!!! year 2010 spamassassin score error

[BruceLee]

Hi everybody and a HAPPY NEW YEAR,

just read about this error in spamassassin. Don't know if it should go into section "security alerts"?!

Mails dated 2010 or later might be scored as spam due to a rule in spamassassin.

https://issues.apache.org/SpamAssassin/ ... gi?id=6269

right now I have commented out the parts in the 72_active.cf file:

Code: Select all

##{ FH_DATE_PAST_20XX
##header   FH_DATE_PAST_20XX	Date =~ /20[1-9][0-9]/ [if-unset: 2006]
##describe FH_DATE_PAST_20XX	The date is grossly in the future.
##} FH_DATE_PAST_20XX

other option would be changing the line from

Code: Select all

header   FH_DATE_PAST_20XX	Date =~ /20[1-9][0-9]/ [if-unset: 2006]

into

Code: Select all

header   FH_DATE_PAST_20XX	Date =~ /20[2-9][0-9]/ [if-unset: 2006]

source: http://svn.apache.org/viewvc/spamassass ... f_format=h

nice "patch" changing the regex. lets get ready in 2020

[faris]

Good catch. Thanks for the heads up.

Happy new year.

[mikeshinn]

Great warrning - we'll put it on the Security Alerts forum now.

As an aside, if you run sa-update regularly you shouldn't have this issue anymore as the spamassassin rules were updated with this fix:

http://www.atomicorp.com/wiki/index.php ... signatures

[faris]

This update didn't make it to sa-update until yesterday/today though. Somewhat late

Faris.

[mikeshinn]

Yeah, kind of annoying too because they fixed in subversion months ago but not in the updates until yesterday?

http://svn.apache.org/viewvc/spamassass ... f_format=h

[Highland]

sa-update is failing for me

Code: Select all

]# sa-update
Use of uninitialized value in concatenation (.) or string at /usr/lib/perl5/5.8.8/i386-linux-thread-multi/Scalar/Util.pm line 30.

I've found various threads talking about it like
http://fixunix.com/spamassassin/354695- ... -util.html
or
http://www.renaissoft.com/pipermail/mai ... 11800.html
but all pose CPAN solutions. I tried installing perl-Scalar-List-Utils with yum but I get

Code: Select all

Transaction Check Error:
  file /usr/share/man/man3/List::Util.3pm.gz from install of perl-Scalar-List-Utils-1.22-1.el5.rf.i386 conflicts with file from package perl-5.8.8-27.el5.i386
  file /usr/share/man/man3/List::Util::XS.3pm.gz from install of perl-Scalar-List-Utils-1.22-1.el5.rf.i386 conflicts with file from package perl-5.8.8-27.el5.i386
  file /usr/share/man/man3/Scalar::Util.3pm.gz from install of perl-Scalar-List-Utils-1.22-1.el5.rf.i386 conflicts with file from package perl-5.8.8-27.el5.i386

Am I missing something? I really need to get this fixed because if you have Thunderbird set to trust SA headers then this bug eats email.

[scott]

Ah thats an RPMForge package, you might want to let them know about that.

[Highland]

I will let them know about the PERL issue but what about spamassassin and sa-update? Any ideas?

Code: Select all

# rpm -q spamassassin
spamassassin-3.2.5-1.el5.art

[mikeshinn]

spamassassin is written in PERL, so you'll need to fix that issue with PERL to get the updater working - either that or use our PERL packages.

[Highland]

While I wasn't fond of doing so I did what the thread I linked suggested and ran

Code: Select all

# perl -MCPAN -e shell
cpan> install Scalar::Util

and that fixed the problem. I can only assume this is a fluke in RHEL.