Links

Ben Laurie blathering


Spamassassin FAIL

I use Spamassassin for spam filtering (anyone think there’s anything better out there these days?) and I noticed today that I’m getting a bunch of false positives. It turns out that this is because Spamassassin has a rule called FH_DATE_PAST_20XX which has kicked in now the date is 2010. Oops. Particularly oops because it has a score of 3.2 in my setup. Upgrading Spamassassin may or may not fix this, but for a quick fix, put

score FH_DATE_PAST_20XX 0

in your local.cf file, which, in my case at least, lives in /usr/local/etc/mail/spamassassin.

10 Comments

  1. Justin Mason (author of SA) wrote about this on his blog a few days ago; it was fixed in trunk over a year ago but was accidentally missed on the 3.2 branch. Running `sa-update` will pull in the fix, though.

    Comment by Jack Lloyd — 7 Jan 2010 @ 16:52

  2. You should run sa-update periodically so that problems like this get fixed automatically.

    Comment by Tony Finch — 7 Jan 2010 @ 17:26

  3. I’ve been using pure bayesian filtering for several years for my heavily spammed addresses, bogofilter has always worked perfectly for me.

    Comment by Xyzzy — 7 Jan 2010 @ 17:33

  4. Funny.. I just left you a voicemail because emails have seemingly been going into a black hole. In case this is the reason, please get in touch. Thanks.

    Comment by Arvind Narayanan — 7 Jan 2010 @ 17:34

  5. or run (or better cron) the sa-update script so that you get updates to rules? which also means you get less spam.

    Comment by Sam — 7 Jan 2010 @ 19:11

  6. Rather than doing that, you should consider updating the rule sets:
    sa-update –channel updates.spamassassin.org –channel saupdates.openprotect.com

    (pick your own channels… the first is core and you should definitely include that, the second gets you some more filters)

    Comment by Ben Bennett — 8 Jan 2010 @ 2:01

  7. Thanks for sharing that fix. I didn’t notice it before, but I was getting the occasional false positive because of that idiotic rule.

    Comment by Benson — 8 Jan 2010 @ 5:41

  8. or just run sa-update. If you want to automate that, http://www.infracaninophile.co.uk/sa-utils.shar — I’ll be submitting that as a port Real Soon Now.

    Comment by Matthew — 8 Jan 2010 @ 9:10

  9. I’ve always hated SpamAssasin, it’s too generic for my liking. You either get tons of spams and no false positives, or no spam and tons of false positives. You can get a gradient in between, but one false positive is too many. After years of using my own custom-written mail server which followed my own hand written rules, I finally switched to Gmail for Domains. You just point your MX records to Gmail and they handle your spam using their own secret and proprietary rules. No need to change email addresses or lose any mail (you can even route it through your own mail server afterwards if you wish, everything will work the same as far as it’s concerned, it’ll just see less spam). It works fantastically well, and that’s all I care about.

    Comment by OMG — 14 Jan 2010 @ 2:26

  10. CRM114 (http://crm114.sourceforge.net/) is generally on the cutting edge, but it’s not the easiest system in the world.

    Comment by -dsr- — 4 Feb 2010 @ 19:45

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress