1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
|
SpamAssassin 2.60 is released! SpamAssassin 2.60 is the first major
update of SpamAssassin since February 2003 (when the 2.50 series was
released).
SpamAssassin is a mail filter which uses advanced statistical
and heuristic tests to identify spam (also known as unsolicited
commercial/bulk email).
Downloading
-----------
Pick it up from:
http://SpamAssassin.org/released/Mail-SpamAssassin-2.60.tar.gz
http://SpamAssassin.org/released/Mail-SpamAssassin-2.60.tar.bz2
http://SpamAssassin.org/released/Mail-SpamAssassin-2.60.zip
md5sum:
bd1607d8fa52ef3f5fdda5e05f971e9d Mail-SpamAssassin-2.60.tar.bz2
46d1db67ed1d860ddb136e0beb5f6ac3 Mail-SpamAssassin-2.60.tar.gz
f35b1b558c846a4e7fd7a50a7986cc26 Mail-SpamAssassin-2.60.zip
sha1sum:
2b2ee745c4964f27005f2a791f4f4880b13795fa Mail-SpamAssassin-2.60.tar.bz2
5d42b39430da13443dd94e78a2dad6c2b1c7cb5a Mail-SpamAssassin-2.60.tar.gz
7e88af2cb92acb899d772752c1236d50991e80ee Mail-SpamAssassin-2.60.zip
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the wwwkeys.pgp.net keyserver, as well as
http://www.spamassassin.org/released/GPG-SIGNING-KEY
The key information is:
pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <release@spamassassin.org>
Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B
The release will also be available via CPAN within a few days.
Important installation notes
----------------------------
- Bayes FYI: 2.60 has a new Bayes backend and database format. Your old
database(s) will automatically be upgraded the first time 2.60 tries to
write to the DB, and any journal, if it exists, will be wiped out without
being synced.
In addition, we have had to drop support for Bayes databases in formats
other than DB_File, due to a large number of serious issues (including
crash and concurrency bugs) with those formats.
So, what you want to do is something like this:
- stop running spamassassin/spamd (ie: you don't want it to be running
during the upgrade)
- run "sa-learn --rebuild", this will sync your journal.
- upgrade SA to 2.60
- install DB_File module if necessary
- if you were using another database module, run "sa-learn --import"
to migrate the data into new DB_File files
- run "sa-learn --rebuild", this will cause the db format to be upgraded
- start running spamassassin/spamd again
Obviously the steps will be different depending on your environment,
but you get the idea. :)
- Bayes FYI 2: Because of the new database format, "check_bayes_db" will
no longer function properly. The functionality from that script was
added to sa-learn via the "--dump" parameter. Please see the sa-learn
man/pod documentation for more info.
- SpamAssassin 2.6x will be the last release supporting perl 5.005,
so it's suggested to upgrade to at least perl 5.6.1
- Razor2 isn't fully taint safe. So since SpamAssassin 2.60 enables
taint mode by default, there's a Razor2.patch file which needs to be
applied to Razor2. Documentation exists in the patch file.
Summary of major changes since 2.5x
-----------------------------------
spamd improvements
- spamd now supports UNIX-domain sockets for low-overhead scanning, thanks
to Steve Friedl for this. This is strongly recommended if you're running
spamc on the same host as the spamd server
Bayes improvements
- new tweaks to the Bayes engine: it now breaks down email addresses and URI
elements while learning to use as additional features when testing email
- new bayes backend, including new database format, ability to learn messages
to the journal, etc. Improved expiration mechanism
HTML parser improvements
- HTML::Parser 3.24 or higher is now required
- major improvements to the HTML engine, including better support for
detecting 'invisible text' and similar obfuscation techniques used in
spam
DNS blacklist and network testing improvements
- DNS blacklists (RBLs) overhauled; lots of new lists, including SORBS and
SpamCop; dropped Osirusoft due to their retirement (brought on by a DDOS)
- RBL timeouts are now handled much more efficiently; if one RBL is taking
much longer than all the others, it will be cut short and ignored
- the RBL engine improves the extraction and selection of IP addresses
queried by inferring trust relationships between Received headers; trust
can also be manually specified using the new "trusted_networks" option
- a generalised Received-header parser to more easily detect HELO string
forgery and faked relay lines
- support for domain-based blacklists and TXT record queries
- dccifd support added
- Razor 1 support dropped
Report improvements
- to reduce confusion, the default report now includes the hostname of the
machine where SpamAssassin is running and the installer also asks for an
administrative address or URL
- more flexible header and report rewriting including a simple template
system
Other changes
- workaround for red hat kernel with NPTL reporting "application bug" in
spamd due to use of waitpid() when SIGCHLD is set to SIG_IGN
- taint mode is now enabled by default (for perl versions 5.6.0 and
higher) for extra security
- Makefile variables were changed to use DESTDIR instead of the various
INST_* variables. Please read the PACKAGING file for more information.
- Lots of bugs fixed and new rules added. ;)
- timelog code has been removed
|