From 3fa6d294b92fc02ec53cffe0d5f1e1f450ae4955 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 6 Aug 2019 14:55:09 -0400 Subject: [PATCH] import spamassassin-3.4.2-6.el8 --- .gitignore | 2 + .spamassassin.metadata | 2 + .../0001-Drop-the-ResourceLimits-plugin.patch | 44 + SOURCES/README.RHEL.Fedora | 46 + SOURCES/redhat_local.cf | 10 + SOURCES/sa-update.cronscript | 102 ++ SOURCES/sa-update.crontab | 12 + SOURCES/sa-update.force-sysconfig | 23 + SOURCES/sa-update.logrotate | 5 + SOURCES/sa-update.service | 28 + SOURCES/sa-update.timer | 16 + SOURCES/sought.conf | 47 + SOURCES/spamassassin-3.3.2-gnupg2.patch | 12 + ...in-3.4.1-add-logfile-homedir-options.patch | 43 + SOURCES/spamassassin-3.4.2-drop-geoip.patch | 1059 +++++++++++++++ ...assassin-3.4.2-fix-file-handle-leaks.patch | 18 + ...pamassassin-3.4.2-fix-use-after-free.patch | 10 + SOURCES/spamassassin-default.rc | 3 + SOURCES/spamassassin-helper.sh | 2 + SOURCES/spamassassin-official.conf | 86 ++ SOURCES/spamassassin-spamc.rc | 3 + SOURCES/spamassassin.service | 14 + SOURCES/spamassassin.sysconfig | 2 + SOURCES/spamassassin.sysconfig.el | 2 + SPECS/spamassassin.spec | 1149 +++++++++++++++++ 25 files changed, 2740 insertions(+) create mode 100644 .gitignore create mode 100644 .spamassassin.metadata create mode 100644 SOURCES/0001-Drop-the-ResourceLimits-plugin.patch create mode 100644 SOURCES/README.RHEL.Fedora create mode 100644 SOURCES/redhat_local.cf create mode 100644 SOURCES/sa-update.cronscript create mode 100644 SOURCES/sa-update.crontab create mode 100644 SOURCES/sa-update.force-sysconfig create mode 100644 SOURCES/sa-update.logrotate create mode 100644 SOURCES/sa-update.service create mode 100644 SOURCES/sa-update.timer create mode 100644 SOURCES/sought.conf create mode 100644 SOURCES/spamassassin-3.3.2-gnupg2.patch create mode 100644 SOURCES/spamassassin-3.4.1-add-logfile-homedir-options.patch create mode 100644 SOURCES/spamassassin-3.4.2-drop-geoip.patch create mode 100644 SOURCES/spamassassin-3.4.2-fix-file-handle-leaks.patch create mode 100644 SOURCES/spamassassin-3.4.2-fix-use-after-free.patch create mode 100644 SOURCES/spamassassin-default.rc create mode 100755 SOURCES/spamassassin-helper.sh create mode 100644 SOURCES/spamassassin-official.conf create mode 100644 SOURCES/spamassassin-spamc.rc create mode 100644 SOURCES/spamassassin.service create mode 100644 SOURCES/spamassassin.sysconfig create mode 100644 SOURCES/spamassassin.sysconfig.el create mode 100644 SPECS/spamassassin.spec diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..26e4048 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +SOURCES/Mail-SpamAssassin-3.4.2.tar.bz2 +SOURCES/Mail-SpamAssassin-rules-3.4.2.r1840640.tgz diff --git a/.spamassassin.metadata b/.spamassassin.metadata new file mode 100644 index 0000000..a90446a --- /dev/null +++ b/.spamassassin.metadata @@ -0,0 +1,2 @@ +9d3128dfe943be5e429edbd77883179138f40536 SOURCES/Mail-SpamAssassin-3.4.2.tar.bz2 +c93006e1572297f816a0e186a98cbbae246a4945 SOURCES/Mail-SpamAssassin-rules-3.4.2.r1840640.tgz diff --git a/SOURCES/0001-Drop-the-ResourceLimits-plugin.patch b/SOURCES/0001-Drop-the-ResourceLimits-plugin.patch new file mode 100644 index 0000000..1736adf --- /dev/null +++ b/SOURCES/0001-Drop-the-ResourceLimits-plugin.patch @@ -0,0 +1,44 @@ +diff --git a/MANIFEST b/MANIFEST +index 95e2af5..d1aa471 100644 +--- a/MANIFEST ++++ b/MANIFEST +@@ -100,7 +100,6 @@ lib/Mail/SpamAssassin/Plugin/Pyzor.pm + lib/Mail/SpamAssassin/Plugin/Razor2.pm + lib/Mail/SpamAssassin/Plugin/RelayCountry.pm + lib/Mail/SpamAssassin/Plugin/RelayEval.pm +-lib/Mail/SpamAssassin/Plugin/ResourceLimits.pm + lib/Mail/SpamAssassin/Plugin/ReplaceTags.pm + lib/Mail/SpamAssassin/Plugin/Reuse.pm + lib/Mail/SpamAssassin/Plugin/Rule2XSBody.pm +diff --git a/lib/Mail/SpamAssassin/Util/DependencyInfo.pm b/lib/Mail/SpamAssassin/Util/DependencyInfo.pm +index 7467744..3d92c7d 100644 +--- a/lib/Mail/SpamAssassin/Util/DependencyInfo.pm ++++ b/lib/Mail/SpamAssassin/Util/DependencyInfo.pm +@@ -257,12 +257,6 @@ our @OPTIONAL_MODULES = ( + check for both Net::DNS and Net::DNS::Nameserver. However, + Net::DNS::Nameserver is only used in make test as of June 2014.', + }, +-{ +- module => 'BSD::Resource', +- version => 0, +- desc => 'BSD::Resource provides BSD process resource limit and priority +- functions. It is used by the optional ResourceLimits Plugin.', +-}, + ); + + our @BINARIES = (); +diff --git a/rules/v342.pre b/rules/v342.pre +index 4ab7736..9b425fd 100644 +--- a/rules/v342.pre ++++ b/rules/v342.pre +@@ -19,10 +19,6 @@ + # HashBL - Use EBL email blocklist + # loadplugin Mail::SpamAssassin::Plugin::HashBL + +-# ResourceLimits - assure your spamd child processes +-# do not exceed specified CPU or memory limit +-# loadplugin Mail::SpamAssassin::Plugin::ResourceLimits +- + + # FromNameSpoof - help stop spam that tries to spoof other domains using + # the from name diff --git a/SOURCES/README.RHEL.Fedora b/SOURCES/README.RHEL.Fedora new file mode 100644 index 0000000..a504866 --- /dev/null +++ b/SOURCES/README.RHEL.Fedora @@ -0,0 +1,46 @@ +Notes for Spamassassin for RHEL or Fedora +========================================= +spamassassin-3.3.x RPM package for RHEL 5+ or Fedora 11+ contains some new +functionality beyond the upstream spamassassin documentation. + +Upstream spamassassin-3.3.0 is no longer distributed with rules. Our package +contains rules in order to be less of a surprise to system administrators. +However just as you wouldn't rely on antivirus software without signature +updates, spamassassin cannot be relied upon without regular rule updates. + +1) For these reasons, our RPM package now runs nightly sa-update by default. + +/etc/cron.d/sa-update +The default cron runs sa-update once every night. You may edit this cron +file to change the schedule of sa-update or to disable it entirely. If you +had modified this file in the past you may need to restore the new file +from /etc/cron.d/sa-update.rpmnew + +2) /usr/share/spamassassin/sa-update.cron +This script is executed by cron. It runs sa-update only if a known spam +daemon is running: spamd, amavisd, or mimedefang. If you do not run any +of these spam daemons but wish to have nightly sa-update, you may +override the daemon check in /etc/sysconfig/sa-update + +3) /etc/mail/spamassassin/channel.d +All sa-update channels are defined in files contained in this directory. +See the existing config files as examples for writing your own config file. + +4) SOUGHT Anti-Fraud Rule Channel is Enabled by Default +http://wiki.apache.org/spamassassin/SoughtRules + +General Warnings +================ +* DO NOT USE SARE or OpenProtect rules. They are old and outdated, and + can be dangerous. Many of the useful rules have been integrated into + upstream spamassassin. + +Note about -d option +==================== + +With spamassassin 3.4.0, this package has switched the way spamd is started. +You should no longer use the '-d' option in /etc/sysconfig/spamassassin. Doing +so will result in spamd starting and stopping in a loop. The default +/etc/sysconfig/spamassassin file has been adjusted for this, please merge +this change into that file if you have made any changes to it. + diff --git a/SOURCES/redhat_local.cf b/SOURCES/redhat_local.cf new file mode 100644 index 0000000..4f82886 --- /dev/null +++ b/SOURCES/redhat_local.cf @@ -0,0 +1,10 @@ +# These values can be overridden by editing ~/.spamassassin/user_prefs.cf +# (see spamassassin(1) for details) + +# These should be safe assumptions and allow for simple visual sifting +# without risking lost emails. + +required_hits 5 +report_safe 0 +rewrite_header Subject [SPAM] + diff --git a/SOURCES/sa-update.cronscript b/SOURCES/sa-update.cronscript new file mode 100644 index 0000000..24386a4 --- /dev/null +++ b/SOURCES/sa-update.cronscript @@ -0,0 +1,102 @@ +#!/bin/bash +# *** DO NOT MODIFY THIS FILE *** +# +# /etc/mail/spamassassin/channel.d/*.conf +# Place files here to add custom channels. +# + +# Proceed with sa-update if spam daemon is running or forced in /etc/sysconfig/sa-update +unset SAUPDATE OPTIONS DEBUG NOTIFY_UPD +[ -f /etc/sysconfig/sa-update ] && . /etc/sysconfig/sa-update +[ "$SAUPDATE" = "no" ] && exit 0 +for daemon in mimedefang spamd amavisd spampd; do + /usr/bin/pgrep -f $daemon >& /dev/null + [ $? -eq 0 ] && SAUPDATE=yes +done + +# Skip sa-update if daemon not detected +[ -z "$SAUPDATE" ] && exit 0 + +# sa-update must create keyring +if [ ! -d /etc/mail/spamassassin/sa-update-keys ]; then + sa-update +fi + +# Initialize Channels and Keys +CHANNELLIST="" +KEYLIST="" +# Process each channel defined in /etc/mail/spamassassin/channel.d/ +for file in /etc/mail/spamassassin/channel.d/*.conf; do + [ ! -f "$file" ] && continue + # Validate config file + PREFIXES="CHANNELURL KEYID BEGIN" + for prefix in $PREFIXES; do + if ! grep -q "$prefix" $file; then + echo "ERROR: $file missing $prefix" + exit 255 + fi + done + . "$file" + #echo "CHANNELURL=$CHANNELURL" + #echo "KEYID=$KEYID" + CHANNELLIST="$CHANNELLIST $CHANNELURL" + KEYLIST="$KEYLIST $KEYID" + sa-update --import "$file" +done + +# Sleep random amount of time before proceeding to avoid overwhelming the servers +sleep $(expr $RANDOM % 7200) + +unset arglist +# Run sa-update on each channel, restart spam daemon if success +for channel in $CHANNELLIST; do + arglist="$arglist --channel $channel" +done +for keyid in $KEYLIST; do + arglist="$arglist --gpgkey $keyid" +done +/usr/bin/sa-update $OPTIONS $arglist +status=$? +now=`date +"%d-%b-%Y %T"` +# cron runs this script tee /var/log/sa-update.log +# We want to always write to the log, but only send mail +# as configured. +if [ $status -eq 0 ]; then + if [ -n "$DEBUG" -o -n "$NOTIFY_UPD" ]; then + echo "$now: SpamAssassin: Update processed successfully" + else + echo "$now: SpamAssassin: Update processed successfully" >>/var/log/sa-update.log + fi + if [ -f /usr/bin/systemctl ]; then + systemctl condrestart spamassassin.service >& /dev/null + [ -f /usr/lib/systemd/system/amavisd.service ] && systemctl condrestart amavisd.service >& /dev/null + systemctl --quiet is-active mimedefang.service; [ $? -eq 0 ] && systemctl reload mimedefang.service >& /dev/null + [ -f /usr/lib/systemd/system/spampd.service ] && systemctl condrestart spampd.service >& /dev/null + else + service spamassassin condrestart >& /dev/null + [ -f /etc/rc.d/init.d/amavisd ] && service amavisd-new condrestart >& /dev/null + [ -f /etc/rc.d/init.d/mimedefang ] && service mimedefang condrestart >& /dev/null + [ -f /etc/rc.d/init.d/spampd ] && service spampd condrestart >& /dev/null + fi + + exit $status +fi +if [ $status -eq 1 ]; then + if [ -n "$DEBUG" ]; then + echo "$now: SpamAssassin: No update available" + else + echo "$now: SpamAssassin: No update available" >>/var/log/sa-update.log + fi + exit $status +fi +if [ $status -eq 2 ]; then + echo "$now: SpamAssassin: Problem applying update - pre files failed lint check" + exit $status +fi +if [ $status -eq 4 ]; then + echo "$now: SpamAssassin: Update available, but download or extract failed" + exit $status +fi + +echo "$now: SpamAssassin: Unknown error code $status from sa-update" +exit $status diff --git a/SOURCES/sa-update.crontab b/SOURCES/sa-update.crontab new file mode 100644 index 0000000..ca08444 --- /dev/null +++ b/SOURCES/sa-update.crontab @@ -0,0 +1,12 @@ +# *** DO NOT MODIFY THIS FILE *** +### Spamassassin Rules Updates ### +# +# http://wiki.apache.org/spamassassin/RuleUpdates +# +# sa-update automatically updates your rules once per day if a spam daemon like +# spamd or amavisd are running. You can force sa-update to run in +# /etc/sysconfig/sa-update +# +# /var/log/sa-update.log contains a history log of sa-update runs + +10 4 * * * root /usr/share/spamassassin/sa-update.cron 2>&1 | tee -a /var/log/sa-update.log diff --git a/SOURCES/sa-update.force-sysconfig b/SOURCES/sa-update.force-sysconfig new file mode 100644 index 0000000..0730be7 --- /dev/null +++ b/SOURCES/sa-update.force-sysconfig @@ -0,0 +1,23 @@ +# sa-update configuration +# +# Note that the opposite of "yes" is the empty string, NOT "no" + +# Don't run sa-update even if it's in /etc/cron.d/ - as installed +#SAUPDATE=no + +# Run sa-update even if no daemon is detected +#SAUPDATE=yes + +# Default: Run only if a daemon is detected + +# Options for the actual sa-update command +# These are added to the channel configuration from +# /etc/mail/spamassassin/channel.d/*.conf +# OPTIONS=-v + +# Debug script - send mail even if no update available +# DEBUG=yes + +# Send mail when updates successfully processed +# Default: send mail only on error +#NOTIFY_UPD=yes diff --git a/SOURCES/sa-update.logrotate b/SOURCES/sa-update.logrotate new file mode 100644 index 0000000..b74133c --- /dev/null +++ b/SOURCES/sa-update.logrotate @@ -0,0 +1,5 @@ +/var/log/sa-update.log { + monthly + notifempty + missingok +} diff --git a/SOURCES/sa-update.service b/SOURCES/sa-update.service new file mode 100644 index 0000000..b8098e6 --- /dev/null +++ b/SOURCES/sa-update.service @@ -0,0 +1,28 @@ +### Spamassassin Rules Updates ### +# +# http://wiki.apache.org/spamassassin/RuleUpdates +# +# sa-update automatically updates your rules once per day if a spam daemon like +# spamd or amavisd are running. + +[Unit] +Description=Spamassassin Rules Update +Documentation=man:sa-update(1) + +[Service] +# Note that the opposite of "yes" is the empty string, NOT "no" +# Options for the actual sa-update command +# These are added to the channel configuration from +# /etc/mail/spamassassin/channel.d/*.conf +Environment=OPTIONS=-v + +# Debug script - send mail even if no update available +#Environment=DEBUG=yes + +# Send mail when updates successfully processed +# Default: send mail only on error +#Environment=NOTIFY_UPD=yes + +ExecStart=/usr/share/spamassassin/sa-update.cron + +SuccessExitStatus=1 diff --git a/SOURCES/sa-update.timer b/SOURCES/sa-update.timer new file mode 100644 index 0000000..6e5cba0 --- /dev/null +++ b/SOURCES/sa-update.timer @@ -0,0 +1,16 @@ +### Spamassassin Rules Updates ### +# +# http://wiki.apache.org/spamassassin/RuleUpdates +# +# sa-update automatically updates your rules once per day if a spam daemon like +# spamd or amavisd are running. + +[Unit] +Description=Spamassassin Rules Update timer +Documentation=man:sa-update(1) + +[Timer] +OnCalendar=daily + +[Install] +WantedBy=spamassassin.service diff --git a/SOURCES/sought.conf b/SOURCES/sought.conf new file mode 100644 index 0000000..f24d6c9 --- /dev/null +++ b/SOURCES/sought.conf @@ -0,0 +1,47 @@ +# http://wiki.apache.org/spamassassin/SoughtRules +CHANNELURL=sought.rules.yerp.org +KEYID=6C6191E3 +# Ignore everything below. +return 0 + +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.1 (GNU/Linux) + +mQGiBEa/l+YRBACC+uJfIThEoEWrNxdDD/1tAwb5L8v7H3gGt+LtuOwwn5ZU7XsT +s1DOok1oZVRnTQJYdlth7QlU9wqijwLEVzW1LDWnxXXKwPmlTlkcdGoBcb+cBbYI +miJ/TlAetvbprcZdROS4Ey31GjPRmWPPnVE2Xcwy+e4+RmnhqfZBmOaE7wCgo1GG +pkik2OPD1le4LGGOGHL5HiED/0TyvTiSS3NnUtoDFQAPrnezOCjxv8zMjYEnJs/I +h7uyIgHRsbB75cD2O1LWyO8Vz8r/snVuG35zcZagPf/7Tc9AJoaxVmCIk9DEmWZp +iuvqpMhwHAbNvY3jY2oKsDl1rNx0IIctoJwjXia99kvNTHK/Yz/HqhIyLModhiMB +aYYZA/wIdPOHGHaP5vjlbWBwGlRR9m0Rf4ob5sul8MjCyehOYcRVLwfOEfzX308v +0enOGnbbBKXU2QvA0Z068aBmJkJaaPhlIjZApQJDsb7pt6k8jMPj/Xpr779wAFQ8 +IZC7Tw21OtqkjrUb3dZlEljrTwWNc6FVxuIidBBg7HCdP24WKLRESnVzdGluIE1h +c29uIFNpZ25pbmcgS2V5IChDb2RlIFNpZ25pbmcgT25seSkgPHNpZ25pbmdrZXlA +am1hc29uLm9yZz6IZAQTEQIAJAUCRr+X5gIbAwUJEswDAAYLCQgHAwIDFQIDAxYC +AQIeAQIXgAAKCRDchTQfbGGR4/GJAKCC6X6AF8nM+H00b/XeZl9vYihXBgCcDYuU +AtXjWWxndkneakmbnD0O4Z25BA0ERr+YdxAQAIYYUQHMzVsRAzpIRLfni0aeczrr +armwXMJ8y5p74lVLbJyQOjkQyIJWP80twrN8SjNyUFBr/52SlOPOuAbGZY1ZKpux +vkbsug2wWvkoj8xGjnexrSDahRgpNhf/otLRNTyUFZTM6mjZt0ItnYDl6xszY4kd +O5rVzjQuivNB4BsHcd8qQ7zVo9+VZ5R77iM4dtk6t5ycpXlAom5pD8qLb7ZzTVe0 +SuhzOeynF51rwjS+wa3hzZisvJqZA5uJcAyYslgP1UTW+2e5wutSktSZmL/XnlEF +p86GPjAgDPL2Q0TgzVL6sPt0blNCyzOJrcBqBHrgZfraYgqtmGepLpk72q4VD23c +aV2wTqjnfJAsNR3y8jgVNwF8LpXtlbxrBByFRwEqsc/gzdMEnJ728XBDqT2IhZLY +maL/WxiDKNWD/Mae69HTyInIYgrfT7nJKDeKQA81+e5+UmqBVoi5/AICMlDm1DgR +gG6bbOXGhLVPh+gHjGG4Jdd/ZLedncUsjW9KyK261sqM3tSDSfgnF99w2/32ToFu +ChN8JOfQ6VZ7QbL1BWRtQWZ3tyauUUXmsrYDv1w1nx51MqxQdlitnmTRWaRW0GmD +b5XapJfSK+FiGXaynl3HHxHHpcUauX9zBa/LRp8oXiGPLfJEWmjWcGCyGZawASj3 +pTTJUnbkYs0fUyUXAAQND/42mh8f3mTA+24I3lY4K8mxH9GSFgOkLoYwok8xL5Md +OUJAyvs34ixqvM2u560YJkegEO/xzg2abddfoqL8eNnjfvG3bI7KOCT+m+mM/5Cg +ul8XFSnHIEivuOXNtc/x/dwYSidKM8atkdpKtv++psd6hVbJQMfLlzf0S2QyiaGk +yXur/pM3A97lvkjAgvIKQt8NbJ/sITFlrN2TFxcbE8OED7LC4nBo54TJ1AxVsHlT +LB5XPKU8pBv0fABZrNKxf6a2iXx9jT9sSYdnb0y+hBjnoWZUNbhxo6jpAqt1quUy +buGWugvG8J75JvT6X+lwEEkg1lplmm+HuaFtegOqTUTKmffKduY+E00le+3Kh8gW +bLR8P1qp/xnxQxZJYcQ+mT4QsYpj6Pkcj0ON3NQO5wP6dr2UGhGcSzS2Cxv8TERN +7HSdFbFXQWPCekx+i7OjeRSY/XTUf2zYquPNP2oU0MjgnXhnkHq+6EaQPpM59fMd +MyLeOiUMOxpPOkeaAC8Ku0Oj2aZU/eyizuBDnhq1PAxBprSW5SSkxP4kz9BnA42x +tkMKMzzPohdfMIRI6zSu0chr76w2UeoViSsMtmWnR6qAXbQvzR+HHxhhB/Rzp6Gc +u9gybrv58IBkybn5ztST6NqgIgcQ/E7XIsB0Eooohfw+QiPlCdoghSxspbzwqcEZ +B4hPBBgRAgAPBQJGv5h3AhsMBQkSzAMAAAoJENyFNB9sYZHjUh0AnA3u5TNYHGLQ +DXLPP0qWHkTeOz8dAJ4wkrLBTaXz3CPCjoTdoBiQsNt3fw== +=nK43 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/SOURCES/spamassassin-3.3.2-gnupg2.patch b/SOURCES/spamassassin-3.3.2-gnupg2.patch new file mode 100644 index 0000000..da9acab --- /dev/null +++ b/SOURCES/spamassassin-3.3.2-gnupg2.patch @@ -0,0 +1,12 @@ +diff -Nur Mail-SpamAssassin-3.3.2.orig/sa-update.raw Mail-SpamAssassin-3.3.2/sa-update.raw +--- Mail-SpamAssassin-3.3.2.orig/sa-update.raw 2011-06-06 17:59:19.000000000 -0600 ++++ Mail-SpamAssassin-3.3.2/sa-update.raw 2014-01-28 13:29:33.933526585 -0700 +@@ -281,7 +281,7 @@ + if ($GPG_ENABLED || $opt{'import'}) { + # find GPG in the PATH + # bug 4958: for *NIX it's "gpg", in Windows it's "gpg.exe" +- $GPGPath = 'gpg' . $Config{_exe}; ++ $GPGPath = 'gpg2' . $Config{_exe}; + dbg("gpg: Searching for '$GPGPath'"); + + if ($GPGPath = Mail::SpamAssassin::Util::find_executable_in_env_path($GPGPath)) { diff --git a/SOURCES/spamassassin-3.4.1-add-logfile-homedir-options.patch b/SOURCES/spamassassin-3.4.1-add-logfile-homedir-options.patch new file mode 100644 index 0000000..1aedc44 --- /dev/null +++ b/SOURCES/spamassassin-3.4.1-add-logfile-homedir-options.patch @@ -0,0 +1,43 @@ +commit bb177c93c8852417fc5a522cbcc45abbab4b3c3d +Author: Tomas Korbar +Date: Thu Jun 7 20:57:07 2018 +0200 + + Add razor log path and home directory option + +diff --git a/lib/Mail/SpamAssassin/Plugin/Razor2.pm b/lib/Mail/SpamAssassin/Plugin/Razor2.pm +index e24252c..935b3ac 100644 +--- a/lib/Mail/SpamAssassin/Plugin/Razor2.pm ++++ b/lib/Mail/SpamAssassin/Plugin/Razor2.pm +@@ -165,7 +165,9 @@ sub razor2_access { + $rc->{opt} = { + debug => (would_log('dbg', $debug) > 1), + foreground => 1, +- config => $self->{main}->{conf}->{razor_config} ++ config => $self->{main}->{conf}->{razor_config}, ++ logfile => $self->{main}->{razor_log_file}, ++ razorhome => $self->{main}->{razor_home_dir} + }; + # no facility prefix on this die + $rc->do_conf() or die "$debug: " . $rc->errstr; +diff --git a/spamd/spamd.raw b/spamd/spamd.raw +index 821f658..2afd6bb 100755 +--- a/spamd/spamd.raw ++++ b/spamd/spamd.raw +@@ -361,6 +361,8 @@ prepare_for_sighup_restart(); + # Parse the command line + Getopt::Long::Configure("bundling"); + GetOptions( ++ 'razor-home-dir=s' => \$opt{'razor_home_dir'}, ++ 'razor-log-file=s' => \$opt{'razor_log_file'}, + 'allow-tell' => \$opt{'tell'}, + 'allowed-ips|A=s' => \@{ $opt{'allowed-ip'} }, + 'auth-ident' => \$opt{'auth-ident'}, +@@ -1149,6 +1151,8 @@ if ( defined $opt{'pidfile'} ) { + + my $spamtest = Mail::SpamAssassin->new( + { ++ razor_home_dir => $opt{'razor_home_dir'}, ++ razor_log_file => $opt{'razor_log_file'}, + dont_copy_prefs => $dontcopy, + rules_filename => ( $opt{'configpath'} || 0 ), + site_rules_filename => ( $opt{'siteconfigpath'} || 0 ), diff --git a/SOURCES/spamassassin-3.4.2-drop-geoip.patch b/SOURCES/spamassassin-3.4.2-drop-geoip.patch new file mode 100644 index 0000000..5fb0ad0 --- /dev/null +++ b/SOURCES/spamassassin-3.4.2-drop-geoip.patch @@ -0,0 +1,1059 @@ +From cab335f2c6b096f847402c35ee896a3f3d82958c Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= +Date: Mon, 23 Jul 2018 13:28:39 +0200 +Subject: [PATCH] Dropped GeoIP and optional plugins requiring it +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Namely URILocalBL and RelayCountry. + +Signed-off-by: Jaroslav Škarvada + +diff --git a/MANIFEST b/MANIFEST +index 2b1b291..a6bbcdb 100644 +--- a/MANIFEST ++++ b/MANIFEST +@@ -117,7 +117,6 @@ lib/Mail/SpamAssassin/Plugin/VBounce.pm + lib/Mail/SpamAssassin/Plugin/WLBLEval.pm + lib/Mail/SpamAssassin/Plugin/WhiteListSubject.pm + lib/Mail/SpamAssassin/PluginHandler.pm +-lib/Mail/SpamAssassin/Plugin/URILocalBL.pm + lib/Mail/SpamAssassin/RegistryBoundaries.pm + lib/Mail/SpamAssassin/Reporter.pm + lib/Mail/SpamAssassin/SQLBasedAddrList.pm +diff --git a/lib/Mail/SpamAssassin/Plugin/RelayCountry.pm b/lib/Mail/SpamAssassin/Plugin/RelayCountry.pm +deleted file mode 100644 +index 2e172f3..0000000 +--- a/lib/Mail/SpamAssassin/Plugin/RelayCountry.pm ++++ /dev/null +@@ -1,280 +0,0 @@ +-# <@LICENSE> +-# Licensed to the Apache Software Foundation (ASF) under one or more +-# contributor license agreements. See the NOTICE file distributed with +-# this work for additional information regarding copyright ownership. +-# The ASF licenses this file to you under the Apache License, Version 2.0 +-# (the "License"); you may not use this file except in compliance with +-# the License. You may obtain a copy of the License at: +-# +-# http://www.apache.org/licenses/LICENSE-2.0 +-# +-# Unless required by applicable law or agreed to in writing, software +-# distributed under the License is distributed on an "AS IS" BASIS, +-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-# See the License for the specific language governing permissions and +-# limitations under the License. +-# +- +-=head1 NAME +- +-RelayCountry - add message metadata indicating the country code of each relay +- +-=head1 SYNOPSIS +- +- loadplugin Mail::SpamAssassin::Plugin::RelayCountry +- +-=head1 DESCRIPTION +- +-The RelayCountry plugin attempts to determine the domain country codes +-of each relay used in the delivery path of messages and add that information +-to the message metadata as "X-Relay-Countries", or the C<_RELAYCOUNTRY_> +-header markup. +- +-=head1 REQUIREMENT +- +-This plugin requires the GeoIP2, Geo::IP, IP::Country::DB_File or +-IP::Country::Fast module from CPAN. +-For backward compatibility IP::Country::Fast is used as fallback if no db_type +-is specified in the config file. +- +-=cut +- +-package Mail::SpamAssassin::Plugin::RelayCountry; +- +-use Mail::SpamAssassin::Plugin; +-use Mail::SpamAssassin::Logger; +-use Mail::SpamAssassin::Constants qw(:ip); +-use strict; +-use warnings; +-# use bytes; +-use re 'taint'; +- +-our @ISA = qw(Mail::SpamAssassin::Plugin); +- +-my $db; +-my $dbv6; +-my $db_info; # will hold database info +-my $db_type; # will hold database type +- +-# constructor: register the eval rule +-sub new { +- my $class = shift; +- my $mailsaobject = shift; +- +- # some boilerplate... +- $class = ref($class) || $class; +- my $self = $class->SUPER::new($mailsaobject); +- bless ($self, $class); +- +- $self->set_config($mailsaobject->{conf}); +- return $self; +-} +- +-sub set_config { +- my ($self, $conf) = @_; +- my @cmds; +- +-=head1 USER PREFERENCES +- +-The following options can be used in both site-wide (C) and +-user-specific (C) configuration files to customize how +-SpamAssassin handles incoming email messages. +- +-=over 4 +- +-=item country_db_type STRING +- +-This option tells SpamAssassin which type of Geo database to use. +-Valid database types are GeoIP, GeoIP2, DB_File and Fast. +- +-=back +- +-=cut +- +- push (@cmds, { +- setting => 'country_db_type', +- default => "GeoIP", +- type => $Mail::SpamAssassin::Conf::CONF_TYPE_STRING, +- code => sub { +- my ($self, $key, $value, $line) = @_; +- if ( $value !~ /GeoIP|GeoIP2|DB_File|Fast/) { +- return $Mail::SpamAssassin::Conf::INVALID_VALUE; +- } +- +- $self->{country_db_type} = $value; +- } +- }); +- +-=over 4 +- +-=item country_db_path STRING +- +-This option tells SpamAssassin where to find MaxMind GeoIP2 or IP::Country::DB_File database. +- +-=back +- +-=cut +- +- push (@cmds, { +- setting => 'country_db_path', +- default => "", +- type => $Mail::SpamAssassin::Conf::CONF_TYPE_STRING, +- code => sub { +- my ($self, $key, $value, $line) = @_; +- if (!defined $value || !length $value) { +- return $Mail::SpamAssassin::Conf::MISSING_REQUIRED_VALUE; +- } +- if (!-f $value) { +- info("config: country_db_path \"$value\" is not accessible"); +- $self->{country_db_path} = $value; +- return $Mail::SpamAssassin::Conf::INVALID_VALUE; +- } +- +- $self->{country_db_path} = $value; +- } +- }); +- +- $conf->{parser}->register_commands(\@cmds); +-} +- +-sub extract_metadata { +- my ($self, $opts) = @_; +- my $geo; +- my $cc; +- +- my $conf_country_db_type = $self->{'main'}{'resolver'}{'conf'}->{country_db_type}; +- my $conf_country_db_path = $self->{'main'}{'resolver'}{'conf'}->{country_db_path}; +- +- if ( $conf_country_db_type eq "GeoIP") { +- eval { +- require Geo::IP; +- $db = Geo::IP->open_type(Geo::IP->GEOIP_COUNTRY_EDITION, Geo::IP->GEOIP_STANDARD); +- die "GeoIP.dat not found" unless $db; +- # IPv6 requires version Geo::IP 1.39+ with GeoIP C API 1.4.7+ +- if (Geo::IP->VERSION >= 1.39 && Geo::IP->api eq 'CAPI') { +- $dbv6 = Geo::IP->open_type(Geo::IP->GEOIP_COUNTRY_EDITION_V6, Geo::IP->GEOIP_STANDARD); +- if (!$dbv6) { +- dbg("metadata: RelayCountry: IPv6 support not enabled, GeoIPv6.dat not found"); +- } +- $db_info = sub { return "Geo::IP " . ($db->database_info || '?') }; +- } else { +- dbg("metadata: RelayCountry: IPv6 support not enabled, versions Geo::IP 1.39, GeoIP C API 1.4.7 required"); +- } +- } or do { +- # Fallback to IP::Country::Fast +- dbg("metadata: RelayCountry: GeoIP.dat not found, IP::Country::Fast enabled as fallback"); +- $conf_country_db_type = "Fast"; +- } +- } elsif ( $conf_country_db_type eq "GeoIP2" ) { +- if ( -f $conf_country_db_path ) { +- eval { +- require GeoIP2::Database::Reader; +- $db = GeoIP2::Database::Reader->new( +- file => $conf_country_db_path, +- locales => [ 'en' ] +- ); +- die "${conf_country_db_path} not found" unless $db; +- $db_info = sub { return "GeoIP2 " . ($db->metadata()->description()->{en} || '?') }; +- 1; +- } or do { +- # Fallback to IP::Country::Fast +- dbg("metadata: RelayCountry: ${conf_country_db_path} not found, IP::Country::Fast enabled as fallback"); +- $conf_country_db_type = "Fast"; +- } +- } else { +- # Fallback to IP::Country::Fast +- dbg("metadata: RelayCountry: ${conf_country_db_path} not found, IP::Country::Fast enabled as fallback"); +- $conf_country_db_type = "Fast"; +- } +- } elsif ( $conf_country_db_type eq "DB_File") { +- if ( -f $conf_country_db_path ) { +- require IP::Country::DB_File; +- $db = IP::Country::DB_File->new($conf_country_db_path); +- die "Country db not found, please see build_ipcc.pl(1)" unless $db; +- $db_info = sub { return "IP::Country::DB_File ".localtime($db->db_time()); }; +- 1; +- } else { +- # Fallback to IP::Country::Fast +- dbg("metadata: RelayCountry: ${conf_country_db_path} not found, IP::Country::Fast enabled as fallback"); +- $conf_country_db_type = "Fast"; +- } +- } +- if( $conf_country_db_type eq "Fast") { +- my $eval_stat = $@ ne '' ? $@ : "errno=$!"; chomp $eval_stat; +- # Try IP::Country::Fast as backup +- eval { +- require IP::Country::Fast; +- $db = IP::Country::Fast->new(); +- $db_info = sub { return "IP::Country::Fast ".localtime($db->db_time()); }; +- 1; +- } or do { +- my $eval_stat = $@ ne '' ? $@ : "errno=$!"; chomp $eval_stat; +- dbg("metadata: RelayCountry: failed to load 'IP::Country::Fast', skipping: $eval_stat"); +- return 1; +- }; +- }; +- +- return 1 unless $db; +- +- dbg("metadata: RelayCountry: Using database: ".$db_info->()); +- my $msg = $opts->{msg}; +- +- my $countries = ''; +- my $IP_PRIVATE = IP_PRIVATE; +- my $IPV4_ADDRESS = IPV4_ADDRESS; +- foreach my $relay (@{$msg->{metadata}->{relays_untrusted}}) { +- my $ip = $relay->{ip}; +- # Private IPs will always be returned as '**' +- if ( $conf_country_db_type eq "GeoIP" ) { +- if ( $ip !~ /^$IPV4_ADDRESS$/o ) { +- if ( defined $dbv6 ) { +- $geo = $dbv6->country_code_by_addr_v6($ip) || "XX"; +- } else { +- $geo = "XX"; +- } +- } else { +- $geo = $db->country_code_by_addr($ip) || "XX"; +- } +- } elsif ($conf_country_db_type eq "GeoIP2" ) { +- if ( $ip !~ /^$IP_PRIVATE$/o ) { +- my $country = $db->country( ip => $ip ); +- my $country_rec = $country->country(); +- $geo = $country_rec->iso_code() || "XX"; +- $cc = $ip =~ /^$IP_PRIVATE$/o ? '**' : $geo; +- } else { +- $cc = '**'; +- } +- } elsif ( $conf_country_db_type eq "DB_File" ) { +- if ( $ip !~ /^$IPV4_ADDRESS$/o ) { +- $geo = $db->inet6_atocc($ip) || "XX"; +- } else { +- $geo = $db->inet_atocc($ip) || "XX"; +- } +- } elsif ( $conf_country_db_type eq "Fast" ) { +- $geo = $db->inet_atocc($ip) || "XX"; +- } +- $cc = $ip =~ /^$IP_PRIVATE$/o ? '**' : $geo; +- $countries .= $cc." "; +- } +- +- chop $countries; +- $msg->put_metadata("X-Relay-Countries", $countries); +- dbg("metadata: X-Relay-Countries: $countries"); +- +- return 1; +-} +- +-sub parsed_metadata { +- my ($self, $opts) = @_; +- +- return 1 unless $db; +- +- my $countries = +- $opts->{permsgstatus}->get_message->get_metadata('X-Relay-Countries'); +- my @c_list = split(' ', $countries); +- $opts->{permsgstatus}->set_tag("RELAYCOUNTRY", +- @c_list == 1 ? $c_list[0] : \@c_list); +- return 1; +-} +- +-1; +diff --git a/lib/Mail/SpamAssassin/Plugin/URILocalBL.pm b/lib/Mail/SpamAssassin/Plugin/URILocalBL.pm +deleted file mode 100644 +index e190fab..0000000 +--- a/lib/Mail/SpamAssassin/Plugin/URILocalBL.pm ++++ /dev/null +@@ -1,658 +0,0 @@ +-# <@LICENSE> +-# Licensed to the Apache Software Foundation (ASF) under one or more +-# contributor license agreements. See the NOTICE file distributed with +-# this work for additional information regarding copyright ownership. +-# The ASF licenses this file to you under the Apache License, Version 2.0 +-# (the "License"); you may not use this file except in compliance with +-# the License. You may obtain a copy of the License at: +-# +-# http://www.apache.org/licenses/LICENSE-2.0 +-# +-# Unless required by applicable law or agreed to in writing, software +-# distributed under the License is distributed on an "AS IS" BASIS, +-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-# See the License for the specific language governing permissions and +-# limitations under the License. +-# +- +-=head1 NAME +- +-URILocalBL - blacklist URIs using local information (ISP names, address lists, and country codes) +- +-=head1 SYNOPSIS +- +-This plugin creates some new rule test types, such as "uri_block_cc", +-"uri_block_cidr", and "uri_block_isp". These rules apply to the URIs +-found in the HTML portion of a message, i.e. markup. +- +- loadplugin Mail::SpamAssassin::Plugin::URILocalBL +- +-Why local blacklisting? There are a few excellent, effective, and +-well-maintained DNSBL's out there. But they have several drawbacks: +- +-=over 2 +- +-=item * blacklists can cover tens of thousands of entries, and you can't select which ones you use; +- +-=item * verifying that it's correctly configured can be non-trivial; +- +-=item * new blacklisting entries may take a while to be detected and entered, so it's not instantaneous. +- +-=back +- +-Sometimes all you want is a quick, easy, and very surgical blacklisting of +-a particular site or a particular ISP. This plugin is defined for that +-exact usage case. +- +-=head1 RULE DEFINITIONS AND PRIVILEGED SETTINGS +- +-The format for defining a rule is as follows: +- +- uri_block_cc SYMBOLIC_TEST_NAME cc1 cc2 cc3 cc4 +- +-or: +- +- uri_block_cont SYMBOLIC_TEST_NAME co1 co2 co3 co4 +- +-or: +- +- uri_block_cidr SYMBOLIC_TEST_NAME a.a.a.a b.b.b.b/cc d.d.d.d-e.e.e.e +- +-or: +- +- uri_block_isp SYMBOLIC_TEST_NAME "DataRancid" "McCarrier" "Phishers-r-Us" +- +-Example rule for matching a URI in China: +- +- uri_block_cc TEST1 cn +- +-This would block the URL http://www.baidu.com/index.htm. Similarly, to +-match a Spam-haven netblock: +- +- uri_block_cidr TEST2 65.181.64.0/18 +- +-would match a netblock where several phishing sites were recently hosted. +- +-And to block all CIDR blocks registered to an ISP, one might use: +- +- uri_block_isp TEST3 "ColoCrossing" +- +-if one didn't trust URL's pointing to that organization's clients. Lastly, +-if there's a country that you want to block but there's an explicit host +-you wish to exempt from that blacklist, you can use: +- +- uri_block_exclude TEST1 www.baidu.com +- +-if you wish to exempt URL's referring to this host. The same syntax is +-applicable to CIDR and ISP blocks as well. +- +-=head1 DEPENDENCIES +- +-The Country-Code based filtering requires the Geo::IP or GeoIP2 module, +-which uses either the fremium GeoLiteCountry database, or the commercial +-version of it called GeoIP from MaxMind.com. +- +-The ISP based filtering requires the same module, plus the GeoIPISP database. +-There is no fremium version of this database, so commercial licensing is +-required. +- +-=cut +- +-package Mail::SpamAssassin::Plugin::URILocalBL; +-use Mail::SpamAssassin::Plugin; +-use Mail::SpamAssassin::Logger; +-use Mail::SpamAssassin::Util qw(untaint_var); +- +-use Net::CIDR::Lite; +-use Socket; +- +-use strict; +-use warnings; +-# use bytes; +-use re 'taint'; +-use version; +- +-our @ISA = qw(Mail::SpamAssassin::Plugin); +- +-use constant HAS_GEOIP => eval { require Geo::IP; }; +-use constant HAS_GEOIP2 => eval { require GeoIP2::Database::Reader; }; +- +-# constructor +-sub new { +- my $class = shift; +- my $mailsaobject = shift; +- +- # some boilerplate... +- $class = ref($class) || $class; +- my $self = $class->SUPER::new($mailsaobject); +- bless ($self, $class); +- +- # how to handle failure to get the database handle? +- # and we don't really have a valid return value... +- # can we defer getting this handle until we actually see +- # a uri_block_cc rule? +- +- $self->register_eval_rule("check_uri_local_bl"); +- +- $self->set_config($mailsaobject->{conf}); +- +- return $self; +-} +- +-sub set_config { +- my ($self, $conf) = @_; +- my @cmds; +- +- my $pluginobj = $self; # allow use inside the closure below +- +- push (@cmds, { +- setting => 'uri_block_cc', +- is_priv => 1, +- code => sub { +- my ($self, $key, $value, $line) = @_; +- +- if ($value !~ /^(\S+)\s+(.+)$/) { +- return $Mail::SpamAssassin::Conf::INVALID_VALUE; +- } +- my $name = $1; +- my $def = $2; +- my $added_criteria = 0; +- +- $conf->{parser}->{conf}->{uri_local_bl}->{$name}->{countries} = {}; +- +- # this should match all country codes including satellite providers +- while ($def =~ m/^\s*([a-z][a-z0-9])(\s+(.*)|)$/) { +- my $cc = $1; +- my $rest = $2; +- +- #dbg("config: uri_block_cc adding %s to %s\n", $cc, $name); +- $conf->{parser}->{conf}->{uri_local_bl}->{$name}->{countries}->{uc($cc)} = 1; +- $added_criteria = 1; +- +- $def = $rest; +- } +- +- if ($added_criteria == 0) { +- warn "config: no arguments"; +- return $Mail::SpamAssassin::Conf::MISSING_REQUIRED_VALUE; +- } elsif ($def ne '') { +- warn "config: failed to add invalid rule $name"; +- return $Mail::SpamAssassin::Conf::INVALID_VALUE; +- } +- +- dbg("config: uri_block_cc added %s\n", $name); +- +- $conf->{parser}->add_test($name, 'check_uri_local_bl()', $Mail::SpamAssassin::Conf::TYPE_BODY_EVALS); +- } +- }); +- +- push (@cmds, { +- setting => 'uri_block_cont', +- is_priv => 1, +- code => sub { +- my ($self, $key, $value, $line) = @_; +- +- if ($value !~ /^(\S+)\s+(.+)$/) { +- return $Mail::SpamAssassin::Conf::INVALID_VALUE; +- } +- my $name = $1; +- my $def = $2; +- my $added_criteria = 0; +- +- $conf->{parser}->{conf}->{uri_local_bl}->{$name}->{continents} = {}; +- +- # this should match all continent codes +- while ($def =~ m/^\s*([a-z]{2})(\s+(.*)|)$/) { +- my $cont = $1; +- my $rest = $2; +- +- # dbg("config: uri_block_cont adding %s to %s\n", $cont, $name); +- $conf->{parser}->{conf}->{uri_local_bl}->{$name}->{continents}->{uc($cont)} = 1; +- $added_criteria = 1; +- +- $def = $rest; +- } +- +- if ($added_criteria == 0) { +- warn "config: no arguments"; +- return $Mail::SpamAssassin::Conf::MISSING_REQUIRED_VALUE; +- } elsif ($def ne '') { +- warn "config: failed to add invalid rule $name"; +- return $Mail::SpamAssassin::Conf::INVALID_VALUE; +- } +- +- dbg("config: uri_block_cont added %s\n", $name); +- +- $conf->{parser}->add_test($name, 'check_uri_local_bl()', $Mail::SpamAssassin::Conf::TYPE_BODY_EVALS); +- } +- }); +- +- push (@cmds, { +- setting => 'uri_block_isp', +- is_priv => 1, +- code => sub { +- my ($self, $key, $value, $line) = @_; +- +- if ($value !~ /^(\S+)\s+(.+)$/) { +- return $Mail::SpamAssassin::Conf::INVALID_VALUE; +- } +- my $name = $1; +- my $def = $2; +- my $added_criteria = 0; +- +- $conf->{parser}->{conf}->{uri_local_bl}->{$name}->{isps} = {}; +- +- # gather up quoted strings +- while ($def =~ m/^\s*"([^"]*)"(\s+(.*)|)$/) { +- my $isp = $1; +- my $rest = $2; +- +- dbg("config: uri_block_isp adding \"%s\" to %s\n", $isp, $name); +- $conf->{parser}->{conf}->{uri_local_bl}->{$name}->{isps}->{$isp} = 1; +- $added_criteria = 1; +- +- $def = $rest; +- } +- +- if ($added_criteria == 0) { +- warn "config: no arguments"; +- return $Mail::SpamAssassin::Conf::MISSING_REQUIRED_VALUE; +- } elsif ($def ne '') { +- warn "config: failed to add invalid rule $name"; +- return $Mail::SpamAssassin::Conf::INVALID_VALUE; +- } +- +- $conf->{parser}->add_test($name, 'check_uri_local_bl()', $Mail::SpamAssassin::Conf::TYPE_BODY_EVALS); +- } +- }); +- +- push (@cmds, { +- setting => 'uri_block_cidr', +- is_priv => 1, +- code => sub { +- my ($self, $key, $value, $line) = @_; +- +- if ($value !~ /^(\S+)\s+(.+)$/) { +- return $Mail::SpamAssassin::Conf::INVALID_VALUE; +- } +- my $name = $1; +- my $def = $2; +- my $added_criteria = 0; +- +- $conf->{parser}->{conf}->{uri_local_bl}->{$name}->{cidr} = new Net::CIDR::Lite; +- +- # match individual IP's, subnets, and ranges +- while ($def =~ m/^\s*(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}(\/\d{1,2}|-\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})?)(\s+(.*)|)$/) { +- my $addr = $1; +- my $rest = $3; +- +- dbg("config: uri_block_cidr adding %s to %s\n", $addr, $name); +- +- eval { $conf->{parser}->{conf}->{uri_local_bl}->{$name}->{cidr}->add_any($addr) }; +- last if ($@); +- +- $added_criteria = 1; +- +- $def = $rest; +- } +- +- if ($added_criteria == 0) { +- warn "config: no arguments"; +- return $Mail::SpamAssassin::Conf::MISSING_REQUIRED_VALUE; +- } elsif ($def ne '') { +- warn "config: failed to add invalid rule $name"; +- return $Mail::SpamAssassin::Conf::INVALID_VALUE; +- } +- +- # optimize the ranges +- $conf->{parser}->{conf}->{uri_local_bl}->{$name}->{cidr}->clean(); +- +- $conf->{parser}->add_test($name, 'check_uri_local_bl()', $Mail::SpamAssassin::Conf::TYPE_BODY_EVALS); +- } +- }); +- +- push (@cmds, { +- setting => 'uri_block_exclude', +- is_priv => 1, +- code => sub { +- my ($self, $key, $value, $line) = @_; +- +- if ($value !~ /^(\S+)\s+(.+)$/) { +- return $Mail::SpamAssassin::Conf::INVALID_VALUE; +- } +- my $name = $1; +- my $def = $2; +- my $added_criteria = 0; +- +- $conf->{parser}->{conf}->{uri_local_bl}->{$name}->{exclusions} = {}; +- +- # match individual IP's, or domain names +- while ($def =~ m/^\s*((\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})|(([a-z0-9][-a-z0-9]*[a-z0-9](\.[a-z0-9][-a-z0-9]*[a-z0-9]){1,})))(\s+(.*)|)$/) { +- my $addr = $1; +- my $rest = $6; +- +- dbg("config: uri_block_exclude adding %s to %s\n", $addr, $name); +- +- $conf->{parser}->{conf}->{uri_local_bl}->{$name}->{exclusions}->{$addr} = 1; +- +- $added_criteria = 1; +- +- $def = $rest; +- } +- +- if ($added_criteria == 0) { +- warn "config: no arguments"; +- return $Mail::SpamAssassin::Conf::MISSING_REQUIRED_VALUE; +- } elsif ($def ne '') { +- warn "config: failed to add invalid rule $name"; +- return $Mail::SpamAssassin::Conf::INVALID_VALUE; +- } +- +- $conf->{parser}->add_test($name, 'check_uri_local_bl()', $Mail::SpamAssassin::Conf::TYPE_BODY_EVALS); +- } +- }); +- +-=over 2 +- +-=item uri_country_db_path STRING +- +-This option tells SpamAssassin where to find the MaxMind country GeoIP2 +-database. +- +-=back +- +-=cut +- +- push (@cmds, { +- setting => 'uri_country_db_path', +- is_priv => 1, +- default => undef, +- type => $Mail::SpamAssassin::Conf::CONF_TYPE_STRING, +- code => sub { +- my ($self, $key, $value, $line) = @_; +- if (!defined $value || !length $value) { +- return $Mail::SpamAssassin::Conf::MISSING_REQUIRED_VALUE; +- } +- if (!-f $value) { +- info("config: uri_country_db_path \"$value\" is not accessible"); +- $self->{uri_country_db_path} = $value; +- return $Mail::SpamAssassin::Conf::INVALID_VALUE; +- } +- +- $self->{uri_country_db_path} = $value; +- } +- }); +- +-=over 2 +- +-=item uri_country_db_isp_path STRING +- +-This option tells SpamAssassin where to find the MaxMind isp GeoIP2 database. +- +-=back +- +-=cut +- +- push (@cmds, { +- setting => 'uri_country_db_isp_path', +- is_priv => 1, +- default => undef, +- type => $Mail::SpamAssassin::Conf::CONF_TYPE_STRING, +- code => sub { +- my ($self, $key, $value, $line) = @_; +- if (!defined $value || !length $value) { +- return $Mail::SpamAssassin::Conf::MISSING_REQUIRED_VALUE; +- } +- if (!-f $value) { +- info("config: uri_country_db_isp_path \"$value\" is not accessible"); +- $self->{uri_country_db_isp_path} = $value; +- return $Mail::SpamAssassin::Conf::INVALID_VALUE; +- } +- +- $self->{uri_country_db_isp_path} = $value; +- } +- }); +- +- $conf->{parser}->register_commands(\@cmds); +-} +- +-sub check_uri_local_bl { +- my ($self, $permsg) = @_; +- +- my $cc; +- my $cont; +- my $db_info; +- my $isp; +- +- my $conf_country_db_path = $self->{'main'}{'resolver'}{'conf'}->{uri_country_db_path}; +- my $conf_country_db_isp_path = $self->{'main'}{'resolver'}{'conf'}->{uri_country_db_isp_path}; +- # If country_db_path is set I am using GeoIP2 api +- if ( HAS_GEOIP2 and ( ( defined $conf_country_db_path ) or ( defined $conf_country_db_isp_path ) ) ) { +- +- $self->{geoip} = GeoIP2::Database::Reader->new( +- file => $conf_country_db_path, +- locales => [ 'en' ] +- ) if (( defined $conf_country_db_path ) && ( -f $conf_country_db_path)); +- if ( defined ($conf_country_db_path) ) { +- $db_info = sub { return "GeoIP2 " . ($self->{geoip}->metadata()->description()->{en} || '?') }; +- warn "$conf_country_db_path not found" unless $self->{geoip}; +- } +- +- $self->{geoisp} = GeoIP2::Database::Reader->new( +- file => $conf_country_db_isp_path, +- locales => [ 'en' ] +- ) if (( defined $conf_country_db_isp_path ) && ( -f $conf_country_db_isp_path)); +- if ( defined ($conf_country_db_isp_path) ) { +- warn "$conf_country_db_isp_path not found" unless $self->{geoisp}; +- } +- $self->{use_geoip2} = 1; +- } elsif ( HAS_GEOIP ) { +- BEGIN { +- Geo::IP->import( qw(GEOIP_MEMORY_CACHE GEOIP_CHECK_CACHE GEOIP_ISP_EDITION) ); +- } +- $self->{use_geoip2} = 0; +- # need GeoIP C library 1.6.3 and GeoIP perl API 1.4.4 or later to avoid messages leaking - Bug 7153 +- my $gic_wanted = version->parse('v1.6.3'); +- my $gic_have = version->parse(Geo::IP->lib_version()); +- my $gip_wanted = version->parse('v1.4.4'); +- my $gip_have = version->parse($Geo::IP::VERSION); +- +- # this code burps an ugly message if it fails, but that's redirected elsewhere +- my $flags = 0; +- eval '$flags = Geo::IP::GEOIP_SILENCE' if ($gip_wanted >= $gip_have); +- +- if ($flags && $gic_wanted >= $gic_have) { +- $self->{geoip} = Geo::IP->new(GEOIP_MEMORY_CACHE | GEOIP_CHECK_CACHE | $flags); +- $self->{geoisp} = Geo::IP->open_type(GEOIP_ISP_EDITION, GEOIP_MEMORY_CACHE | GEOIP_CHECK_CACHE | $flags); +- } else { +- open(OLDERR, ">&STDERR"); +- open(STDERR, ">", "/dev/null"); +- $self->{geoip} = Geo::IP->new(GEOIP_MEMORY_CACHE | GEOIP_CHECK_CACHE); +- $self->{geoisp} = Geo::IP->open_type(GEOIP_ISP_EDITION, GEOIP_MEMORY_CACHE | GEOIP_CHECK_CACHE); +- open(STDERR, ">&OLDERR"); +- close(OLDERR); +- } +- $db_info = sub { return "Geo::IP " . ($self->{geoip}->database_info || '?') }; +- } else { +- dbg("No GeoIP module available"); +- return 0; +- } +- +- my %uri_detail = %{ $permsg->get_uri_detail_list() }; +- my $test = $permsg->{current_rule_name}; +- my $rule = $permsg->{conf}->{uri_local_bl}->{$test}; +- +- my %hit_tests; +- my $got_hit = 0; +- +- if ( defined $self->{geoip} ) { +- dbg("check: uri_local_bl evaluating rule %s using database %s\n", $test, $db_info->()); +- } else { +- dbg("check: uri_local_bl evaluating rule %s\n", $test); +- } +- +- while (my ($raw, $info) = each %uri_detail) { +- +- next unless $info->{hosts}; +- +- # look for W3 links only +- next unless (defined $info->{types}->{a}); +- +- while (my($host, $domain) = each %{$info->{hosts}}) { +- +- # skip if the domain name was matched +- if (exists $rule->{exclusions} && exists $rule->{exclusions}->{$domain}) { +- dbg("check: uri_local_bl excludes %s as *.%s\n", $host, $domain); +- next; +- } +- +- # this would be best cached from prior lookups +- my @addrs = gethostbyname($host); +- +- # convert to string values address list +- @addrs = map { inet_ntoa($_); } @addrs[4..$#addrs]; +- +- dbg("check: uri_local_bl %s addrs %s\n", $host, join(', ', @addrs)); +- +- for my $ip (@addrs) { +- # skip if the address was matched +- if (exists $rule->{exclusions} && exists $rule->{exclusions}->{$ip}) { +- dbg("check: uri_local_bl excludes %s(%s)\n", $host, $ip); +- next; +- } +- +- if (exists $rule->{countries}) { +- dbg("check: uri_local_bl countries %s\n", join(' ', sort keys %{$rule->{countries}})); +- +- if ( $self->{use_geoip2} == 1 ) { +- my $country = $self->{geoip}->country( ip => $ip ); +- my $country_rec = $country->country(); +- $cc = $country_rec->iso_code(); +- } else { +- $cc = $self->{geoip}->country_code_by_addr($ip); +- } +- +- dbg("check: uri_local_bl host %s(%s) maps to %s\n", $host, $ip, (defined $cc ? $cc : "(undef)")); +- +- # handle there being no associated country (yes, there are holes in +- # the database). +- next unless defined $cc; +- +- # not in blacklist +- next unless (exists $rule->{countries}->{$cc}); +- +- dbg("check: uri_block_cc host %s(%s) matched\n", $host, $ip); +- +- if (would_log('dbg', 'rules') > 1) { +- dbg("check: uri_block_cc criteria for $test met"); +- } +- +- $permsg->test_log("Host: $host in $cc"); +- $hit_tests{$test} = 1; +- +- # reset hash +- keys %uri_detail; +- } +- +- if (exists $rule->{continents}) { +- dbg("check: uri_local_bl continents %s\n", join(' ', sort keys %{$rule->{continents}})); +- +- if ( $self->{use_geoip2} == 1 ) { +- my $country = $self->{geoip}->country( ip => $ip ); +- my $cont_rec = $country->continent(); +- $cont = $cont_rec->{code}; +- } else { +- $cc = $self->{geoip}->country_code_by_addr($ip); +- $cont = $self->{geoip}->continent_code_by_country_code($cc); +- } +- +- dbg("check: uri_local_bl host %s(%s) maps to %s\n", $host, $ip, (defined $cont ? $cont : "(undef)")); +- +- # handle there being no associated continent (yes, there are holes in +- # the database). +- next unless defined $cont; +- +- # not in blacklist +- next unless (exists $rule->{continents}->{$cont}); +- +- dbg("check: uri_block_cont host %s(%s) matched\n", $host, $ip); +- +- if (would_log('dbg', 'rules') > 1) { +- dbg("check: uri_block_cont criteria for $test met"); +- } +- +- $permsg->test_log("Host: $host in $cont"); +- $hit_tests{$test} = 1; +- +- # reset hash +- keys %uri_detail; +- } +- +- if (exists $rule->{isps}) { +- dbg("check: uri_local_bl isps %s\n", join(' ', map { '"' . $_ . '"'; } sort keys %{$rule->{isps}})); +- +- if ( $self->{use_geoip2} == 1 ) { +- $isp = $self->{geoisp}->isp(ip => $ip); +- } else { +- $isp = $self->{geoisp}->isp_by_name($ip); +- } +- +- dbg("check: uri_local_bl isp %s(%s) maps to %s\n", $host, $ip, (defined $isp ? '"' . $isp . '"' : "(undef)")); +- +- # handle there being no associated country +- next unless defined $isp; +- +- # not in blacklist +- next unless (exists $rule->{isps}->{$isp}); +- +- dbg("check: uri_block_isp host %s(%s) matched\n", $host, $ip); +- +- if (would_log('dbg', 'rules') > 1) { +- dbg("check: uri_block_isp criteria for $test met"); +- } +- +- $permsg->test_log("Host: $host in \"$isp\""); +- $hit_tests{$test} = 1; +- +- # reset hash +- keys %uri_detail; +- } +- +- if (exists $rule->{cidr}) { +- dbg("check: uri_block_cidr list %s\n", join(' ', $rule->{cidr}->list_range())); +- +- next unless ($rule->{cidr}->find($ip)); +- +- dbg("check: uri_block_cidr host %s(%s) matched\n", $host, $ip); +- +- if (would_log('dbg', 'rules') > 1) { +- dbg("check: uri_block_cidr criteria for $test met"); +- } +- +- $permsg->test_log("Host: $host as $ip"); +- $hit_tests{$test} = 1; +- +- # reset hash +- keys %uri_detail; +- } +- } +- } +- # cycle through all tests hitted by the uri +- while((my $test_ok) = each %hit_tests) { +- $permsg->got_hit($test_ok); +- $got_hit = 1; +- } +- if($got_hit == 1) { +- return 1; +- } else { +- keys %hit_tests; +- } +- } +- +- dbg("check: uri_local_bl %s no match\n", $test); +- +- return 0; +-} +- +-1; +- +diff --git a/lib/Mail/SpamAssassin/Util/DependencyInfo.pm b/lib/Mail/SpamAssassin/Util/DependencyInfo.pm +index 8127595..17aacbc 100644 +--- a/lib/Mail/SpamAssassin/Util/DependencyInfo.pm ++++ b/lib/Mail/SpamAssassin/Util/DependencyInfo.pm +@@ -124,30 +124,6 @@ our @OPTIONAL_MODULES = ( + desc => 'Used to check DNS Sender Policy Framework (SPF) records to fight email + address forgery and make it easier to identify spams.', + }, +-{ +- module => 'Geo::IP', +- version => 0, +- desc => 'Used by the RelayCountry plugin (not enabled by default) to determine +- the domain country codes of each relay in the path of an email. Also used by +- the URILocalBL plugin to provide ISP and Country code based filtering.', +-}, +-{ +- module => 'Net::CIDR::Lite', +- version => 0, +- desc => 'Used by the URILocalBL plugin to process IP address ranges.', +-}, +-{ +- module => 'Razor2::Client::Agent', +- alt_name => 'Razor2', +- version => '2.61', +- desc => 'Used to check message signatures against Vipul\'s Razor collaborative +- filtering network. Razor has a large number of dependencies on CPAN +- modules. Feel free to skip installing it, if this makes you nervous; +- SpamAssassin will still work well without it. +- +- More info on installing and using Razor can be found +- at http://wiki.apache.org/spamassassin/InstallingRazor .', +-}, + #{ + # module => 'Net::Ident', + # version => 0, +diff --git a/rules/init.pre b/rules/init.pre +index a330bad..6313a03 100644 +--- a/rules/init.pre ++++ b/rules/init.pre +@@ -14,13 +14,6 @@ + # added to new files, named according to the release they're added in. + ########################################################################### + +-# RelayCountry - add metadata for Bayes learning, marking the countries +-# a message was relayed through +-# +-# Note: This requires the Geo::IP Perl module +-# +-# loadplugin Mail::SpamAssassin::Plugin::RelayCountry +- + # URIDNSBL - look up URLs found in the message against several DNS + # blocklists. + # +diff --git a/rules/v341.pre b/rules/v341.pre +index 489dd4c..7ff8e84 100644 +--- a/rules/v341.pre ++++ b/rules/v341.pre +@@ -19,10 +19,5 @@ + # TxRep - Reputation database that replaces AWL + # loadplugin Mail::SpamAssassin::Plugin::TxRep + +-# URILocalBL - Provides ISP and Country code based filtering as well as +-# quick IP based blocks without a full RBL implementation - Bug 7060 +- +-# loadplugin Mail::SpamAssassin::Plugin::URILocalBL +- + # PDFInfo - Use several methods to detect a PDF file's ham/spam traits + # loadplugin Mail::SpamAssassin::Plugin::PDFInfo +diff --git a/spamassassin.raw b/spamassassin.raw +index 9d03d4f..443e154 100755 +--- a/spamassassin.raw ++++ b/spamassassin.raw +@@ -881,9 +881,6 @@ from the SpamAssassin distribution. + Mail::SpamAssassin::Plugin::Hashcash + perform hashcash verification tests + +- Mail::SpamAssassin::Plugin::RelayCountry +- add message metadata indicating the country code of each relay +- + Mail::SpamAssassin::Plugin::SPF + perform SPF verification tests + +-- +2.14.4 + diff --git a/SOURCES/spamassassin-3.4.2-fix-file-handle-leaks.patch b/SOURCES/spamassassin-3.4.2-fix-file-handle-leaks.patch new file mode 100644 index 0000000..f0fd334 --- /dev/null +++ b/SOURCES/spamassassin-3.4.2-fix-file-handle-leaks.patch @@ -0,0 +1,18 @@ +--- a/spamc/spamc.c 2018/10/02 16:54:17 1842644 ++++ b/spamc/spamc.c 2018/10/02 17:40:43 1842645 +@@ -616,6 +616,7 @@ + fprintf(stderr,"Exceeded max line size (%d) in %s\n", + CONFIG_MAX_LINE_SIZE-2, config_file); + } ++ fclose(config); + return EX_CONFIG; + } + +@@ -629,6 +630,7 @@ + if (*combo_argc >= COMBO_ARGV_SIZE) { + fprintf(stderr,"Exceeded max number of arguments (%d) in %s\n", + COMBO_ARGV_SIZE, config_file); ++ fclose(config); + return EX_CONFIG; + } + combo_argv[*combo_argc] = strdup(tok); diff --git a/SOURCES/spamassassin-3.4.2-fix-use-after-free.patch b/SOURCES/spamassassin-3.4.2-fix-use-after-free.patch new file mode 100644 index 0000000..8372d18 --- /dev/null +++ b/SOURCES/spamassassin-3.4.2-fix-use-after-free.patch @@ -0,0 +1,10 @@ +--- a/spamc/getopt.c 2018/09/20 06:52:49 1841432 ++++ b/spamc/getopt.c 2018/09/20 07:18:53 1841433 +@@ -274,7 +274,6 @@ + } else if(longopts[i].has_arg == optional_argument) { + if(((spamc_optind < argc) && (argv[spamc_optind]) && (argv[spamc_optind][0] != '-')) || + (opt != NULL)) { +- free(opt); + if(opt != NULL) { + spamc_optarg = opt; + } else { diff --git a/SOURCES/spamassassin-default.rc b/SOURCES/spamassassin-default.rc new file mode 100644 index 0000000..1d8365c --- /dev/null +++ b/SOURCES/spamassassin-default.rc @@ -0,0 +1,3 @@ +# send mail through spamassassin +:0fw +| /usr/bin/spamassassin diff --git a/SOURCES/spamassassin-helper.sh b/SOURCES/spamassassin-helper.sh new file mode 100755 index 0000000..3cd4848 --- /dev/null +++ b/SOURCES/spamassassin-helper.sh @@ -0,0 +1,2 @@ +#!/bin/sh +/usr/bin/spamassassin -e diff --git a/SOURCES/spamassassin-official.conf b/SOURCES/spamassassin-official.conf new file mode 100644 index 0000000..2f35a9c --- /dev/null +++ b/SOURCES/spamassassin-official.conf @@ -0,0 +1,86 @@ +# http://wiki.apache.org/spamassassin/RuleUpdates +CHANNELURL=updates.spamassassin.org +KEYID=5244EC45 +# Ignore everything below. +return 0 + +This is the GPG key that updates are signed with (currently, +as of Wed Dec 21 19:31:38 PST 2005. Please contact with any questions. + + +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.2 (SunOS) + +mQILBEOnbDQBEADBfda+hU8cGXD/2WYrIHsZ5CmvC2eCYKgQ87W706tzwmxoZWQS +JfnRpkZnBqS5WDhXhNBOhk9CgF5/e9yHnDQCusNYfRstKd+t0XTFvq30/tacrJNe +67zgq+DtWqIK9C7akfElc+2M5NkX6mF4cjaMXZoW17ltPy0XSSeirf584nvK3pXf +oEFLYQ/0AUV9EBpo9+i2DkMUd8d5tz7A6O5foB3ijYPzIcVtVJ1eyCg6gO1I4cIA +YbIZCH0WIVx5MQjydfKyCR4D7VFPpZgwcZ1PmyZSsy3lrigGVvYEoUS2fWTt2jUO +pB3wg5pgzuu9hN5CpChZGvq65t4PGtAeShnBkddIH4l+iDC6sAc6W06KidSaUCW1 +BKvNMa39lyEkO4bfLblZRjoZbj7Tjq3wQV/PLpPyKDa8ZZ88GfWaeRDUNRgZG6Qq +e6UKlFGfrw2RXOImUje7Sjy/eG4Ud/BOeGkV913yWBm9CHsPNtaVDK+iQI6vkAWS +3QkiPjBkXGTZFHsUx9/i3k5Iga6d4Gq2cBIVBur3sDxjKuuSazLwA9OAybpzQe2s +PvTzbGc/f1P7plT++HBFlBHwFtl/v68Q8pkbMWlEc5M9nYJ6yXHATHZzFfThxBwt +OYfF25XGaclUMkOMX++RiRkmjaEaT7Whv5aPbeb3+H3v6Omjvnebge24lQAGKbQ/ +dXBkYXRlcy5zcGFtYXNzYXNzaW4ub3JnIFNpZ25pbmcgS2V5IDxyZWxlYXNlQHNw +YW1hc3Nhc3Npbi5vcmc+iQI2BBMBAgAgBQJDp2w0AhsDBgsJCAcDAgQVAggDBBYC +AwECHgECF4AACgkQQFamGlJE7EVkfg//ZjBQ6UXDizX9UPsEmogWXIqbBsyP5DJH +uToaFa6OzCbOJqcYnXNfOjovYdDOTje+x3ZEkwbx+y6MSfhmDuHPDPqBU7hXenxx +oRktC68mJasKo0wXym2YfyWFnhSZMlXXFQ9We48zNGcVRckzaxLzM67BFJuRUfOM +EV6Lf3HxMvoUK3/Xzq9YPEq2sqFO1Eu+qPC3nq726Tj/aYBBFHgHmbjDrZTaQNyV +fHvEjDzPcDRjlJI+vZw1UEuXG+BKATPpiT7U7I1OGLDa2ExDIxh0+eJnsmA3YyHG +VweE7nDN2GmkXMVfa5vXHH49Ae9Ee8jIIRipfgMgZWnkZ0XYDvLj2ueH0Ixu4o9R +D2zJIwqzRh1sytG+1YOfHrOMUCplImJaY/ARgOM324ZdBvhkgIi1XvT7Sy/ZmGWd +DKFo+GjX0r2cujR8Pd4i7VlKsF9wRypk+n/aupXiaz5GY44EIVbnweyS5IlCNrwn +4UtqcB9/9uk1tmUNIcC5xjbq5ud/Y+iMIqCKCH0C9WUwSNSdsg+K+9xoZuvlaXY0 +JeXWNcDdq+tMir+x+/o0U4ENVYBkSFesnotmHwN6jZj4lSMRmvcFHPBljXqLqzM+ +y5wZxnCo1N7T+erZaI7BUrpJYm8JxcJ2VCWV0JFoO1Ec//B6XYB0pckbRuSTX/Zw +pKEkNqOdmjm5AgsEQ6dsigEQAKvdggbwqJgfDbRE2Lcy2gsn4j7haqu3IVBbyUDn +kGuuDuEtSeoRjCZXEb5DaKibIpEy5vzvRGvCFFkrBs4KXk/uamkgCpGnQZFnoz/S +rNZ8U7+e1pecEePpIkhQyafUKox9+p43UVoq4UybdPRDvE9SmQ1qaNUhyQY2FP9S +WT1a63u5GA73aH4puGO0BuZ9R3MNaDYZe/MOlRRjmlAsbY4oqWOudlNVaZ71EV3O +FFmOH4pnpxdO0X0l6sF6nvqvO5/gdZ3dI5iqrJjUneVgVOmPkREq7tQ5qHS/2pny +rDrH8NZCDNT5TXciBxBrt53bxxL/V/HWaolmtJi8gK82uXt8YlmT6zuEsofufDmu +P/HMDZ+BhGI+ggNzY2AVwERTRD6ecHDOI3iIuCP4Ck26YNHRCLyocL3CSlIpjQPu +tb3qfdAcqKLJ/fVyLtGkXr24crel6IeJY7/AGjYBrfh47DWnK7Xds8bAqJ8VCjOc +/q1usFTHgGkYocvtv0gmcjbu8YypzuG8HxOg9Yk9qRLQgg1fNhzXE2lqEPyMlBfj +eLmMNRvKP70fH8CK8adinPIegaRrS6gZ/iIdv8+YV+1rlEt28qzzGJxnmzUEmW6X +Xj44u91umg9WOsLxTOCQWdjGHonytHqj/xIsf45N2JIGLhU0lF04hYfEo5p65AyM +PpYhAAYpiQIfBBgBAgAJBQJDp2yKAhsCAAoJEEBWphpSROxFungP/iWKe7o8szOz +VmXkj89xDVFZ69nthVKkbgSYIZYQC+QLF8P1MWRnNWO/8TY+XsaCT3SrqxDFQ/R/ +9mlAPGUM1ySVihOPmP/DPiOlWLCsc0mb6OzYF2olcOR33s05MqvJlqXSmIrdB+hI +KkC7G5byZ+XZwPXVj4XlxIEOzs18+0YJqy0IPZPXTiMet4k2KyWyWkJpJYUCb19G +R6QC8hZQD97EYTbkbr5Ss26jjY/9AqLofW5F1/98pLDo+ron7pI2k8Ymn5DngEsa +XoGsQuyvPfTAjS4p9q/XwExJcX3gvQesdw18mpoSaGAOgDISolBPRqpHpy7v7vuw +3UMnsefKOX3F0Rossevw+c2/JCulnGmJDlgz6nHSR6FhHsbrDKF8oBeYPfGW/Kjw +NvzB1i9yubAMrsTQVu1Q8e5LsnL/MNYKb6oEJbBywdeHxBkehGWFXVdSoFvVSih/ +VNqX9f7jlybpLZW/n8cQ2r1ax19v7FleO/xSGvkYm7B1+4BW0mjy6A5dta5+e5WG +D5R06Uya3/xRAPGdmV6t4Mw8fFsuyCvs+vC73PR3+eS1UvCYsDpcQD8KpVBnsHaA +duWRKKhjuFL0vdOWAr25tFOTKAj5Ywas47PBukO0isov2WBCA1rVqOr6FUvdP76y +mqHv/0E6/vnTLxFoNsu4Ce42nAQ/A/jRiQQ+BBgBAgAJAhsCBQJHhbheAinBXSAE +GQECAAYFAkOnbIoACgkQbFU5eCT0NM68MQ/8DvYqxRm3vP0Gwnr+63kzET8S+6vf +gxOghnU+eMlqUeUu/ajqnVDMzoAIRDw9QgQc9ZZoklOSJQwOuloAbdpL4TwQ2XfJ +MLU60JkZWnEOXJwClb0qG1GqtcBPbMEUPfZcQfphdRL3jpWZlaexFiJRSD+A0riw +7q3NZKPDt4FrF7F3GY9krFy+P0nRt5f462DeDhCYZgguBQH+oGtjc5Hx+kOVWDsS +txo5xkt4/0DG50ZklPkTlCohmJwRLACy+NswdQ9q83eWAhzKOPgkal7xF6a+LyE+ +ytVYy2EgEU74r2gVw5iizy92FDj//Z2QAUyf/c4BMuAhvfwVIHd8n2DPHvpMP15L +6fwoymh0OjzmhwK94Z2u1YqNC1CK27/hfB6okQ/Tct7/Ik61dBjtiYdUC9tTA5Ze +W8X5ouSmttS1QFixx+Z4hiXV7Qj12lgVKuJohjrVshfcbVzTHljjAo3YkOZIHIoA +IJTUMRNzTIx9k4hrPVbxbVQhKjKTwFNtBuxvmptGTcLEIv9THpqlq8jkcStJ2Zrd +hhofPCWRT/Kzo+WE+Kgefv88T5Li7Ku12U/UpiK85+6nRspXj3rnkfDOUbLZjGM+ +1NET0xQTPuyxN6CXF7MMxfGCpszCudYxMANDQqNXu9brcPN/+EIxGRjqin4E7q+h +kYUaY7Ki8mXtJ8cJEEBWphpSROxFktcQALWQv996bFq1iFcGuQ0ITxNDlOWCsses +bgEM5zR10DH+6s2bXEO8xyDHQJtrvdCPetRDosnuOToBMnGMXTYVytnWzwwAzwq1 +YM+bGAeTHaIX+2UmxwFyX4GMOdqsNB+xDZ8pmRKjamJSgUQt6e18YpZlg1Y4QkxS +Vptq7OZBjiKeLUhLhGJ6GWgEIedLcoCtFzKCfz3zwn0Oxl+1EnVu8yqN+quWTf8P +7EZn+0ztqZY059BrcK2jmOyXvtOZBcAHXCUknh/uPHwAJV2WFWSNid2kNiLOrV+J +3eLTs5sF9wNhxWRhl6/10cwTzjy0Onv5cJh2tjdwksigMRMwz4c839zXORni/tnY ++IY22kNTKu84gB8rBuqUq8MQXNdS3bbROwwNUzpC0D1C1z1fBvyXDL1EwJdz70Wc +2m/Sw6tIid5g98+XMW+Ibt43Jk2XbK71JLhbVbePbAcHVh/UXEtnjhRfX7oyWlwS +a+lkKMiJd/6CQ6bvYsgklE7uEzTpRskpkkOcCk1O+8jfl+DsDwKrvVaNu8tpx45k +TtV4JDA6iEHKakD/zZdVTR79W2CFqBvRfRikc5INOl1OfMQ4ODmjkMl3yI9wrHwS +SQQxdq2XsS7xbU9HDFBEguQDu0rfzILZ9DuKIVHyr/CsRoJ5joj+JvKaUQC81ywQ +aB8EKy5bg4U6 +=IbYW +-----END PGP PUBLIC KEY BLOCK----- diff --git a/SOURCES/spamassassin-spamc.rc b/SOURCES/spamassassin-spamc.rc new file mode 100644 index 0000000..911dcd4 --- /dev/null +++ b/SOURCES/spamassassin-spamc.rc @@ -0,0 +1,3 @@ +# send mail through spamassassin +:0fw +| /usr/bin/spamc diff --git a/SOURCES/spamassassin.service b/SOURCES/spamassassin.service new file mode 100644 index 0000000..530f8f8 --- /dev/null +++ b/SOURCES/spamassassin.service @@ -0,0 +1,14 @@ +[Unit] +Description=Spamassassin daemon +After=syslog.target network.target +Wants=sa-update.timer + +[Service] +EnvironmentFile=-/etc/sysconfig/spamassassin +ExecStart=/usr/bin/spamd $SPAMDOPTIONS +StandardOutput=null +StandardError=null +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/SOURCES/spamassassin.sysconfig b/SOURCES/spamassassin.sysconfig new file mode 100644 index 0000000..f3e30b5 --- /dev/null +++ b/SOURCES/spamassassin.sysconfig @@ -0,0 +1,2 @@ +# Options to spamd +SPAMDOPTIONS="-c -m5 -H --razor-home-dir='/var/lib/razor/' --razor-log-file='sys-syslog'" diff --git a/SOURCES/spamassassin.sysconfig.el b/SOURCES/spamassassin.sysconfig.el new file mode 100644 index 0000000..194bdc8 --- /dev/null +++ b/SOURCES/spamassassin.sysconfig.el @@ -0,0 +1,2 @@ +# Options to spamd +SPAMDOPTIONS="-d -c -m5 -H --razor-home-dir='/var/lib/razor/' --razor-log-file='sys-syslog'" diff --git a/SPECS/spamassassin.spec b/SPECS/spamassassin.spec new file mode 100644 index 0000000..5c08169 --- /dev/null +++ b/SPECS/spamassassin.spec @@ -0,0 +1,1149 @@ +# OVERRIDE RHEL VERSION HERE, RHEL BUILDSYSTEM DOESN'T HAVE DIST TAG +#%%define rhel 4 + +# Define dist tags for old RHEL releases +%if 0%{?rhel} == 4 +%define dist .el4 +%endif +%if 0%{?rhel} == 5 +%define dist .el5 +%endif +%if 0%{?rhel} == 6 +%define dist .el6 +%endif + +# Define variables to use in conditionals +%define option_ssl 0 +%define perl_devel 0 +%define dkim_deps 0 +%global patricia_deps 0 +%global razor_deps 0 +%define require_encode_detect 0 +%define use_systemd 0 + +# SSL and IPv6 (FC6+, RHEL5+) +%if 0%{?fedora} > 5 || 0%{?rhel} >= 5 +%define option_ssl 1 +%endif + +# Split perl-devel (FC7+ and RHEL-8+) +%if 0%{?fedora} > 6 || 0%{?rhel} > 7 +%define perl_devel 1 +%endif + +# Encode::Detect, not strictly required but helpful if you enable language detection (FC7+) +%if 0%{?fedora} > 6 || 0%{?rhel} >= 6 +%define require_encode_detect 1 +%endif + +# Mail::DKIM by default (F11+) +%if 0%{?fedora} >= 11 || 0%{?rhel} >= 6 +%define dkim_deps 1 +%endif + +%if 0%{?fedora} >= 16 || 0%{?rhel} >= 7 +%define use_systemd 1 +%endif + +%if ! 0%{?rhel} +%global patricia_deps 1 +%global razor_deps 1 +%endif + +%define real_name Mail-SpamAssassin +%{!?perl_vendorlib: %define perl_vendorlib %(eval "`%{__perl} -V:installvendorlib`"; echo $installvendorlib)} + +%global saversion 3.004002 +#%%global prerev rc2 + +Summary: Spam filter for email which can be invoked from mail delivery agents +Name: spamassassin +Version: 3.4.2 +#Release: 0.8.%%{prerev}%%{?dist} +Release: 6%{?dist} +License: ASL 2.0 +Group: Applications/Internet +URL: https://spamassassin.apache.org/ +Source0: https://www.apache.org/dist/%{name}/source/%{real_name}-%{version}.tar.bz2 +#Source0: %%{real_name}-%%{version}-%%{prerev}.tar.bz2 +Source1: https://www.apache.org/dist/%{name}/source/%{real_name}-rules-%{version}.r1840640.tgz +#Source1: %%{real_name}-rules-%%{version}.%%{prerev}.tgz +Source2: redhat_local.cf +Source3: spamassassin-default.rc +Source4: spamassassin-spamc.rc +Source5: spamassassin.sysconfig +Source6: sa-update.logrotate +Source7: sa-update.crontab +Source8: sa-update.cronscript +Source9: sa-update.force-sysconfig +Source10: spamassassin-helper.sh +Source11: spamassassin-official.conf +Source12: sought.conf +Source13: README.RHEL.Fedora +%if %{use_systemd} +Source14: spamassassin.service +%endif +Source15: spamassassin.sysconfig.el +Source16: sa-update.service +Source17: sa-update.timer + +# Patches 0-99 are RH specific +# https://bugzilla.redhat.com/show_bug.cgi?id=1055593 +# Switch to using gnupg2 instead of gnupg1 +Patch0: spamassassin-3.3.2-gnupg2.patch +Patch1: spamassassin-3.4.1-add-logfile-homedir-options.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=1607372 +Patch2: spamassassin-3.4.2-drop-geoip.patch +Patch3: 0001-Drop-the-ResourceLimits-plugin.patch + +# Patches 100+ are SVN backports (DO NOT REUSE!) +Patch100: spamassassin-3.4.2-fix-use-after-free.patch +Patch101: spamassassin-3.4.2-fix-file-handle-leaks.patch + +# end of patches + +Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version)) +%if %{use_systemd} == 0 +Requires: /sbin/chkconfig /sbin/service +%endif +Requires(post): diffutils + +BuildRequires: gcc +BuildRequires: perl-interpreter >= 2:5.8.0 +BuildRequires: perl-generators +BuildRequires: perl(Net::DNS) +BuildRequires: perl(Time::HiRes) +BuildRequires: perl(HTML::Parser) +BuildRequires: perl(NetAddr::IP) +BuildRequires: openssl-devel +%if %{use_systemd} +BuildRequires: systemd-units +%endif + +Requires: perl(HTTP::Date) +Requires: perl(LWP::UserAgent) +Requires: perl(Net::DNS) +Requires: perl(Time::HiRes) +Requires: perl(DB_File) +Requires: perl(Mail::SPF) +%if %{require_encode_detect} +Requires: perl(Encode::Detect) +%endif +Requires: procmail +Requires: gnupg2 + +# Hard requirements +BuildRequires: perl-HTML-Parser >= 3.43 +Requires: perl-HTML-Parser >= 3.43 +BuildRequires: perl(Archive::Tar) +Requires: perl(Archive::Tar) + +# Optional requirements that might make things better/faster +%if %{patricia_deps} +Requires: perl(Net::Patricia) +%endif +%if %{razor_deps} +Requires: perl-Razor-Agent +%endif + +%if %{option_ssl} +# Needed for spamc/spamd SSL +Requires: perl(IO::Socket::SSL) +# Needed for IPv6 +Requires: perl(IO::Socket::INET6) +%endif +%if %{perl_devel} +BuildRequires: perl-devel +%endif +# Mail::DKIM for F12+, works from RHEL5+ from EPEL5 but we don't require them +%if %{dkim_deps} +Requires: perl(Mail::DKIM) +%endif + +%if %{use_systemd} +Requires(post): systemd-units +Requires(post): systemd-sysv +Requires(preun): systemd-units +Requires(postun): systemd-units +%endif + +# For completeness, explicitly require perl modules already +# pulled in by perl-interpreter +Requires: perl(Digest::SHA) +Requires: perl(Socket) +Requires: perl(Data::Dumper) +Requires: perl(Digest::MD5) +Requires: perl(Errno) +Requires: perl(Exporter) +Requires: perl(List::Util) +Requires: perl(File::Copy) + +%description +SpamAssassin provides you with a way to reduce if not completely eliminate +Unsolicited Commercial Email (SPAM) from your incoming email. It can +be invoked by a MDA such as sendmail or postfix, or can be called from +a procmail script, .forward file, etc. It uses a genetic-algorithm +evolved scoring system to identify messages which look spammy, then +adds headers to the message so they can be filtered by the user's mail +reading software. This distribution includes the spamd/spamc components +which create a server that considerably speeds processing of mail. + +To enable spamassassin, if you are receiving mail locally, simply add +this line to your ~/.procmailrc: +INCLUDERC=/etc/mail/spamassassin/spamassassin-default.rc + +To filter spam for all users, add that line to /etc/procmailrc +(creating if necessary). + +%prep +%setup -q -n Mail-SpamAssassin-%{version} +# Patches 0-99 are RH specific +%patch0 -p1 +%patch1 -p1 +%patch2 -p1 + +# Drop the ResourceLimits plugin - it requires perl(BSD::Resource) +# which is not in RHEL-8 +%patch3 -p1 +rm -f lib/Mail/SpamAssassin/Plugin/ResourceLimits.pm + +# Patches 100+ are SVN backports (DO NOT REUSE!) +%patch100 -p1 +%patch101 -p1 + +# end of patches + +echo "RHEL=%{?rhel} FEDORA=%{?fedora}" + +%build +export CFLAGS="$RPM_OPT_FLAGS" +export LDFLAGS="%{build_ldflags}" +%{__perl} Makefile.PL DESTDIR=$RPM_BUILD_ROOT/ SYSCONFDIR=%{_sysconfdir} INSTALLDIRS=vendor ENABLE_SSL=yes < /dev/null +%{__make} OPTIMIZE="$RPM_OPT_FLAGS" %{?_smp_mflags} + +%install +rm -rf $RPM_BUILD_ROOT +%makeinstall PREFIX=%buildroot/%{prefix} \ + INSTALLMAN1DIR=%buildroot/%{_mandir}/man1 \ + INSTALLMAN3DIR=%buildroot/%{_mandir}/man3 \ + LOCAL_RULES_DIR=%{buildroot}/etc/mail/spamassassin +chmod 755 %buildroot/%{_bindir}/* # allow stripping + +%if %{use_systemd} == 0 +install -d %buildroot/%{_initrddir} +install -m 0755 spamd/redhat-rc-script.sh %buildroot/%{_initrddir}/spamassassin +%endif + +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d +install -m 0644 %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/local.cf +%if %{use_systemd} +install -m644 %{SOURCE5} $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/spamassassin +%else +install -m644 %{SOURCE15} $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/spamassassin +%endif + +install -m 0644 %{SOURCE3} %buildroot/etc/mail/spamassassin +install -m 0644 %{SOURCE4} %buildroot/etc/mail/spamassassin +# installed mode 755 as it's executed by users. +install -m 0755 %{SOURCE10} %buildroot/etc/mail/spamassassin +install -m 0644 %{SOURCE6} %buildroot/etc/logrotate.d/sa-update + + +%if %{use_systemd} == 0 +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/cron.d +install -m 0644 %{SOURCE7} %buildroot/etc/cron.d/sa-update +%endif +install -m 0644 %{SOURCE9} %buildroot%{_sysconfdir}/sysconfig/sa-update +# installed mode 744 as non root users can't run it, but can read it. +install -m 0744 %{SOURCE8} %buildroot%{_datadir}/spamassassin/sa-update.cron +%if %{use_systemd} +mkdir -p %buildroot%{_unitdir} +install -m 0644 %{SOURCE14} %buildroot%{_unitdir}/spamassassin.service +install -m 0644 %{SOURCE16} %buildroot%{_unitdir}/sa-update.service +install -m 0644 %{SOURCE17} %buildroot%{_unitdir}/sa-update.timer +%endif + +[ -x /usr/lib/rpm/brp-compress ] && /usr/lib/rpm/brp-compress + +find $RPM_BUILD_ROOT \( -name perllocal.pod -o -name .packlist \) -exec rm -v {} \; +find $RPM_BUILD_ROOT -type d -depth -exec rmdir {} 2>/dev/null ';' + +# Default rules from separate tarball +cd $RPM_BUILD_ROOT%{_datadir}/spamassassin/ +tar xfvz %{SOURCE1} +sed -i -e 's|\@\@VERSION\@\@|%{saversion}|' *.cf +cd - + +find $RPM_BUILD_ROOT/usr -type f -print | + sed "s@^$RPM_BUILD_ROOT@@g" | + grep -v perllocal.pod | + grep -v "\.packlist" > %{name}-%{version}-filelist +if [ "$(cat %{name}-%{version}-filelist)X" = "X" ] ; then + echo "ERROR: EMPTY FILE LIST" + exit -1 +fi +find $RPM_BUILD_ROOT%{perl_vendorlib}/* -type d -print | + sed "s@^$RPM_BUILD_ROOT@%dir @g" >> %{name}-%{version}-filelist + +mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/spamassassin + +# sa-update channels and keyring directory +mkdir -m 0700 $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/sa-update-keys/ +mkdir -m 0755 $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channel.d/ +install -m 0644 %{SOURCE11} $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channel.d/ +install -m 0644 %{SOURCE12} $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channel.d/ + +install -m 0644 %{SOURCE13} $RPM_BUILD_DIR/Mail-SpamAssassin-%{version}/ +%if %{razor_deps} +mkdir -m 0700 -p $RPM_BUILD_ROOT%{_sharedstatedir}/razor/ +%endif + +%files -f %{name}-%{version}-filelist +%doc LICENSE NOTICE CREDITS Changes README TRADEMARK UPGRADE +%doc USAGE sample-nonspam.txt sample-spam.txt +%doc README.RHEL.Fedora +%if %{use_systemd} == 0 +%{_initrddir}/spamassassin +%{_sysconfdir}/cron.d/sa-update +%endif +%dir %{_sysconfdir}/mail +%config(noreplace) %{_sysconfdir}/mail/spamassassin +%config(noreplace) %{_sysconfdir}/sysconfig/spamassassin +%config(noreplace) %{_sysconfdir}/sysconfig/sa-update +%dir %{_datadir}/spamassassin +%dir %{_localstatedir}/lib/spamassassin +%if %{razor_deps} +%dir %{_sharedstatedir}/razor +%endif +%config(noreplace) %{_sysconfdir}/logrotate.d/sa-update +%if %{use_systemd} +%{_unitdir}/spamassassin.service +%{_unitdir}/sa-update.service +%{_unitdir}/sa-update.timer +%endif +# Don't include sa-compile per rhbz#1639367 +%exclude %{_bindir}/sa-compile +%exclude %{_mandir}/man1/sa-compile* + +%post +%if %{use_systemd} == 0 +/sbin/chkconfig --add spamassassin +%endif + +%if %{use_systemd} +%systemd_post spamassassin.service +%systemd_post sa-update.timer +%endif + +# -a and --auto-whitelist options were removed from 3.0.0 +# prevent service startup failure +TMPFILE=$(/bin/mktemp /etc/sysconfig/spamassassin.XXXXXX) || exit 1 +cp /etc/sysconfig/spamassassin $TMPFILE +perl -p -i -e 's/(["\s]-\w+)a/$1/ ; s/(["\s]-)a(\w+)/$1$2/ ; s/(["\s])-a\b/$1/' $TMPFILE +perl -p -i -e 's/ --auto-whitelist//' $TMPFILE +# replace /etc/sysconfig/spamassassin only if it actually changed +cmp /etc/sysconfig/spamassassin $TMPFILE || cp $TMPFILE /etc/sysconfig/spamassassin +rm $TMPFILE + +if [ -f /etc/spamassassin.cf ]; then + %{__mv} /etc/spamassassin.cf /etc/mail/spamassassin/migrated.cf +fi +if [ -f /etc/mail/spamassassin.cf ]; then + %{__mv} /etc/mail/spamassassin.cf /etc/mail/spamassassin/migrated.cf +fi + +%postun +%if %{use_systemd} == 0 +if [ "$1" -ge "1" ]; then + /sbin/service spamassassin condrestart > /dev/null 2>&1 +fi +exit 0 +%endif + +%if %{use_systemd} +%systemd_postun spamassassin.service +%systemd_postun sa-update.timer +%endif + +%preun +%if %{razor_deps} +rm -f %{_sharedstatedir}/razor/* +%endif +%if %{use_systemd} == 0 +if [ $1 = 0 ] ; then + /sbin/service spamassassin stop >/dev/null 2>&1 + /sbin/chkconfig --del spamassassin +fi +exit 0 +%endif + +%if %{use_systemd} +%systemd_preun spamassassin.service +%systemd_preun sa-update.timer +%endif + +%if %{use_systemd} +%triggerun -- spamassassin < 3.3.2-2 +%{_bindir}/systemd-sysv-convert --save spamassassin >/dev/null 2>&1 ||: + +# Run these because the SysV package being removed won't do them +/sbin/chkconfig --del spamassassin >/dev/null 2>&1 || : +/bin/systemctl try-restart spamassassin.service >/dev/null 2>&1 || : +%endif + +%changelog +* Mon Dec 17 2018 Ondřej Lysoněk - 3.4.2-6 +- Re-add perl-Encode-Detect and perl-Mail-DKIM dependency +- Resolves: rhbz#1637527 + +* Tue Oct 16 2018 Ondřej Lysoněk - 3.4.2-5 +- Add dependency for perl(File::Copy) +- Related: rhbz#1639367 + +* Tue Oct 16 2018 Ondřej Lysoněk - 3.4.2-4 +- Drop non-functioning sa-compile script +- Resolves: rhbz#1639367 + +* Fri Oct 05 2018 Ondřej Lysoněk - 3.4.2-3 +- Temporarily drop dependency on perl-Encode-Detect and perl-Mail-DKIM +- Resolves: rhbz#1636379 + +* Wed Oct 03 2018 Ondřej Lysoněk - 3.4.2-2 +- Support systemd, not SysV init, drop initscripts requirement +- Resolves: rhbz#1610288 +- Fix issues found by Coverity Scan +- Resolves: rhbz#1602695 + +* Mon Sep 17 2018 Ondřej Lysoněk - 3.4.2-1 +- New version +- Fixes CVE-2017-15705, CVE-2018-11780 and CVE-2018-11781 +- Resolves: rhbz#1629523 +- Resolves: rhbz#1629535 +- Resolves: rhbz#1629538 + +* Mon Jul 23 2018 Jaroslav Škarvada - 3.4.1-26 +- Dropped GeoIP and optional plugins requiring it + Resolves: rhbz#1607372 + +* Mon Jul 23 2018 Jaroslav Škarvada - 3.4.1-25 +- perl-Razor-Agent and perl-Net-Patricia not used on RHEL + +* Sat Jul 14 2018 Fedora Release Engineering - 3.4.1-24 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Tue Jul 10 2018 Tomas Korbar - 3.4.1-23 +- Fix daemonize subroutine +- See https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7594 + +* Fri Jun 29 2018 Jitka Plesnikova - 3.4.1-22 +- Perl 5.28 rebuild + +* Wed Jun 20 2018 Kevin Fenzi - 3.4.1-21 +- Conditionalize Requires for /sbin/service and /sbin/chkconfig. Fixes bug #1592390 + +* Thu Jun 07 2018 Tomas Korbar - 3.4.1-20 +- Add razor log path and home directory option + +* Tue Apr 10 2018 Rafael Santos - 3.4.1-19 +- Use standard Fedora linker flags (bug #1548561) + +* Fri Feb 09 2018 Fedora Release Engineering - 3.4.1-18 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Mon Oct 23 2017 Kevin Fenzi - 3.4.1-17 +- Add upstream patch to stop sa-learn warnings. Fixes bug #1505317 +- Add upstream patch to stop DNS warnings. Fixes bug #1364932 + +* Thu Aug 03 2017 Fedora Release Engineering - 3.4.1-16 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 3.4.1-15 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Tue Jun 06 2017 Jitka Plesnikova - 3.4.1-14 +- Perl 5.26 rebuild + +* Thu May 18 2017 Jitka Plesnikova - 3.4.1-13 +- Fix building on Perl without '.' in @INC + +* Sat Feb 11 2017 Fedora Release Engineering - 3.4.1-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Mon Oct 31 2016 Kevin Fenzi - 3.4.1-11 +- Add patch for openssl 1.1.x support. https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7361 + +* Sat Sep 03 2016 Kevin Fenzi - 3.4.1-10 +- Drop perl-Mail-spamassassin obsolete that was added in 2004 + +* Sat Jun 11 2016 Kevin Fenzi - 3.4.1-9 +- Add perl-Razor-Agent and perl-Net-Patricia To Requires, they might help processing. Fixes bug #1337924 +- Add patch for netdns 1.0.1+ dns lookups. + +* Sun May 15 2016 Jitka Plesnikova - 3.4.1-8 +- Perl 5.24 rebuild + +* Fri Feb 05 2016 Fedora Release Engineering - 3.4.1-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Fri Jun 19 2015 Fedora Release Engineering - 3.4.1-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Tue Jun 09 2015 Jitka Plesnikova - 3.4.1-5 +- Perl 5.22 rebuild + +* Sun Jun 07 2015 Kevin Fenzi 3.4.1-4 +- Fix sa-update to handle systemctl or service as the case may be. + +* Sat Jun 06 2015 Jitka Plesnikova - 3.4.1-3 +- Perl 5.22 rebuild + +* Sun May 03 2015 Kevin Fenzi 3.4.1-2 +- Fix base rules version issue. Bug #1217990 +- Drop run dir we don't use it. + +* Wed Apr 29 2015 Kevin Fenzi 3.4.1-1 +- Update to 3.4.1 + +* Fri Apr 03 2015 Kevin Fenzi 3.4.0-14 +- Switch to systemd timer unit from cron for rules updates. Fixes bug #1064537 + +* Fri Apr 03 2015 Kevin Fenzi 3.4.0-13 +- Remove last parts of portreserve. Fixes bug #1175798 +- Fix typo in Razor2 plugin. Fixes bug #1208776 +- Disabled the AHBL blacklist thats no longer in service in base rules. Fixes bug #1180338 + +* Thu Sep 25 2014 Kevin Fenzi 3.4.0-12 +- Apply fix for amavisd and spampd reloading after rules updates. Fixes bug #1145654 + +* Thu Aug 28 2014 Jitka Plesnikova - 3.4.0-11 +- Perl 5.20 rebuild + +* Tue Aug 26 2014 Kevin Fenzi 3.4.0-10 +- CLean up portreserve conditionals. Fixes bug #1128708 + +* Thu Aug 21 2014 Kevin Fenzi - 3.4.0-9 +- Rebuild for rpm bug 1131960 + +* Mon Aug 18 2014 Fedora Release Engineering - 3.4.0-8.el6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Fri Jun 20 2014 Kevin Fenzi 3.4.0-7 +- Add patch to work with newer perl-Net-DNS. Fixes bug #1111586 + +* Wed Jun 18 2014 Kevin Fenzi 3.4.0-6 +- Adjust systemd unit to not log to syslog since spamd does it already. +- Fixes bug #1107541 + +* Sun Jun 08 2014 Fedora Release Engineering - 3.4.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Fri May 23 2014 Kevin Fenzi 3.4.0-4 +- Fix versioning on initial rules. +- Add note to README.RHEL.Fedora to note -d option in sysconfig + +* Wed Mar 19 2014 Kevin Fenzi 3.4.0-3 +- Cleaned up spec, added conditionals to build on el again. + +* Sun Feb 16 2014 Kevin Fenzi 3.4.0-2 +- Simplify systemd unit file. Thanks misc. Fixes bug #1065762 + +* Tue Feb 11 2014 Kevin Fenzi 3.4.0-1 +- Update to 3.4.0 + +* Sun Feb 02 2014 Kevin Fenzi 3.3.2-19 +- Use pgrep -f for full command line. Fixes bug #1057926 +- Patch to use gnupg2 instead of gnupg1. Fixes bug #1055593 +- Use pgrep for spampd as well. Fixes bug #1058976 + +* Sat Jan 04 2014 Kevin Fenzi 3.3.2-18 +- Add patch to fix warning to syslog with recent perl.· +- Fixes bug #1023670 + +* Sun Aug 04 2013 Fedora Release Engineering - 3.3.2-17 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Mon Jul 22 2013 Petr Pisar - 3.3.2-16 +- Perl 5.18 rebuild + +* Fri Feb 15 2013 Fedora Release Engineering - 3.3.2-15 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Thu Nov 15 2012 Kevin Fenzi 3.3.2-14 +- Fix incorrect pgrep path. Fixes bug #875844 + +* Sat Aug 25 2012 Kevin Fenzi 3.3.2-13 +- Add systemd macros for presets. Fixes bug #850320 + +* Fri Aug 03 2012 Kevin Fenzi - 3.3.2-12 +- Fix sa-update not detecting spamd running. Fixes bug #755644 +- Add restart=always to systemd file to work around upstream bug. Bug #812359 + +* Sat Jul 21 2012 Fedora Release Engineering - 3.3.2-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Wed Jun 13 2012 Petr Pisar - 3.3.2-10 +- Perl 5.16 rebuild + +* Thu Jan 19 2012 Kevin Fenzi - 3.3.2-9 +- Fix unit file to write pid correctly. Fixes bug #783108 + +* Sat Jan 14 2012 Fedora Release Engineering - 3.3.2-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Mon Sep 12 2011 Nick Bebout - 3.3.2-7 +- Use sysvinit on F15, not systemd + +* Thu Sep 08 2011 Nick Bebout - 3.3.2-6 +- Don't install sysvinit script if using systemd + +* Wed Sep 07 2011 Jesse Keating - 3.3.2-5 +- Add details for RHEL 7 + +* Sat Aug 13 2011 Nick Bebout - 3.3.2-4 +- Build with systemd unit file for f16 and f17 + +* Thu Jul 21 2011 Petr Sabata - 3.3.2-3 +- Perl mass rebuild + +* Tue Jul 19 2011 Petr Sabata - 3.3.2-2 +- Perl mass rebuild + +* Mon Jun 6 2011 Warren Togami - 3.3.2-1 +- 3.3.2 + +* Mon May 30 2011 Warren Togami - 3.3.2-0.8.rc2 +- 3.3.2-rc2 + +* Mon May 16 2011 Warren Togami - 3.3.2-0.7.rc1 +- 3.3.2-rc1 + +* Sun Feb 27 2011 Ville Skyttä - 3.3.2-0.6.svn1071394 +- Own /etc/mail dir (#645035). + +* Wed Feb 16 2011 Nick Bebout - 3.3.2-0.5.svn1071394 +- Oops, I left off svn in the Release of 3.3.2-0.4.svn1071394 + +* Wed Feb 16 2011 Nick Bebout - 3.3.2-0.4.svn1071394 +- replace @@VERSION@@ with current saversion +- restart spampd after sa-update cronjob runs +- update to svn1071394 + +* Wed Feb 09 2011 Fedora Release Engineering - 3.3.2-0.3.svn1027144 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Fri Oct 29 2010 Kevin Fenzi - 3.3.2-0.2.svn1027144 +- Fix sa-update sysconfig script line wrapping + +* Mon Oct 25 2010 Nick Bebout - 3.3.2-0.1.svn1027144 +- Update to 3.3.2 - svn1027144 to solve bug + +* Sat Jul 03 2010 Dennis Gilmore - 3.3.1-5 +- rebuild against perl-5.12.0 again + +* Wed Jun 02 2010 Nick Bebout - 3.3.1-4 +- Add perl-Mail-SPF dependency + +* Wed Jun 02 2010 Marcela Maslanova - 3.3.1-3 +- Mass rebuild with perl-5.12.0 + +* Tue Mar 16 2010 Warren Togami - 3.3.1-2 +- 3.3.1 take 2 + +* Mon Mar 15 2010 Warren Togami - 3.3.1-1 +- 3.3.1 bug fix only release + +* Wed Feb 17 2010 Warren Togami - 3.3.0-6 +- Minor fix to update script + +* Thu Jan 21 2010 Warren Togami - 3.3.0-2 +- 3.3.0 +- README.RHEL.Fedora contains notes specific to our package + +* Thu Jan 14 2010 Warren Togami - 3.3.0-0.32.rc3 +- 3.3.0-rc3 +- if mimedefang is enabled, reload rules after sa-update + +* Mon Jan 11 2010 Warren Togami - 3.3.0-0.31.rc2 +- 3.3.0-rc2 + +* Mon Dec 28 2009 Warren Togami - 3.3.0-0.29.rc1 +- sa-update channels defined in /etc/mail/spamassassin/channel.d/*.conf files + +* Mon Dec 28 2009 Warren Togami - 3.3.0-0.27.rc1 +- sa-update runs in cron automatically if spamd or amavisd is running + If you use neither, you may force sa-update by editing /etc/sysconfig/sa-update + +* Mon Dec 21 2009 Warren Togami - 3.3.0-0.26.rc1 +- 3.3.0-rc1.proposed2 with fixed spamc + +* Fri Dec 18 2009 Warren Togami - 3.3.0-0.23.rc1 +- 3.3.0-rc1 +- Bug #103401: portreserve protect spamd port 783 on F-10+ + +* Thu Dec 03 2009 Warren Togami - 3.3.0-0.21.beta1 +- 3.3.0-beta1 + +* Fri Nov 20 2009 Warren Togami - 3.3.0-0.20.svn882672 +- svn882672 snapshot + +* Thu Nov 12 2009 Warren Togami - 3.3.0-0.19.svn816416 +- Encode::Detect is important to spamassassin, require for anything newer than RHEL-5 + +* Thu Sep 24 2009 Warren Togami - 3.3.3-0.18.svn816416 +- Enable SOUGHT ruleset in nightly sa-update http://wiki.apache.org/spamassassin/SoughtRules + You must enable the sa-update cron job manually in /etc/cron.d/sa-update +- Custom channels may be specified in these config files: + /etc/mail/spamassassin/sa-update-channels.txt + /etc/mail/spamassassin/sa-update-keys.txt + +* Thu Sep 17 2009 Warren Togami - 3.3.3-0.14.svn816416 +- 3.3.0 svn816416 snapshot, pre-alpha3 + Upstream just fixed important bug SA#6206. Many other bugs fixed since alpha2. + +* Thu Sep 17 2009 Warren Togami - 3.3.0-0.13.alpha2 +- F11+ requires Mail::DKIM + +* Sun Sep 13 2009 Warren Togami - 3.3.0-0.12.alpha2 +- require perl(Mail::DKIM), useful due to USER_IN_DEF_DKIM_WL + +* Fri Aug 21 2009 Tomas Mraz - 3.3.0-0.6.alpha2 +- rebuilt with new openssl + +* Mon Aug 10 2009 Warren Togami - 3.3.0-0.5.alpha1 +- 3.3.0-alpha2 + +* Tue Jul 07 2009 Warren Togami - 3.3.0-0.2.alpha1 +- Include default rules to prevent mass confusion and complaints. + You should really use sa-update though. Really. + Edit /etc/cron.d/sa-update to automate it. + +* Mon Jul 06 2009 Warren Togami - 3.3.0-0.1.alpha1 +- 3.3.0-alpha1 + +* Wed Feb 25 2009 Fedora Release Engineering - 3.2.5-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Sun Jan 18 2009 Tomas Mraz - 3.2.5-4 +- rebuild with new openssl + +* Mon Dec 15 2008 Kevin Fenzi - 3.2.5-3 +- Update for merge review - bug 226426 + +* Thu Sep 4 2008 Tom "spot" Callaway 3.2.5-2 +- fix license tag + +* Fri Jun 27 2008 Warren Togami - 3.2.5-1 +- 3.2.5 + +* Wed Feb 27 2008 Tom "spot" Callaway - 3.2.4-4 +- Rebuild for perl 5.10 (again) + +* Wed Feb 20 2008 Fedora Release Engineering - 3.2.4-3 +- Autorebuild for GCC 4.3 + +* Thu Jan 31 2008 Tom "spot" Callaway 3.2.4-2 +- rebuild for new perl + +* Tue Jan 01 2008 Warren Togami 3.2.4-1 +- 3.2.4 major bugfix release + +* Tue Aug 21 2007 Warren Togami 3.2.3-2 +- rebuild + +* Mon Aug 13 2007 Warren Togami 3.2.3-1 +- 3.2.3 major bugfix release + +* Thu Aug 2 2007 Warren Togami 3.2.2-2 +- Fix SA#5574 which cripples dcc/pyzor users + +* Wed Jul 25 2007 Warren Togami 3.2.2-1 +- 3.2.2 minor bugfix release + +* Mon Jun 11 2007 Warren Togami 3.2.1-1 +- 3.2.1 CVE-2007-2873 + +* Wed May 02 2007 Warren Togami 3.2.0-1 +- 3.2.0 + +* Fri Apr 13 2007 Warren Togami 3.2.0-0.5.rc3 +- 3.2.0 rc3 + +* Fri Apr 13 2007 Warren Togami 3.2.0-0.4.rc2 +- 3.2.0 rc2 + +* Mon Apr 02 2007 Warren Togami 3.2.0-0.3.rc1 +- 3.2.0 rc1 + +* Tue Mar 06 2007 Warren Togami 3.2.0-0.2.pre2 +- Conditional to require perl-devel during build for FC7+ (#226276) + +* Fri Mar 02 2007 Warren Togami 3.2.0-0.1.pre2 +- 3.2.0-pre2 + +* Mon Feb 19 2007 Warren Togami 3.1.8-2 +- Fix sa-learn regression (#228968) + +* Tue Feb 13 2007 Warren Togami 3.1.8-1 +- 3.1.8 CVE-2007-0451 + +* Tue Feb 13 2007 Warren Togami 3.1.7-9 +- silence sa-update cron script + +* Wed Feb 07 2007 Warren Togami 3.1.7-8 +- only restart spamd if necessary after sa-update (#227756) + +* Wed Feb 07 2007 Warren Togami 3.1.7-7 +- requires gnupg (#227738) + +* Sun Jan 28 2007 Warren Togami 3.1.7-6 +- explicit requires on perl(HTTP::Date) and perl(LWP::UserAgent) + (Bug #193100) + +* Mon Jan 22 2007 Warren Togami 3.1.7-5 +- fix typo in logrotate.d (#223817) + +* Thu Jan 18 2007 Warren Togami +- Options for RHEL4 + * spamc/spamd cannot connect over IPv6 or SSL + * sa-update is disabled + The above functionality requires perl modules not included in RHEL4. + You may still use them if you get those perl modules from elsewhere. + RHEL5 ships these perl modules. + +* Thu Dec 14 2006 Warren Togami - 3.1.7-4 +- add standardized sa-update cron script, disabled by default + +* Thu Dec 14 2006 Warren Togami - 3.1.7-2 +- own directory /var/lib/spamassassin + +* Mon Nov 20 2006 Warren Togami - 3.1.7-1 +- 3.1.7 maintenance release + +* Wed Aug 02 2006 Warren Togami - 3.1.4-1 +- 3.1.4 maintenance release + +* Mon Jul 17 2006 Warren Togami - 3.1.3-5 +- req perl-IO-Socket-SSL for spamc/spamd SSL communication +- req perl-IO-Socket-INET6 for IPv6 + +* Wed Jul 12 2006 Jesse Keating - 3.1.3-3.1 +- rebuild + +* Tue Jun 27 2006 Florian La Roche - 3.1.3-3 +- require diffutils for the post script (cmp is used) + +* Wed Jun 07 2006 Warren Togami - 3.1.3-2 +- start spamd before sendmail (#193818) +- require perl-Archive-Tar (#193100) + +* Mon Jun 05 2006 Warren Togami - 3.1.3-1 +- CVE-2006-2447 + +* Fri May 26 2006 Warren Togami - 3.1.2-1 +- 3.1.2 bug fix release + +* Tue May 09 2006 Warren Togami - 3.0.5-4 +- Preserve timestamp and context of /etc/sysconfig/spamassassin (#178580) + +* Sat Mar 11 2006 Warren Togami - 3.1.1-1 +- 3.1.1 + +* Fri Feb 10 2006 Jesse Keating - 3.1.0-5 +- bump again for double-long bug on ppc(64) + +* Tue Feb 07 2006 Jesse Keating - 3.1.0-5 +- rebuilt for new gcc4.1 snapshot and glibc changes + +* Wed Jan 18 2006 Warren Togami - 3.1.0-5 +- include SPAM_PID dir (#177788) + +* Fri Dec 09 2005 Jesse Keating +- rebuilt + +* Thu Dec 01 2005 Warren Togami - 3.1.0-3 +- #174579 nls spamd init script (Rudolf Kastl) + +* Tue Nov 08 2005 Warren Togami - 3.1.0-2 +- #161785 ensure that service restart works + +* Tue Sep 13 2005 Warren Togami - 3.1.0-1 +- 3.1.0 + +* Sun Aug 28 2005 Warren Togami - 3.1.0-0.rc2 +- 3.1.0-rc2 + +* Tue Aug 16 2005 Warren Togami - 3.1.0-0.rc1 +- 3.1.0-rc1 + +* Fri Jul 15 2005 Warren Togami - 3.1.0-0.pre4 +- 3.1.0-pre4 + +* Sun Jun 05 2005 Warren Togami - 3.0.4-1 +- 3.0.4 + +* Tue May 17 2005 Warren Togami - 3.0.3-4 +- allow user-level disabling of subject rewriting pref (#147464) + +* Wed Apr 27 2005 Warren Togami - 3.0.3-3 +- 3.0.3 +- SA#4287 retval fix +- allow replacement of rc service script during upgrades + +* Mon Apr 25 2005 Warren Togami - 3.0.3-0.r164513 +- 3.0.3-r164513 (almost final) + +* Thu Apr 21 2005 Warren Togami - 3.0.2-9 +- SA#4191 uri_to_domain() is broken for urls with empty port + SA#4232 multipart message with 0 parts -> uninitialized in m// + SA#4121 Score for user defined rules become ignored + SA#3944 get_envelope_from not handling received header + +* Sun Apr 10 2005 Ville Skyttä - 3.0.2-8 +- Own /usr/share/spamassassin (#152534). +- Drop no longer needed dependency filter script. + +* Sat Apr 02 2005 Warren Togami 3.0.2-7 +- req DB_File (#143186) + +* Sat Apr 02 2005 Warren Togami 3.0.2-6 +- test svn 3.0 stable r122144 snapshot + SA#3826 #4044 #4050 #4048 #4075 #4064 #4075 #4034 #3952 + +* Thu Mar 24 2005 Florian La Roche +- add "exit 0" to postun script + +* Thu Mar 24 2005 Joe Orton 3.0.2-4 +- package the NOTICE file + +* Thu Mar 17 2005 Warren Togami - 3.0.2-3 +- reinclude ia64, thanks jvdias + +* Tue Mar 15 2005 Warren Togami - 3.0.2-2 +- exclude ia64 for now due to Bug #151127 + +* Mon Dec 20 2004 Warren Togami - 3.0.2-1 +- 3.0.2 + +* Sun Oct 31 2004 Warren Togami - 3.0.1-1 +- 3.0.1 + +* Mon Oct 18 2004 Warren Togami - 3.0.0-3 +- Fix local.cf rewrite subject option (#133355 Christof Damian) + +* Sat Sep 25 2004 Warren Togami - 3.0.0-2 +- Update URL, cleanup name (Robert Scheck #133622) + +* Thu Sep 23 2004 Warren Togami - 3.0.0-1 +- match upstream version +- #133422 Future proof krb5 back compat (Milan Kerslager) + +* Wed Sep 22 2004 Warren Togami - 3.0-10 +- 3.0.0 final + +* Sun Sep 12 2004 Warren Togami - 3.0-9.rc4 +- 3.0 rc4 +- update krb5 backcompat patch (John Lundin) + +* Sat Sep 04 2004 Warren Togami - 3.0-8.rc3 +- 3.0 rc3 + +* Sun Aug 29 2004 Warren Togami - 3.0-7.rc2 +- 3.0 rc2 + +* Sat Aug 21 2004 Warren Togami - 3.0-6.rc1 +- fix perl module syntax in req and buildreqs + +* Thu Aug 19 2004 Warren Togami - 3.0-5.rc1 +- 3.0 rc1 + +* Sat Aug 07 2004 Warren Togami - 3.0-3.pre4 +- 3.0 pre4 + +* Wed Jul 28 2004 Warren Togami - 3.0-3.pre2 +- 3.0 pre2 + +* Sun Jun 20 2004 Warren Togami - 3.0-2.pre1 +- 3.0.0 pre1 +- remove unnecessary patches applied upstream +- update krb5 backcompat patch + +* Tue Jun 15 2004 Elliot Lee +- rebuilt + +* Mon May 31 2004 Warren Togami - 3.0-svn20040530 +- svn snapshot 20040530 +- #124870 prevent service startup failure due to old -a option +- #124871 more docs +- #124872 unowned directories + +* Mon May 24 2004 Warren Togami - 3.0-svn20040524 +- #123432 do not start service by default +- #122488 remove CRLF's +- #123706 correct license +- svn snapshot 20040524 +- svn snapshot 20040518 + +* Sun May 2 2004 Ville Skyttä - 2.63-8 +- #122233 +- Require perl(:MODULE_COMPAT_*). +- Use %%{_mandir} and %%{_initrddir}. +- Fix License tag and include License in docs. +- Backslashify multiline init script description. + +* Fri Feb 13 2004 Elliot Lee +- rebuilt + +* Wed Feb 11 2004 Warren Togami 2.63-6 +- require sitelib instead + +* Wed Jan 21 2004 Warren Togami 2.63-3 +- krb5-backcompat.patch so older krb5-devel does not fail + +* Wed Jan 21 2004 Warren Togami 2.63-2 +- upgrade to 2.63 + +* Mon Jan 19 2004 Warren Togami 2.62-3 +- Ville Skyttä's fixes from #113596 including: +- Fix buildroot traces +- enable openssl +- Trailing slash to DESTDIR (bug 90202 comment 14). +- export optflags so they're honored, affects spamc only. + +* Mon Jan 19 2004 Warren Togami 2.62-2 +- upgrade to 2.62 +- Prereq -> Requires, former is deprecated +- Require current version of perl +- Remove urban myth clean test +- TODO: Get rid of prefix + +* Wed Dec 31 2003 Dan Walsh 2.61-2 +- Change sysconfdir to not use full path + +* Tue Dec 9 2003 Chip Turner 2.61-1 +- upgrade to 2.61 + +* Fri Sep 26 2003 Chip Turner 2.60-2 +- update to 2.60 + +* Sat Jul 5 2003 Chip Turner 2.55-3 +- change perl dependency to more accurate versions with explicit epochs + +* Wed Jun 04 2003 Elliot Lee +- rebuilt + +* Sat May 31 2003 Chip Turner 2.55-1 +- move to upstream version 2.55 + +* Tue May 13 2003 Chip Turner +- bump for build +- change init.d script to not default to started + +* Sun May 04 2003 Florian La Roche +- remove Distribution: tag in spec file + +* Wed Apr 16 2003 Chip Turner 2.53-5 +- remove SIGCHILD patch to properly return it to SIG_IGN now that + waitpid isn't used on Linux + +* Mon Apr 14 2003 Chip Turner 2.53-4.8.x +- update to 2.53 from upstream + +* Fri Mar 21 2003 Chip Turner 2.50-3.8.x +- update patch for servicename; should fix restarting/runlevel issues (#85975) + +* Thu Mar 13 2003 Chip Turner 2.50-2.8.x +- update to 2.50 + +* Tue Feb 25 2003 Elliot Lee +- rebuilt + +* Fri Feb 21 2003 Chip Turner +- revert double fix for 84774 + +* Mon Feb 17 2003 Bill Nottingham +- fix startup (#84445) + +* Thu Feb 13 2003 Bill Nottingham +- fix paths in initscript (#84216) + +* Thu Feb 13 2003 Chip Turner +- removing -P option since it is the default now, bug 84144 + +* Wed Feb 12 2003 Florian La Roche +- fix SIGCHLD handling + +* Mon Feb 10 2003 Bill Nottingham +- move condrestart to %%postun + +* Sun Feb 2 2003 Chip Turner +- update to 2.44 +- add condrestart to service script + +* Thu Jan 30 2003 Chip Turner +- release bump and rebuild + +* Wed Jan 29 2003 Chip Turner +- add upstream bsmtp off-by-one patch + +* Mon Jan 20 2003 Chip Turner +- add wrapper for 'spamassassin -e' for native evolution spam filtering + +* Sat Jan 4 2003 Jeff Johnson 2.43-10 +- use internal dep generator. + +* Wed Jan 1 2003 Chip Turner +- rebuild + +* Tue Dec 17 2002 Bill Nottingham 2.43-7 +- don't run by default + +* Sat Dec 14 2002 Tim Powers 2.43-6 +- don't use rpms internal dep generator +- buildrequire perl-Time-HiRes instead of perl(Time:HiRes) so we can satisfy build deps in the build system + +* Fri Nov 22 2002 Tim Powers +- rebuilt to solve broken perl deps + +* Thu Aug 15 2002 Chip Turner +- speedup patch from upstream + +* Tue Aug 6 2002 Chip Turner +- automated release bump and build + +* Thu Jul 18 2002 Chip Turner +- better control of service level, improvement in %%post script. +- (contribs from schirmer@taytron.net) + +* Fri Jun 28 2002 Chip Turner +- added proper BuildRequire + +* Wed Jun 26 2002 Chip Turner +- updated to 2.31, added .rc file for procmail to INCLUDERC to enable + +* Fri Apr 19 2002 Theo Van Dinter +- Updated for 2.20 release +- made /etc/mail/spamassassin a config directory so local.cf doesn't get wiped out +- added a patch to remove findbin stuff + +* Wed Feb 27 2002 Craig Hughes +- Updated for 2.1 release + +* Sat Feb 02 2002 Theo Van Dinter +- Updates for 2.01 release +- Fixed rc file +- RPM now buildable as non-root +- fixed post_service errors +- fixed provides to include perl modules +- use file find instead of manually specifying files + +* Tue Jan 15 2002 Craig Hughes +- Updated for 2.0 release + +* Wed Dec 05 2001 Craig Hughes +- Updated for final 1.5 distribution. + +* Sun Nov 18 2001 Craig Hughes +- first version of rpm. +