more efficient find_parts() method until bug 5331 is
# fixed, otherwise we'll miss some messages due to their MIME structure
-
- my $pristine = $pms->{msg}->get_pristine();
- # skip past the headers
- my $foundnlnl = 0;
- foreach my $line ($pristine =~ /^(.*)$/gm) {
- # note: do not use any re match here, it'll reset /g
- if ($line eq "" || $line eq "\012" || $line eq "\015\012") {
- $foundnlnl = 1; last;
- }
- }
- return 0 unless $foundnlnl;
- # and now through the pristine body
+ my $pristine = $pms->{msg}->get_pristine_body();
foreach my $line ($pristine =~ /^(.*)$/gm) {
next unless $line && ($line =~ /Received: /);
while ($line =~ / (\S+\.\S+) /g) {
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/PluginHandler.pm
^
|
| @@ -76,6 +76,16 @@
sub load_plugin {
my ($self, $package, $path, $silent) = @_;
+ # Don't load the same plugin twice!
+ # Do this *before* calling ->new(), otherwise eval rules will be
+ # registered on a nonexistent object
+ foreach my $old_plugin (@{$self->{plugins}}) {
+ if (ref($old_plugin) eq $package) {
+ dbg("plugin: did not register $package, already registered");
+ return;
+ }
+ }
+
my $ret;
if ($path) {
# bug 3717:
@@ -120,14 +130,6 @@
warn "plugin: failed to create instance of plugin $package: $@\n";
}
- # Don't load the same plugin twice!
- foreach my $old_plugin (@{$self->{plugins}}) {
- if (ref($old_plugin) eq ref($plugin)) {
- dbg("plugin: did not register $plugin, already registered");
- return;
- }
- }
-
if ($plugin) {
$self->{main}->{plugins}->register_plugin ($plugin);
$self->{main}->{conf}->load_plugin_succeeded ($plugin, $package, $path);
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/SpamdForkScaling.pm
^
|
| @@ -187,6 +187,12 @@
$sock->close;
}
+ delete $self->{kids}->{$pid}; # remove from list
+
+ # ensure we recompute, so that we don't try to tell that child to
+ # accept a request, only to find that it's died in the meantime.
+ $self->compute_lowest_child_pid();
+
warn "prefork: killed child $pid\n";
}
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/Util.pm
^
|
| @@ -57,6 +57,7 @@
use Config;
use File::Spec;
+use File::Basename;
use Time::Local;
use Sys::Hostname (); # don't import hostname() into this namespace!
use Fcntl;
@@ -1550,6 +1551,42 @@
}
###########################################################################
+
+# bug 5612: work around for bugs in Berkeley db 4.2
+#
+# on 4.2 having the __db.[DBNAME] file will cause an loop that will never finish
+# on 4.3+ the loop will timeout after 301 open attempts, but we will still
+# be unable to open the database. This workaround solves both problems.
+#
+sub avoid_db_file_locking_bug {
+ my ($path) = @_;
+
+ my $db_tmpfile = untaint_file_path(File::Spec->catfile(dirname($path),
+ '__db.'.basename($path)));
+
+ # delete "__db.[DBNAME]" and "__db.[DBNAME].*"
+ foreach my $tfile ($db_tmpfile, <$db_tmpfile.*>) {
+ my $file = untaint_file_path($tfile);
+ next unless (-e $file);
+
+ dbg("Berkeley DB bug work-around: cleaning tmp file $file");
+ if (!unlink($file)) {
+ die "cannot remove Berkeley DB tmp file $file: $!\n";
+ }
+ }
+}
+
+###########################################################################
+
+sub fisher_yates_shuffle {
+ my ($deck) = @_;
+ for (my $i = $#{$deck}; $i > 0; $i--) {
+ my $j = int rand($i+1);
+ @$deck[$i,$j] = @$deck[$j,$i];
+ }
+}
+
+###########################################################################
1;
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/Util/DependencyInfo.pm
^
|
| @@ -139,8 +139,9 @@
{
module => 'Time::HiRes',
version => '0.00',
- desc => 'If this module is installed, the processing times are logged/reported
- more precisely in spamd.',
+ desc => 'If this module is installed, asynchronous DNS lookup timeouts operate
+ with subsecond precision and the processing times are logged/reported
+ more accurately. Other modules and plugins may benefit too.',
},
{
module => 'Mail::DomainKeys',
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/lib/Mail/SpamAssassin/Util/RegistrarBoundaries.pm
^
|
| @@ -34,7 +34,6 @@
# "su" Extra from http://www.iana.org/root-whois/
# http://www.iana.org/gtld/gtld.htm
# http://www.iana.org/arpa-dom/
-# "eu" just in case, for the future
foreach (qw/
ac ad ae af ag ai al am an ao aq ar as at au aw az ax ba bb bd be bf bg bh bi
bj bm bn bo br bs bt bv bw by bz ca cc cd cf cg ch ci ck cl cm cn co cr cs cu
@@ -58,134 +57,192 @@
}
# to resort this, pump the whole list through:
-# perl -e '$/=undef; $_=<>; foreach(split) { ($a,$b) = split(/\./, $_, 2); push @{$t{$b}}, $_; } foreach (sort keys %t) { print " ",join(" ", sort @{$t{$_}}),"\n" }'
+# perl -e '$/=undef; $_=<>; foreach(split) { ($a,$b) = split(/\./, $_, 2); $t{$b}->{$_}=1; } foreach (sort keys %t) { print " ",join(" ", sort keys %{$t{$_}}),"\n" }'
#
# http://www.neustar.us/policies/docs/rfc_1480.txt
-# data from http://spamcheck.freeapp.net/two-level-tlds , in turn from
-# http://www.bestregistrar.com/help/ccTLD.htm
-# http://www.hkdnr.net.hk/instructions/new_domain.html
+# data originally from http://spamcheck.freeapp.net/two-level-tlds
+# The freeapp.net site now says that information on the site is obsolete
+# See discussion and sources in comments of bug 5677
+# updated as per bug 5815
foreach(qw/
com.ac edu.ac gov.ac mil.ac net.ac org.ac
- ac.ae co.ae com.ae gov.ae net.ae org.ae pro.ae sch.ae
- com.ai edu.ai gov.ai org.ai
- com.ar edu.ar gov.ar int.ar mil.ar net.ar org.ar uba.ar
- e164.arpa
+ nom.ad
+ ac.ae co.ae com.ae gov.ae mil.ae name.ae net.ae org.ae pro.ae sch.ae
+ com.af edu.af gov.af net.af
+ co.ag com.ag net.ag nom.ag org.ag
+ com.ai edu.ai gov.ai net.ai off.ai org.ai
+ com.al edu.al gov.al net.al org.al
+ com.an edu.an net.an org.an
+ co.ao ed.ao gv.ao it.ao og.ao pb.ao
+ com.ar edu.ar gov.ar int.ar mil.ar net.ar org.ar
+ e164.arpa in-addr.arpa ip6.arpa iris.arpa uri.arpa urn.arpa
ac.at co.at gv.at or.at priv.at
- asn.au com.au conf.au csiro.au edu.au gov.au id.au info.au net.au org.au otc.au oz.au telememo.au
- com.az net.az org.az
- com.bb net.bb org.bb
+ act.au asn.au com.au conf.au csiro.au edu.au gov.au id.au info.au net.au nsw.au nt.au org.au otc.au oz.au qld.au sa.au tas.au telememo.au vic.au wa.au
+ com.aw
+ biz.az com.az edu.az gov.az info.az int.az mil.az name.az net.az org.az pp.az
+ co.ba com.ba edu.ba gov.ba mil.ba net.ba org.ba rs.ba unbi.ba unsa.ba
+ com.bb edu.bb gov.bb net.bb org.bb
+ ac.bd com.bd edu.bd gov.bd mil.bd net.bd org.bd
ac.be belgie.be dns.be fgov.be
- com.bh edu.bh gov.bh net.bh org.bh
+ gov.bf
+ biz.bh cc.bh com.bh edu.bh gov.bh info.bh net.bh org.bh
com.bm edu.bm gov.bm net.bm org.bm
- adm.br adv.br agr.br am.br arq.br art.br ato.br bio.br bmd.br cim.br cng.br cnt.br com.br coop.br ecn.br edu.br eng.br esp.br etc.br eti.br far.br fm.br fnd.br fot.br fst.br g12.br ggf.br gov.br imb.br ind.br inf.br jor.br lel.br mat.br med.br mil.br mus.br net.br nom.br not.br ntr.br odo.br org.br ppg.br pro.br psc.br psi.br qsl.br rec.br slg.br sp.br srv.br tmp.br trd.br tur.br tv.br vet.br zlg.br
+ com.bn edu.bn net.bn org.bn
+ com.bo edu.bo gob.bo gov.bo int.bo mil.bo net.bo org.bo tv.bo
+ adm.br adv.br agr.br am.br arq.br art.br ato.br bio.br bmd.br cim.br cng.br cnt.br com.br coop.br dpn.br ecn.br edu.br eng.br esp.br etc.br eti.br far.br fm.br fnd.br fot.br fst.br g12.br ggf.br gov.br imb.br ind.br inf.br jor.br lel.br mat.br med.br mil.br mus.br net.br nom.br not.br ntr.br odo.br org.br ppg.br pro.br psc.br psi.br qsl.br rec.br slg.br srv.br tmp.br trd.br tur.br tv.br vet.br zlg.br
com.bs net.bs org.bs
+ com.bt edu.bt gov.bt net.bt org.bt
co.bw org.bw
- com.bz org.bz net.bz
+ gov.by mil.by
+ com.bz net.bz org.bz
ab.ca bc.ca gc.ca mb.ca nb.ca nf.ca nl.ca ns.ca nt.ca nu.ca on.ca pe.ca qc.ca sk.ca yk.ca
co.ck edu.ck gov.ck net.ck org.ck
- ac.cn ah.cn bj.cn com.cn cq.cn edu.cn gd.cn gov.cn gs.cn gx.cn gz.cn hb.cn he.cn hi.cn hk.cn hl.cn hn.cn jl.cn js.cn ln.cn mo.cn net.cn nm.cn nx.cn org.cn qh.cn sc.cn sh.cn sn.cn sx.cn tj.cn tw.cn xj.cn xz.cn yn.cn zj.cn
- arts.co com.co edu.co firm.co gov.co info.co int.co mil.co nom.co org.co rec.co store.co web.co
+ ac.cn ah.cn bj.cn com.cn cq.cn edu.cn fj.cn gd.cn gov.cn gs.cn gx.cn gz.cn ha.cn hb.cn he.cn hi.cn hk.cn hl.cn hn.cn jl.cn js.cn jx.cn ln.cn mo.cn net.cn nm.cn nx.cn org.cn qh.cn sc.cn sd.cn sh.cn sn.cn sx.cn tj.cn tw.cn xj.cn xz.cn yn.cn zj.cn
+ arts.co com.co edu.co firm.co gov.co info.co int.co mil.co net.co nom.co org.co rec.co store.co web.co
+ lkd.co.im ltd.co.im plc.co.im
au.com br.com cn.com de.com eu.com gb.com hu.com no.com qc.com ru.com sa.com se.com uk.com us.com uy.com za.com
ac.cr co.cr ed.cr fi.cr go.cr or.cr sa.cr
- com.cu net.cu org.cu
- ac.cy com.cy gov.cy net.cy org.cy
+ com.cu edu.cu gov.cu inf.cu net.cu org.cu
+ gov.cx
+ ac.cy biz.cy com.cy ekloges.cy gov.cy ltd.cy name.cy net.cy org.cy parliament.cy press.cy pro.cy tm.cy
co.dk
- com.dm net.dm org.dm
+ com.dm edu.dm gov.dm net.dm org.dm
art.do com.do edu.do gob.do gov.do mil.do net.do org.do sld.do web.do
- art.dz ass.dz com.dz edu.dz gov.dz net.dz org.dz pol.dz
- com.ec edu.ec fin.ec gov.ec k12.ec med.ec mil.ec net.ec org.ec
- com.ee fie.ee med.ee org.ee pri.ee
- com.eg edu.eg eun.eg gov.eg net.eg org.eg sci.eg
+ art.dz asso.dz com.dz edu.dz gov.dz net.dz org.dz pol.dz
+ com.ec edu.ec fin.ec gov.ec info.ec k12.ec med.ec mil.ec net.ec org.ec pro.ec
+ co.ee com.ee edu.ee fie.ee med.ee org.ee pri.ee
+ com.eg edu.eg eun.eg gov.eg mil.eg net.eg org.eg sci.eg
com.er edu.er gov.er ind.er mil.er net.er org.er
com.es edu.es gob.es nom.es org.es
biz.et com.et edu.et gov.et info.et name.et net.et org.et
- ac.fj com.fj gov.fj id.fj org.fj school.fj
- ac.fk com.fk gov.fk net.fk nom.fk org.fk
+ aland.fi
+ ac.fj biz.fj com.fj gov.fj id.fj info.fj mil.fj name.fj net.fj org.fj pro.fj school.fj
+ ac.fk co.fk com.fk gov.fk net.fk nom.fk org.fk
aeroport.fr assedic.fr asso.fr avocat.fr avoues.fr barreau.fr cci.fr chambagri.fr chirurgiens-dentistes.fr com.fr experts-comptables.fr geometre-expert.fr gouv.fr greta.fr huissier-justice.fr medecin.fr nom.fr notaires.fr pharmacien.fr port.fr prd.fr presse.fr tm.fr veterinaire.fr
com.ge edu.ge gov.ge mil.ge net.ge org.ge pvt.ge
ac.gg alderney.gg co.gg gov.gg guernsey.gg ind.gg ltd.gg net.gg org.gg sark.gg sch.gg
+ com.gh edu.gh gov.gh mil.gh org.gh
+ com.gi edu.gi gov.gi ltd.gi mod.gi org.gi
+ ac.gn com.gn gov.gn net.gn org.gn
+ asso.gp com.gp edu.gp net.gp org.gp
com.gr edu.gr gov.gr net.gr org.gr
com.gt edu.gt gob.gt ind.gt mil.gt net.gt org.gt
com.gu edu.gu gov.gu mil.gu net.gu org.gu
com.hk edu.hk gov.hk idv.hk net.hk org.hk
- com.hr from.hr iz.hr
- 2000.hu agrar.hu bolt.hu casino.hu city.hu co.hu erotica.hu erotika.hu film.hu forum.hu games.hu hotel.hu info.hu ingatlan.hu jogasz.hu konyvelo.hu lakas.hu media.hu news.hu org.hu priv.hu reklam.hu sex.hu shop.hu sport.hu suli.hu szex.hu tm.hu tozsde.hu utazas.hu video.hu
- ac.id co.id go.id mil.id net.id or.id
+ com.hn edu.hn gob.hn mil.hn net.hn org.hn
+ com.hr from.hr iz.hr name.hr
+ adult.ht art.ht asso.ht com.ht coop.ht edu.ht firm.ht gouv.ht info.ht med.ht net.ht org.ht perso.ht pol.ht pro.ht rel.ht shop.ht
+ 2000.hu ac.hu agrar.hu bolt.hu casino.hu city.hu co.hu edu.hu erotica.hu erotika.hu film.hu forum.hu games.hu gov.hu hotel.hu info.hu ingatlan.hu jogasz.hu konyvelo.hu lakas.hu media.hu news.hu org.hu priv.hu reklam.hu sex.hu shop.hu sport.hu suli.hu szex.hu tm.hu tozsde.hu utazas.hu video.hu
+ ac.id co.id go.id mil.id net.id or.id sch.id web.id
+ gov.ie
ac.il co.il gov.il idf.il k12.il muni.il net.il org.il
ac.im co.im gov.im net.im nic.im org.im
- ac.in co.in ernet.in firm.in gen.in gov.in ind.in mil.in net.in nic.in org.in res.in
+ ac.in co.in edu.in ernet.in firm.in gen.in gov.in ind.in mil.in net.in nic.in org.in res.in
+ com.io gov.io mil.io net.io org.io
ac.ir co.ir gov.ir id.ir net.ir org.ir sch.ir
+ edu.it gov.it
ac.je co.je gov.je ind.je jersey.je ltd.je net.je org.je sch.je
+ com.jm edu.jm gov.jm net.jm org.jm
com.jo edu.jo gov.jo mil.jo net.jo org.jo
ac.jp ad.jp aichi.jp akita.jp aomori.jp chiba.jp co.jp ed.jp ehime.jp fukui.jp fukuoka.jp fukushima.jp gifu.jp go.jp gov.jp gr.jp gunma.jp hiroshima.jp hokkaido.jp hyogo.jp ibaraki.jp ishikawa.jp iwate.jp kagawa.jp kagoshima.jp kanagawa.jp kanazawa.jp kawasaki.jp kitakyushu.jp kobe.jp kochi.jp kumamoto.jp kyoto.jp lg.jp matsuyama.jp mie.jp miyagi.jp miyazaki.jp nagano.jp nagasaki.jp nagoya.jp nara.jp ne.jp net.jp niigata.jp oita.jp okayama.jp okinawa.jp or.jp org.jp osaka.jp saga.jp saitama.jp sapporo.jp sendai.jp shiga.jp shimane.jp shizuoka.jp takamatsu.jp tochigi.jp tokushima.jp tokyo.jp tottori.jp toyama.jp utsunomiya.jp wakayama.jp yamagata.jp yamaguchi.jp yamanashi.jp yokohama.jp
+ ac.ke co.ke go.ke ne.ke new.ke or.ke sc.ke
+ com.kg edu.kg gov.kg mil.kg net.kg org.kg
com.kh edu.kh gov.kh mil.kh net.kh org.kh per.kh
- ac.kr co.kr go.kr kyonggi.kr ne.kr or.kr pe.kr re.kr seoul.kr
- com.kw edu.kw gov.kw net.kw org.kw
+ ac.kr busan.kr chungbuk.kr chungnam.kr co.kr daegu.kr daejeon.kr es.kr gangwon.kr go.kr gwangju.kr gyeongbuk.kr gyeonggi.kr gyeongnam.kr hs.kr incheon.kr jeju.kr jeonbuk.kr jeonnam.kr kg.kr kyonggi.kr mil.kr ms.kr ne.kr or.kr pe.kr re.kr sc.kr seoul.kr ulsan.kr
+ com.kw edu.kw gov.kw mil.kw net.kw org.kw
+ com.ky edu.ky gov.ky net.ky org.ky
+ com.kz edu.kz gov.kz mil.kz net.kz org.kz
com.la net.la org.la
com.lb edu.lb gov.lb mil.lb net.lb org.lb
com.lc edu.lc gov.lc net.lc org.lc
+ assn.lk com.lk edu.lk gov.lk grp.lk hotel.lk int.lk ltd.lk net.lk ngo.lk org.lk sch.lk soc.lk web.lk
+ com.lr edu.lr gov.lr net.lr org.lr
+ co.ls org.ls
+ gov.lt mil.lt
asn.lv com.lv conf.lv edu.lv gov.lv id.lv mil.lv net.lv org.lv
- com.ly net.ly org.ly
- ac.ma co.ma net.ma org.ma press.ma
- com.mk
+ biz.ly com.ly edu.ly gov.ly id.ly med.ly net.ly org.ly plc.ly sch.ly
+ ac.ma co.ma gov.ma net.ma org.ma press.ma
+ asso.mc tm.mc
+ com.mg edu.mg gov.mg mil.mg nom.mg org.mg prd.mg tm.mg
+ army.mil navy.mil
+ com.mk org.mk
com.mm edu.mm gov.mm net.mm org.mm
+ edu.mn gov.mn org.mn
com.mo edu.mo gov.mo net.mo org.mo
- com.mt edu.mt net.mt org.mt tm.mt uu.mt
+ music.mobi weather.mobi
+ com.mt edu.mt gov.mt net.mt org.mt tm.mt uu.mt
+ co.mu com.mu
+ aero.mv biz.mv com.mv coop.mv edu.mv gov.mv info.mv int.mv mil.mv museum.mv name.mv net.mv org.mv pro.mv
+ ac.mw co.mw com.mw coop.mw edu.mw gov.mw int.mw museum.mw net.mw org.mw
com.mx edu.mx gob.mx net.mx org.mx
- com.my edu.my gov.my net.my org.my
+ com.my edu.my gov.my mil.my name.my net.my org.my
alt.na com.na cul.na edu.na net.na org.na telecom.na unam.na
com.nc net.nc org.nc
de.net gb.net uk.net
ac.ng com.ng edu.ng gov.ng net.ng org.ng sch.ng
com.ni edu.ni gob.ni net.ni nom.ni org.ni
- tel.no
- com.np edu.np gov.np net.np org.np
- fax.nr mob.nr mobil.nr mobile.nr tel.nr tlf.nr co.nr
+ fhs.no folkebibl.no fylkesbibl.no herad.no idrett.no kommune.no mil.no museum.no priv.no stat.no tel.no vgs.no
+ com.np edu.np gov.np mil.np net.np org.np
+ biz.nr co.nr com.nr edu.nr fax.nr gov.nr info.nr mob.nr mobil.nr mobile.nr net.nr org.nr tel.nr tlf.nr
ac.nz co.nz cri.nz geek.nz gen.nz govt.nz iwi.nz maori.nz mil.nz net.nz org.nz school.nz
- ac.om biz.om co.om com.om edu.om gov.om med.om mod.om museum.om net.om org.om pro.om
+ ac.om biz.om co.om com.om edu.om gov.om med.om mil.om mod.om museum.om net.om org.om pro.om sch.om
dk.org eu.org
- ac.pa com.pa edu.pa gob.pa net.pa org.pa sld.pa
+ abo.pa ac.pa com.pa edu.pa gob.pa ing.pa med.pa net.pa nom.pa org.pa sld.pa
com.pe edu.pe gob.pe mil.pe net.pe nom.pe org.pe
+ com.pf edu.pf org.pf
ac.pg com.pg net.pg
- com.ph mil.ph net.ph ngo.ph org.ph
+ com.ph edu.ph gov.ph mil.ph net.ph ngo.ph org.ph
biz.pk com.pk edu.pk fam.pk gob.pk gok.pk gon.pk gop.pk gos.pk gov.pk net.pk org.pk web.pk
- agro.pl aid.pl atm.pl auto.pl biz.pl com.pl edu.pl gmina.pl gsm.pl info.pl mail.pl media.pl miasta.pl mil.pl net.pl nieruchomosci.pl nom.pl org.pl pc.pl powiat.pl priv.pl realestate.pl rel.pl sex.pl shop.pl sklep.pl sos.pl szkola.pl targi.pl tm.pl tourism.pl travel.pl turystyka.pl
- edu.ps gov.ps plo.ps sec.ps
+ agro.pl aid.pl art.pl atm.pl auto.pl bialystok.pl biz.pl com.pl edu.pl gda.pl gdansk.pl gmina.pl gov.pl gsm.pl info.pl katowice.pl krakow.pl lodz.pl lublin.pl mail.pl media.pl miasta.pl mil.pl net.pl ngo.pl nieruchomosci.pl nom.pl olsztyn.pl opole.pl org.pl pc.pl powiat.pl poznan.pl priv.pl realestate.pl rel.pl sex.pl shop.pl sklep.pl slupsk.pl sos.pl szczecin.pl szkola.pl targi.pl tm.pl torun.pl tourism.pl travel.pl turystyka.pl warszawa.pl waw.pl wroc.pl wroclaw.pl za.pl zgora.pl
+ biz.pr com.pr edu.pr gov.pr info.pr isla.pr name.pr net.pr org.pr pro.pr
+ cpa.pro law.pro med.pro
+ com.ps edu.ps gov.ps net.ps org.ps plo.ps sec.ps
com.pt edu.pt gov.pt int.pt net.pt nome.pt org.pt publ.pt
- com.py edu.py net.py org.py
+ com.py edu.py gov.py net.py org.py
com.qa edu.qa gov.qa net.qa org.qa
asso.re com.re nom.re
arts.ro com.ro firm.ro info.ro nom.ro nt.ro org.ro rec.ro store.ro tm.ro www.ro
- com.ru gov.ru net.ru org.ru pp.ru
+ ac.rs co.rs edu.rs gov.rs in.rs org.rs
+ ac.ru adygeya.ru altai.ru amur.ru amursk.ru arkhangelsk.ru astrakhan.ru baikal.ru bashkiria.ru belgorod.ru bir.ru bryansk.ru buryatia.ru cbg.ru chel.ru chelyabinsk.ru chita.ru chukotka.ru chuvashia.ru cmw.ru com.ru dagestan.ru dudinka.ru e-burg.ru edu.ru fareast.ru gov.ru grozny.ru int.ru irkutsk.ru ivanovo.ru izhevsk.ru jamal.ru jar.ru joshkar-ola.ru k-uralsk.ru kalmykia.ru kaluga.ru kamchatka.ru karelia.ru kazan.ru kchr.ru kemerovo.ru khabarovsk.ru khakassia.ru khv.ru kirov.ru kms.ru koenig.ru komi.ru kostroma.ru krasnoyarsk.ru kuban.ru kurgan.ru kursk.ru kustanai.ru kuzbass.ru lipetsk.ru magadan.ru magnitka.ru mari-el.ru mari.ru marine.ru mil.ru mordovia.ru mosreg.ru msk.ru murmansk.ru mytis.ru nakhodka.ru nalchik.ru net.ru nkz.ru nnov.ru norilsk.ru nov.ru novosibirsk.ru nsk.ru omsk.ru orenburg.ru org.ru oryol.ru oskol.ru palana.ru penza.ru perm.ru pp.ru pskov.ru ptz.ru pyatigorsk.ru rnd.ru rubtsovsk.ru ryazan.ru sakhalin.ru samara.ru saratov.ru simbirsk.ru smolensk.ru snz.ru spb.ru stavropol.ru stv.ru surgut.ru syzran.ru tambov.ru tatarstan.ru test.ru tom.ru tomsk.ru tsaritsyn.ru tsk.ru tula.ru tuva.ru tver.ru tyumen.ru udm.ru udmurtia.ru ulan-ude.ru vdonsk.ru vladikavkaz.ru vladimir.ru vladivostok.ru volgograd.ru vologda.ru voronezh.ru vrn.ru vyatka.ru yakutia.ru yamal.ru yaroslavl.ru yekaterinburg.ru yuzhno-sakhalinsk.ru zgrad.ru
+ ac.rw co.rw com.rw edu.rw gouv.rw gov.rw int.rw mil.rw net.rw
com.sa edu.sa gov.sa med.sa net.sa org.sa pub.sa sch.sa
com.sb edu.sb gov.sb net.sb org.sb
- com.sd edu.sd gov.sd med.sd net.sd org.sd sch.sd
- brand.se fh.se fhsk.se fhv.se komforb.se kommunalforbund.se komvux.se lanarb.se lanbib.se naturbruksgymn.se org.se parti.se pp.se press.se sshn.se tm.se
- com.sg edu.sg gov.sg net.sg org.sg per.sg
+ com.sc edu.sc gov.sc net.sc org.sc
+ com.sd edu.sd gov.sd info.sd med.sd net.sd org.sd sch.sd tv.sd
+ ab.se ac.se bd.se brand.se c.se d.se e.se f.se fh.se fhsk.se fhv.se g.se h.se i.se k.se komforb.se kommunalforbund.se komvux.se lanarb.se lanbib.se m.se mil.se n.se naturbruksgymn.se o.se org.se parti.se pp.se press.se s.se sshn.se t.se tm.se u.se w.se x.se y.se z.se
+ com.sg edu.sg gov.sg idn.sg net.sg org.sg per.sg
com.sh edu.sh gov.sh mil.sh net.sh org.sh
+ edu.sk gov.sk mil.sk
co.st com.st consulado.st edu.st embaixada.st gov.st mil.st net.st org.st principe.st saotome.st store.st
com.sv edu.sv gob.sv org.sv red.sv
com.sy gov.sy net.sy org.sy
- ac.th co.th go.th net.th or.th
+ at.tf bg.tf ca.tf ch.tf cz.tf de.tf edu.tf eu.tf int.tf net.tf pl.tf ru.tf sg.tf us.tf
+ ac.th co.th go.th in.th mi.th net.th or.th
+ ac.tj biz.tj co.tj com.tj edu.tj go.tj gov.tj int.tj mil.tj name.tj net.tj org.tj web.tj
com.tn edunet.tn ens.tn fin.tn gov.tn ind.tn info.tn intl.tn nat.tn net.tn org.tn rnrt.tn rns.tn rnu.tn tourism.tn
- bbs.tr com.tr edu.tr gen.tr gov.tr k12.tr mil.tr net.tr org.tr
+ gov.to
+ gov.tp
+ av.tr bbs.tr bel.tr biz.tr com.tr dr.tr edu.tr gen.tr gov.tr info.tr k12.tr mil.tr name.tr net.tr org.tr pol.tr tel.tr web.tr
aero.tt at.tt au.tt be.tt biz.tt ca.tt co.tt com.tt coop.tt de.tt dk.tt edu.tt es.tt eu.tt fr.tt gov.tt info.tt int.tt it.tt jobs.tt mobi.tt museum.tt name.tt net.tt nic.tt org.tt pro.tt se.tt travel.tt uk.tt us.tt
- co.tv
- com.tw edu.tw gove.tw idv.tw net.tw org.tw
- com.ua edu.ua gov.ua net.ua org.ua
- ac.ug co.ug go.ug or.ug
- ac.uk co.uk edu.uk gov.uk ltd.uk me.uk mod.uk net.uk nhs.uk nic.uk org.uk plc.uk police.uk sch.uk
- dni.us fed.us
+ co.tv gov.tv
+ club.tw com.tw ebiz.tw edu.tw game.tw gov.tw idv.tw mil.tw net.tw org.tw
+ ac.tz co.tz go.tz ne.tz or.tz
+ cherkassy.ua chernigov.ua chernovtsy.ua ck.ua cn.ua co.ua com.ua crimea.ua cv.ua dn.ua dnepropetrovsk.ua donetsk.ua dp.ua edu.ua gov.ua if.ua in.ua ivano-frankivsk.ua kh.ua kharkov.ua kherson.ua khmelnitskiy.ua kiev.ua kirovograd.ua km.ua kr.ua ks.ua kv.ua lg.ua lugansk.ua lutsk.ua lviv.ua mk.ua net.ua nikolaev.ua od.ua odessa.ua org.ua pl.ua poltava.ua rovno.ua rv.ua sebastopol.ua sumy.ua te.ua ternopil.ua uzhgorod.ua vinnica.ua vn.ua zaporizhzhe.ua zhitomir.ua zp.ua zt.ua
+ ac.ug co.ug go.ug ne.ug or.ug sc.ug
+ ac.uk bl.uk british-library.uk co.uk edu.uk gov.uk icnet.uk jet.uk ltd.uk me.uk mod.uk national-library-scotland.uk net.uk nhs.uk nic.uk nls.uk org.uk parliament.uk plc.uk police.uk sch.uk
+ ak.us al.us ar.us az.us ca.us co.us ct.us dc.us de.us dni.us fed.us fl.us ga.us hi.us ia.us id.us il.us in.us isa.us kids.us ks.us ky.us la.us ma.us md.us me.us mi.us mn.us mo.us ms.us mt.us nc.us nd.us ne.us nh.us nj.us nm.us nsn.us nv.us ny.us oh.us ok.us or.us pa.us ri.us sc.us sd.us tn.us tx.us ut.us va.us vt.us wa.us wi.us wv.us wy.us
com.uy edu.uy gub.uy mil.uy net.uy org.uy
+ vatican.va
arts.ve bib.ve co.ve com.ve edu.ve firm.ve gov.ve info.ve int.ve mil.ve net.ve nom.ve org.ve rec.ve store.ve tec.ve web.ve
- co.vi net.vi org.vi
+ co.vi com.vi edu.vi gov.vi net.vi org.vi
ac.vn biz.vn com.vn edu.vn gov.vn health.vn info.vn int.vn name.vn net.vn org.vn pro.vn
ch.vu com.vu de.vu edu.vu fr.vu net.vu org.vu
com.ws edu.ws gov.ws net.ws org.ws
com.ye edu.ye gov.ye mil.ye net.ye org.ye
ac.yu co.yu edu.yu org.yu
ac.za alt.za bourse.za city.za co.za edu.za gov.za law.za mil.za net.za ngo.za nom.za org.za school.za tm.za web.za
+ ac.zm co.zm gov.zm org.zm sch.zm
ac.zw co.zw gov.zw org.zw
/) {
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/rules/20_dnsbl_tests.cf
^
|
| @@ -189,25 +189,6 @@
#reuse __DNS_FROM_RFC_WHOIS DNS_FROM_RFC_WHOIS
# ---------------------------------------------------------------------------
-# CompleteWhois blacklists
-
-header __RCVD_IN_WHOIS eval:check_rbl('whois', 'combined-HIB.dnsiplists.completewhois.com.')
-tflags __RCVD_IN_WHOIS net
-
-header RCVD_IN_WHOIS_BOGONS eval:check_rbl_sub('whois', '127.0.0.2')
-describe RCVD_IN_WHOIS_BOGONS CompleteWhois: sender on bogons IP block
-tflags RCVD_IN_WHOIS_BOGONS net
-
-header RCVD_IN_WHOIS_HIJACKED eval:check_rbl_sub('whois', '127.0.0.3')
-describe RCVD_IN_WHOIS_HIJACKED CompleteWhois: sender on hijacked IP block
-tflags RCVD_IN_WHOIS_HIJACKED net
-
-header RCVD_IN_WHOIS_INVALID eval:check_rbl('whois-lastexternal', 'combined-HIB.dnsiplists.completewhois.com.', '127.0.0.4')
-describe RCVD_IN_WHOIS_INVALID CompleteWhois: sender on invalid IP block
-tflags RCVD_IN_WHOIS_INVALID net
-#reuse RCVD_IN_WHOIS_INVALID RCVD_IN_RFC_IPWHOIS
-
-# ---------------------------------------------------------------------------
# Now, single zone BLs follow:
# DSBL catches open relays, badly-installed CGI scripts and open SOCKS and
@@ -231,12 +212,6 @@
tflags DNS_FROM_AHBL_RHSBL net
#reuse DNS_FROM_AHBL_RHSBL
-# another domain-based blacklist
-header DNS_FROM_SECURITYSAGE eval:check_rbl_envfrom('securitysage', 'blackhole.securitysage.com.')
-describe DNS_FROM_SECURITYSAGE Envelope sender in blackholes.securitysage.com
-tflags DNS_FROM_SECURITYSAGE net
-#reuse DNS_FROM_SECURITYSAGE
-
# ---------------------------------------------------------------------------
# NOTE: donation tests, see README file for details
@@ -276,19 +251,26 @@
# ---------------------------------------------------------------------------
+# Section for DNS WL related lookups below.
-# Section for DNS WL related lookups below:
-
+# Sender Score Certified (formerly Bonded Sender, hence the legacy rule names):
+# http://www.senderscorecertified.com/
header RCVD_IN_BSP_TRUSTED eval:check_rbl_txt('bsp-firsttrusted', 'sa-trusted.bondedsender.org.', '(?i:bonded)')
-describe RCVD_IN_BSP_TRUSTED Sender is in Bonded Sender Program (trusted relay)
+describe RCVD_IN_BSP_TRUSTED Sender is in Sender Score Certified (trusted relay)
tflags RCVD_IN_BSP_TRUSTED net nice
#reuse RCVD_IN_BSP_TRUSTED
header RCVD_IN_BSP_OTHER eval:check_rbl_txt('bsp-untrusted', 'sa-other.bondedsender.org.', '(?i:bonded)')
-describe RCVD_IN_BSP_OTHER Sender is in Bonded Sender Program (other relay)
+describe RCVD_IN_BSP_OTHER Sender is in Sender Score Certified (other relay)
tflags RCVD_IN_BSP_OTHER net nice
#reuse RCVD_IN_BSP_OTHER
+# confirmed-opt-in list; see bug 5476
+header RCVD_IN_SSC_TRUSTED_COI eval:check_rbl('ssc-firsttrusted', 'plus.bondedsender.org.')
+describe RCVD_IN_SSC_TRUSTED_COI Sender is in Sender Score Certified (confirmed opt-in)
+tflags RCVD_IN_SSC_TRUSTED_COI net nice
+#reuse RCVD_IN_SSC_TRUSTED_COI
+
# ---------------------------------------------------------------------------
# IADB support ...
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/rules/20_dynrdns.cf
^
|
| @@ -189,13 +189,17 @@
# exceptions (bug 5397):
header __RDNS_STATIC X-Spam-Relays-Untrusted =~ /^[^\]]+ rdns=\S*(?:static|fixip)/i
+# bug 5586:
+header __CGATE_RCVD Received =~ /by \S+ \(CommuniGate Pro/
+
+header __RDNS_NONE X-Spam-Relays-Untrusted =~ /^[^\]]+ rdns= /
+
###########################################################################
meta RDNS_DYNAMIC (__LAST_UNTRUSTED_RELAY_NO_AUTH && !__RDNS_STATIC && (__RDNS_DYNAMIC_IPADDR || __RDNS_DYNAMIC_DHCP || __RDNS_DYNAMIC_HCC || __RDNS_DYNAMIC_ATTBI || __RDNS_DYNAMIC_ROGERS || __RDNS_DYNAMIC_ADELPHIA || __RDNS_DYNAMIC_DIALIN || __RDNS_DYNAMIC_HEXIP || __RDNS_DYNAMIC_SPLIT_IP || __RDNS_DYNAMIC_YAHOOBB || __RDNS_DYNAMIC_OOL || __RDNS_DYNAMIC_RR2 || __RDNS_DYNAMIC_COMCAST || __RDNS_DYNAMIC_TELIA || __RDNS_DYNAMIC_VTR || __RDNS_DYNAMIC_CHELLO_NO || __RDNS_DYNAMIC_CHELLO_NL || __RDNS_DYNAMIC_VELOX || __RDNS_DYNAMIC_NTL || __RDNS_DYNAMIC_HOME_NL || __RDNS_DYNAMIC_TDS || __RDNS_DYNAMIC_VIRTUA || __RDNS_DYNAMIC_SPACELAN || __RDNS_INDICATOR_DYN || __RDNS_INDICATOR_RES || __RDNS_INDICATOR_TYPE2 || __RDNS_DYNAMIC_TTNET))
describe RDNS_DYNAMIC Delivered to trusted network by host with dynamic-looking rDNS
-header RDNS_NONE X-Spam-Relays-Untrusted =~ /^[^\]]+ rdns= /
+meta RDNS_NONE (__RDNS_NONE && !__CGATE_RCVD)
describe RDNS_NONE Delivered to trusted network by a host with no rDNS
-
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/rules/20_phrases.cf
^
|
| @@ -39,6 +39,8 @@
# CLICK rules
# note HTML_LINK_CLICK* rules in HTML parser section
+# dummy for rule that was removed so as not to break scores and metas still referring ot it
+meta HG_HORMONE (0)
body GUARANTEED_100_PERCENT /100% GUARANTEED/i
describe GUARANTEED_100_PERCENT One hundred percent guaranteed
@@ -135,20 +137,6 @@
body FORWARD_LOOKING /\bcontains forward-looking statements\b/i
describe FORWARD_LOOKING Stock Disclaimer Statement
-
-# Avoid an FP noted by NISHIJIMA Takanori: 'Japanese string sequence:
-# "Su" "Ku" "Na" "I" "Ko" "Su" "To" "De" "Yo" "Ri" ...
-# (This string means, "More ...(ex. "productive" or "effective")
-# with less cost", and is a popular phrase but have no relations
-# with human growth hormone, of course. :-)
-# Encoded byte sequence: "$9" "$/" "$J" "$$" "%3" "%9" "%H" "$G" "$h" "$j"'
-# note FP: ^^^^^^^^^^^^
-body __HG_HORMONE /\b(?:human growth hormone|(?-i:HGH)|H.G.H)\b/i
-meta HG_HORMONE (!__ISO_2022_JP_DELIM && __HG_HORMONE)
-describe HG_HORMONE Talks about hormones for human growth
-
-
-
body ONE_TIME /\bone\W+time (?:charge|investment|offer|promotion)/i
describe ONE_TIME One Time Rip Off
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/rules/20_ratware.cf
^
|
| @@ -45,6 +45,22 @@
#
# NOTE: these rules should specify version numbers!
+# first define situations where servers rewrite message id so we can't use message id to detect forgeries
+
+header __HOTMAIL_BAYDAV_MSGID MESSAGEID =~ /^<BAY\d+-DAV\d+[A-Z0-9]{25}\@phx\.gbl>$/m
+
+header __IPLANET_MESSAGING_SERVER Received =~ /iPlanet Messaging Server/
+
+header __LYRIS_EZLM_REMAILER List-Unsubscribe =~ /<mailto:(?:leave-\S+|\S+-unsubscribe)\@\S+>$/
+
+header __SYMPATICO_MSGID MESSAGEID =~ /^<BAYC\d+-PASMTP\d+[A-Z0-9]{25}\@CEZ\.ICE>$/m
+
+header __WACKY_SENDMAIL_VERSION Received =~ /\/CWT\/DCE\)/
+
+meta __UNUSABLE_MSGID (__LYRIS_EZLM_REMAILER || __GATED_THROUGH_RCVD_REMOVER || __WACKY_SENDMAIL_VERSION || __IPLANET_MESSAGING_SERVER || __HOTMAIL_BAYDAV_MSGID || __SYMPATICO_MSGID)
+
+## now on to the forgery rules
+
# AOL
header __AOL_MUA X-Mailer =~ /\bAOL\b/
@@ -61,16 +77,20 @@
header __OE_MUA X-Mailer =~ /\bOutlook Express [456]\./
header __OE_MSGID_1 MESSAGEID =~ /^<[A-Za-z0-9-]{7}[A-Za-z0-9]{20}\@hotmail\.com>$/m
header __OE_MSGID_2 MESSAGEID =~ /^<(?:[0-9a-f]{8}|[0-9a-f]{12})\$[0-9a-f]{8}\$[0-9a-f]{8}\@\S+>$/m
-header __OE_MSGID_3 MESSAGEID =~ /^<BAY\d+-DAV\d+[A-Z0-9]{25}\@phx\.gbl>$/m
-meta __FORGED_OE (__OE_MUA && !__OE_MSGID_1 && !__OE_MSGID_2 && !__OE_MSGID_3 && !__UNUSABLE_MSGID)
+meta __FORGED_OE (__OE_MUA && !__OE_MSGID_1 && !__OE_MSGID_2 && !__UNUSABLE_MSGID)
# Outlook versions that usually use "dollar signs"
header __OUTLOOK_DOLLARS_MUA X-Mailer =~ /^Microsoft Outlook(?: 8| CWS, Build 9|, Build 10)\./
header __OUTLOOK_DOLLARS_OTHER MESSAGEID =~ /^<\!\~\!/m
meta __FORGED_OUTLOOK_DOLLARS (__OUTLOOK_DOLLARS_MUA && !__OE_MSGID_2 && !__OUTLOOK_DOLLARS_OTHER && !__VISTA_MSGID && !__IMS_MSGID && !__UNUSABLE_MSGID)
-
# use new meta rules to implement FORGED_MUA_OUTLOOK rule from 2.60
-meta FORGED_MUA_OUTLOOK (__FORGED_OE || __FORGED_OUTLOOK_DOLLARS)
+
+# bug 5496: avoid some FPs
+header __FMO_EXCL_O3416 X-Mailer =~ /^Microsoft Outlook, Build 10.0.3416$/
+header __FMO_EXCL_OE3790 X-Mailer =~ /^Microsoft Outlook Express 6.00.3790.3959$/
+# bug 5910: __VISTA_MSGID also now used by Outlook Express from XP SP3
+#
+meta FORGED_MUA_OUTLOOK ((__FORGED_OE || __FORGED_OUTLOOK_DOLLARS) && !__FMO_EXCL_O3416 && !__FMO_EXCL_OE3790 && !__VISTA_MSGID)
describe FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
# Outlook IMO (Internet Mail Only)
@@ -93,13 +113,6 @@
meta FORGED_MUA_EUDORA (__EUDORA_MUA && !__EUDORA_MSGID && !__UNUSABLE_MSGID && !__HAS_X_LOOP && !__HAS_X_MAILING_LIST)
describe FORGED_MUA_EUDORA Forged mail pretending to be from Eudora
-# Mar 26 2003 jm: AOL MUAs add a Received line, and do not use "real names" in
-# From or To headers, as far as I can see, quinlan: also see bug 1426
-# Jul 30 2007 jm: bug 5475: AOL now has many other sites
-header __AOL_FROM From:addr =~ /\@(?:aol|cs)\./i
-meta FORGED_MUA_AOL_FROM (__AOL_MUA && !__AOL_FROM)
-describe FORGED_MUA_AOL_FROM Forged mail pretending to be from AOL (by From)
-
# From private mail with developers. Some top tips here!
header __THEBAT_MUA X-Mailer =~ /The Bat!/
header __THEBAT_MUA_V1 X-Mailer =~ /^The Bat! \(v1\./
@@ -171,7 +184,6 @@
# 2003-02-23: quinlan
# some useful meta rule sub-elements
header __CTYPE_HTML Content-Type =~ /text\/html/i
-header __ANY_AOL_MUA X-Mailer =~ /^AOL\b/
header __ANY_IMS_MUA X-Mailer =~ /^Internet Mail Service\b/
header __ANY_OUTLOOK_MUA X-Mailer =~ /^Microsoft Outlook\b/
@@ -179,9 +191,6 @@
meta FORGED_QUALCOMM_TAGS (__ANY_QUALCOMM_MUA && __MIME_HTML && !__TAG_EXISTS_HTML)
describe FORGED_QUALCOMM_TAGS QUALCOMM mailers can't send HTML in this format
-meta FORGED_AOL_TAGS (__ANY_AOL_MUA && __MIME_HTML && !__TAG_EXISTS_HTML)
-describe FORGED_AOL_TAGS AOL mailers can't send HTML in this format
-
meta FORGED_IMS_TAGS (!__YAHOO_BULK && __ANY_IMS_MUA && __MIME_HTML && !(__TAG_EXISTS_HTML && __TAG_EXISTS_HEAD && __TAG_EXISTS_META && __TAG_EXISTS_BODY))
describe FORGED_IMS_TAGS IMS mailers can't send HTML in this format
@@ -280,10 +289,7 @@
ifplugin Mail::SpamAssassin::Plugin::HeaderEval
-# Dec 17 2002 jm: this means "message ID is either too old or has been
-# rewritten by a gateway". Made into an eval test since meta tests cannot
-# (yet) chain from other meta tests.
-header __UNUSABLE_MSGID eval:check_messageid_not_usable()
+header __GATED_THROUGH_RCVD_REMOVER eval:gated_through_received_hdr_remover()
header __RATWARE_NAME_ID eval:check_ratware_name_id()
meta RATWARE_NAME_ID __RATWARE_0_TZ_DATE && __RATWARE_NAME_ID
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/rules/20_vbounce.cf
^
|
| @@ -62,7 +62,7 @@
# ---------------------------------------------------------------------------
# General bounce messages
-header __BOUNCE_FROM_DAEMON From =~ /(?:(?:daemon|deamon|majordomo|postmaster|virus|scanner|devnull|automated-response|SMTP.gateway|mailadmin|mailmaster|surfcontrol|You_Got_Spammed)\S+\@|<>)/i
+header __BOUNCE_FROM_DAEMON From =~ /(?:(?:daemon|deamon|majordomo|postmaster|virus|scanner|devnull|automated-response|SMTP.gateway|mailadmin|mailmaster|surfcontrol|You_Got_Spammed)\S*\@|<>)/i
header __BOUNCE_RPATH_NULL Return-Path =~ /<>/
@@ -113,6 +113,8 @@
header __BOUNCE_CTYPE Content-Type =~ /\bmultipart\/report\b/
header __BOUNCE_DEL_FAIL Subject =~ /^Delivery Failure Notification/
+header __NONBOUNCE_READ_RECEIPT_CTYPE Content-Type =~ /\breport-type=disposition-notification\b/
+
# Return-path: <delete@errmail.kagoya.net>
# 'Invalid e-mail address.'
header __BOUNCE_RPATH_ERRMAIL Return-Path =~ /delete\@errmail\./i
@@ -125,7 +127,7 @@
body __BOUNCE_NO_RESEND /\bPlease do not resend your original message\./
-meta BOUNCE_MESSAGE __HAVE_BOUNCE_RELAYS && (!__MY_SERVERS_FOUND && (__BOUNCE_FROM_DAEMON || __BOUNCE_RPATH_NULL || __BOUNCE_RPATH_MD || __BOUNCE_AUTO_GENERATED || __BOUNCE_Y_AUTOGEN || __BOUNCE_SYMANTEC || __BOUNCE_X_ERR_STAT || __BOUNCE_RETURNED || __BOUNCE_MAILDELFAIL || __BOUNCE_MSGDELFAIL || __BOUNCE_ESMTP || __BOUNCE_OOO_1 || __BOUNCE_OOO_2 || __BOUNCE_NEVER_SEE || __BOUNCE_NONWORKING || __BOUNCE_UNDELIVERABLE || __BOUNCE_UNDELIVERABLE_ML || __BOUNCE_NOTDEL || __BOUNCE_CTYPE || __BOUNCE_DEL_FAIL || __BOUNCE_ADDR_ERR || __BOUNCE_NO_VAL || __BOUNCE_DATA_FORMAT || __BOUNCE_COULD_NOT || __BOUNCE_UNDEL_MSG || __BOUNCE_OOO_H1 || __BOUNCE_OOO_H2 || __BOUNCE_OOO_H3 || __BOUNCE_RPATH_ERRMAIL || __BOUNCE_OOO_3 || __BOUNCE_INTERSCAN || __BOUNCE_ETRUST || __BOUNCE_AUTO_RESPONSE || __BOUNCE_AUTO_RESPOND || __BOUNCE_NO_RESEND))
+meta BOUNCE_MESSAGE __HAVE_BOUNCE_RELAYS && (!__MY_SERVERS_FOUND && !__NONBOUNCE_READ_RECEIPT_CTYPE && (__BOUNCE_FROM_DAEMON || __BOUNCE_RPATH_NULL || __BOUNCE_RPATH_MD || __BOUNCE_AUTO_GENERATED || __BOUNCE_Y_AUTOGEN || __BOUNCE_SYMANTEC || __BOUNCE_X_ERR_STAT || __BOUNCE_RETURNED || __BOUNCE_MAILDELFAIL || __BOUNCE_MSGDELFAIL || __BOUNCE_ESMTP || __BOUNCE_OOO_1 || __BOUNCE_OOO_2 || __BOUNCE_NEVER_SEE || __BOUNCE_NONWORKING || __BOUNCE_UNDELIVERABLE || __BOUNCE_UNDELIVERABLE_ML || __BOUNCE_NOTDEL || __BOUNCE_CTYPE || __BOUNCE_DEL_FAIL || __BOUNCE_ADDR_ERR || __BOUNCE_NO_VAL || __BOUNCE_DATA_FORMAT || __BOUNCE_COULD_NOT || __BOUNCE_UNDEL_MSG || __BOUNCE_OOO_H1 || __BOUNCE_OOO_H2 || __BOUNCE_OOO_H3 || __BOUNCE_RPATH_ERRMAIL || __BOUNCE_OOO_3 || __BOUNCE_INTERSCAN || __BOUNCE_ETRUST || __BOUNCE_AUTO_RESPONSE || __BOUNCE_AUTO_RESPOND || __BOUNCE_NO_RESEND))
describe BOUNCE_MESSAGE MTA bounce message
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/rules/30_text_de.cf
^
|
| @@ -293,7 +293,6 @@
lang de describe DIET_1 Reduzieren Sie Ihr Gewicht
lang de describe FIN_FREE Finanzielle Unabhängigkeit
lang de describe FORWARD_LOOKING Enthält Formulierungen aus Aktienprospekten
-lang de describe HG_HORMONE Erwähnt menschliche Wachstumshormone
lang de describe ONE_TIME Einmaliges Angebot/Gelegenheit
lang de describe JOIN_MILLIONS Machen Sie es Millionen von Amerikanern nach
lang de describe MARKETING_PARTNERS Angeblich haben Sie sich bei einem Partnerunternehmen registriert
@@ -315,14 +314,12 @@
lang de describe FORGED_MUA_OUTLOOK E-Mail täuscht E-Mail-Software Outlook vor
lang de describe FORGED_MUA_OIMO E-Mail täuscht E-Mail-Software Outlook vor
lang de describe FORGED_MUA_EUDORA E-Mail täuscht E-Mail-Software Eudora vor
-lang de describe FORGED_MUA_AOL_FROM E-Mail täuscht E-Mail-Software von AOL vor
lang de describe FORGED_MUA_THEBAT_CS E-Mail täuscht E-Mail-Software The Bat! vor
lang de describe FORGED_MUA_THEBAT_BOUN E-Mail täuscht E-Mail-Software The Bat! vor
lang de describe FORGED_OUTLOOK_HTML Outlook verschickt keine reinen HTML-Nachrichten
lang de describe FORGED_IMS_HTML Exchange verschickt keine reinen HTML-Nachrichten
lang de describe FORGED_THEBAT_HTML The Bat! v1 verschickt keine reinen HTML-Nachrichten
lang de describe FORGED_QUALCOMM_TAGS E-Mail-Programm von Qualcomm verwendet diese Art HTML nicht
-lang de describe FORGED_AOL_TAGS E-Mail-Programm von AOL verwendet diese Art HTML nicht
lang de describe FORGED_IMS_TAGS Exchange verwendet diese Art HTML nicht
lang de describe FORGED_OUTLOOK_TAGS Outlook verwendet diese HTML-Markierung nicht
lang de describe RATWARE_HASH_DASH Enthält Abwehrmaßnahme gegen Anti-Spam-Software ("hashbuster")
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/rules/30_text_fr.cf
^
|
| @@ -121,10 +121,8 @@
lang fr describe FAKE_HELO_YAHOO_CA Le HELO ne correspond pas au rDNS: yahoo.ca
lang fr describe FIN_FREE Parle de "liberté financière" (Financial Freedom)
lang fr describe FORGED_HOTMAIL_RCVD2 From hotmail.com, mais sans "Received:"
-lang fr describe FORGED_AOL_TAGS AOL n'envoie pas de HTML dans ce format
lang fr describe FORGED_IMS_HTML IMS n'envoie pas de messages en HTML seul
lang fr describe FORGED_IMS_TAGS IMS n'envoie pas de HTML dans ce format
-lang fr describe FORGED_MUA_AOL_FROM Mail falsifié prétendant venir d'AOL (selon From)
lang fr describe FORGED_MUA_EUDORA Message falsifié prétendant provenir du logiciel Eudora
lang fr describe FORGED_MUA_IMS Message falsifié prétendant provenir du logiciel IMS
lang fr describe FORGED_MUA_MOZILLA Message falsifié prétendant provenir du logiciel Mozilla
@@ -150,7 +148,6 @@
lang fr describe GUARANTEED_100_PERCENT Contient "One hundred percent guaranteed" (100% garanti)
lang fr describe HEAD_ILLEGAL_CHARS En-tête contient trop de caractères bruts invalides
lang fr describe HEADER_COUNT_CTYPE Plusieurs en-têtes Content-Type
-lang fr describe HG_HORMONE Parle d'hormone de croissance humaine
lang fr describe HIDE_WIN_STATUS Javascript destiné à camoufler une URL dans le navigateur
lang fr describe HTML_CHARSET_FARAWAY Jeu de caractères exotique utilisé pour le HTML
lang fr describe HTML_COMMENT_SAVED_URL Le message HTML est une page web sauvegardée
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/rules/30_text_nl.cf
^
|
| @@ -217,7 +217,6 @@
lang nl describe REFINANCE_NOW Hyphoteek oversluiten
lang nl describe NO_MEDICAL Geen medische keuring
lang nl describe FORWARD_LOOKING Aandelen waarschuwing
-lang nl describe HG_HORMONE Heeft het over groeihormomen
lang nl describe ONE_TIME Eenmalige afzettingspraktijk
lang nl describe JOIN_MILLIONS Voeg je bij miljoenen Amerikanen
lang nl describe ONLINE_PHARMACY Online apotheek
@@ -237,14 +236,12 @@
lang nl describe FORGED_MUA_OUTLOOK Vals mailtje, pretendeert afkomstig te zijn van MS Outlook
lang nl describe FORGED_MUA_OIMO Vals mailtje, pretendeert afkomstig te zijn van MS Outlook IMO
lang nl describe FORGED_MUA_EUDORA Vals mailtje, pretendeert afkomstig te zijn van Eudora
-lang nl describe FORGED_MUA_AOL_FROM Vals mailtje, pretendeert afkomstig te zijn van AOL (middels From)
lang nl describe FORGED_MUA_THEBAT_CS Mailtje dat pretendeert afkomstig te zijn van The Bat! (charset)
lang nl describe FORGED_MUA_THEBAT_BOUN Mailtje dat pretendeert afkomstig te zijn van The Bat! (boundary)
lang nl describe FORGED_OUTLOOK_HTML Outlook kan geen berichten met alleen HTML versturen
lang nl describe FORGED_IMS_HTML IMS kan geen berichten met alleen HTML versturen
lang nl describe FORGED_THEBAT_HTML The Bat! kan geen berichten met alleen HTML versturen
lang nl describe FORGED_QUALCOMM_TAGS QUALCOMM email programma's versturen geen HTML zoals deze
-lang nl describe FORGED_AOL_TAGS AOL email programma's versturen geen HTML zoals deze
lang nl describe FORGED_IMS_TAGS IMS email programma's versturen geen HTML zoals deze
lang nl describe FORGED_OUTLOOK_TAGS Outlook verstuurt geen HTML zoals deze
lang nl describe RATWARE_HASH_DASH Bevat een hashbuster in Send-Safe opmaak
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/rules/30_text_pl.cf
^
|
| @@ -104,11 +104,9 @@
lang pl describe FAKE_HELO_MSN odpowied¼ HELO hosta nie zgadza siê z rDNS: msn.com
lang pl describe FAKE_HELO_YAHOO_CA odpowied¼ HELO hosta nie zgadza siê z rDNS: yahoo.ca
lang pl describe FIN_FREE Wolno¶æ finansowa
-lang pl describe FORGED_AOL_TAGS Programy pocztowe AOL nie potrafi± wysy³aæ HTMLa w tym formacie
lang pl describe FORGED_HOTMAIL_RCVD2 Od: hotmail.com, lecz bez 'Received:'
lang pl describe FORGED_IMS_HTML IMS nie potrafi wysy³aæ wiadomo¶ci ca³kowicie w HTML
lang pl describe FORGED_IMS_TAGS Programy pocztowe IMS nie potrafi± wysy³aæ HTMLa w tym formacie
-lang pl describe FORGED_MUA_AOL_FROM Podrobiony mail udaj±cy przesy³kê z AOL
lang pl describe FORGED_MUA_EUDORA Podrobiony mail udaj±cy przesy³kê z programu Eudora
lang pl describe FORGED_MUA_IMS Podrobiony mail udaj±cy przesy³kê z IMS
lang pl describe FORGED_MUA_MOZILLA Podrobiony mail udaj±cy przesy³kê z Mozilli
@@ -134,7 +132,6 @@
lang pl describe GUARANTEED_100_PERCENT 100% gwarancji
lang pl describe HEADER_COUNT_CTYPE Znaleziono wielokrotne nag³ówki Content-Type
lang pl describe HEAD_ILLEGAL_CHARS Nag³ówek zawiera zbyt wiele niedozwolonych znaków
-lang pl describe HG_HORMONE O ludzkich hormonach wzrostu.
lang pl describe HIDE_WIN_STATUS U¿ywa Javascriptu by ukryæ URLe w przegl±darce
lang pl describe HTML_CHARSET_FARAWAY Obcy jêzyk u¿ywany w znacznikach HTML
lang pl describe HTML_COMMENT_SAVED_URL Wiadomo¶æ HTML jest stron± WWW
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/rules/50_scores.cf
^
|
| @@ -51,7 +51,6 @@
score BILLION_DOLLARS 2.658 0.001 1.603 1.875
score BODY_ENHANCEMENT 1.799 1.608 1.499 0.309
score BODY_ENHANCEMENT2 1.659 0.714 0.122 0.001
-score BROKEN_RATWARE_BOM 2.699 2.267 2.440 2.473 # n=2
score CONFIRMED_FORGED 0 # n=0 n=1 n=2 n=3
score CORRUPT_FROM_LINE_IN_HDRS 0.001
score CTYPE_001C_A 2.299 2.319 1.500 1.498 # n=2
@@ -60,12 +59,10 @@
score CURR_PRICE 4.161 2.659 1.412 1.588 # n=2
score DATE_SPAMWARE_Y2K 2.057 1.031 2.912 2.883
score DEAR_FRIEND 2.649 2.696 2.699 2.699
-score DEAR_HOMEOWNER 2.564 2.398 2.815 3.099 # n=2
score DEAR_SOMETHING 2.799 2.234 1.721 1.605
score DEAR_WINNER 3.199 3.196 3.199 3.197 # n=2
score DIET_1 2.472 0.336 1.442 0.083
score DIGEST_MULTIPLE 0 0.001 0 0.001 # n=0 n=2
-score DIV_CENTER_A_HREF 3.799 3.795 3.799 2.590 # n=2
score DNS_FROM_OPENWHOIS 0 2.431 0 1.130 # n=0 n=2
score DOS_FIX_MY_URI 0 # n=1 n=3
score DOS_LET_GO_JOB 0 # n=1 n=3
@@ -91,7 +88,6 @@
score DRUG_ED_GENERIC 3.286 3.314 2.001 1.558
score DRUG_ED_ONLINE 0 # n=0 n=1 n=2 n=3
score DRUG_ED_SILD 0.001 0.001 1.026 1.185
-score DRUG_RA_PRICE 0 # n=1 n=3
score DYN_RDNS_AND_INLINE_IMAGE 0.001 # n=2
score DYN_RDNS_SHORT_HELO_HTML 2.300 0.287 0.879 0.499 # n=2
score DYN_RDNS_SHORT_HELO_IMAGE 0.001 # n=2
@@ -124,7 +120,6 @@
score FB_GET_MEDS 3.599 1.097 1.501 0.803 # n=2
score FB_GVR 0.469 0.001 0.001 0.127 # n=2
score FB_HEY_BRO_COMMA 3.099 2.783 3.099 2.331 # n=2
-score FB_HG_H_CAP 1.885 0.887 0.007 0.274 # n=2
score FB_HOMELOAN 2.487 2.014 2.003 0.710 # n=2
score FB_IMPRESS_GIRL 2.197 1.757 1.964 2.581 # n=2
score FB_INCREASE_YOUR 3.399 3.396 3.399 3.396 # n=2
@@ -185,10 +180,7 @@
score FH_HELO_EQ_CHARTER 0.359 1.258 1.495 1.044 # n=2
score FH_HELO_EQ_D_D_D_D 2.399 0.498 0.561 0.001 # n=2
score FH_HELO_GMAILSMTP 0 # n=1 n=2 n=3
-score FH_HOST_ALMOST_IP 4.099 3.791 2.170 1.751 # n=2
score FH_HOST_EQ_DYNAMICIP 0.964 3.097 3.103 4.058 # n=2
-score FH_HOST_EQ_D_D_D_D 0
-score FH_HOST_EQ_D_D_D_DB 0
score FH_HOST_EQ_PACBELL_D 0.005 0.893 1.479 1.670 # n=2
score FH_HOST_EQ_VERIZON_P 2.101 1.105 0.001 0.001 # n=2
score FH_MSGID_000000 4.399 4.299 2.809 3.236 # n=2
@@ -200,7 +192,6 @@
score FH_RE_NEW_DDD 2.251 1.209 1.526 2.687 # n=2
score FH_XMAIL_REPLACE 1.254 2.142 1.662 1.065 # n=2
score FIN_FREE 2.599 2.599 2.599 2.596
-score FM_DDDD_TIMES_2 0
score FM_DOESNT_SAY_STOCK 4.299 4.295 3.812 3.995 # n=2
score FM_FAKE_53COM_SPOOF 3.099 3.096 3.099 3.096 # n=2
score FM_FAKE_HELO_HOTMAIL 0 # n=1 n=3
@@ -221,13 +212,11 @@
score FM_SCHOOL_DIPLOMA 2.719 0.776 1.634 0.001 # n=2
score FM_SCHOOL_TYPES 3.099 3.096 3.100 3.096 # n=2
score FM_SEX_HELODDDD 0.001 2.332 2.689 1.851 # n=2
-score FM_SEX_HOSTDDDD 0
score FM_SUBJ_APPROVE 0 # n=1 n=3
score FM_TRUE_LOV_ALL_N 0 # n=1 n=2 n=3
score FM_VEGAS_CASINO 0 # n=1 n=3
score FM_VIAGRA_SPAM1114 0.244 2.191 3.825 3.833 # n=2
score FM_XMAIL_F_OUT 4.199 4.199 2.643 1.815 # n=2
-score FORGED_AOL_TAGS 1.837 1.846 1.426 2.488
score FORGED_IMS_HTML 1.657 2.050 2.267 2.264
score FORGED_IMS_TAGS 2.617 1.579 2.494 2.321
score FORGED_MSGID_AOL 0.001 0.001 2.199 1.154
@@ -235,7 +224,6 @@
score FORGED_MSGID_HOTMAIL 2.739 2.706 2.839 1.537
score FORGED_MSGID_MSN 1.750 1.222 1.472 1.116
score FORGED_MSGID_YAHOO 2.388 3.211 2.338 1.713
-score FORGED_MUA_AOL_FROM 2.798 1.309 2.922 3.252
score FORGED_MUA_EUDORA 2.699 1.665 2.999 0.228
score FORGED_MUA_IMS 1.431 2.033 1.817 0.451
score FORGED_MUA_MOZILLA 2.699 2.696 2.699 2.696
@@ -317,7 +305,6 @@
score HELO_LH_LD 0.800 0.792 1.184 1.215 # n=2
score HELO_LOCALHOST 4.499 4.499 3.998 3.941 # n=2
score HELO_OEM 3.299 3.296 3.043 2.195 # n=2
-score HG_HORMONE 3.113 2.292 1.493 1.227
score HIDE_WIN_STATUS 2.499 2.213 2.499 2.499
score HS_BODY_UPLOADED_SOFTWARE 0.043 1.992 2.046 2.658 # n=2
score HS_DRUG_DOLLAR_1 1.033 1.350 1.929 0.090 # n=2
@@ -328,10 +315,8 @@
score HS_GETMEOFF 0.000 0.000 3.000 1.000 # n=1
score HS_INDEX_PARAM 0.001 # n=1 n=3
score HS_MEETUP_FOR_SEX 0.000 0.000 3.000 1.000 # n=1
-score HS_PHARMA_1 0.000 0.000 3.000 1.000 # n=1
score HS_SUBJ_NEW_SOFTWARE 1.118 0.253 2.395 3.599 # n=2
score HS_SUBJ_ONLINE_PHARMACEUTICAL 0 0 0.001 0.001 # n=1 n=2 n=3
-score HS_UPLOADED_SOFTWARE 0.001 1.504 2.346 1.885 # n=2
score HTML_MIME_NO_HTML_TAG 1.661 1.052 0.036 0.097
score HTML_MISSING_CTYPE 2.699 2.380 1.705 2.095
score HTML_SHORT_CENTER 0.001
@@ -517,7 +502,6 @@
score UPPERCASE_75_100 2.402 1.930 1.127 1.528
score URG_BIZ 2.384 0.667 1.511 1.585
score URI_HEX 1.777 1.316 1.395 0.368
-score URI_L_PHP 3.099 3.096 3.099 2.905 # n=2
score URI_NOVOWEL 2.899 2.543 1.764 1.620
score URI_NO_WWW_BIZ_CGI 0 # n=0 n=1 n=2 n=3
score URI_NO_WWW_INFO_CGI 2.720 0.601 3.138 1.043
@@ -545,7 +529,6 @@
score XMAILER_MIMEOLE_OL_4F240 0.825 1.850 3.049 2.163 # n=2
score XMAILER_MIMEOLE_OL_58CB5 3.599 3.599 3.272 2.953 # n=2
score XMAILER_MIMEOLE_OL_5B79A 1.632 1.453 1.327 0.194 # n=2
-score XMAILER_MIMEOLE_OL_5E7ED 0.001 # n=2
score XMAILER_MIMEOLE_OL_6554A 0.863 0.934 3.003 2.981 # n=2
score XMAILER_MIMEOLE_OL_72641 1.405 0.746 2.316 2.278 # n=2
score XMAILER_MIMEOLE_OL_7533E 1.142 1.113 2.446 0.513 # n=2
@@ -563,11 +546,9 @@
score XMAILER_MIMEOLE_OL_B9B11 3.499 3.496 3.499 3.496 # n=2
score XMAILER_MIMEOLE_OL_BC7E6 3.699 3.695 3.699 3.695 # n=2
score XMAILER_MIMEOLE_OL_C65FA 2.537 2.308 0.151 3.537 # n=2
-score XMAILER_MIMEOLE_OL_C7C33 0.343 0.927 1.556 1.847 # n=2
score XMAILER_MIMEOLE_OL_C9068 1.756 1.975 1.204 0.771 # n=2
score XMAILER_MIMEOLE_OL_CAC8F 2.373 0.702 2.154 0.417 # n=2
score XMAILER_MIMEOLE_OL_CF0C0 1.475 2.088 2.550 0.576 # n=2
-score XMAILER_MIMEOLE_OL_D03AB 2.999 2.999 1.960 2.449 # n=2
score XMAILER_MIMEOLE_OL_EF20B 0.271 1.048 2.082 2.522 # n=2
score XMAILER_MIMEOLE_OL_EF222 0 # n=1 n=2 n=3
score XMAILER_MIMEOLE_OL_F3B05 1.157 2.217 2.082 2.312 # n=2
@@ -575,12 +556,10 @@
score XMAILER_MIMEOLE_OL_F6D01 3.287 3.496 3.285 2.007 # n=2
score XMAILER_MIMEOLE_OL_FF5C8 2.382 3.091 3.015 1.570 # n=2
score X_IP 2.840 1.943 2.744 3.177
-score X_LIBRARY 2.700 2.696 2.899 2.752 # n=2
score X_MESSAGE_INFO 3.499 3.496 3.330 1.597
score X_PRIORITY_CC 2.599 1.492 2.599 2.596
score YAHOO_DRS_REDIR 1.007 0.313 1.189 1.103
score YAHOO_RD_REDIR 0.001 0.000 3.000 0.000 # n=0
-score YOUR_CRD_RATING 3.099 3.096 3.099 2.848 # n=2
# End of generated scores. </gen:mutable>
@@ -694,21 +673,21 @@
score RCVD_IN_SORBS_SOCKS 0 0.182 0 0.801 # n=0 n=2
score RCVD_IN_SORBS_WEB 0 1.117 0 0.619 # n=0 n=2
score RCVD_IN_SORBS_ZOMBIE 0 # n=0 n=1 n=2 n=3
-score RCVD_IN_WHOIS_BOGONS 0 # n=0 n=1 n=2 n=3
-score RCVD_IN_WHOIS_INVALID 0 1.199 0 0.400 # n=0 n=2
score RCVD_IN_XBL 0 2.896 0 3.033 # n=0 n=2
score RCVD_IN_PBL 0 0.509 0 0.905 # n=0 n=2
score DNS_FROM_AHBL_RHSBL 0 2.025 0 0.692 # n=0 n=2
score DNS_FROM_RFC_BOGUSMX 0 2.125 0 1.482 # n=0 n=2
score DNS_FROM_RFC_DSN 0 2.527 0 1.495 # n=0 n=2
-score DNS_FROM_SECURITYSAGE 0 0.127 0 0.001 # n=0 n=2
score NO_DNS_FOR_FROM 0 1.407 0 1.496 # n=0 n=2
-score RCVD_IN_WHOIS_HIJACKED 0 1.000 0 1.000 # n=2
# </gen:mutable>
-# Bonded Sender: http://www.bondedsender.com/
+# Sender Score Certified (formerly Bonded Sender):
+# http://www.senderscorecertified.com/ . See bug 5476.
+# note: RCVD_IN_SSC_TRUSTED_COI-listed IPs are also in RCVD_IN_BSP_TRUSTED,
+# hence score is additive (-4.3 + -3.7 = -8.0)
score RCVD_IN_BSP_OTHER 0 -0.1 0 -0.1
score RCVD_IN_BSP_TRUSTED 0 -4.3 0 -4.3
+score RCVD_IN_SSC_TRUSTED_COI 0 -3.7 0 -3.7
# Habeas: http://www.habeas.com/
score HABEAS_ACCREDITED_COI 0 -8.0 0 -8.0
@@ -971,25 +950,14 @@
ifplugin Mail::SpamAssassin::Plugin::URIDNSBL
# <gen:mutable>
score URIBL_AB_SURBL 0 1.613 0 1.860 # n=0 n=2
-score URIBL_COMPLETEWHOIS 0 # n=1 n=3
score URIBL_JP_SURBL 0 2.857 0 1.501 # n=0 n=2
score URIBL_OB_SURBL 0 2.132 0 1.500 # n=0 n=2
score URIBL_PH_SURBL 0 2.035 0 1.787 # n=0 n=2
-score URIBL_RHS_ABUSE 0 # n=1 n=3
-score URIBL_RHS_AHBL 0 # n=1 n=3
-score URIBL_RHS_BOGUSMX 0 # n=1 n=3
score URIBL_RHS_DOB 0 0.901 0 1.083 # n=0 n=2
-score URIBL_RHS_DSN 0 # n=1 n=3
-score URIBL_RHS_POST 0 # n=1 n=3
-score URIBL_RHS_TLD_WHOIS 0 # n=1 n=3
-score URIBL_RHS_URIBL_BLACK 0 # n=1 n=3
-score URIBL_RHS_URIBL_GREY 0 # n=1 n=3
-score URIBL_RHS_WHOIS 0 # n=1 n=3
score URIBL_SBL 0 2.468 0 1.499 # n=0 n=2
score URIBL_SC_SURBL 0 2.523 0 0.474 # n=0 n=2
score URIBL_WS_SURBL 0 2.100 0 1.500 # n=0 n=2
score URIBL_BLACK 0 1.961 0 1.955 # n=0 n=2
-score URIBL_XS_SURBL 0 # n=1 n=3
score WHOIS_1AND1PR 0 # n=1 n=2 n=3
score WHOIS_AITPRIV 0 3.995 0 3.510 # n=0 n=2
score WHOIS_CONTACTPRIV 0 2.696 0 2.696 # n=0 n=2
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/rules/72_active.cf
^
|
| @@ -31,23 +31,23 @@
##} APOSTROPHE_FROM
##{ AXB_XMID_1212
-header AXB_XMID_1212 Message-Id =~ /^<[0-9]{12}\.[0-9]{12}\@/
-describe AXB_XMID_1212 Barbera Fingerprint
+header AXB_XMID_1212 Message-Id =~ /^<[0-9]{12}\.[0-9]{12}\@/
+describe AXB_XMID_1212 Barbera Fingerprint
##} AXB_XMID_1212
##{ AXB_XMID_1510
-header AXB_XMID_1510 Message-Id =~ /<[0-9A-F]{15}\.[0-9A-F]{10}\@/
-describe AXB_XMID_1510 Brunello Fingerprint
+header AXB_XMID_1510 Message-Id =~ /<[0-9A-F]{15}\.[0-9A-F]{10}\@/
+describe AXB_XMID_1510 Brunello Fingerprint
##} AXB_XMID_1510
##{ AXB_XMID_OEGOESNULL
-header AXB_XMID_OEGOESNULL Message-ID =~ /^<[0-9-a-f]{12}\$[0-9-a-f]{8}\$[0]{8}\@/
-describe AXB_XMID_OEGOESNULL Amarone Fingerprint
+header AXB_XMID_OEGOESNULL Message-ID =~ /^<[0-9-a-f]{12}\$[0-9-a-f]{8}\$[0]{8}\@/
+describe AXB_XMID_OEGOESNULL Amarone Fingerprint
##} AXB_XMID_OEGOESNULL
##{ AXB_XM_SENDMAIL_NOT
-header AXB_XM_SENDMAIL_NOT Received =~ /\([123456790]{1,2}\.[0-9]{1,2}\.[0-9]{1}\/[0-9]{1,2}\.[0-9]{2}\.[0-9]{1}\)/
-describe AXB_XM_SENDMAIL_NOT Nebbiolo fingerprint
+header AXB_XM_SENDMAIL_NOT Received =~ /\([123456790]{1,2}\.[0-9]{1,2}\.[0-9]{1}\/[0-9]{1,2}\.[0-9]{2}\.[0-9]{1}\)/
+describe AXB_XM_SENDMAIL_NOT Nebbiolo fingerprint
##} AXB_XM_SENDMAIL_NOT
##{ AXB_XR_STULDAP
@@ -55,8 +55,8 @@
##} AXB_XR_STULDAP
##{ AXB_XTIDX_CHAIN
-header AXB_XTIDX_CHAIN Thread-Index =~ /(?:\*|\<\>|\)|\()/
-describe AXB_XTIDX_CHAIN Montepulciano Fingerprint
+header AXB_XTIDX_CHAIN Thread-Index =~ /(?:\*|\<\>|\)|\()/
+describe AXB_XTIDX_CHAIN Montepulciano Fingerprint
##} AXB_XTIDX_CHAIN
##{ BANKING_LAWS
@@ -78,15 +78,11 @@
endif
##} BASE64_LENGTH_79_INF
-##{ BROKEN_RATWARE_BOM
-body BROKEN_RATWARE_BOM /^\xEF\xBB\xBFMessage-ID:/
-##} BROKEN_RATWARE_BOM
-
##{ CORRUPT_FROM_LINE_IN_HDRS
meta CORRUPT_FROM_LINE_IN_HDRS (MISSING_HEADERS && __BODY_STARTS_WITH_FROM_LINE && MISSING_DATE && NO_RELAYS)
describe CORRUPT_FROM_LINE_IN_HDRS Informational: message is corrupt, with a From line in its headers
tflags CORRUPT_FROM_LINE_IN_HDRS userconf publish
-score CORRUPT_FROM_LINE_IN_HDRS 0.001
+#score CORRUPT_FROM_LINE_IN_HDRS 0.001
##} CORRUPT_FROM_LINE_IN_HDRS
##{ CTYPE_001C_A
@@ -109,31 +105,17 @@
body CURR_PRICE /\bCurrent Price:/
##} CURR_PRICE
-##{ DEAR_HOMEOWNER
-meta DEAR_HOMEOWNER (__DEAR_HOMEOWNER+__APPROVAL_MGR+__YOUR_MONTHLY == 3)
-##} DEAR_HOMEOWNER
-
##{ DEAR_WINNER
body DEAR_WINNER /\bdear.{1,20}winner/i
##} DEAR_WINNER
-##{ DIV_CENTER_A_HREF
-full DIV_CENTER_A_HREF /<DIV align=3Dcenter><A href=3D=\n/
-##} DIV_CENTER_A_HREF
-
-##{ DNS_FROM_DOB
+##{ DNS_FROM_OPENWHOIS
ifplugin Mail::SpamAssassin::Plugin::DNSEval
-header DNS_FROM_DOB eval:check_rbl_envfrom('dob','dob.sibl.support-intelligence.net.')
-describe DNS_FROM_DOB Sender from new domain (Day Old Bread)
-tflags DNS_FROM_DOB net
-endif
-##} DNS_FROM_DOB
-
-##{ DNS_FROM_OPENWHOIS
header DNS_FROM_OPENWHOIS eval:check_rbl_envfrom('openwhois', 'bl.open-whois.org.')
describe DNS_FROM_OPENWHOIS Envelope sender listed in bl.open-whois.org.
tflags DNS_FROM_OPENWHOIS net publish
+endif
##} DNS_FROM_OPENWHOIS
##{ DOS_FIX_MY_URI
@@ -149,13 +131,13 @@
##{ DOS_PROVISION4
body DOS_PROVISION4 /\bProvisionfor income taxes\b/
describe DOS_PROVISION4 Provision for income taxes
-score DOS_PROVISION4 1.5
+#score DOS_PROVISION4 1.5
##} DOS_PROVISION4
##{ DOS_REPORT_FIN_INC
body DOS_REPORT_FIN_INC /\bReport of financial income\b/
describe DOS_REPORT_FIN_INC Report of financial income
-score DOS_REPORT_FIN_INC 0.5
+#score DOS_REPORT_FIN_INC 0.5
##} DOS_REPORT_FIN_INC
##{ DOS_STOCK_BAT
@@ -170,13 +152,13 @@
##{ DOS_STOCK_CDYV_GENERIC
body DOS_STOCK_CDYV_GENERIC /(?:Lookup|Sym8oL|Search for|Promoting sym|S\.umbol|Target sym|Campaign for): [A-Z]{4},?.{1,50}\b[Pp]rice/
describe DOS_STOCK_CDYV_GENERIC Pump and dump stock spam
-score DOS_STOCK_CDYV_GENERIC 2.5
+#score DOS_STOCK_CDYV_GENERIC 2.5
##} DOS_STOCK_CDYV_GENERIC
##{ DOS_STOCK_INCOME_STATEMENT
meta DOS_STOCK_INCOME_STATEMENT DOS_REPORT_FIN_INC && DOS_PROVISION4 && __DOS_SYMBOL_4 && __DOS_HEADLINES
describe DOS_STOCK_INCOME_STATEMENT Pump and dump stock income statement spam
-score DOS_STOCK_INCOME_STATEMENT 1.5
+#score DOS_STOCK_INCOME_STATEMENT 1.5
##} DOS_STOCK_INCOME_STATEMENT
##{ DOS_URI_ASTERISK
@@ -198,10 +180,6 @@
describe DRUGS_STOCK_MIMEOLE Stock-spam forged headers found (5510)
##} DRUGS_STOCK_MIMEOLE
-##{ DRUG_RA_PRICE
-meta DRUG_RA_PRICE (__DRUG_RA_PRICE1 && __DRUG_RA_PRICE2)
-##} DRUG_RA_PRICE
-
##{ DYN_RDNS_AND_INLINE_IMAGE
meta DYN_RDNS_AND_INLINE_IMAGE (RDNS_DYNAMIC && __ANY_IMAGE_ATTACH)
describe DYN_RDNS_AND_INLINE_IMAGE Contains image, and was sent by dynamic rDNS
@@ -257,7 +235,7 @@
##} FB_CAN_LONGER
##{ FB_CIALIS_LEO3
-body FB_CIALIS_LEO3 /(?!CIALIS)C\s?[a-z]?\s?[Iitl1\\\/]\s?[a-z]?\s?[Aa]\s?[a-z]?\s?[LIl1\\\/]\s?[a-z]?\s?[ilIt1\\\/]\s?[a-z]?\s?[Ss]/
+body FB_CIALIS_LEO3 /(?!CIALIS)\bC\s?[a-z]?\s?[Iitl1\\\/]\s?[a-z]?\s?[Aa]\s?[a-z]?\s?[LIl1\\\/]\s?[a-z]?\s?[ilIt1\\\/]\s?[a-z]?\s?[Ss]\b/
describe FB_CIALIS_LEO3 Uses a mis-spelled version of cialis.
##} FB_CIALIS_LEO3
@@ -636,26 +614,11 @@
describe FH_HELO_GMAILSMTP Faked helo of gmail-smtp-in
##} FH_HELO_GMAILSMTP
-##{ FH_HOST_ALMOST_IP
-header FH_HOST_ALMOST_IP X-Spam-Relays-Untrusted =~ /^[^\]]+ rdns=[^ ]+[a-z][-.]\d{1,3}[-.]\d{1,3}[-.]\d{1,3}[-.][a-z][^ ]+ /i
-describe FH_HOST_ALMOST_IP The host almost looks like an IP addr.
-##} FH_HOST_ALMOST_IP
-
##{ FH_HOST_EQ_DYNAMICIP
header FH_HOST_EQ_DYNAMICIP X-Spam-Relays-Untrusted =~ /^[^\]]+ rdns=[^ ]{0,25}[dD][yY][nN][aA][mM][iI][cC][iI][pP][^ ]{5,25} helo=/
describe FH_HOST_EQ_DYNAMICIP Host is dynamicip
##} FH_HOST_EQ_DYNAMICIP
-##{ FH_HOST_EQ_D_D_D_D
-header FH_HOST_EQ_D_D_D_D X-Spam-Relays-Untrusted =~ /^[^\]]+ rdns=[^ ]+\d{1,3}[^0-9]\d{1,3}[^0-9]\d{1,3}[^0-9]\d{1,3}[^ ]+ /
-describe FH_HOST_EQ_D_D_D_D Host starts with d-d-d-d
-##} FH_HOST_EQ_D_D_D_D
-
-##{ FH_HOST_EQ_D_D_D_DB
-header FH_HOST_EQ_D_D_D_DB X-Spam-Relays-Untrusted =~ /^[^\]]+ rdns=\d{1,3}[^0-9]\d{1,3}[^0-9]\d{1,3}[^0-9]\d{1,3}[^ ]+ /
-describe FH_HOST_EQ_D_D_D_DB Host is d-d-d-d
-##} FH_HOST_EQ_D_D_D_DB
-
##{ FH_HOST_EQ_PACBELL_D
header FH_HOST_EQ_PACBELL_D X-Spam-Relays-Untrusted =~ /^[^\]]+ rdns=[^ ]+\.dsl\.\w{2,10}\.pacbell\.net /
describe FH_HOST_EQ_PACBELL_D Host is pacbell.net dsl
@@ -711,11 +674,6 @@
describe FH_XMAIL_RND_833 Special X-Mailer Version
##} FH_XMAIL_RND_833
-##{ FM_DDDD_TIMES_2
-meta FM_DDDD_TIMES_2 (FH_HELO_EQ_D_D_D_D && FH_HOST_EQ_D_D_D_D)
-describe FM_DDDD_TIMES_2 Dual helo + host eq d_d_d_d
-##} FM_DDDD_TIMES_2
-
##{ FM_DOESNT_SAY_STOCK
meta FM_DOESNT_SAY_STOCK (__FB_S_SYMBOL && __FM_MY_PRICE && !__FB_S_STOCK && !__FS_S_TRADE)
describe FM_DOESNT_SAY_STOCK It's a stock spam but doesn't say stock
@@ -821,11 +779,6 @@
describe FM_SEX_HELODDDD Sex words + helo = dddd
##} FM_SEX_HELODDDD
-##{ FM_SEX_HOSTDDDD
-meta FM_SEX_HOSTDDDD (__SEX_WRDS && FH_HOST_EQ_D_D_D_D)
-describe FM_SEX_HOSTDDDD Sex words + host = dddd
-##} FM_SEX_HOSTDDDD
-
##{ FM_SUBJ_APPROVE
meta FM_SUBJ_APPROVE (__EXCLAIM_SUBJ && __SUBJ_APPROVE)
describe FM_SUBJ_APPROVE Subject has Approve and !
@@ -1229,6 +1182,7 @@
##{ FS_WEIGHT_LOSS
header FS_WEIGHT_LOSS Subject =~ /weight loss/i
describe FS_WEIGHT_LOSS Subject says Weight Loss
+score FS_WEIGHT_LOSS 0.942 0.458 0.000 0.000
##} FS_WEIGHT_LOSS
##{ FS_WILL_HELP
@@ -1375,11 +1329,6 @@
describe HS_MEETUP_FOR_SEX Talks about meeting up for sex.
##} HS_MEETUP_FOR_SEX
-##{ HS_PHARMA_1
-meta HS_PHARMA_1 HS_INDEX_PARAM && HS_SUBJ_ONLINE_PHARMACEUTICAL
-describe HS_PHARMA_1 Message has a tracker in a link and subject of online pharmaceutical.
-##} HS_PHARMA_1
-
##{ HS_SUBJ_NEW_SOFTWARE
header HS_SUBJ_NEW_SOFTWARE Subject =~ /^New software uploaded by/
describe HS_SUBJ_NEW_SOFTWARE Subject starts with 'New software uploaded by'
@@ -1390,11 +1339,6 @@
describe HS_SUBJ_ONLINE_PHARMACEUTICAL Subject contains the phrase 'Online pharmaceutical'
##} HS_SUBJ_ONLINE_PHARMACEUTICAL
-##{ HS_UPLOADED_SOFTWARE
-meta HS_UPLOADED_SOFTWARE HS_SUBJ_NEW_SOFTWARE && HS_BODY_UPLOADED_SOFTWARE
-describe HS_UPLOADED_SOFTWARE Meta: Has subject and body from uploaded software spam.
-##} HS_UPLOADED_SOFTWARE
-
##{ HTTPS_HTTP_MISMATCH
ifplugin Mail::SpamAssassin::Plugin::HTTPSMismatch
@@ -1413,19 +1357,19 @@
##{ KAM_LOTTO1
meta KAM_LOTTO1 (__KAM_LOTTO1 + __KAM_LOTTO2 + __KAM_LOTTO3 + __KAM_LOTTO4 + __KAM_LOTTO5 + __KAM_LOTTO6 + __KAM_LOTTO7 >= 3)
describe KAM_LOTTO1 Likely to be a e-Lotto Scam Email
-score KAM_LOTTO1 0.5
+#score KAM_LOTTO1 0.5
##} KAM_LOTTO1
##{ KAM_LOTTO2
meta KAM_LOTTO2 (__KAM_LOTTO1 + __KAM_LOTTO2 + __KAM_LOTTO3 + __KAM_LOTTO4 + __KAM_LOTTO5 + __KAM_LOTTO6 + __KAM_LOTTO7 >= 4)
describe KAM_LOTTO2 Highly Likely to be a e-Lotto Scam Email
-score KAM_LOTTO2 1.0
+#score KAM_LOTTO2 1.0
##} KAM_LOTTO2
##{ KAM_LOTTO3
meta KAM_LOTTO3 (__KAM_LOTTO1 + __KAM_LOTTO2 + __KAM_LOTTO3 + __KAM_LOTTO4 + __KAM_LOTTO5 + __KAM_LOTTO6 + __KAM_LOTTO7 >= 5)
describe KAM_LOTTO3 Almost certain to be a e-Lotto Scam Email
-score KAM_LOTTO3 2.0
+#score KAM_LOTTO3 2.0
##} KAM_LOTTO3
##{ KAM_STOCKOTC
@@ -1492,18 +1436,6 @@
describe NULL_IN_BODY Message has NUL (ASCII 0) byte in message
##} NULL_IN_BODY
-##{ OEBOUND
-
-ifplugin Mail::SpamAssassin::Plugin::MIMEHeader
-mimeheader OEBOUND Content-Type =~ /boundary=.----=_1OEBOUND;./
-endif
-##} OEBOUND
-
-##{ OUTLOOK_3416
-header OUTLOOK_3416 X-Mailer =~ /^Microsoft Outlook, Build 10\.0\.3416$/
-describe OUTLOOK_3416 Claims to be sent by an unusual build of Outlook (3416)
-##} OUTLOOK_3416
-
##{ PART_CID_STOCK
ifplugin Mail::SpamAssassin::Plugin::MIMEHeader
@@ -1560,15 +1492,6 @@
endif
##} RCVD_IN_DNSWL_MED
-##{ RCVD_IN_DOB
-
-ifplugin Mail::SpamAssassin::Plugin::DNSEval
-header RCVD_IN_DOB eval:check_rbl_sub('dob', '127.0.0.2')
-describe RCVD_IN_DOB Received via relay in new domain (Day Old Bread)
-tflags RCVD_IN_DOB net
-endif
-##} RCVD_IN_DOB
-
##{ RCVD_IN_IADB_DK
ifplugin Mail::SpamAssassin::Plugin::DNSEval
@@ -1831,7 +1754,7 @@
##} SHORT_TERM_PRICE
##{ SPAMMY_XMAILER
-meta SPAMMY_XMAILER (__XM_OL_29196700||__XM_OL_48071700||__XM_OL_28001441||__XM_OL_29196600||__XM_OL_49631700||__XM_OL_48072300||__XM_OL_28004682||__XM_OL_10_0_4115||__XM_OL_4_72_2106_4)
+meta SPAMMY_XMAILER (__XM_OL_28001441||__XM_OL_48072300||__XM_OL_28004682||__XM_OL_10_0_4115||__XM_OL_4_72_2106_4)
describe SPAMMY_XMAILER X-Mailer string is common in spam and not in ham
##} SPAMMY_XMAILER
@@ -1863,10 +1786,6 @@
meta STOX_AND_PRICE CURR_PRICE && STOX_REPLY_TYPE
##} STOX_AND_PRICE
-##{ STOX_RCVD_N_NN_N
-header STOX_RCVD_N_NN_N Received =~ / by \d+\.\d+\.\d+\.\d+ \(\d\.\d\d\.\d\/\d\.\d\d\.\d\) with SMTP id [\dA-Za-z]+\;/
-##} STOX_RCVD_N_NN_N
-
##{ STOX_REPLY_TYPE
header STOX_REPLY_TYPE Content-Type =~ /text\/plain; .* reply-type=original/
##} STOX_REPLY_TYPE
@@ -2108,52 +2027,13 @@
endif
##} T_TVD_FW_GRAPHIC_ID1
-##{ T_WHOIS_MONIKER_ROLS
-
-ifplugin Mail::SpamAssassin::Plugin::URIDNSBL
-tflags T_WHOIS_MONIKER_ROLS net
-endif
-##} T_WHOIS_MONIKER_ROLS
-
-##{ URIBL_COMPLETEWHOIS
-
-ifplugin Mail::SpamAssassin::Plugin::URIDNSBL
-uridnsbl URIBL_COMPLETEWHOIS combined-HIB.dnsiplists.completewhois.com. A
-body URIBL_COMPLETEWHOIS eval:check_uridnsbl('URIBL_COMPLETEWHOIS')
-describe URIBL_COMPLETEWHOIS URI in combined-HIB.dnsiplists.completewhois.com
-tflags URIBL_COMPLETEWHOIS net
-endif
-##} URIBL_COMPLETEWHOIS
-
-##{ URIBL_RHS_ABUSE
-
-ifplugin Mail::SpamAssassin::Plugin::URIDNSBL
-urirhssub URIBL_RHS_ABUSE fulldom.rfc-ignorant.org. A 127.0.0.4
-body URIBL_RHS_ABUSE eval:check_uridnsbl('URIBL_RHS_ABUSE')
-describe URIBL_RHS_ABUSE Contains an URI listed in abuse.rfc-ignorant.org
-tflags URIBL_RHS_ABUSE net
-endif
-##} URIBL_RHS_ABUSE
-
##{ URIBL_RHS_AHBL
ifplugin Mail::SpamAssassin::Plugin::URIDNSBL
-body URIBL_RHS_AHBL eval:check_uridnsbl('URIBL_RHS_AHBL')
-describe URIBL_RHS_AHBL Contains an URI listed in rhsbl.ahbl.org.
-tflags URIBL_RHS_AHBL net
+#reuse URIBL_RHS_AHBL T_URIBL_RHS_AHBL
endif
##} URIBL_RHS_AHBL
-##{ URIBL_RHS_BOGUSMX
-
-ifplugin Mail::SpamAssassin::Plugin::URIDNSBL
-urirhssub URIBL_RHS_BOGUSMX fulldom.rfc-ignorant.org. A 127.0.0.8
-body URIBL_RHS_BOGUSMX eval:check_uridnsbl('URIBL_RHS_BOGUSMX')
-describe URIBL_RHS_BOGUSMX Contains an URI listed in bogusmx.rfc-ignorant.org
-tflags URIBL_RHS_BOGUSMX net
-endif
-##} URIBL_RHS_BOGUSMX
-
##{ URIBL_RHS_DOB
ifplugin Mail::SpamAssassin::Plugin::URIDNSBL
@@ -2164,79 +2044,6 @@
endif
##} URIBL_RHS_DOB
-##{ URIBL_RHS_DSN
-
-ifplugin Mail::SpamAssassin::Plugin::URIDNSBL
-urirhssub URIBL_RHS_DSN fulldom.rfc-ignorant.org. A 127.0.0.2
-body URIBL_RHS_DSN eval:check_uridnsbl('URIBL_RHS_DSN')
-describe URIBL_RHS_DSN Contains an URI listed in dsn.rfc-ignorant.org
-tflags URIBL_RHS_DSN net
-endif
-##} URIBL_RHS_DSN
-
-##{ URIBL_RHS_POST
-
-ifplugin Mail::SpamAssassin::Plugin::URIDNSBL
-urirhssub URIBL_RHS_POST fulldom.rfc-ignorant.org. A 127.0.0.3
-body URIBL_RHS_POST eval:check_uridnsbl('URIBL_RHS_POST')
-describe URIBL_RHS_POST Contains an URI in postmaster.rfc-ignorant.org
-tflags URIBL_RHS_POST net
-endif
-##} URIBL_RHS_POST
-
-##{ URIBL_RHS_TLD_WHOIS
-
-ifplugin Mail::SpamAssassin::Plugin::URIDNSBL
-urirhssub URIBL_RHS_TLD_WHOIS fulldom.rfc-ignorant.org. A 127.0.0.7
-body URIBL_RHS_TLD_WHOIS eval:check_uridnsbl('URIBL_RHS_TLD_WHOIS')
-describe URIBL_RHS_TLD_WHOIS Contains an URI TLD in whois.rfc-ignorant.org
-tflags URIBL_RHS_TLD_WHOIS net
-endif
-##} URIBL_RHS_TLD_WHOIS
-
-##{ URIBL_RHS_URIBL_BLACK
-
-ifplugin Mail::SpamAssassin::Plugin::URIDNSBL
-urirhssub URIBL_RHS_URIBL_BLACK multi.uribl.com. A 2
-body URIBL_RHS_URIBL_BLACK eval:check_uridnsbl('URIBL_RHS_URIBL_BLACK')
-describe URIBL_RHS_URIBL_BLACK Contains an URI listed in [black] uribl.com
-tflags URIBL_RHS_URIBL_BLACK net
-endif
-##} URIBL_RHS_URIBL_BLACK
-
-##{ URIBL_RHS_URIBL_GREY
-
-ifplugin Mail::SpamAssassin::Plugin::URIDNSBL
-urirhssub URIBL_RHS_URIBL_GREY multi.uribl.com. A 4
-body URIBL_RHS_URIBL_GREY eval:check_uridnsbl('URIBL_RHS_URIBL_GREY')
-describe URIBL_RHS_URIBL_GREY Contains an URI listed in [grey] uribl.com
-tflags URIBL_RHS_URIBL_GREY net
-endif
-##} URIBL_RHS_URIBL_GREY
-
-##{ URIBL_RHS_WHOIS
-
-ifplugin Mail::SpamAssassin::Plugin::URIDNSBL
-urirhssub URIBL_RHS_WHOIS fulldom.rfc-ignorant.org. A 127.0.0.5
-body URIBL_RHS_WHOIS eval:check_uridnsbl('URIBL_RHS_WHOIS')
-describe URIBL_RHS_WHOIS Contains an URI listed in whois.rfc-ignorant.org
-tflags URIBL_RHS_WHOIS net
-endif
-##} URIBL_RHS_WHOIS
-
-##{ URIBL_XS_SURBL
-
-ifplugin Mail::SpamAssassin::Plugin::URIDNSBL
-body URIBL_XS_SURBL eval:check_uridnsbl('URIBL_XS_SURBL')
-describe URIBL_XS_SURBL URL listed in XS SURBL - TEsting
-tflags URIBL_XS_SURBL net
-endif
-##} URIBL_XS_SURBL
-
-##{ URI_L_PHP
-uri URI_L_PHP /\/l\.php\?\d/
-##} URI_L_PHP
-
##{ WHOIS_1AND1PR
ifplugin Mail::SpamAssassin::Plugin::URIDNSBL
@@ -2699,10 +2506,6 @@
meta XMAILER_MIMEOLE_OL_5B79A (__XM_OL_5B79A && __MO_OL_5B79A)
##} XMAILER_MIMEOLE_OL_5B79A
-##{ XMAILER_MIMEOLE_OL_5E7ED
-meta XMAILER_MIMEOLE_OL_5E7ED (__XM_OL_5E7ED && __MO_OL_5E7ED)
-##} XMAILER_MIMEOLE_OL_5E7ED
-
##{ XMAILER_MIMEOLE_OL_6554A
meta XMAILER_MIMEOLE_OL_6554A (__XM_OL_6554A && __MO_OL_6554A)
##} XMAILER_MIMEOLE_OL_6554A
@@ -2771,14 +2574,6 @@
meta XMAILER_MIMEOLE_OL_C65FA (__XM_OL_C65FA && __MO_OL_C65FA)
##} XMAILER_MIMEOLE_OL_C65FA
-##{ XMAILER_MIMEOLE_OL_C7C33
-meta XMAILER_MIMEOLE_OL_C7C33 (__XM_OL_C7C33 && __MO_OL_C7C33)
-##} XMAILER_MIMEOLE_OL_C7C33
-
-##{ XMAILER_MIMEOLE_OL_C9068
-meta XMAILER_MIMEOLE_OL_C9068 (__XM_OL_C9068 && __MO_OL_C9068)
-##} XMAILER_MIMEOLE_OL_C9068
-
##{ XMAILER_MIMEOLE_OL_CAC8F
meta XMAILER_MIMEOLE_OL_CAC8F (__XM_OL_CAC8F && __MO_OL_CAC8F)
##} XMAILER_MIMEOLE_OL_CAC8F
@@ -2787,10 +2582,6 @@
meta XMAILER_MIMEOLE_OL_CF0C0 (__XM_OL_CF0C0 && __MO_OL_CF0C0)
##} XMAILER_MIMEOLE_OL_CF0C0
-##{ XMAILER_MIMEOLE_OL_D03AB
-meta XMAILER_MIMEOLE_OL_D03AB (__XM_OL_D03AB && __MO_OL_D03AB)
-##} XMAILER_MIMEOLE_OL_D03AB
-
##{ XMAILER_MIMEOLE_OL_EF20B
meta XMAILER_MIMEOLE_OL_EF20B (__XM_OL_EF20B && __MO_OL_EF20B)
##} XMAILER_MIMEOLE_OL_EF20B
@@ -2815,13 +2606,36 @@
meta XMAILER_MIMEOLE_OL_FF5C8 (__XM_OL_FF5C8 && __MO_OL_FF5C8)
##} XMAILER_MIMEOLE_OL_FF5C8
-##{ X_LIBRARY
-header X_LIBRARY X-Library =~ /^Indy/
-##} X_LIBRARY
-
-##{ YOUR_CRD_RATING
-body YOUR_CRD_RATING /Your cr[d\.]* (?:scor|rat)ing doesn.t matter/
-##} YOUR_CRD_RATING
+##{ if version >= 3.002004 ifplugin Mail::SpamAssassin::Plugin::DKIM _sandbox
+
+if version >= 3.002004
+ifplugin Mail::SpamAssassin::Plugin::DKIM
+priority T_NOTVALID_YAHOO 500
+priority T_NOTVALID_GMAIL 500
+priority T_NOTVALID_PAY 500
+def_whitelist_from_dkim *@ebay.com
+def_whitelist_from_dkim *@*.ebay.com
+def_whitelist_from_dkim *@ebay.co.uk
+def_whitelist_from_dkim *@*.ebay.co.uk
+def_whitelist_from_dkim *@ebay.at
+def_whitelist_from_dkim *@ebay.ca
+def_whitelist_from_dkim *@ebay.de
+def_whitelist_from_dkim *@ebay.fr
+def_whitelist_from_dkim *@*.paypal.com
+def_whitelist_from_dkim *@*.paypal.com paypal.com
+def_whitelist_from_dkim *@paypal.com
+def_whitelist_from_dkim *@amazon.com
+def_whitelist_from_dkim *@cisco.com
+def_whitelist_from_dkim *@alert.bankofamerica.com
+def_whitelist_from_dkim *@cnn.com
+def_whitelist_from_dkim *@*.cnn.com
+def_whitelist_from_dkim *@skype.net
+def_whitelist_from_dkim *@welcome.skype.com
+def_whitelist_from_dkim *@cc.yahoo-inc.com yahoo-inc.com
+def_whitelist_from_dkim *@cc.yahoo-inc.com
+endif
+endif
+##} if version >= 3.002004 ifplugin Mail::SpamAssassin::Plugin::DKIM _sandbox
##{ ifplugin Mail::SpamAssassin::Plugin::DNSEval _sandbox
@@ -2834,10 +2648,7 @@
##{ ifplugin Mail::SpamAssassin::Plugin::ReplaceTags _sandbox
-ifplugin Mail::SpamAssassin::Plugin::ReplaceTags
-replace_rules T_FUZZY_STOCK
-test T_FUZZY_STOCK fail Stock
-test T_FUZZY_STOCK ok St0ck
+ifplugin Mail::SpamAssassin::Plugin::ReplaceTags
replace_rules __FRT_GOLD
replace_rules __FRT_SILVER
replace_tag A [gra\@\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xe4\xe3\xe2\xe0\xe1\xe2\xe3\xe4\xe5\xe60o]
@@ -2966,19 +2777,27 @@
##{ ifplugin Mail::SpamAssassin::Plugin::URIDNSBL _sandbox
ifplugin Mail::SpamAssassin::Plugin::URIDNSBL
-urirhsbl URIBL_RHS_AHBL rhsbl.ahbl.org. A
-urirhsbl URIBL_XS_SURBL xs.surbl.org. A
+#reuse URIBL_RHS_DOB
+urirhsbl T_URIBL_RHS_AHBL rhsbl.ahbl.org. A
endif
##} ifplugin Mail::SpamAssassin::Plugin::URIDNSBL _sandbox
+##{ ifplugin Mail::SpamAssassin::Plugin::WLBLEval _sandbox
+
+ifplugin Mail::SpamAssassin::Plugin::WLBLEval
+def_whitelist_from_rcvd abuse@yahoo.com yahoo.com
+def_whitelist_from_rcvd MAILER-DAEMON@yahoo.com yahoo.com
+endif
+##} ifplugin Mail::SpamAssassin::Plugin::WLBLEval _sandbox
+
##{ redirector_pattern_sandbox
redirector_pattern m'/(?:index.php)?\?.*(?<=[?&])URL=(.*?)(?:$|[&\#])'i
redirector_pattern m'^http:/*(?:\w+\.)?google(?:\.\w{2,3}){1,2}/url\?.*?(?<=[?&])q=(.*?)(?:$|[&\#])'i
-redirector_pattern m'^http:/*(?:\w+\.)?google(?:\.\w{2,3}){1,2}/search\?.*?(?<=[?&])q=[^&]*?(?<=%20|..[=+\s])site:(.*?)(?:$|%20|[\s+&\#])'i
+redirector_pattern m'^http:/*(?:\w+\.)?google(?:\.\w{2,3}){1,2}/search\?.*?(?<=[?&])q=[^&]*?(?<=%20|..[=+\s])(?:site|inurl):(.*?)(?:$|%20|[\s+&\#])'i
redirector_pattern m'^http:/*(?:\w+\.)?google(?:\.\w{2,3}){1,2}/search\?.*?(?<=[?&])q=[^&]*?(?<=%20|..[=+\s])(?:"|%22)(.*?)(?:$|%22|["\s+&\#])'i
redirector_pattern m'^http:/*(?:\w+\.)?google(?:\.\w{2,3}){1,2}/translate\?.*?(?<=[?&])u=(.*?)(?:$|[&\#])'i
+redirector_pattern m'^http:/*(?:\w+\.)?google(?:\.\w{2,3}){1,2}/pagead/iclk\?.*?(?<=[?&])adurl=(.*?)(?:$|[&\#])'i
redirector_pattern m'^http:/*(?:\w+\.)?aol\.com/redir\.adp\?.*(?<=[?&])_url=(.*?)(?:$|[&\#])'i
-redirector_pattern m'^http:/*rd\.yahoo\.co\.jp/\*(.*)'i
##} redirector_pattern_sandbox
@@ -2986,7 +2805,6 @@
mimeheader __ANY_IMAGE_ATTACH Content-Type =~ /image\/(?:gif|jpeg|png)/
endif
body __APPROVALFVGT /approval/i
-body __APPROVAL_MGR /\bApproval Manager\b/
body __BACHELORS /Bachelor/i
body __BIGDOLLARSFVGT /\$\d{2,3},\d{3}/
body __BODY_STARTS_WITH_FROM_LINE /^From \S+ \S\S\S \S\S\S .. ..:..:.. \S+\s+\S+\: /s
@@ -2998,7 +2816,6 @@
endif
header __DATE_700 Date =~ /-0700/
body __DBLCLAIM /avoid double claiming/
-body __DEAR_HOMEOWNER /\bDear Home Owner\b/
body __DIPLOMA /diploma/i
body __DOS_BODY_FRI /\bfri(?:day)?\b/i
body __DOS_BODY_MON /\bmon(?:day)?\b/i
@@ -3040,8 +2857,6 @@
body __DOS_SYMBOL_4 /\bSymbol [A-Z]{4}\b/
body __DOS_TAKING_HOME /Taking home \d (?:digit level|figures) in \d{1,2} months/
body __DOS_WRITE_ME_AT /[Ww].?r.?i.?t.?e me at/
-body __DRUG_RA_PRICE1 /\S{3,}ra \D{0,4}3\D{0,4}35\b/
-body __DRUG_RA_PRICE2 / remove \"/i
header __EXCLAIM_SUBJ Subject =~ /\!/
body __FB_BA /\bBA\b/
body __FB_BCs /\bBSc\b/
@@ -3143,7 +2958,6 @@
header __MO_OL_4F240 X-MimeOLE =~ /Produced\ By\ Microsoft\ MimeOLE\ V6\.00\.2800\.1158/
header __MO_OL_58CB5 X-MimeOLE =~ /Produced\ By\ Microsoft\ MimeOLE\ V5\.50\.4133\.2400/
header __MO_OL_5B79A X-MimeOLE =~ /Produced\ By\ Microsoft\ MimeOLE\ V6\.00\.3790\.1830/
-header __MO_OL_5E7ED X-MimeOLE =~ /Produced\ By\ Microsoft\ MimeOLE\ V6\.00\.2900\.2962/
header __MO_OL_6554A X-MimeOLE =~ /Produced\ By\ Microsoft\ MimeOLE\ V6\.00\.2900\.2905/
header __MO_OL_72641 X-MimeOLE =~ /Produced\ By\ Microsoft\ MimeOLE\ V6\.00\.2800\.1441/
header __MO_OL_7533E X-MimeOLE =~ /Produced\ By\ Microsoft\ MimeOLE\ V5\.50\.4963\.1700/
@@ -3161,11 +2975,8 @@
header __MO_OL_B9B11 X-MimeOLE =~ /Produced\ By\ Microsoft\ MimeOLE\ V6\.00\.2462\.0000/
header __MO_OL_BC7E6 X-MimeOLE =~ /Produced\ By\ Microsoft\ MimeOLE\ V5\.50\.4927\.1200/
header __MO_OL_C65FA X-MimeOLE =~ /Produced\ By\ Microsoft\ MimeOLE\ V5\.50\.4807\.1700/
-header __MO_OL_C7C33 X-MimeOLE =~ /Produced\ By\ Microsoft\ MimeOLE\ V6\.00\.2900\.2962/
-header __MO_OL_C9068 X-MimeOLE =~ /Produced\ By\ Microsoft\ MimeOLE\ V6\.00\.2800\.1807/
header __MO_OL_CAC8F X-MimeOLE =~ /Produced\ By\ Microsoft\ MimeOLE\ V4\.71\.1712\.3/
header __MO_OL_CF0C0 X-MimeOLE =~ /Produced\ By\ Microsoft\ MimeOLE\ V5\.50\.4807\.2300/
-header __MO_OL_D03AB X-MimeOLE =~ /Produced\ By\ Microsoft\ MimeOLE\ V6\.00\.2900\.2869/
header __MO_OL_EF20B X-MimeOLE =~ /Produced\ By\ Microsoft\ MimeOLE\ V6\.00\.2900\.2180/
header __MO_OL_EF222 X-MimeOLE =~ /Produced\ By\ Microsoft\ MimeOLE\ V6\.00\.2900\.2873/
header __MO_OL_F3B05 X-MimeOLE =~ /Produced\ By\ Microsoft\ MimeOLE\ V6\.00\.2800\.1437/
@@ -3199,12 +3010,6 @@
header __RCVD_IN_DNSWL eval:check_rbl('dnswl-firsttrusted', 'list.dnswl.org.')
tflags __RCVD_IN_DNSWL nice net
endif
-
-ifplugin Mail::SpamAssassin::Plugin::DNSEval
-header __RCVD_IN_DOB eval:check_rbl('dob', 'dob.sibl.support-intelligence.net.', '255')
-describe __RCVD_IN_DOB Received via relay in new domain (Day Old Bread)
-tflags __RCVD_IN_DOB net
-endif
meta __SEX_WRDS (__WORD_SEX || __WORD_CUM || __WORD_SPERM || __WORD_SLUTS || __WORD_RAPED)
header __SUBJ_3DIGIT Subject =~ /\b\d{3}[^0-9]/
header __SUBJ_APPROVE Subject =~ /Approve/i
@@ -3264,16 +3069,12 @@
header __XM_OL_25340 X-Mailer =~ /Microsoft\ Office\ Outlook\,\ Build\ 11\.0\.6353/
header __XM_OL_28001441 X-Mailer =~ /^Microsoft Outlook Express 6.00.2800.1441$/
header __XM_OL_28004682 X-Mailer =~ /^Microsoft Outlook Express 6.00.2800.4682$/
-header __XM_OL_29196600 X-Mailer =~ /^Microsoft Outlook Express 5.00.2919.6600$/
-header __XM_OL_29196700 X-Mailer =~ /^Microsoft Outlook Express 5.00.2919.6700$/
header __XM_OL_32D97 X-Mailer =~ /Microsoft\ Outlook\ IMO\,\ Build\ 9\.0\.2416\ \(9\.0\.2910\.0\)/
header __XM_OL_3857F X-Mailer =~ /Microsoft\ Office\ Outlook\,\ Build\ 11\.0\.6353/
header __XM_OL_3AC1D X-Mailer =~ /Microsoft\ Outlook\ Express\ 5\.00\.2919\.6700/
header __XM_OL_3D61D X-Mailer =~ /Microsoft\ Outlook\ Express\ 4\.71\.2244\.8/
header __XM_OL_465CD X-Mailer =~ /Microsoft\ Outlook\,\ Build\ 10\.0\.3416/
-header __XM_OL_48071700 X-Mailer =~ /^Microsoft Outlook Express 5.50.4807.1700$/
header __XM_OL_48072300 X-Mailer =~ /^Microsoft Outlook Express 5.50.4807.2300$/
-header __XM_OL_49631700 X-Mailer =~ /^Microsoft Outlook Express 5.50.4963.1700$/
header __XM_OL_4B815 X-Mailer =~ /Microsoft\ Outlook\ Express\ 4\.71\.2730\.2/
header __XM_OL_4BF4C X-Mailer =~ /Microsoft\ Office\ Outlook\,\ Build\ 11\.0\.5510/
header __XM_OL_4EEDB X-Mailer =~ /Microsoft\ Office\ Outlook\,\ Build\ 11\.0\.5510/
@@ -3281,7 +3082,6 @@
header __XM_OL_4_72_2106_4 X-Mailer =~ /^Microsoft Outlook Express 4.72.2106.4$/
header __XM_OL_58CB5 X-Mailer =~ /Microsoft\ Office\ Outlook\,\ Build\ 11\.0\.6353/
header __XM_OL_5B79A X-Mailer =~ /Microsoft\ Office\ Outlook\,\ Build\ 11\.0\.5510/
-header __XM_OL_5E7ED X-Mailer =~ /Microsoft\ Outlook\ Express\ 6\.00\.2900\.2180/
header __XM_OL_6554A X-Mailer =~ /Microsoft\ Office\ Outlook\,\ Build\ 11\.0\.6353/
header __XM_OL_72641 X-Mailer =~ /Microsoft\ Outlook\ Express\ 6\.00\.2800\.1441/
header __XM_OL_7533E X-Mailer =~ /Microsoft\ Outlook\ Express\ 5\.50\.4963\.1700/
@@ -3299,11 +3099,8 @@
header __XM_OL_B9B11 X-Mailer =~ /Microsoft\ Outlook\ Express\ 6\.00\.2462\.0000/
header __XM_OL_BC7E6 X-Mailer =~ /Microsoft\ Office\ Outlook\,\ Build\ 11\.0\.5510/
header __XM_OL_C65FA X-Mailer =~ /Microsoft\ Office\ Outlook\,\ Build\ 11\.0\.6353/
-header __XM_OL_C7C33 X-Mailer =~ /Microsoft\ Outlook\ Express\ 6\.00\.2800\.1478/
-header __XM_OL_C9068 X-Mailer =~ /Microsoft\ Outlook\ Express\ 6\.00\.2800\.1478/
header __XM_OL_CAC8F X-Mailer =~ /Microsoft\ Outlook\ Express\ 4\.71\.1712\.3/
header __XM_OL_CF0C0 X-Mailer =~ /Microsoft\ Office\ Outlook\,\ Build\ 11\.0\.6353/
-header __XM_OL_D03AB X-Mailer =~ /Microsoft\ Outlook\ Express\ 6\.00\.2900\.2180/
header __XM_OL_EF20B X-Mailer =~ /Microsoft\ Outlook\ Express\ 6\.00\.2800\.1478/
header __XM_OL_EF222 X-Mailer =~ /Microsoft\ Outlook\ Express\ 6\.00\.2900\.2873/
header __XM_OL_F3B05 X-Mailer =~ /Microsoft\ Office\ Outlook\,\ Build\ 11\.0\.5510/
@@ -3315,4 +3112,3 @@
header __XM_WWWMAIL X-Mailer =~ /^WWW-Mail \d/
body __YOUR_ACCOUNT /your account/i
body __YOUR_CREDITFVGT /your credit/i
-body __YOUR_MONTHLY /\byour monthly payments by\b/
|
|
[-]
[+]
|
Added |
Mail-SpamAssassin-3.2.5.tar.bz2/rules/72_removed.cf
^
|
| @@ -0,0 +1,29 @@
+# These are all old rules that have been removed from the ruleset, but
+# still have "score" lines floating around. Instead of deleting the rule,
+# replace it with a meta that will never fire.
+
+meta FM_DDDD_TIMES_2 (0)
+meta XMAILER_MIMEOLE_OL_C7C33 (0)
+meta FM_SEX_HOSTDDDD (0)
+meta URIBL_RHS_ABUSE (0)
+meta HS_UPLOADED_SOFTWARE (0)
+meta URIBL_RHS_BOGUSMX (0)
+meta URIBL_RHS_WHOIS (0)
+meta URIBL_RHS_POST (0)
+meta XMAILER_MIMEOLE_OL_5E7ED (0)
+meta AXB_RCVD_ZOOBSEND (0)
+meta BROKEN_RATWARE_BOM (0)
+meta URIBL_XS_SURBL (0)
+meta YOUR_CRD_RATING (0)
+meta STOX_RCVD_N_NN_N (0)
+meta X_LIBRARY (0)
+meta URIBL_RHS_DSN (0)
+meta DIV_CENTER_A_HREF (0)
+meta URIBL_RHS_TLD_WHOIS (0)
+meta URI_L_PHP (0)
+meta DRUG_RA_PRICE (0)
+meta DEAR_HOMEOWNER (0)
+meta OEBOUND (0)
+meta HS_PHARMA_1 (0)
+meta XMAILER_MIMEOLE_OL_D03AB (0)
+
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/rules/active.list
^
|
| @@ -281,12 +281,6 @@
FH_HOST_EQ_DYNAMICIP
# good enough
-FH_HOST_EQ_D_D_D_D
-
-# good enough
-FH_HOST_EQ_D_D_D_DB
-
-# good enough
FH_HOST_EQ_PACBELL_D
# good enough
@@ -317,9 +311,6 @@
FH_XMAIL_RND_833
# good enough
-FM_DDDD_TIMES_2
-
-# good enough
FM_DOESNT_SAY_STOCK
# good enough
@@ -365,9 +356,6 @@
FM_SEX_HELODDDD
# good enough
-FM_SEX_HOSTDDDD
-
-# good enough
FM_SUBJ_APPROVE
# good enough
@@ -842,15 +830,6 @@
RCVD_IN_SORBS_ZOMBIE
# tflags net
-RCVD_IN_WHOIS_BOGONS
-
-# tflags net
-RCVD_IN_WHOIS_HIJACKED
-
-# tflags net
-RCVD_IN_WHOIS_INVALID
-
-# tflags net
RCVD_IN_XBL
# good enough
@@ -1016,9 +995,6 @@
RCVD_IN_SORBS_DUL
# tflags net
-RCVD_IN_WHOIS_INVALID
-
-# tflags net
RCVD_IN_XBL
# good enough
@@ -1364,9 +1340,6 @@
__RCVD_IN_SORBS
# tflags net
-__RCVD_IN_WHOIS
-
-# tflags net
__RCVD_IN_ZEN
# tflags net
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/rules/sa-update-pubkey.txt
^
|
| @@ -52,8 +52,29 @@
VNqX9f7jlybpLZW/n8cQ2r1ax19v7FleO/xSGvkYm7B1+4BW0mjy6A5dta5+e5WG
D5R06Uya3/xRAPGdmV6t4Mw8fFsuyCvs+vC73PR3+eS1UvCYsDpcQD8KpVBnsHaA
duWRKKhjuFL0vdOWAr25tFOTKAj5Ywas47PBukO0isov2WBCA1rVqOr6FUvdP76y
-mqHv/0E6/vnTLxFoNsu4Ce42nAQ/A/jR
-=SY0J
+mqHv/0E6/vnTLxFoNsu4Ce42nAQ/A/jRiQQ+BBgBAgAJAhsCBQJHhbheAinBXSAE
+GQECAAYFAkOnbIoACgkQbFU5eCT0NM68MQ/8DvYqxRm3vP0Gwnr+63kzET8S+6vf
+gxOghnU+eMlqUeUu/ajqnVDMzoAIRDw9QgQc9ZZoklOSJQwOuloAbdpL4TwQ2XfJ
+MLU60JkZWnEOXJwClb0qG1GqtcBPbMEUPfZcQfphdRL3jpWZlaexFiJRSD+A0riw
+7q3NZKPDt4FrF7F3GY9krFy+P0nRt5f462DeDhCYZgguBQH+oGtjc5Hx+kOVWDsS
+txo5xkt4/0DG50ZklPkTlCohmJwRLACy+NswdQ9q83eWAhzKOPgkal7xF6a+LyE+
+ytVYy2EgEU74r2gVw5iizy92FDj//Z2QAUyf/c4BMuAhvfwVIHd8n2DPHvpMP15L
+6fwoymh0OjzmhwK94Z2u1YqNC1CK27/hfB6okQ/Tct7/Ik61dBjtiYdUC9tTA5Ze
+W8X5ouSmttS1QFixx+Z4hiXV7Qj12lgVKuJohjrVshfcbVzTHljjAo3YkOZIHIoA
+IJTUMRNzTIx9k4hrPVbxbVQhKjKTwFNtBuxvmptGTcLEIv9THpqlq8jkcStJ2Zrd
+hhofPCWRT/Kzo+WE+Kgefv88T5Li7Ku12U/UpiK85+6nRspXj3rnkfDOUbLZjGM+
+1NET0xQTPuyxN6CXF7MMxfGCpszCudYxMANDQqNXu9brcPN/+EIxGRjqin4E7q+h
+kYUaY7Ki8mXtJ8cJEEBWphpSROxFktcQALWQv996bFq1iFcGuQ0ITxNDlOWCsses
+bgEM5zR10DH+6s2bXEO8xyDHQJtrvdCPetRDosnuOToBMnGMXTYVytnWzwwAzwq1
+YM+bGAeTHaIX+2UmxwFyX4GMOdqsNB+xDZ8pmRKjamJSgUQt6e18YpZlg1Y4QkxS
+Vptq7OZBjiKeLUhLhGJ6GWgEIedLcoCtFzKCfz3zwn0Oxl+1EnVu8yqN+quWTf8P
+7EZn+0ztqZY059BrcK2jmOyXvtOZBcAHXCUknh/uPHwAJV2WFWSNid2kNiLOrV+J
+3eLTs5sF9wNhxWRhl6/10cwTzjy0Onv5cJh2tjdwksigMRMwz4c839zXORni/tnY
++IY22kNTKu84gB8rBuqUq8MQXNdS3bbROwwNUzpC0D1C1z1fBvyXDL1EwJdz70Wc
+2m/Sw6tIid5g98+XMW+Ibt43Jk2XbK71JLhbVbePbAcHVh/UXEtnjhRfX7oyWlwS
+a+lkKMiJd/6CQ6bvYsgklE7uEzTpRskpkkOcCk1O+8jfl+DsDwKrvVaNu8tpx45k
+TtV4JDA6iEHKakD/zZdVTR79W2CFqBvRfRikc5INOl1OfMQ4ODmjkMl3yI9wrHwS
+SQQxdq2XsS7xbU9HDFBEguQDu0rfzILZ9DuKIVHyr/CsRoJ5joj+JvKaUQC81ywQ
+aB8EKy5bg4U6
+=IbYW
-----END PGP PUBLIC KEY BLOCK-----
-
-
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/sa-compile.raw
^
|
| @@ -24,6 +24,7 @@
use lib '@@INSTALLSITELIB@@'; # substituted at 'make' time
use File::Spec;
+use Config;
BEGIN { # see comments in "spamassassin.raw" for doco
my @bin = File::Spec->splitpath($0);
@@ -68,6 +69,7 @@
# testing purposes only
my $fixup_re_test;
+#$fixup_re_test = 1; fixup_re("fr()|\\\\|"); die;
#$fixup_re_test = 1; fixup_re("\\x{1b}\$b"); die;
#$fixup_re_test = 1; fixup_re("\\33\$b"); die;
#$fixup_re_test = 1; fixup_re("[link]"); die;
@@ -130,6 +132,7 @@
# ensure the body-rule base extractor plugin is loaded, we use that
my $post_config = q(
loadplugin Mail::SpamAssassin::Plugin::BodyRuleBaseExtractor
+
).join("\n", @{$opt{'cf'}})."\n";
my $spamtest = new Mail::SpamAssassin(
@@ -160,7 +163,7 @@
$opt{'updatedir'} = Mail::SpamAssassin::Util::untaint_file_path($opt{'updatedir'});
}
else {
- $opt{'updatedir'} = $spamtest->sed_path('__local_state_dir__/compiled/__version__');
+ $opt{'updatedir'} = $spamtest->sed_path('__local_state_dir__/compiled/__perl_major_ver__/__version__');
}
my $installdir = $opt{'updatedir'};
if ((!defined $opt{'list'})
@@ -170,6 +173,9 @@
die "sa-compile: cannot write to $installdir, aborting\n";
}
+$spamtest->{bases_cache_dir} = $spamtest->get_and_create_userstate_dir()
+ ."/sa-compile.cache";
+
$spamtest->init(1);
my $conf = $spamtest->{conf};
@@ -302,7 +308,7 @@
my $force = 1;
my $FILE = shift;
- open(my $fh, "sort $FILE |") || die "open($FILE): $!";
+ open(my $fh, $FILE) || die "open($FILE): $!";
# read ruleset name from the first line in the file
my $ruleset_name;
$_ = <$fh>;
@@ -403,6 +409,8 @@
}
}
+ my $ccopt = $Config{optimize}; # typically "-O2"
+
open(FILE, ">Makefile.PL") || die "write Makefile.PL: $!";
print FILE <<"EOT";
use ExtUtils::MakeMaker;
@@ -412,10 +420,11 @@
'VERSION_FROM' => '$PMFILE',
'ABSTRACT_FROM' => '$PMFILE',
'OBJECT' => '\$(O_FILES)',
- 'OPTIMIZE' => '-O2',
+ 'OPTIMIZE' => '$ccopt',
'AUTHOR' => 'A. U. Tomated <automated\@example.com>',
);
EOT
+ close FILE or die "write Makefile.PL: $!";
open(FILE, ">MANIFEST.SKIP") || die "write MANIFEST.SKIP: $!";
print FILE <<'EOT';
@@ -436,6 +445,7 @@
^pm_to_blib$
~$
EOT
+ close FILE or die "write MANIFEST.SKIP: $!";
open(my $re, ">$XSFILE") || die "write $XSFILE: $!";
print $re <<"EOT";
@@ -443,6 +453,16 @@
#include "perl.h"
#include "XSUB.h"
+ /* bug 5556: newSVpvn_share() is not a defined API in perl 5.6.x.
+ * Thankfully we can use newSVpvn() without much harm, losing only
+ * a tiny bit of performance (I'd reckon ;).
+ */
+#ifdef newSVpvn_share
+#define my_newSVpvn_share(x,y,z) newSVpvn_share(x,y,z)
+#else
+#define my_newSVpvn_share(x,y,z) newSVpvn(x,y)
+#endif
+
/* split single-space-separated result string */
static void
split_and_add (AV *results, char *match)
@@ -452,12 +472,12 @@
for (cp = wordstart = match; *cp != (unsigned char) 0; cp++) {
if (*cp == ' ') {
av_push(results,
- newSVpvn_share(wordstart, cp-wordstart, (U32)0));
+ my_newSVpvn_share(wordstart, cp-wordstart, (U32)0));
wordstart = cp + 1;
}
}
av_push(results,
- newSVpvn_share(wordstart, cp-wordstart, (U32)0));
+ my_newSVpvn_share(wordstart, cp-wordstart, (U32)0));
}
EOT
@@ -573,7 +593,7 @@
$str =~ s/^fnord//gm;
print FILE $str;
-
+ close FILE or die "write $PMFILE: $!";
}
sub fixup_re {
@@ -601,6 +621,8 @@
my $esc = $1;
if ($esc eq '"') {
$output .= '"\\""';
+ } elsif ($esc eq '\\') {
+ $output .= '"**BACKSLASH**"'; # avoid hairy escape-parsing
} elsif ($esc =~ /^x\{(\S+)\}$/) {
$output .= '"'.chr(hex($1)).'"';
} elsif ($esc =~ /^\d+/) {
@@ -625,6 +647,7 @@
$output =~ s/^""/"/; # protect start and end quotes
$output =~ s/(?<!\\)""$/"/;
$output =~ s/(?<!\\)""//g; # strip empty strings, or turn "abc""def" -> "abcdef"
+ $output =~ s/\*\*BACKSLASH\*\*/\\\\/gs;
$fixup_re_test and print "OUTPUT: $output\n";
return $output;
@@ -661,7 +684,7 @@
--siteconfigpath=path Path for site configs
(default: /etc/mail/spamassassin)
--updatedir=path Directory to place updates
- (default: /var/lib/spamassassin/compiled/<version>)
+ (default: /var/lib/spamassassin/compiled/<perlversion>/<version>)
--cf='config line' Additional line of configuration
-D, --debug [area=n,...] Print debugging messages
-V, --version Print version
@@ -669,8 +692,12 @@
=head1 DESCRIPTION
-sa-compile uses C<re2c> to compile the SpamAssassin ruleset. This is then used
-by the C<Mail::SpamAssassin::Plugin::Rule2XSBody> plugin to speed up
+sa-compile uses C<re2c> to compile the site-wide parts of the SpamAssassin
+ruleset. No part of user_prefs or any files included from user_prefs can be
+built into the compiled set.
+
+This compiled set is then used by the
+C<Mail::SpamAssassin::Plugin::Rule2XSBody> plugin to speed up
SpamAssassin's operation, where possible, and when that plugin is loaded.
C<re2c> can match strings much faster than perl code, by constructing a DFA to
@@ -698,7 +725,7 @@
=item B<--sudo>
Use C<sudo(8)> to run code as 'root' when writing files to the compiled-rules
-storage area (which is C<@@LOCAL_STATE_DIR@@/compiled/@@VERSION@@> by default).
+storage area (which is C<@@LOCAL_STATE_DIR@@/compiled/@@PERL_MAJOR_VER@@/@@VERSION@@> by default).
=item B<--keep-tmps>
@@ -719,7 +746,7 @@
By default, C<sa-compile> will use the system-wide rules update directory:
- @@LOCAL_STATE_DIR@@/spamassassin/compiled/@@VERSION@@
+ @@LOCAL_STATE_DIR@@/spamassassin/compiled/@@PERL_MAJOR_VER@@/@@VERSION@@
If the updates should be stored in another location, specify it here.
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/sa-learn.raw
^
|
| @@ -1091,7 +1091,7 @@
This is a database file, using C<DB_File>. The database 'version
number' is 0 for databases from 2.5x, 1 for databases from certain 2.6x
-development releases, and 2 for all more recent databases.
+development releases, 2 for 2.6x, and 3 for 3.0 and later releases.
=item bayes_seen
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/sa-update.raw
^
|
| @@ -18,7 +18,7 @@
# </@LICENSE>
my $VERSION = 'svn' . (split(/\s+/,
- '$Id: sa-update.raw 540384 2007-05-22 01:01:44Z duncf $'))[2];
+ '$Id: sa-update.raw 607589 2007-12-30 21:04:39Z jm $'))[2];
my $PREFIX = '@@PREFIX@@'; # substituted at 'make' time
my $DEF_RULES_DIR = '@@DEF_RULES_DIR@@'; # substituted at 'make' time
@@ -415,7 +415,7 @@
my $DNSQ = "$RevSAVersion.$channel";
my $newV;
- my $dnsV = do_txt_query($DNSQ);
+ my $dnsV = join(' ', do_txt_query($DNSQ));
if (defined $dnsV && $dnsV =~ /^(\d+)/) {
$newV = $1 if (!defined $newV || $1 > $newV);
dbg("dns: $DNSQ => $dnsV, parsed as $1");
@@ -477,12 +477,20 @@
else {
# We don't currently have the list of mirrors, so go grab it.
dbg("channel: no MIRRORED.BY file available");
- my $mirror = do_txt_query("mirrors.$channel");
- unless ($mirror) {
+ my @mirrors = do_txt_query("mirrors.$channel");
+ unless (@mirrors) {
warn "error: no mirror data available for channel $channel\n";
channel_failed("channel: MIRRORED.BY file location was not in DNS");
+ next;
+ }
+ foreach my $mirror (@mirrors) {
+ $mirby = http_get($mirror);
+ unless ($mirby) {
+ dbg("channel: no mirror data available for channel $channel from $mirror");
+ next;
+ }
+ last;
}
- $mirby = http_get($mirror);
unless ($mirby) {
warn "error: no mirror data available for channel $channel\n";
channel_failed("channel: MIRRORED.BY contents were missing");
@@ -1012,25 +1020,20 @@
my($query) = shift;
my $RR = $res->query($query, 'TXT');
- my $result = '';
+ my @result;
if ($RR) {
foreach my $rr ($RR->answer) {
my $text = $rr->rdatastr;
$text =~ /^"(.*)"$/;
- if (length $result) {
- $result .= " $1";
- }
- else {
- $result = $1;
- }
+ push @result, $1;
}
}
else {
dbg("dns: query failed: $query => " . $res->errorstring);
}
- return $result;
+ return @result;
}
##############################################################################
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/spamassassin.raw
^
|
| @@ -348,6 +348,8 @@
###########################################################################
+setup_sig_handlers();
+
# Everything below here needs ArchiveIterator ...
my $iter = new Mail::SpamAssassin::ArchiveIterator(
{
@@ -408,10 +410,12 @@
###########################################################################
+my $mail; # global, so signal handler can clean it up; bug 5626
+
# make sure it only returns false values so that result_sub() isn't called...
sub wanted {
my $dataref = $_[3];
- my $mail = $spamtest->parse($dataref);
+ $mail = $spamtest->parse($dataref);
$count++;
# This is a short cut -- doing white/black-list? Do it and return quickly.
@@ -430,6 +434,7 @@
}
$mail->finish();
+ $mail = undef;
return 1;
}
@@ -440,6 +445,7 @@
if ( !$opt{'test-mode'} ) {
print $spamtest->remove_spamassassin_markup ($mail);
$mail->finish();
+ $mail = undef;
return 1;
}
else {
@@ -450,6 +456,7 @@
#
my $new_mail =
$spamtest->parse( $spamtest->remove_spamassassin_markup($mail) );
+
$mail->finish();
$mail = $new_mail;
}
@@ -462,13 +469,14 @@
my $new_mail =
$spamtest->parse( $spamtest->remove_spamassassin_markup($mail) );
$mail->finish();
+ $mail = $new_mail;
my $failed;
- if ( $opt{'report'} && !$spamtest->report_as_spam($new_mail) ) {
+ if ( $opt{'report'} && !$spamtest->report_as_spam($mail) ) {
$failed = 'report';
}
- if ( $opt{'revoke'} && !$spamtest->revoke_as_spam($new_mail) ) {
+ if ( $opt{'revoke'} && !$spamtest->revoke_as_spam($mail) ) {
$failed = 'revoke';
}
@@ -477,7 +485,8 @@
warn "spamassassin: for more information, re-run with -D option to see debug output\n";
}
- $new_mail->finish();
+ $mail->finish();
+ $mail = undef;
return 1;
}
@@ -498,11 +507,32 @@
# clean up after ourselves
$mail->finish();
+ $mail = undef;
+
$status->finish();
return 1;
}
+###########################################################################
+
+sub setup_sig_handlers {
+ $SIG{HUP} = \&kill_handler;
+ $SIG{INT} = \&kill_handler;
+ $SIG{TERM} = \&kill_handler;
+ $SIG{PIPE} = \&kill_handler;
+}
+
+sub kill_handler {
+ my ($sig) = @_;
+ warn "spamassassin: killed by SIG$sig\n";
+ if ($mail) {
+ $mail->finish(); # bug 5626: remove temp files etc.
+ $mail = undef;
+ }
+ exit 0;
+}
+
# ---------------------------------------------------------------------------
=cut
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/spamassassin.spec
^
|
| @@ -1,5 +1,5 @@
# the version in the tar name
-%define real_version 3.2.3
+%define real_version 3.2.5
# the display version number
%define version %{real_version}
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/spamc/libspamc.c
^
|
| @@ -458,7 +458,7 @@
if (connect_retries == 0) {
connect_retries = 3;
}
- if (retry_sleep == 0) {
+ if (retry_sleep < 0) {
retry_sleep = 1;
}
@@ -530,6 +530,10 @@
addrbuf.sin_addr = tp->hosts[hostix];
ipaddr = inet_ntoa(addrbuf.sin_addr);
+
+ /* make a copy in host, for logging (bug 5577) */
+ strncpy (host, ipaddr, sizeof(host) - 1);
+
#ifdef DO_CONNECT_DEBUG_SYSLOGS
libspamc_log(tp->flags, LOG_DEBUG,
"dbg: connect(AF_INET) to spamd at %s (try #%d of %d)",
@@ -1729,6 +1733,7 @@
tp->type = TRANSPORT_LOCALHOST;
tp->port = 783;
tp->flags = 0;
+ tp->retry_sleep = -1;
}
/*
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/spamd/spamd.raw
^
|
| @@ -494,12 +494,15 @@
# run with -u
# we're not root
# doing --vpopmail or --virtual-config-dir
-# we disable user-config
+# using --sql-config or --ldap-config
+# (unless we're also using --setuid-with-sql or --setuid-with-ldap)
my $setuid_to_user = (
- $opt{'username'} ||
- $> != 0 ||
- $opt{'vpopmail'} ||
- $opt{'virtual-config-dir'}
+ $opt{'username'} ||
+ $> != 0 ||
+ $opt{'vpopmail'} ||
+ $opt{'virtual-config-dir'} ||
+ ($opt{'sql-config'} && !$opt{'setuid-with-sql'}) ||
+ ($opt{'ldap-config'} && !$opt{'setuid-with-ldap'})
) ? 0 : 1;
dbg("spamd: will perform setuids? $setuid_to_user");
@@ -516,6 +519,18 @@
}
}
+if ($opt{'sql-config'} && !$opt{'setuid-with-sql'}) {
+ if ( !$opt{'username'} ) {
+ die "spamd: cannot use --sql-config without -u\n";
+ }
+}
+
+if ($opt{'ldap-config'} && !$opt{'setuid-with-ldap'}) {
+ if ( !$opt{'username'} ) {
+ die "spamd: cannot use --ldap-config without -u\n";
+ }
+}
+
# always copy the config, later code may disable
my $copy_config_p = 1;
@@ -873,10 +888,6 @@
}
);
-$spamtest->init_learner({
- opportunistic_expire_check_only => 1,
-});
-
# if $clients_per_child == 1, there's no point in copying configs around
unless ($clients_per_child > 1) {
# unset $copy_config_p so we don't bother trying to copy things back
@@ -898,6 +909,11 @@
# process are written with the right ownership and everything.
preload_modules_with_tmp_homedir();
+# this must be after preload_modules_with_tmp_homedir(), for bug 5606
+$spamtest->init_learner({
+ opportunistic_expire_check_only => 1,
+});
+
# bayes DBs may still be tied() at this point, so untie them and such.
$spamtest->finish_learner();
@@ -2023,18 +2039,15 @@
# If $opt{'username'} in use, then look up userinfo for that uid;
# otherwise use what was passed via $username
#
- my $userid = '';
+ my $suidto = $username;
if ( $opt{'username'} ) {
- $userid = $opt{'username'};
- }
- else {
- $userid = $username;
+ $suidto = $opt{'username'};
}
- my ($name, $pwd, $uid, $gid, $quota, $comment, $gcos, $dir, $etc) =
- getpwnam($userid);
+ my ($name, $pwd, $uid, $gid, $quota, $comment, $gcos, $suiddir, $etc) =
+ getpwnam($suidto);
if (!defined $uid) {
- my $errmsg = "spamd: handle_user unable to find user: '$userid'\n";
+ my $errmsg = "spamd: handle_user unable to find user: '$suidto'\n";
die $errmsg if $spamtest->{'paranoid'};
# if we are given a username, but can't look it up, maybe name
# services are down? let's break out here to allow them to get
@@ -2048,22 +2061,46 @@
$> = $uid; # change eUID
if ( !defined($uid) || ( $> != $uid and $> != ( $uid - 2**32 ) ) ) {
# make it fatal to avoid security breaches
- die("spamd: fatal error: setuid to $username failed");
+ die("spamd: fatal error: setuid to $suidto failed");
}
else {
- info("spamd: setuid to $username succeeded");
+ info("spamd: setuid to $suidto succeeded");
}
}
- if ($opt{'user-config'}) {
- handle_user_set_user_prefs($dir, $username);
+ my $userdir;
+
+ # if $opt{'user-config'} is in use, read user prefs from the remote
+ # username's home dir (if it exists): bug 5611
+ if ( $opt{'user-config'} ) {
+ my $prefsfrom = $username; # the one passed, NOT $opt{username}
+
+ if ($prefsfrom eq $suidto) {
+ $userdir = $suiddir; # reuse the already-looked-up info
+ } else {
+ $userdir = (getpwnam($prefsfrom))[7];
+ }
+
+ # we *still* die if this can't be found
+ if (!defined $userdir) {
+ my $errmsg = "spamd: handle_user unable to find user: '$prefsfrom'\n";
+ die $errmsg if $spamtest->{'paranoid'};
+ # if we are given a username, but can't look it up, maybe name
+ # services are down? let's break out here to allow them to get
+ # 'defaults' when we are not running paranoid
+ info($errmsg);
+ return 0;
+ }
}
+
+ # call this anyway, regardless of --user-config, so that
+ # signal_user_changed() is called
+ handle_user_set_user_prefs($userdir, $username);
}
sub handle_user_set_user_prefs {
my ($dir, $username) = @_;
- #
# If vpopmail config enabled then set $dir to virtual homedir
#
if ( $opt{'vpopmail'} ) {
@@ -2082,10 +2119,15 @@
}
chomp($dir);
}
- my $cf_file = $dir . "/.spamassassin/user_prefs";
- create_default_cf_if_needed( $cf_file, $username, $dir );
- $spamtest->read_scoreonly_config($cf_file);
+ # don't do this if we weren't passed a directory
+ if ($dir) {
+ my $cf_file = $dir . "/.spamassassin/user_prefs";
+ create_default_cf_if_needed( $cf_file, $username, $dir );
+ $spamtest->read_scoreonly_config($cf_file);
+ }
+
+ # signal_user_changed will ignore undef user_dirs, so this is ok
$spamtest->signal_user_changed(
{
username => $username,
@@ -2749,7 +2791,6 @@
connections will be accepted on the B<--port> at the same time as encrypted
connections are accepted at B<--ssl-port>.
-
=item B<-q>, B<--sql-config>
Turn on SQL lookups even when per-user config files have been disabled
@@ -2760,11 +2801,18 @@
If your spamc client does not support sending the C<User:> header,
like C<exiscan>, then the SQL username used will always be B<nobody>.
+This inhibits the setuid() behavior, so the C<-u> option is
+required. If you want the setuid() behaviour, use C<-Q> or
+C<--setuid-with-sql> instead.
+
=item B<--ldap-config>
Turn on LDAP lookups. This is completely analog to C<--sql-config>,
only it is using an LDAP server.
+Like C<--sql-config>, this disables the setuid behavior, and requires
+C<-u>. If you want it, use C<--setuid-with-ldap> instead.
+
=item B<-Q>, B<--setuid-with-sql>
Turn on SQL lookups even when per-user config files have been disabled
@@ -2900,9 +2948,9 @@
=item B<-x>, B<--nouser-config>, B<--user-config>
-Turn off(on) reading of per-user configuration files (user_prefs) from the
+Turn off (on) reading of per-user configuration files (user_prefs) from the
user's home directory. The default behaviour is to read per-user
-configuration from the user's home directory.
+configuration from the user's home directory (B<--user-config>).
This option does not disable or otherwise influence the SQL, LDAP or
Virtual Config Dir settings.
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/t/SATest.pm
^
|
| @@ -602,6 +602,11 @@
sub pattern_to_re {
my $pat = shift;
+
+ if ($pat =~ /^\/(.*)\/$/) {
+ return $1;
+ }
+
$pat = quotemeta($pat);
# make whitespace irrelevant; match any amount as long as the
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/t/data/nice/spf3-received-spf
^
|
| @@ -9,8 +9,6 @@
Received: from dnsbltest.spamassassin.org (dnsbltest.spamassassin.org [65.214.43.156]) by dnsbltest.spamassassin.org (Postfix) with SMTP id B9B2931016D for <jm-google-news-alerts@jmason.org>; Tue, 10 Feb 2004 18:18:49 +0000 (GMT)
Received: from dnsbltest.spamassassin.org (dnsbltest.spamassassin.org [65.214.43.157]) by amgod.boxhost.net (Postfix) with SMTP id B9B2931016D for <jm-google-news-alerts@jmason.org>; Tue, 10 Feb 2004 18:18:49 +0000 (GMT)
Received: by proxy.google.com with SMTP id so1951389 for <jm-google-news-alerts@jmason.org>; Tue, 10 Feb 2004 10:14:01 -0800 (PST)
-
-
Received: by abbulk2 with SMTP id mr733125; Tue, 10 Feb 2004 10:14:01 -0800 (PST)
Message-ID: <1076436841.67074.8fa05ccdc458abe5.1446041b@persist.google.com>
Date: Tue, 10 Feb 2004 10:14:01 -0800 (PST)
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/t/data/spam/gtubedcc.eml
^
|
| @@ -1,4 +1,4 @@
-Received: from [255.255.255.255]
+Received: from [192.168.1.1]
by mail.example.com with SMTP id gQQvHEt9CmmU
for <recipient@example.com>; Mon, 07 Oct 2002 09:00:01 +0000
Message-ID: <GTUBE1.1010101@example.com>
|
|
[-]
[+]
|
Added |
Mail-SpamAssassin-3.2.5.tar.bz2/t/data/whitelists/winxpnews.com
^
|
| @@ -0,0 +1,528 @@
+Received: from ooooooooo.net (ns1.ooooooooo.net [216.27.147.130])
+ by dogma.slashnull.org (8.11.6/8.11.6) with ESMTP id g6J6AZJ25232
+ for <aaaaaa@yyyyyy.zzz>; Fri, 19 Jul 2002 07:10:35 +0100
+Received: from bounce.winxpnews.com (dal21037lyr001.datareturn.com [216.46.238.20])
+ by ooooooooo.net (8.11.3/8.11.1) with SMTP id g6J6ABS16827
+ for <zzzz@zzzzzzzz.com>; Fri, 19 Jul 2002 02:10:12 -0400 (EDT)
+ (envelope-from do_not_reply@bounce.winxpnews.com)
+Importance: Normal
+To: zzzz@zzzzzzzz.com
+Reply-To: "WinXPnews"<do_not_reply@bounce.winxpnews.com>
+Content-Type: text/html;
+ charset="us-ascii"
+Content-Transfer-Encoding: 7bit
+Date: Fri, 19 Jul 2002 01:10:07 -0600
+From: "WinXPnews"<do_not_reply@bounce.winxpnews.com>
+Subject: WinXPnews: Time To Patch Your Windows Media Player
+Message-Id: <5ksc2.105x1y34m@bounce.winxpnews.com>
+X-Priority: 3 (Normal)
+X-MSMail-Priority: Normal
+
+<html><head><!--
+***************************** WinXPnews HTML ****************************
+ If you can see this text, then you are not using an HTML enabled
+ email client or your email client could not interpret this HTML.
+
+ Please read the following instructions!
+
+ This is a posting from WinXPnews for zzzz@zzzzzzzz.com
+ To manage your profile, click on the following customized link:
+
+ http://www.winxpnews.com/login.cfm?id=9665862091709486
+
+ You can modify or delete your profile there. You may also forward this
+ email to listmanager@winxpnews.com stating that you wish to be removed
+ from WinXPnews. Please include this complete text section in your email.
+
+ --- Read this newsletter online by visiting http://www.winxpnews.com ---
+
+ --- Please disregard all the text below as it is HTML formatted text ---
+***************************** WinXPnews HTML *****************************
+-->
+<title>WinXPnews™</title>
+<style type="text/css">
+a:link {color: #b04040; font-weight: bold;}
+a:visited {color: #804040; font-weight: bold;}
+a:active {color: #ff0000; font-weight: bold;}
+a:hover {color: #ff0000; font-weight: bold;} </style>
+</head>
+<body bgcolor="#ffffff" topmargin="0" leftmargin="0" marginheight="0" marginwidth="0">
+<table width = '100%' border = '0'>
+<tr>
+<td bgcolor = '#0055e7' align='right'>
+<img src='http://www.winxpnews.com/graphics/winxpnews_logo_200.jpg' align='left' border='0'>
+<font face='verdana, sans-serif' size='5' color='#ffffff'>
+<b>WinXPnews™ E-Zine</b><br>
+</font>
+<font face='verdana, sans-serif' size='1' color='#ffffff'>
+Tue, Jul 9, 2002 (Vol. 2, 27 - Issue 33)
+</font>
+</td>
+</tr>
+<tr><td align='center'><font face='verdana, sans-serif' size='2'><b>
+Feel free to forward this newsletter to other WinXP enthusiasts.</b><br>
+<b>Read this newsletter online here:
+<a href="http://www.winxpnews.com/?id=33">
+http://www.winxpnews.com/?id=33</a><br>
+For a quick unsubscribe (gasp!) click here:<br>
+<a href="http://www.winxpnews.com/unsubscribe.cfm?email=zzzz@zzzzzzzz.com">
+http://www.winxpnews.com/unsubscribe.cfm?email=zzzz@zzzzzzzz.com</a></b>
+</font>
+<img src='http://www.winxpnews.com/tr/tr.cfm?mid=9665862091709486&xid=33'
+width='0' height='0' border='0'>
+</td></tr>
+<tr>
+<td>
+<font face='verdana, sans-serif' size='5'>
+<b>Time To Patch Your Windows Media Player</b>
+</font>
+</td>
+</tr>
+<tr>
+<td> </td>
+</tr>
+<tr>
+<td background='http://www.winxpnews.com/graphics/h_border.gif' align=left>
+<img src='http://www.winxpnews.com/graphics/winxpnews_logo_50.jpg' width='53' height='24' align='right'>
+<font face='verdana, sans-serif' size='4' color='#ffffff'>
+ This issue of WinXPnews™ contains:<br>
+</font>
+</td>
+</tr>
+<tr>
+<td><font size='1'> </td>
+</tr>
+<tr>
+<td>
+<font face='verdana, sans-serif' size='2'>
+<ol>
+<li>EDITOR'S CORNER
+<code1=zzzz@zzzzzzzz.c
+<ul type='square'>
+<li>How to Publish Your Windows XP FTP Server to the Internet
+</ul>
+<li>HINTS, TIPS, TRICKS & TWEAKS
+<ul type='square'>
+<li>Allow Dial-up Connections to Synchronize Time with Internet Time Servers
+</ul>
+<li>HOW TO'S: ALL THE NEW XP FEATURES
+<ul type='square'>
+<li>How to Secure an FTP Server on Windows XP Professional
+</ul>
+<li>WINXP SECURITY: UPDATES & PATCHES
+<ul type='square'>
+<li>Cumulative Patch for Windows Media Player<li>Cumulative Patches for Excel and Word for Windows
+</ul>
+<li>UPGRADING & COMPATIBILITY ISSUES
+<ul type='square'>
+<li>A Computer May Hang During a Heavy Load with an Ericsson HIS Modem<li>Knowledge Base Search Center - If it is Not Broke, Do Not Break it!
+</ul>
+<li>WINXP CONFIGURING & TROUBLESHOOTING
+<ul type='square'>
+<li>A Description of the Repair Option on a Local Area Network or High-Speed Internet Connection<li>Keyboard and Mouse Do Not Work When You Start Windows<li>How to Deploy Windows XP Images from Windows 2000 RIS Servers
+</ul>
+<li>FAVE LINKS
+<ul type='square'>
+<li>This Week's Links We Like. Tips, Hints And Fun Stuff
+</ul>
+<li>BOOK OF THE WEEK
+<ul type='square'>
+<li>Windows XP Power Tools
+</ul>
+</ol>
+</font>
+</td>
+</tr>
+<tr>
+<td> </td>
+</tr>
+<tr>
+<td background='http://www.winxpnews.com/graphics/h_border.gif' align=left>
+<img src='http://www.winxpnews.com/graphics/winxpnews_logo_50.jpg' width='53' height='24' align='right'>
+<font face='verdana, sans-serif' size='4' color='#ffffff'>
+ SPONSOR: iHateSpam - Eliminate Irritating Junk Email<br>
+</font>
+</td>
+</tr>
+<tr>
+<td><font size='1'> </td>
+</tr>
+<tr>
+<td>
+<a href="http://www.winxpnews.com/rd/rd.cfm?id=020709S1-iHateSpam&mid=9665862091709486" target="_top">
+<img src='http://www.winxpnews.com/ads/ihs.gif' align='right' border='0'>
+</a>
+<font face='verdana, sans-serif' size=2>
+Irritated with porn, bogus business offers and viagra ads in your mailbox?<br>
+Angry about losing your valuable time deleting all that junk? Need a spam-<br>
+blocker that eliminates this annoying spam? Stop the spam in your inbox<br>
+with iHateSpam. It gives you control over the ever increasing flood of <br>
+junk email. Runs under Windows 95/98/ME/NT/2000/XP. Best of all, the limited<br>
+time Intro Offer is just $19.95 with online delivery of full product and a <br>
+30-day money back guarantee. This is a real no-brainer. <b>Get Your Copy Now!</b><br>
+<b>Visit <a href="http://www.winxpnews.com/rd/rd.cfm?id=020709S1-iHateSpam&mid=9665862091709486" target="_top">iHateSpam - Eliminate Irritating Junk Email</a> for more information.</b>
+</font>
+</td>
+</tr>
+<tr>
+<td> </td>
+</tr>
+<tr>
+<td background='http://www.winxpnews.com/graphics/h_border.gif' align=left>
+<img src='http://www.winxpnews.com/graphics/winxpnews_logo_50.jpg' width='53' height='24' align='right'>
+<font face='verdana, sans-serif' size='4' color='#ffffff'>
+ EDITOR'S CORNER<br>
+</font>
+</td>
+</tr>
+<tr>
+<td><font size='1'> </td>
+</tr>
+<tr>
+<td>
+<font face='verdana, sans-serif' size='2'>
+<p><font size=3><b>How to Publish Your Windows XP FTP Server to the Internet</b></font><p>
+Several of you wrote in about last week's article on installing an FTP Server. You said "that was great, but you only told half the story". You wanted to know two more things:
+<ol>
+<li>How to make the FTP Server available to Internet users
+<li>How to secure the FTP Server
+</ol>
+There are several ways to make an FTP server on the internal network available to users on the Internet. These methods are referred to as "Server Publishing". You can use a Windows XP computer running Internet Connection Services (ICS) to publish a server on your internal network.
+<p>
+Let's take a look at a common scenario. You have a Windows XP computer connected to the Internet with an always-on cable or DSL connection. You have another computer on your private network also running Windows XP. You've installed the FTP Server on this internal network computer and put files into the FTP folder. Now you want Internet users to connect to the FTP Server through the ICS computer directly connected to the Internet.
+<p>
+You can do this with the Windows XP ICS! Here's how:
+<ol>
+<li>Go into the Network Connections window. You can get there from the Network applet in the Control Panel.
+<li>Right click the network interface directly connected to the Internet and click Properties.
+<li>Click on the Advanced tab in the connection's Properties dialog box. Put a checkmark in the Internet Connection Firewall checkbox. Always make sure the Internet Connection Firewall (ICF) is enabled when you connect a computer directly to the Internet.
+<li>Click the Settings button, then click on the Services tab in the Advanced Settings dialog box.
+<li>Now click the Add button. This brings up the Service Settings dialog box. Type in My FTP Server in the Description of service text box. In the Name or IP address text box, type in the IP address of the computer on your private network that's running the FTP server. Since you're using ICS, it'll have an IP address like 192.168.0.x, where x is different for each machine on your network. You might want to manually assign the IP address the FTP Server already has, so that it doesn't change in the future. You can find out what IP address your FTP server is using by opening a command prompt at the FTP server and typing in the command ipconfig. That will give you the IP address the FTP Server is using. Back to the Service Settings dialog box, select the TCP option button. For the External Port and the Internet port, put in the port number you assigned to the FTP server on your internal network. Read this week's How To section to see how to change the listening port number. Clic!
+k OK
+<li>Click OK, and then click OK one more time! You might need to disable and enable the adapter after making the change. You can do that by right clicking the always-on interface.
+</ol>
+The procedure is very similar for dial-up connections. However, there are problems with dial-up connections (and many always-on connections) because the IP address on the external interface of the ICS computer changes over time. Next week I'll share with you a cool way you can get around this problem by using something called a "dynamic DNS service". I've used one for years, and it works great. Make sure to tune in next week for the details.
+<p>
+There you have it. Is server publishing in your future? Have any questions on the method I described above? If so, let me know! There are lots of ways you can publish services. Tell me how you do it, and tricks you've learned along the way. If you're having problems with server publishing, let me know about those too! I'll be sure to include what I learn from you in upcoming newsletters.
+<p>
+Until next week,<br>
+Tom Shinder, Editor<br>
+(email us with feedback: <a href="mailto:feedback@winxpnews.com?subject=WinXPnews Issue #33">feedback@winxpnews.com</a>)
+</font>
+</td>
+</tr>
+<tr>
+<td> </td>
+</tr>
+<tr>
+<td background='http://www.winxpnews.com/graphics/h_border.gif' align=left>
+<img src='http://www.winxpnews.com/graphics/winxpnews_logo_50.jpg' width='53' height='24' align='right'>
+<font face='verdana, sans-serif' size='4' color='#ffffff'>
+ SPONSOR: Is Your PC Spying On You?<br>
+</font>
+</td>
+</tr>
+<tr>
+<td><font size='1'> </td>
+</tr>
+<tr>
+<td>
+<a href="http://www.winxpnews.com/rd/rd.cfm?id=020709S2-PestPatrol&mid=9665862091709486" target="_top">
+<img src='http://www.winxpnews.com/ads/pestpatrol.gif' align='right' border='0'>
+</a>
+<font face='verdana, sans-serif' size=2>
+You are surfing the Web. Check out sites, download some music or<br>
+software that might be cool. Guess what? Your PC might have picked up<br>
+a cyber transmitted disease (CTD). These pests might now be monitoring <br>
+what you are doing and report this back to their "black hat" owners <br>
+and reveal your personal information. PestPatrol kills 'em all off. <br>
+Get your copy on the online shop for just 30 bucks with immediate online<br> delivery. Protect your PC and your confidential data!<br>
+<b>Visit <a href="http://www.winxpnews.com/rd/rd.cfm?id=020709S2-PestPatrol&mid=9665862091709486" target="_top">Is Your PC Spying On You?</a> for more information.</b>
+</font>
+</td>
+</tr>
+<tr>
+<td> </td>
+</tr>
+<tr>
+<td background='http://www.winxpnews.com/graphics/h_border.gif' align=left>
+<img src='http://www.winxpnews.com/graphics/winxpnews_logo_50.jpg' width='53' height='24' align='right'>
+<font face='verdana, sans-serif' size='4' color='#ffffff'>
+ HINTS, TIPS, TRICKS & TWEAKS<br>
+</font>
+</td>
+</tr>
+<tr>
+<td><font size='1'> </td>
+</tr>
+<tr>
+<td>
+<font face='verdana, sans-serif' size='2'>
+<p><font size=3><b>Allow Dial-up Connections to Synchronize Time with Internet Time Servers</b></font><p>
+Do you use a dial-up connection but can't get your machine to synchronize its clock with an Internet time server when the Internet Connection Firewall (ICF) is enabled? If so, here's a tip Richard Surry sent in on how to fix the problem:
+<ol>
+<li>Open your Network Connections window from the start menu.
+<li>Right click on your modem (or other dial-up connection) and click Properties.
+<li>Click on the Advanced tab. You already have a checkmark in the box that enables the ICF. Click on the Settings button.
+<li>Click on the Services tab, then click on the Add button in the Services tab.
+<li>That should open the Service Settings dialog box. In the Description box, put in Internet Time Service. For the Name or IP address of the computer hosting this service on your network, type in 127.0.0.1. Select the TCP protocol option button. For both the external and internal port numbers, type 123.
+<li>If you're online, disconnect and reconnect. Now synchronize the time by double click on the clock in the system tray and going to the Internet Time tab.
+</ol>
+This is an interesting tip, and it represents an even more interesting problem. For you network geeks out there, I'll ask you this question: Why should we allow unsolicited inbound connections for the Internet Time Service? The ICF should not block responses to solicited outbound connections, so why should we have to enable reverse NAT to make this work?
+</font>
+</td>
+</tr>
+<tr>
+<td> </td>
+</tr>
+<tr>
+<td background='http://www.winxpnews.com/graphics/h_border.gif' align=left>
+<img src='http://www.winxpnews.com/graphics/winxpnews_logo_50.jpg' width='53' height='24' align='right'>
+<font face='verdana, sans-serif' size='4' color='#ffffff'>
+ HOW TO'S: ALL THE NEW XP FEATURES<br>
+</font>
+</td>
+</tr>
+<tr>
+<td><font size='1'> </td>
+</tr>
+<tr>
+<td>
+<font face='verdana, sans-serif' size='2'>
+<p><font size=3><b>How to Secure an FTP Server on Windows XP Professional</b></font><p>
+Last week we went over how to install the Windows XP FTP Server. It will work fine after going through the steps outlined last week, but several of you asked for more information on how to secure the FTP Server because you wanted to connect it to the Internet. It's a very good idea to understand how FTP security works before putting the server on the Internet. Here are some suggestions:
+<ol>
+<li>Open the Internet Information Services console from the Administrative Tools menu. In the left pane of the console, expand your server name and then expand the FTP Sites node.
+<li>Right click on the Default FTP Site and click the Properties command.
+<li>Click on the FTP Site tab. Notice that the default TCP Port is set to 21. This is the well-known port for FTP. You can increase security a bit by changing this port to another value that's in the 1026-65534 range. This secures it from poorly motivated click-kiddies and also allows you to get around your ISP blocking incoming connections to TCP port 21. Friends who connect to your FTP server will need to change the port number on their FTP client software as well.
+<li>The Windows XP FTP server has a hard coded limit of 10 simultaneous connections. You might want to change this to a lower number to reduce the chance of a LAN party on the external interface of the FTP server.
+<li>Put a checkmark in the Enable Logging checkbox. Click the Properties button to the right of the log format drop-down list box. Click the Daily option button on the General Properties tab. On the Extended Properties tab, select all of the Extended Properties. Click OK.
+<li>Click on the Security Accounts tab. Place a checkmark in the Allow only anonymous connections checkbox. This prevents users from sending username and password credentials to the FTP server. You don't want users to send credentials because those credentials are sent in "clear text", which can be read by anyone who's listening on the wire.
+<li>Click the Messages tab. Enter a Welcome message, an Exit message, and a message users will see if there are no available connections.
+<li>Click on the Home Directory tab. Make sure there is a checkmark in the Read and Log Visits checkboxes. REMOVE the checkmark in the Write checkbox. Note the location in the Local Path text box. Navigate to that path in the Windows Explorer.
+<li>Right click on the FTPROOT folder and click Properties.
+<li>Click on the Security tab. Make sure that SYSTEM has Full Control. Assign the IUSR_<computername> account READ access only. Remove all other permissions for the IUSR account. Make sure you give Adminstrators Full Control tool. This allows you, the administrator on the FTP Server computer, to add, remove and change files in the FTPROOT folder.
+</ol>
+Stop and restart the FTP Server. Now your FTP server is secure and Internet bad guys won't be able to use it to distribute porno and bootlegged software.
+</font>
+</td>
+</tr>
+<tr>
+<td> </td>
+</tr>
+<tr>
+<td background='http://www.winxpnews.com/graphics/h_border.gif' align=left>
+<img src='http://www.winxpnews.com/graphics/winxpnews_logo_50.jpg' width='53' height='24' align='right'>
+<font face='verdana, sans-serif' size='4' color='#ffffff'>
+ WINXP SECURITY: UPDATES & PATCHES<br>
+</font>
+</td>
+</tr>
+<tr>
+<td><font size='1'> </td>
+</tr>
+<tr>
+<td>
+<font face='verdana, sans-serif' size='2'>
+<p><font size=3><b>Cumulative Patch for Windows Media Player</b></font><p>
+I think it was a couple months ago when I wrote about some serious problems with the Windows Media Player (WMP). At that time you could download a "cumulative" patch that would update the Media Player with the latest security fixes. Well, it's time to download another "cumulative" patch! A couple other problems were found in WMP that could cause some problems. To read more about the problem head on over to:<bR>
+<a href="http://www.winxpnews.com/rd/rd.cfm?id=020709SE-WMP_Patch&mid=9665862091709486" target="_top">http://www.winxpnews.com/rd/rd.cfm?id=020709SE-WMP_Patch</a>
+<p>
+You'll also find the download locations for Windows Media Player versions 6.4, 7.1 and 8.0 (XP) on that page.
+<p><font size=3><b>Cumulative Patches for Excel and Word for Windows</b></font><p>
+If you run Microsoft Word or Excel, versions 2000 or 2002 (XP), then you need to head on over to the Microsoft site to download some security fixes. These fixes handle security glitches that could get you in trouble if you don't take care of them! Head on over to Microsoft's site where you can find individual fixes for each program. You only need download the fix that applies to your computer:<br>
+<a href="http://www.winxpnews.com/rd/rd.cfm?id=020709SE-Word_Excel_Patch&mid=9665862091709486" target="_top">http://www.winxpnews.com/rd/rd.cfm?id=020709SE-Word_Excel_Patch</a>
+</font>
+</td>
+</tr>
+<tr>
+<td> </td>
+</tr>
+<tr>
+<td background='http://www.winxpnews.com/graphics/h_border.gif' align=left>
+<img src='http://www.winxpnews.com/graphics/winxpnews_logo_50.jpg' width='53' height='24' align='right'>
+<font face='verdana, sans-serif' size='4' color='#ffffff'>
+ UPGRADING & COMPATIBILITY ISSUES<br>
+</font>
+</td>
+</tr>
+<tr>
+<td><font size='1'> </td>
+</tr>
+<tr>
+<td>
+<font face='verdana, sans-serif' size='2'>
+<p><font size=3><b>A Computer May Hang During a Heavy Load with an Ericsson HIS Modem</b></font><p>
+If your computer has a Ericsson HIS modem, you might experience a dreaded blue screen and see the message IRQL_NOT_LESS_OR_EQUAL or DRIVER_CORRUPTED_EXPOOL. The problem is that you're downloading too much and your poor modem can't keep up! Microsoft recognizes that this isn't a problem with the modem, but with the modem driver. To download a fix visit Microsoft's site. After getting the fix, you can download as much as you like without worrying about blue screens!<br>
+<a href="http://www.winxpnews.com/rd/rd.cfm?id=020709UP-HIS_Modem&mid=9665862091709486" target="_top">http://www.winxpnews.com/rd/rd.cfm?id=020709UP-HIS_Modem</a>
+<p><font size=3><b>Knowledge Base Search Center - If it is Not Broke, Do Not Break it!</b></font><p>
+It wasn't so long ago when you could search the Microsoft Knowledge Base for articles that came up in the last 3 days, 7 days, 14 days, 30 days, 90 days and 6 months. It was great! But Microsoft decided to "fix" the Knowledge Base search page, and now it really sucks! It's hard to find things that used to come up easily, the site is often down, and searching based on age of articles just doesn't work anymore.
+<p>
+Try this: go to:<br>
+<a href="http://support.microsoft.com/default.aspx?ln=EN-US&pr=kbinfo&" target="_top">http://support.microsoft.com/default.aspx?ln=EN-US&pr=kbinfo&</a><br>
+and on the left side of the page select Windows XP in the top drop down list box. Don't put anything in the For solutions containing...(optional) text box. Leave the Any of the words entered option selected in the Using drop down list box. For Maximum Age select 3 days. For Results Limit select 150 articles. Click Search Now. Whoa! Nothing. OK, it's reasonable to see no articles related to Windows XP in the last 3 days. Try again, this time using 7 days. Whaat? Still no articles. OK, it was a holiday week in the USA last week. Let's try 14 days. Nothing again! That seems sort of strange, doesn't it? Let's give it another try with 30 days. Still no articles! What's going on here? Keep trying for 6 months and one year. You still won't find anything. It's pretty sad, because this used to work.
+</font>
+</td>
+</tr>
+<tr>
+<td> </td>
+</tr>
+<tr>
+<td background='http://www.winxpnews.com/graphics/h_border.gif' align=left>
+<img src='http://www.winxpnews.com/graphics/winxpnews_logo_50.jpg' width='53' height='24' align='right'>
+<font face='verdana, sans-serif' size='4' color='#ffffff'>
+ WINXP CONFIGURING & TROUBLESHOOTING<br>
+</font>
+</td>
+</tr>
+<tr>
+<td><font size='1'> </td>
+</tr>
+<tr>
+<td>
+<font face='verdana, sans-serif' size='2'>
+<p><font size=3><b>A Description of the Repair Option on a Local Area Network or High-Speed Internet Connection</b></font><p>
+Here's the answer to a question I've had for a long time. What the heck does that "Repair" option for a network connection actually do? It's not in the help file, but it's on the Microsoft Web site. Here's what it does:
+<ul>
+<li>Sends an ipconfig /renew
+<li>Flushes the ARP cache with a arp -d
+<li>Reloads the NetBIOS name cache with a nbtstat -R
+<li>Updates its WINS server with an nbtstat -RR
+<li>Clear out the DNS client cache with an ipconfig /flushdns
+<li>Reregisters the client with a DDNS server with a ipconfig /registerdns
+</ul>
+Check out the original article over at:<br>
+<a href="http://www.winxpnews.com/rd/rd.cfm?id=020709CO-Repair_Option&mid=9665862091709486" target="_top">http://www.winxpnews.com/rd/rd.cfm?id=020709CO-Repair_Option</a>
+<p><font size=3><b>Keyboard and Mouse Do Not Work When You Start Windows</b></font><p>
+Have you been hit with this one? You're working in Windows XP and shut down for the day. The next morning you start up your Windows XP computer and the mouse pointer is stuck! The only way to get it going again is to restart the computer, and for some reason the pointer starts moving again. What's up with that? I still haven't figured that one out, but Microsoft has a KB article that claims it's from a corrupt registry. I doubt that's the case in my situation because the problem is intermittent. But if you find that your mouse is always stuck, you might want to check out:<br>
+<a href="http://www.winxpnews.com/rd/rd.cfm?id=020709CO-Frozen_Mouse&mid=9665862091709486" target="_top">http://www.winxpnews.com/rd/rd.cfm?id=020709CO-Frozen_Mouse</a>
+<p><font size=3><b>How to Deploy Windows XP Images from Windows 2000 RIS Servers</b></font><p>
+Are you planning to roll out lots of Windows XP computers on your network in the near future? If so, you're probably looking for a good way to automate the process. You can use the Windows 2000 Remote Installation Services (RIS) if you're running Windows 2000 Servers on your network. For the basic procedure and some tips, tricks, and gotcha's, check out:<br>
+<a href="http://www.winxpnews.com/rd/rd.cfm?id=020709CO-Deploy_XP_Images&mid=9665862091709486" target="_top">http://www.winxpnews.com/rd/rd.cfm?id=020709CO-Deploy_XP_Images</a>
+</font>
+</td>
+</tr>
+<tr>
+<td> </td>
+</tr>
+<tr>
+<td background='http://www.winxpnews.com/graphics/h_border.gif' align=left>
+<img src='http://www.winxpnews.com/graphics/winxpnews_logo_50.jpg' width='53' height='24' align='right'>
+<font face='verdana, sans-serif' size='4' color='#ffffff'>
+ FAVE LINKS<br>
+</font>
+</td>
+</tr>
+<tr>
+<td><font size='1'> </td>
+</tr>
+<tr>
+<td>
+<font face='verdana, sans-serif' size='2'>
+<p><font size=3><b>This Week's Links We Like. Tips, Hints And Fun Stuff</b></font><p><li>Be Afraid, be very afraid - the future of Big Brother in computing</li><br>
+<a href="http://www.winxpnews.com/rd/rd.cfm?id=020709FA-Palladium_FAQ&mid=9665862091709486" target="_top">http://www.winxpnews.com/rd/rd.cfm?id=020709FA-Palladium_FAQ</a>
+<li>Get Revenge on your computer!</li><br>
+<a href="http://www.winxpnews.com/rd/rd.cfm?id=020709FA-PC_Revenge&mid=9665862091709486" target="_top">http://www.winxpnews.com/rd/rd.cfm?id=020709FA-PC_Revenge</a>
+<li>Pringles Super Spud Boxing</li><br>
+<a href="http://www.winxpnews.com/rd/rd.cfm?id=020709FA-Spud_Boxing&mid=9665862091709486" target="_top">http://www.winxpnews.com/rd/rd.cfm?id=020709FA-Spud_Boxing</a>
+</font>
+</td>
+</tr>
+<tr>
+<td> </td>
+</tr>
+<tr>
+<td background='http://www.winxpnews.com/graphics/h_border.gif' align=left>
+<img src='http://www.winxpnews.com/graphics/winxpnews_logo_50.jpg' width='53' height='24' align='right'>
+<font face='verdana, sans-serif' size='4' color='#ffffff'>
+ BOOK OF THE WEEK<br>
+</font>
+</td>
+</tr>
+<tr>
+<td><font size='1'> </td>
+</tr>
+<tr>
+<td>
+<font face='verdana, sans-serif' size='2'>
+<p><font size=3><b>Windows XP Power Tools</b></font><p>
+A book full of personal experiences and anecdotes that will equip you with the tips and tricks you need to become an XP afficionado. Coverage includes automating tasks using scripting, the Command Console Survivor Guide, networking, registry, maximizing security/firewalls, hardware, installation/configuration, and database hosting/accessing. The CD contains the best third party utilities around.
+<p>
+Step-by-Step Instruction Helps You Harness the Full Power of Windows XP. Whether you're running Windows XP Home Edition or Professional, Windows XP Power Tools arms you with the advanced skills you need to become the ultimate power user. Full of undocumented tips and tricks and written by a Windows expert, this book provides you with step-by-step instructions for customization, optimization, troubleshooting and shortcuts for working more efficiently. A must-have for power users and network administrators, Windows XP Power Tools includes a CD filled with power tools including security, e-mail, diagnostic and data recovery utilities.
+<p>
+<a href="http://www.winxpnews.com/rd/rd.cfm?id=020709BW-XP_Power_Tools&mid=9665862091709486" target="_top">http://www.winxpnews.com/rd/rd.cfm?id=020709BW-XP_Power_Tools</a>
+</font>
+</td>
+</tr>
+</table>
+<table width="100%" border="0">
+<tr>
+<td> </td>
+</tr>
+<tr>
+<td background='http://www.winxpnews.com/graphics/h_border.gif' align=left>
+<img src='http://www.winxpnews.com/graphics/winxpnews_logo_50.jpg' width='53' height='24' align='right'>
+<font face='verdana, sans-serif' size='4' color='#ffffff'>
+ ABOUT WINXPNEWS™<br>
+</font>
+</td>
+</tr>
+<tr>
+<td><font size='1'> </td>
+</tr>
+<tr>
+<td><font size='1'> </font><br>
+<font face='verdana, sans-serif' size=3><b>
+What Our Lawyers Make Us Say</b></font>
+</td>
+</tr>
+<tr>
+<td>
+<font size="1" face="arial">
+These documents are provided for informational purposes only. The information
+contained in this document represents the current view of Sunbelt Software
+Distribution on the issues discussed as of the date of publication. Because
+Sunbelt must respond to changes in market conditions, it should not be
+interpreted to be a commitment on the part of Sunbelt and Sunbelt cannot
+guarantee the accuracy of any information presented after the date of
+publication.
+<p>
+INFORMATION PROVIDED IN THIS DOCUMENT IS PROVIDED "AS IS" WITHOUT WARRANTY OF
+ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED
+WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND FREEDOM
+FROM INFRINGEMENT.
+<p>
+The user assumes the entire risk as to the accuracy and the use of this
+<code2=fsg.com>document. This document may be copied and distributed subject to the
+following conditions: 1) All text must be copied without modification and all pages
+must be included; 2) All copies must contain Sunbelt's copyright notice and any
+other notices provided therein; and 3) This document may not be distributed
+for profit. All trademarks acknowledged. Copyright Sunbelt Software
+Distribution, Inc. 1996-2002.
+</font>
+</td>
+</tr>
+<tr>
+<td><font size='1'> </font><br>
+<font face='verdana, sans-serif' size=3><b>
+About Your Subscription to WinXPnews™</b></font>
+</td>
+</tr>
+<tr>
+<td>
+<font size="2" face="arial, verdana, sans-serif">
+This is a posting from WinXPnews. You are subscribed as zzzz@zzzzzzzz.com
+<p>
+To manage your profile, please visit our site by clicking on the following link:<br>
+<a href="http://www.winxpnews.com/login.cfm?id=9665862091709486">
+http://www.winxpnews.com/login.cfm?id=9665862091709486</a><br>
+For a quick unsubscribe (gasp!), click here:<br>
+<a href="http://www.winxpnews.com/unsubscribe.cfm?email=zzzz@zzzzzzzz.com">
+http://www.winxpnews.com/unsubscribe.cfm?email=zzzz@zzzzzzzz.com</a>
+</font>
+</td>
+</tr>
+</table>
+</body>
+</html>
+
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/t/dkim.t
^
|
| @@ -13,6 +13,12 @@
# use constant AM_ROOT => $< == 0;
# Since the plugin is disabled by default, so are the tests
+
+# Dec 28 2007 jm: as Daryl notes at
+# http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5662#c25 , this test is
+# broken, since dkim.org have removed the "testing1234" selector from their
+# DNS. TODO: we need working DKIM tests :(
+
use constant DO_RUN => TEST_ENABLED && HAS_MODULES && 0;
BEGIN {
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/t/dnsbl.t
^
|
| @@ -6,15 +6,18 @@
use constant TEST_ENABLED => conf_bool('run_net_tests');
use constant HAS_NET_DNS => eval { require Net::DNS; };
# bug 3806:
-# Do not run this test on non-Linux unices as root, due to a bug
-# in Sys::Hostname::Long (which Net::DNS uses.)
+# Do not run this test with version of Sys::Hostname::Long older than 1.4
+# on non-Linux unices as root, due to a bug in Sys::Hostname::Long
+# (which is used by Net::DNS and by Mail::SPF::Query)
use constant IS_LINUX => $^O eq 'linux';
use constant IS_WINDOWS => ($^O =~ /^(mswin|dos|os2)/oi);
use constant AM_ROOT => $< == 0;
+use constant HAS_SAFE_HOSTNAME =>
+ eval { require Sys::Hostname::Long; Sys::Hostname::Long->VERSION(1.4) };
-use constant DO_RUN => TEST_ENABLED && HAS_NET_DNS &&
- !(AM_ROOT &&
- !(IS_LINUX || IS_WINDOWS));
+use constant DO_RUN =>
+ TEST_ENABLED && HAS_NET_DNS &&
+ (HAS_SAFE_HOSTNAME || !AM_ROOT || IS_LINUX || IS_WINDOWS);
use Test;
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/t/meta.t
^
|
| @@ -20,7 +20,7 @@
use Test;
use Mail::SpamAssassin;
-use vars qw( %rules %scores );
+use vars qw( %rules %scores $perl_path);
# "parse-rules-for-masses" requires Data::Dumper
use constant HAS_DATADUMPER => eval 'use Data::Dumper; 1;';
@@ -39,7 +39,7 @@
unlink $output || die;
%rules = ();
%scores = ();
- if (system("$prefix/build/parse-rules-for-masses -o $output -d \"$prefix/rules\" -s $scoreset -x")) {
+ if (system("$perl_path $prefix/build/parse-rules-for-masses -o $output -d \"$prefix/rules\" -s $scoreset -x")) {
warn "parse-rules-for-masses failed!";
}
eval {
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/t/rcvd_parser.t
^
|
| @@ -18,7 +18,7 @@
use lib '.'; use lib 't';
use SATest; sa_t_init("rcvd_parser");
-use Test; BEGIN { plan tests => 129 };
+use Test; BEGIN { plan tests => 130 };
use strict;
# format is:
@@ -414,7 +414,10 @@
'[ ip=217.145.101.130 rdns=gate.jakob.de helo=gate2.jakob.de by=vps832469583.serverpool.info ident= envfrom=support@verleihshop.de intl=0 id=1H3KFP-0005pI-08 auth= msa=0 ]',
'from dslb-082-083-045-064.pools.arcor-ip.net (EHLO homepc) [82.83.45.64] by mail.gmx.net (mp010) with SMTP; 03 Feb 2007 13:13:47 +0100' =>
- '[ ip=82.83.45.64 rdns=dslb-082-083-045-064.pools.arcor-ip.net helo=homepc by=mail.gmx.net ident= envfrom= intl=0 id= auth= msa=0 ]'
+ '[ ip=82.83.45.64 rdns=dslb-082-083-045-064.pools.arcor-ip.net helo=homepc by=mail.gmx.net ident= envfrom= intl=0 id= auth= msa=0 ]',
+
+ 'from [86.122.158.69] by mta2.iomartmail.com; Thu, 2 Aug 2007 21:50:04 -0200' =>
+ '[ ip=86.122.158.69 rdns= helo=!86.122.158.69! by=mta2.iomartmail.com ident= envfrom= id= auth= msa=0 ]',
);
|
|
[-]
[+]
|
Added |
Mail-SpamAssassin-3.2.5.tar.bz2/t/spamd_user_rules_leak.t
^
|
| @@ -0,0 +1,115 @@
+#!/usr/bin/perl
+# bug 4179
+
+use lib '.'; use lib 't';
+use SATest; sa_t_init("spamd_user_rules_leak");
+use Test;
+BEGIN {
+
+ plan tests => ($SKIP_SPAMD_TESTS ? 0 : 28)
+
+};
+exit if $SKIP_SPAMD_TESTS;
+
+# ---------------------------------------------------------------------------
+# If user A define's a user rule (when allow_user_rules is enabled) it affects
+# user B if they also set a score for that same rule name or create a user rule
+# with the same name.
+
+tstlocalrules ("
+ allow_user_rules 1
+");
+
+rmtree ("log/virtualconfig/testuser1", 0, 1);
+mkpath ("log/virtualconfig/testuser1", 0, 0755);
+rmtree ("log/virtualconfig/testuser2", 0, 1);
+mkpath ("log/virtualconfig/testuser2", 0, 0755);
+rmtree ("log/virtualconfig/testuser3", 0, 1);
+mkpath ("log/virtualconfig/testuser3", 0, 0755);
+open (OUT, ">log/virtualconfig/testuser1/user_prefs");
+print OUT q{
+
+ header MYFOO Content-Transfer-Encoding =~ /quoted-printable/
+ body MYBODY /KIFF/
+ rawbody MYRAWBODY /KIFF/
+ full MYFULL /KIFF/
+ score MYFOO 3
+ score MYBODY 3
+ score MYRAWBODY 3
+ score MYFULL 3
+
+};
+close OUT;
+open (OUT, ">log/virtualconfig/testuser2/user_prefs");
+print OUT q{
+
+ # create a new user rule with same name
+ body MYBODY /kdjfgkfdjgkfdjgdkfg/
+ # or refer to earlier rule with new score
+ score MYFOO 3
+ score MYBODY 3
+ score MYRAWBODY 3
+ score MYFULL 3
+
+};
+close OUT;
+open (OUT, ">log/virtualconfig/testuser3/user_prefs");
+print OUT q{
+
+ # no user rules here
+
+};
+close OUT;
+
+%patterns = (
+ q{ 3.0 MYFOO }, 'MYFOO',
+ q{ 3.0 MYBODY }, 'MYBODY',
+ q{ 3.0 MYRAWBODY }, 'MYRAWBODY',
+ q{ 3.0 MYFULL }, 'MYFULL',
+);
+%anti_patterns = (
+ q{ redefined at }, 'redefined_errors_in_spamd_log',
+);
+
+# use -m1 so all scans use the same child
+ok (start_spamd ("--virtual-config-dir=log/virtualconfig/%u -L -u $spamd_run_as_user -m1"));
+ok (spamcrun ("-u testuser1 < data/spam/009", \&patterns_run_cb));
+ok_all_patterns();
+clear_pattern_counters();
+
+%patterns = (
+ q{ does not include a real name }, 'TEST_NOREALNAME',
+);
+%anti_patterns = (
+ q{ 1.0 MYFOO }, 'MYFOO',
+ q{ 1.0 MYBODY }, 'MYBODY',
+ q{ 1.0 MYRAWBODY }, 'MYRAWBODY',
+ q{ 1.0 MYFULL }, 'MYFULL',
+ q{ 3.0 MYFOO }, 'MYFOO',
+ q{ 3.0 MYBODY }, 'MYBODY',
+ q{ 3.0 MYRAWBODY }, 'MYRAWBODY',
+ q{ 3.0 MYFULL }, 'MYFULL',
+);
+ok (spamcrun ("-u testuser2 < data/spam/009", \&patterns_run_cb));
+checkfile ($spamd_stderr, \&patterns_run_cb);
+ok_all_patterns();
+clear_pattern_counters();
+
+%patterns = (
+ q{ does not include a real name }, 'TEST_NOREALNAME',
+);
+%anti_patterns = (
+ q{ 1.0 MYFOO }, 'MYFOO',
+ q{ 1.0 MYBODY }, 'MYBODY',
+ q{ 1.0 MYRAWBODY }, 'MYRAWBODY',
+ q{ 1.0 MYFULL }, 'MYFULL',
+ q{ 3.0 MYFOO }, 'MYFOO',
+ q{ 3.0 MYBODY }, 'MYBODY',
+ q{ 3.0 MYRAWBODY }, 'MYRAWBODY',
+ q{ 3.0 MYFULL }, 'MYFULL',
+);
+ok (spamcrun ("-u testuser3 < data/spam/009", \&patterns_run_cb));
+ok (stop_spamd ());
+checkfile ($spamd_stderr, \&patterns_run_cb);
+ok_all_patterns();
+
|
|
[-]
[+]
|
Changed |
Mail-SpamAssassin-3.2.5.tar.bz2/t/trust_path.t
^
|
| @@ -18,7 +18,7 @@
use lib '.'; use lib 't';
use SATest; sa_t_init("trust_path");
-use Test; BEGIN { plan tests => 69 };
+use Test; BEGIN { plan tests => 81 };
use IO::File;
use strict;
@@ -425,6 +425,77 @@
# ---------------------------------------------------------------------------
+# bug 5680: 'X-Originating-IP'
+q{
+
+ trusted_networks 1/8
+ Received: from sender.net (1.1.1.1) by receiver.net
+ with SMTP; 10 Nov 2005 00:00:00 -0000
+ X-Originating-IP: 2.2.2.2
+
+} => q{
+
+Trusted: [ ip=1.1.1.1 rdns=sender.net helo=sender.net by=receiver.net ident= envfrom= intl=1 id= auth= msa=0 ]
+Untrusted: [ ip=2.2.2.2 rdns= helo= by= ident= envfrom= intl=0 id= auth= msa=0 ]
+
+},
+
+# ---------------------------------------------------------------------------
+
+# bug 5680: 'X-Originating-IP', trusted
+q{
+
+ trusted_networks 1/8 2/8
+ internal_networks 1/8
+ Received: from sender.net (1.1.1.1) by receiver.net
+ with SMTP; 10 Nov 2005 00:00:00 -0000
+ X-Originating-IP: 2.2.2.2
+
+} => q{
+
+Trusted: [ ip=1.1.1.1 rdns=sender.net helo=sender.net by=receiver.net ident= envfrom= intl=1 id= auth= msa=0 ] [ ip=2.2.2.2 rdns= helo= by= ident= envfrom= intl=0 id= auth= msa=0 ]
+Untrusted:
+
+},
+
+# ---------------------------------------------------------------------------
+
+# bug 5680: 'X-Originating-IP', msa
+q{
+
+ trusted_networks 1/8
+ msa_networks 1/8
+ Received: from sender.net (1.1.1.1) by receiver.net
+ with SMTP; 10 Nov 2005 00:00:00 -0000
+ X-Originating-IP: 2.2.2.2
+
+} => q{
+
+Trusted: [ ip=1.1.1.1 rdns=sender.net helo=sender.net by=receiver.net ident= envfrom= intl=1 id= auth= msa=1 ] [ ip=2.2.2.2 rdns= helo= by= ident= envfrom= intl=1 id= auth= msa=0 ]
+Untrusted:
+
+},
+
+# ---------------------------------------------------------------------------
+
+# bug 5680: 'X-Originating-IP', internal
+q{
+
+ trusted_networks 1/8 2/8
+ internal_networks 1/8 2/8
+ Received: from sender.net (1.1.1.1) by receiver.net
+ with SMTP; 10 Nov 2005 00:00:00 -0000
+ X-Originating-IP: 2.2.2.2
+
+} => q{
+
+Trusted: [ ip=1.1.1.1 rdns=sender.net helo=sender.net by=receiver.net ident= envfrom= intl=1 id= auth= msa=0 ] [ ip=2.2.2.2 rdns= helo= by= ident= envfrom= intl=1 id= auth= msa=0 ]
+Untrusted:
+
+},
+
+# ---------------------------------------------------------------------------
+
# test to make sure netset is detecting overlap correctly when using short CIDR notations
q{
@@ -497,7 +568,7 @@
}
my $msg = $hdrs."\n\n[no body]\n";
- $msg =~ s/^\s+Received: /Received: /gm;
+ $msg =~ s/^\s+(Received|X-\S+): /$1: /gm;
my $status = $sa->check_message_text ($msg);
my $result = $status->rewrite_mail();
|
