More spam after spamassain upgrade

Matt Kettler mkettler at EVI-INC.COM
Fri Jul 25 00:16:14 IST 2003


At 11:38 AM 7/24/2003 -0400, Sanjay K. Patel wrote:
>Here are the headers. I am using version 2.52

OUCH..Do not under any condition use Spamassassin versions 2.50-2.53 for
production purposes if you are concerned about false negatives. The
scoresets in these versions are VERY easily abused by spammers for self
whitelisting.

This is an EXTREMELY well known and easily exploited problem, and is the
whole reason 2.54 got a new scoreset. It is the infamous bug 1589 that
causes it. The effects of this bug were reported on the SA-talk list at
least 3 times a day during the period while it was being fixed.

http://bugzilla.spamassassin.org/show_bug.cgi?id=1589


Now, the example message you posted isn't suffering from this problem, but
you really are begging for false negatives by running 2.52.

It's also pretty well known that the ruleset in the 2.5x family is
considerably weaker than the later part of the 2.4x family. But the ruleset
weaknesses are largely made up for by the power of bayes, and are mostly a
result of the developers focusing on getting bayes added instead of new
rules while writing 2.50. If you're going to use 2.5x, train your bayes DB,
it helps a lot.



More information about the MailScanner mailing list