Spyware Security

This article shows how to integrate amavisd-new into a Postfix mail server for spam- and virus-scanning. amavisd-new is a high-performance interface between MTAs such as Postfix and content checkers: virus scanners, and/or SpamAssassin.

Click to read full article…

April 2nd, 2007 | Tags: SPAM, SpamAssassin, Virus | Category: General | Leave a comment

SpamAssassin 3.1.8 was released. SpamAssassin is the leading spamfilter written in Perl. This is a maintenance and security release of the 3.1.x branch. It is highly recommended that people upgrade to this version. This latest update covers, amongst other things, the following:

• bug 5318: fix for CVE-2007-0451: possible DoS due to incredibly long URIs found in the message content.
• bug 5240: disable perl module usage in update channels unless –allowplugins is specified
• bug 5288: files with names starting/ending in whitespace weren’t usable
• bug 5056: remove Text::Wrap related code due to upstream issues
• bug 5145: update spamassassin and sa-learn to better deal with STDIN
• bug 5140 and 5179: improvements and bug fixes related to DomainKeys and DKIM support
• several updates for Received header parsing
• several documentation updates and random taint-variable related issues

A more detailed change log can be read here.  

February 16th, 2007 | Tags: Security, SPAM, SpamAssassin | Category: General, Software updates | Leave a comment

New version of the antispam server software SpamAssassin is available:

Version 3.1.7:

Version 3.1.7 is a “quick-fix” release; it contains only a fix for one bug, introduced accidentally in 3.1.6:

• bug 5119: if admins had set rule scores in the site configuration in /etc, sa-update would fail. Back out this change

Version 3.1.6:

Version 3.1.6 includes a large number of bug fixes and documentation updates. Here is an abbreviated changelog (since 3.1.5) for major updates (see the Changes file for a complete list):

• bug 4940: fixes to bug in date handling affecting DATE_IN_FUTURE_* and DATE_IN_PAST_* rules when more than one Resent-Date header is present
• bug 5044: include local site config in sa-update lint checks
• bug 5081: fix race condition in spamd preforking code that sometimes left one child process running after SIGHUPing spamd
• bug 5076: unescape hash characters in the config
• bug 5077: fix false SPF_SOFTFAIL’s when SPF queries timeout
• bug 5080: update RCVD_ILLEGAL_IP evaltest to properly deal with 127/8
• bug 5089: enable adding headers with single digit zero value
• bug 5098: add support for ecelerity Received headers
• bug 5101: fix a bug, introduced in 3.1.5, in mbx code
• bug 5105: M::SA::Client doesn’t always catch failed connection to spamd, fixed

Download SpamAssassin here

October 10th, 2006 | Tags: SPAM, SpamAssassin | Category: General | Leave a comment