Jump to content

SpamAssassin 3.0 release information


Recommended Posts

In case anyone cares to check out the two recent announcements regarding the SpamAssassin 3.0 release they are pasted below.

The following quote is from Daniel Quinlan and can be seen in context here:


Apache Software Foundation Announces SpamAssassin 3.0 Release

Forest Hill, MD - September 22, 2004 -- The Apache Software Foundation is

pleased to announce the release of SpamAssassin 3.0.  SpamAssassin 3.0

contains a number of new technologies designed to protect against the

changing techniques used by spammers.  This is the first SpamAssassin

release as an Apache Software Foundation project and under the Apache

License.  The release is available from the Apache SpamAssassin web site

(http://spamassassin.apache.org/) via the Apache mirror network.

SpamAssassin 3.0 delivers many new features including support for sender

authentication using the Sender Policy Framework (SPF), checking for web

links of known spam advertisers, a modular plugin architecture, improved

SQL database support for storing user data in server installations, and

improved email classification.

SpamAssassin's practical multi-technique approach, modularity, and

extensibility continue to give it an advantage over other anti-spam

systems.  Due to these advantages, SpamAssassin is widely used in all

aspects of email management.  You can readily find SpamAssassin in use in

both email clients and servers, on many different operating systems,

filtering incoming as well as outgoing email, and implementing a very

broad range of policy actions.  These installations include service

providers, businesses, not-for-profit and educational organizations, and

end-user systems.  SpamAssassin also forms the basis for numerous

commercial anti-spam products available on the market today.

About SpamAssassin

SpamAssassin is an intelligent email filter which uses a diverse range of

tests to identify unsolicited bulk email, more commonly known as "spam".

These tests are applied to email headers and content to classify email

using advanced statistical methods.  In addition, SpamAssassin has a

modular architecture that allows other technologies to be quickly wielded

against spam and is designed for easy integration into virtually any email


About the Apache Software Foundation

The Apache Software Foundation provides organizational, legal, and

financial support for a broad range of open source software projects.  As

a US 501©(3) public charity, the Foundation provides an established

framework for contributions of both intellectual property and funding for

the support of open source software development.  Through a collaborative

and meritocratic development process, Apache projects deliver

enterprise-grade, freely available software products for the public

benefit, attracting large communities of users and enabling future

innovation, both commercial and individual, through its pragmatic Apache


Press Contact:

  press <at> apache.org


Daniel Quinlan                  ApacheCon! 13-17 November (3 SpamAssassin

http://www.pathname.com/~quinlan/  http://www.apachecon.com/  sessions & more)

The following quote is from Daniel Quinlan and can be seen in context here:


(technical information about SpamAssassin 3.0.0 release)

SpamAssassin 3.0.0 is released!  SpamAssassin 3.0.0 is a major update and

includes a number of new email and anti-spam technologies.

SpamAssassin is a mail filter which uses advanced statistical and

heuristic tests to identify spam (also known as unsolicited bulk email).



  MD5 checksums

  SHA1 checksums

  GPG key information

  Major feature list

  Important installation notes

  New rules

  Spamd changes

  Engine changes



  Please use a mirror off of <http://spamassassin.apache.org/>.

MD5 checksums:

  b77c7b29ddc4283d597610bf540670d9  Mail-SpamAssassin-3.0.0.tar.bz2

  e38035c260310e18158d95a41cadae93  Mail-SpamAssassin-3.0.0.tar.gz

  7b5d10c33d33e16a849fdba7b2c9bc43  Mail-SpamAssassin-3.0.0.zip

SHA1 checksums:

  d722c0e27b4b9c8117e5c583c0924a0b81f62a30  Mail-SpamAssassin-3.0.0.tar.bz2

  d52c317483483874f2b7e5dd544094249bedbdad  Mail-SpamAssassin-3.0.0.tar.gz

  3a0c3373b2655c14c14ababa61b7c3791340ee72  Mail-SpamAssassin-3.0.0.zip

GPG key information:

  The release files also have a .asc accompanying them.  The file serves

  as an external GPG signature for the given release file.  The signing

  key is available via the wwwkeys.pgp.net key server, as well as a file

  named GPG-SIGNING-KEY in the download directory.

  pub  1024D/265FA05B 2003-06-09 Apache SpamAssassin <release <at> spamassassin.org>

    Key fingerprint =3D 26C9 00A4 6DD4 0CD5 AD24  F6D7 DEE0 1987 265F A05B

Major feature list:

  - SpamAssassin is now part of the Apache Software Foundation and has an

    improved software license, the 2.0 version of the Apache License.

  - SpamAssassin now includes support for SPF (the Sender Policy

    Framework, http://spf.pobox.com/).

  - Web site links contained in the message are checked against SURBL and

    SBL.  SURBL and SBL track sites that advertise with spam, known spam

    sources, and spam services.

  - The new 3.0 architecture allows third-parties to easily add plugin


  - There is now SQL database support for both the Bayes and

    auto-whitelist modules, allowing more large sites to easily deploy


  - A more accurate simulation of email client handling of MIME and HTML

    improves our accuracy.  In addition, there is better detection and

    handling of spammer techniques that try to trick anti-spam software.

Important installation notes:

  - The SpamAssassin 2.6x release series was the last set of releases to

    officially support perl versions earlier than perl 5.6.1.  If you are

    using an earlier version of perl, you will need to upgrade before you

    can use the 3.0.0 version of SpamAssassin.

  - SpamAssassin 3.0.0 has a significantly different API (Application

    Program Interface) from the 2.x series of code.  This means that if

    you use SpamAssassin through a third-party utility (milter, etc,) you

    need to make sure you have an updated version which supports 3.0.0.

  - The --auto-whitelist and -a options for "spamd" and "spamassassin" to

    turn on the auto-whitelist have been removed and replaced by the

    "use_auto_whitelist" configuration option which is also now turned on

    by default.

  - The "rewrite_subject" and "subject_tag" configuration options were

    deprecated and are now removed. Instead, using "rewrite_header Subject

    [your desired setting]".  e.g.

      rewrite_subject 1

      subject_tag ****spam(_SCORE_)****


      rewrite_header Subject ****spam(_SCORE_)****

  - The Bayesian storage modules have been completely re-written and now

    include Berkeley DB (DBM) storage as well as SQL based storage (see

    sql/README.bayes for more information).  In addition, a new format has

    been introduced for the bayes database that stores tokens in fixed

    length hashes.  All DBM databases should be automatically converted to

    this new format the first time they are opened for write.  You can

    manually perform the upgrade by running "sa-learn --sync" from the

    command line.

    The "sa-learn --rebuild" command has been deprecated; please use

    "sa-learn --sync" instead.  The --rebuild option will remain

    temporarily for backwards compatibility.

  - "spamd" now has a default max-children setting of 5; no more than 5

    child scanner processes will be run in parallel.  Previously, there

    was no default limit unless you specified the "-m" switch when

    starting spamd.

  - If you are using a UNIX machine with all database files on local

    disks, and no sharing of those databases across NFS filesystems, you

    can use a more efficient, but non-NFS-safe, locking mechanism.  Do

    this by adding the line "lock_method flock" to the

    /etc/mail/spamassassin/local.cf file. This is strongly recommended if

    you're not using NFS, as it is much faster than the NFS-safe locker.

  - Please note that the use of the following command line parameters for

    spamassassin and spamd have been deprecated and are now removed.  If

    you currently use these flags, please remove them:

      in the 2.6x series: --add-from, --pipe, -F, -P, --stop-at-threshold, -S

      in the 3.0.x series: --auto-whitelist, -a

  - The following flags are deprecated and will be removed in a future

    major release: --whitelist-factory, -M, --warning-from, -w,

    --log-to-mbox, -l.

  - SpamAssassin runs in "taint mode" by default for improved security.

    Certain third-party modules, such as Razor v2, may be incompatible

    with taint mode. For Razor v2, you will need to be using v2.40 of

    razor-agents or higher which allows taint mode by default.  Earlier

    versions which are patched to allow taint mode may be used as well.

  - Finally, 2.6x deprecated the use of the "check_bayes_db" scri_pt, and

    it is now no longer available.  Please see the sa-learn man/pod

    documentation for more info.

New rules:

  - SPF is supported using the Mail::SPF::Query module.

  - There are new rules and code to combat Bayes-poisoning text and random

    hash-busters; Habeas rules now check against the Habeas user list to

    combat forged marks used in spam.

  - URIDNSBL rules: these do DNSBL lookups on URLs using SURBL and SBL,

    allowing spamvertised URLs found in the message body to be scored.

  - Spamhaus XBL and a variety of new DNSBL rules were added.

  - Hashcash is supported.

  - Bob Menschel's "longwords" rules were added.

  - The "backhair" rules were added to combat HTML obfuscation, a

    technique based on Jennifer Wheeler's "backhair" ruleset.

  - Matt Kettler's "antidrug" rules were added.

  - Anti-fraud rules from Matt Yackley were added.

  - Some hostname-based blocklist tests based on the envelope sender

    address were added.

  - And more...

Spamd changes:

  - spamd now uses a "preforking" model instead of "fork per message".

  - There is a new log format, detailing message-id, resent-message-id,

    tests hit, autolearn status, and other data in a format compatible

    with mass-check to provide more information for spamd log-summary


Engine changes:

  - Plugins: third-party modules can now be written and loaded dynamically

    from inside SpamAssassin, to provide support for entirely new tests

    and functionality.

  - SQL support for Bayes and AWL storage was added, thanks to Michael

    Parker.  See sql/README.bayes and sql/README.awl for additional


  - There was a ground-up rewrite of the MIME parser.  It now deals

    correctly with complex MIME structures, including entire

    message/rfc822 message attachments.

  - Rules can now test the "MAIL FROM:" address used in the SMTP

    transaction if it was logged to the message headers using the

    "EnvelopeFrom" pseudo-header.  This allows rules such as SPF to be


  - Added an optional fast Bayes locking mechanism for local usage only

    (it's not NFS safe) using "lock_method flock".

  - Support for parsing mbx mailboxes (as used by UW IMAP) was

    added.  Thanks to John Newman for this patch.

  - There is a refactored configuration parser to split parser code from

    the configuration settings.

  - Bayes databases can now be backed up and restored using --backup and


  - Config files can now include other files using the "include" command.

  - The GA-based evolver was replaced with a fast Perceptron score

    generation tool by Henry Stern; scores can now be generated much more


  - The "spamassassin" scri_pt can now check collections of mail en masse.

    This allows commands such as "spamassassin -d --mbox file1" to run

    over an entire mbox file.  It also works for checks, adding to

    white/black-lists, etc.

  - The Windows support improved.


  - A Dutch translation was added, thanks to Jesse Houwing.

  - A French translation was added, thanks to Michel Bouissou.

  - A German translation was added, thanks to Klaus Heinz.

  - A Polish translation was added, thanks to Jerzy Szczudlowski and radek

    at alter dot pl.


Daniel Quinlan                  ApacheCon! 13-17 November (3 SpamAssassin

http://www.pathname.com/~quinlan/  http://www.apachecon.com/  sessions & more)

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...