diff --git a/0001-Fix-bug-7367-Don-t-assume-cwd-.-is-in-INC-it-may-be-.patch b/0001-Fix-bug-7367-Don-t-assume-cwd-.-is-in-INC-it-may-be-.patch deleted file mode 100644 index 052357a..0000000 --- a/0001-Fix-bug-7367-Don-t-assume-cwd-.-is-in-INC-it-may-be-.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 353ba0d96670e80fca1b78369d1701e1cad2bfaf Mon Sep 17 00:00:00 2001 -From: John Hardin -Date: Mon, 13 Feb 2017 02:16:44 +0000 -Subject: [PATCH 1/1] Fix bug#7367: Don't assume cwd (".") is in @INC, it may - be removed for security reasons - see CVE-2016-1238 - -git-svn-id: https://svn.apache.org/repos/asf/spamassassin/branches/3.4@1782717 13f79535-47bb-0310-9956-ffa450edef68 ---- - spamc/configure.pl | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/spamc/configure.pl b/spamc/configure.pl -index 0f10f3010..c6f67f208 100755 ---- a/spamc/configure.pl -+++ b/spamc/configure.pl -@@ -66,7 +66,7 @@ print join(' ', $Config{'perlpath'}, "version.h.pl") . "\n"; - # Do the same thing as for the preprocessor below. - package version_h; - my $Z = $0; -- local $0 = "version.h.pl"; -+ local $0 = "./version.h.pl"; - local @ARGV = (); - # Got to check for defined because the script returns shell error level! - unless (defined do $0) { --- -2.13.5 - diff --git a/0001-bug-7361-Allow-building-against-OpenSSL-1.1.0.patch b/0001-bug-7361-Allow-building-against-OpenSSL-1.1.0.patch deleted file mode 100644 index 026654f..0000000 --- a/0001-bug-7361-Allow-building-against-OpenSSL-1.1.0.patch +++ /dev/null @@ -1,445 +0,0 @@ -From 83d31e4555d63a87cb00a732711f80562b455ad0 Mon Sep 17 00:00:00 2001 -From: Karsten Braeckelmann -Date: Tue, 29 Aug 2017 10:45:10 +0000 -Subject: [PATCH] bug 7361: Allow building against OpenSSL 1.1.0 - -git-svn-id: https://svn.apache.org/repos/asf/spamassassin/branches/3.4@1806555 13f79535-47bb-0310-9956-ffa450edef68 ---- - spamc/configure | 129 +++++++++++++++++++++++++++++++++-------------------- - spamc/configure.in | 4 +- - 2 files changed, 82 insertions(+), 51 deletions(-) - -diff --git a/spamc/configure b/spamc/configure -index 48d29fa2d..d8e5dcf8a 100755 ---- a/spamc/configure -+++ b/spamc/configure -@@ -1874,7 +1874,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -1932,7 +1933,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -2048,7 +2050,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -2102,7 +2105,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -2147,7 +2151,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -2191,7 +2196,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -2523,7 +2529,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -2693,7 +2700,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -2764,7 +2772,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -2917,7 +2926,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -3069,7 +3079,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -3260,7 +3271,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -3323,7 +3335,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -3388,7 +3401,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -3491,7 +3505,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -3557,7 +3572,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -3628,7 +3644,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -3666,9 +3683,9 @@ fi - SSLLIBS="" - SSLCFLAGS="" - if test yes = "$sa_ssl_enabled"; then -- echo "$as_me:$LINENO: checking for CRYPTO_lock in -lcrypto" >&5 --echo $ECHO_N "checking for CRYPTO_lock in -lcrypto... $ECHO_C" >&6 --if test "${ac_cv_lib_crypto_CRYPTO_lock+set}" = set; then -+ echo "$as_me:$LINENO: checking for CRYPTO_malloc in -lcrypto" >&5 -+echo $ECHO_N "checking for CRYPTO_malloc in -lcrypto... $ECHO_C" >&6 -+if test "${ac_cv_lib_crypto_CRYPTO_malloc+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 - else - ac_check_lib_save_LIBS=$LIBS -@@ -3686,11 +3703,11 @@ extern "C" - #endif - /* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ --char CRYPTO_lock (); -+char CRYPTO_malloc (); - int - main () - { --CRYPTO_lock (); -+CRYPTO_malloc (); - ; - return 0; - } -@@ -3704,7 +3721,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -3716,20 +3734,20 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then -- ac_cv_lib_crypto_CRYPTO_lock=yes -+ ac_cv_lib_crypto_CRYPTO_malloc=yes - else - echo "$as_me: failed program was:" >&5 - sed 's/^/| /' conftest.$ac_ext >&5 - --ac_cv_lib_crypto_CRYPTO_lock=no -+ac_cv_lib_crypto_CRYPTO_malloc=no - fi - rm -f conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - LIBS=$ac_check_lib_save_LIBS - fi --echo "$as_me:$LINENO: result: $ac_cv_lib_crypto_CRYPTO_lock" >&5 --echo "${ECHO_T}$ac_cv_lib_crypto_CRYPTO_lock" >&6 --if test $ac_cv_lib_crypto_CRYPTO_lock = yes; then -+echo "$as_me:$LINENO: result: $ac_cv_lib_crypto_CRYPTO_malloc" >&5 -+echo "${ECHO_T}$ac_cv_lib_crypto_CRYPTO_malloc" >&6 -+if test $ac_cv_lib_crypto_CRYPTO_malloc = yes; then - SSLLIBS="-lcrypto $SSLLIBS" - fi - -@@ -3771,7 +3789,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -3804,7 +3823,7 @@ fi - # before defining SPAMC_SSL check that all its requirements are - # actually available - if test yes = "$ac_cv_header_openssl_crypto_h" && \ -- test yes = "$ac_cv_lib_crypto_CRYPTO_lock" && \ -+ test yes = "$ac_cv_lib_crypto_CRYPTO_malloc" && \ - test yes = "$ac_cv_lib_ssl_SSL_CTX_free"; then - SSLCFLAGS="-DSPAMC_SSL" - else -@@ -3854,7 +3873,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -3927,7 +3947,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -4000,7 +4021,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -4073,7 +4095,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -4182,7 +4205,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -4246,7 +4270,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -4311,7 +4336,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -4368,7 +4394,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -4435,7 +4462,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -4500,7 +4528,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -4564,7 +4593,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -4628,7 +4658,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -4692,7 +4723,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && -- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? -@@ -5527,6 +5559,11 @@ esac - - - -+ if test x"$ac_file" != x-; then -+ { echo "$as_me:$LINENO: creating $ac_file" >&5 -+echo "$as_me: creating $ac_file" >&6;} -+ rm -f "$ac_file" -+ fi - # Let's still pretend it is `configure' which instantiates (i.e., don't - # use $as_me), people would be surprised to read: - # /* config.h. Generated by config.status. */ -@@ -5565,12 +5602,6 @@ echo "$as_me: error: cannot find input file: $f" >&2;} - fi;; - esac - done` || { (exit 1); exit 1; } -- -- if test x"$ac_file" != x-; then -- { echo "$as_me:$LINENO: creating $ac_file" >&5 --echo "$as_me: creating $ac_file" >&6;} -- rm -f "$ac_file" -- fi - _ACEOF - cat >>$CONFIG_STATUS <<_ACEOF - sed "$ac_vpsub -diff --git a/spamc/configure.in b/spamc/configure.in -index 246c4fa9a..42cc99841 100644 ---- a/spamc/configure.in -+++ b/spamc/configure.in -@@ -64,13 +64,13 @@ AC_CHECK_LIB(socket, socket) - SSLLIBS="" - SSLCFLAGS="" - if test yes = "$sa_ssl_enabled"; then -- AC_CHECK_LIB(crypto, CRYPTO_lock,[SSLLIBS="-lcrypto $SSLLIBS"]) -+ AC_CHECK_LIB(crypto, CRYPTO_malloc,[SSLLIBS="-lcrypto $SSLLIBS"]) - AC_CHECK_LIB(ssl, SSL_CTX_free,[SSLLIBS="-lssl $SSLLIBS"],,-lcrypto) - - # before defining SPAMC_SSL check that all its requirements are - # actually available - if test yes = "$ac_cv_header_openssl_crypto_h" && \ -- test yes = "$ac_cv_lib_crypto_CRYPTO_lock" && \ -+ test yes = "$ac_cv_lib_crypto_CRYPTO_malloc" && \ - test yes = "$ac_cv_lib_ssl_SSL_CTX_free"; then - SSLCFLAGS="-DSPAMC_SSL" - else --- -2.13.5 - diff --git a/DNS-resolver-recursion-desired-not-set.patch b/DNS-resolver-recursion-desired-not-set.patch deleted file mode 100644 index 44f91c9..0000000 --- a/DNS-resolver-recursion-desired-not-set.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- Mail-SpamAssassin-3.4.1/lib/Mail/SpamAssassin/DnsResolver.pm.orig 2018-01-18 09:33:58.566828560 +0100 -+++ Mail-SpamAssassin-3.4.1/lib/Mail/SpamAssassin/DnsResolver.pm 2018-01-18 09:32:47.765978605 +0100 -@@ -575,6 +575,7 @@ - { $1 eq '\\' ? "\\$1" : sprintf("\\%03d",ord($1)) }xgse; - - $packet = Net::DNS::Packet->new($domain, $type, $class); -+ $packet->header->rd(1); - - # a bit noisy, so commented by default... - #dbg("dns: new DNS packet time=%.3f domain=%s type=%s id=%s", diff --git a/Mail-SpamAssassin-3.4.1.tar.bz2 b/Mail-SpamAssassin-3.4.1.tar.bz2 deleted file mode 100644 index 729904d..0000000 --- a/Mail-SpamAssassin-3.4.1.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:a0c1c9808f0684b389594eb8b2ccbace6486546593493f9308c9554563d14651 -size 2710985 diff --git a/Mail-SpamAssassin-4.0.2.tar.bz2 b/Mail-SpamAssassin-4.0.2.tar.bz2 new file mode 100644 index 0000000..35a1c6f --- /dev/null +++ b/Mail-SpamAssassin-4.0.2.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:da8192cf76d8871830d44d7bdc914bd1641105ac813798ddeac5f65ab8f73cee +size 6496450 diff --git a/Mail-SpamAssassin-4.0.2.tar.bz2.asc b/Mail-SpamAssassin-4.0.2.tar.bz2.asc new file mode 100644 index 0000000..f1c1abf --- /dev/null +++ b/Mail-SpamAssassin-4.0.2.tar.bz2.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEE2Ambx54X1+Sbwh4x/eUvQPfTmBQFAmivBcwACgkQ/eUvQPfT +mBRjtQ//Q5J04g8hzaNc/JeUdQRI85eYsgl5cT2qNhsgoAhGHu3l378Z+Qx7jmve +ZelOB4g/1QCpTqRfDxlCdQbux07DQcr1lniP2boYwp3IeqNtBplvXNNIatpcLnWJ +dvmn5FIb8ym1og+6o+emsenEUWHbdHY68YL62+7hjv9ibELh8RDpNjF2ojr0Gmg3 +tOEtI5lkySHBgcHUqUil48wagD6W1CfMOZmTLMG95QQZhUU3lVQIm+2Z6tAYF+Ci +GPEwT6+gPoHJWbK3X7qLtyfh0AZ/n4GLbKOEAwg/Dku4USqtNysftpeVncaVYaAc +2RIg/lFxpclzAIzQEDq0yPRo553VGR0XBC3oLVajG4bAbvy2vEfDcUQ2lyETquI2 +yVOziIX3NoxeCxd2aEii6+mjSc9pMBRsCcxZeIvt+9/8ecRfAgtry+GYJR/lna9q +A5ChtDrlnSMu76CSCAM1qZ65gwQaAgBCS7UWR5gANoHSZIYzL06Su1H72NTG3C80 +ekO4a5gkBM6MDngE02Q+17tJNbEjfifqeuQHZnbzkcUOAOpzoziuUoqpdTyIQsY6 +A0p8yRRE3gl9bm/LBpMJrLLmmW0lPrQZ6lqgHnZ4HvNW0skJbsI8cHLU3SICJa59 +3AUzinzmVPR7z/exdQCH1F0H0fYSOnOFB4de1On1J98NYNWxH30= +=Z20K +-----END PGP SIGNATURE----- diff --git a/Mail-SpamAssassin-rules-3.4.1.r1675274.tgz b/Mail-SpamAssassin-rules-3.4.1.r1675274.tgz deleted file mode 100644 index 44e0594..0000000 --- a/Mail-SpamAssassin-rules-3.4.1.r1675274.tgz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:382f7ee160a96a15aae559f53df92c36f2e17647b19c5954efede86149f8d12b -size 270622 diff --git a/Mail-SpamAssassin-rules-4.0.2.r1928015.tgz b/Mail-SpamAssassin-rules-4.0.2.r1928015.tgz new file mode 100644 index 0000000..1fbd871 --- /dev/null +++ b/Mail-SpamAssassin-rules-4.0.2.r1928015.tgz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f82128687117113dbe40bdc4e3141b87f96c2b01519c9022597da47e726a613e +size 371575 diff --git a/Mail-SpamAssassin-rules-4.0.2.r1928015.tgz.asc b/Mail-SpamAssassin-rules-4.0.2.r1928015.tgz.asc new file mode 100644 index 0000000..61ca276 --- /dev/null +++ b/Mail-SpamAssassin-rules-4.0.2.r1928015.tgz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEDCsdcXW4UsZLPNxxbFU5eCT0NM4FAmiuc14ACgkQbFU5eCT0 +NM5uXRAAnO2yAIgKDJpMiiRPrbd8nnO/J2XKf8wua6OUDCf5M6vfqzWdJnP+6PCv +cHElyWrxRUBOnOA6b4F/amzlwTK+CmMJK37kJFEqwA72xlJWXWaGWSnhNTloIHlr +x3x7iDPk0KkcmEZ3WWCEIoIsaGQPUDxJlxmuDgJTKcMEpHfnWTZGsUruvzbX1I5u +YEQevlCK2tPjldFErwUGjZ5cyyBdQ7FJYSx0xS9G2AzQXRElX3IyEcLZvoX6mJzH +rQOyMcLxdASkDPYGWT2S09Qk4F2NNKJMU8zh3QQiD2Zdq3uxLBpJ9G+fA0n+gVpv +igqcwGePFlY4oNPRBw66HiZlloZ7HZnBi8k1FnubwxwouhdPkc64rwjn2xqClqft +SY9epUDQMe0hnJCNmPYlsk2/xToYK5JryzRaTZ6RlY26R3+jgtO8sBkLIhhIZc4F +x7FncfqRY3M1x8XX2eDMYT6lAPKdQyR1cvsajC/ilM0chR6tWeywDAbw/ygi6K05 +Cbtl5ao2aVTdyI+AMqUFPfiAndOfo0GrreVQZ5x21+2ClF5qmYJCWNjf0vTc2utV +vq5T/vXvFvwShD1RRzNesTuMRLv4iG9nsd8naj1+dUejyy6Sv/VUEoyMQAmv6q1X +Q2SqAqTOh6rT1sB0PzczbV8YhEBiJhkXe/ooe/zi4CXmumHwS+8= +=Mbw9 +-----END PGP SIGNATURE----- diff --git a/README.SUSE b/README.SUSE new file mode 100644 index 0000000..037fd62 --- /dev/null +++ b/README.SUSE @@ -0,0 +1,10 @@ +There is a sa-update.timer which can start daily the sa-update.service +You can enable this timer by: + systemctl enable sa-update.timer + systemctl start sa-update.timer + +In /etc/sysconfig/spamd You can enable or disable some functionality of sa-update.service: + * SPAM_SA_COMPILE + * SPAM_SPAMD_RESTART + * SPAM_AMAVISD_RESTART + diff --git a/basic-lint-without-sandbox.patch b/basic-lint-without-sandbox.patch new file mode 100644 index 0000000..8fc0e92 --- /dev/null +++ b/basic-lint-without-sandbox.patch @@ -0,0 +1,13 @@ +Index: Mail-SpamAssassin-4.0.0/t/basic_lint_without_sandbox.t +=================================================================== +--- Mail-SpamAssassin-4.0.0.orig/t/basic_lint_without_sandbox.t ++++ Mail-SpamAssassin-4.0.0/t/basic_lint_without_sandbox.t +@@ -23,7 +23,7 @@ my $sandboxfile = "$localrules/70_sandbo + # so we can use that to tell if this is the case + SKIP: { + skip( "Not on a sandbox", 2 ) unless -f $scoresfile; +- ok -f $sandboxfile; ++ skip( "Not on a sandbox", 2 ) unless -f $sandboxfile; + unlink $sandboxfile; + ok !-f $sandboxfile; + } diff --git a/bnc#582111.diff b/bnc#582111.diff index fd9e058..ea3fc1f 100644 --- a/bnc#582111.diff +++ b/bnc#582111.diff @@ -1,10 +1,12 @@ ---- spamd/spamd.raw.orig 2010-06-24 11:28:10.047109188 +0200 -+++ spamd/spamd.raw 2010-06-24 11:28:57.942234270 +0200 -@@ -174,6 +174,7 @@ +Index: spamd/spamd.raw +=================================================================== +--- spamd/spamd.raw.orig ++++ spamd/spamd.raw +@@ -339,6 +339,7 @@ sub print_usage_and_exit { # defaults my %opt = ( + 'syslog-socket' => 'unix', 'user-config' => 1, - 'ident-timeout' => 5.0, # scaling settings; some of these aren't actually settable via cmdline + 'server-scale-period' => 2, # how often to scale the # of kids, secs diff --git a/deprecated-regex.patch b/deprecated-regex.patch deleted file mode 100644 index d69349d..0000000 --- a/deprecated-regex.patch +++ /dev/null @@ -1,24 +0,0 @@ ---- spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm 2017/04/11 18:34:11 1791009 -+++ spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm 2017/04/11 18:37:20 1791010 -@@ -896,16 +896,16 @@ - $str .= shift @{$ary}; - } - undef $ary; -- chomp ($str); $str .= " [...]\n"; - - # in case the last line was huge, trim it back to around 200 chars - local $1; -- $str =~ s/^(.{,200}).*$/$1/gs; -+ $str =~ s/^(.{200}).+$/$1 [...]/gm; -+ chomp ($str); $str .= "\n"; - - # now, some tidy-ups that make things look a bit prettier -- $str =~ s/-----Original Message-----.*$//gs; -+ $str =~ s/-----Original Message-----.*$//gm; - $str =~ s/This is a multi-part message in MIME format\.//gs; -- $str =~ s/[-_\*\.]{10,}//gs; -+ $str =~ s/[-_*.]{10,}//gs; - $str =~ s/\s+/ /gs; - - # add "Content preview:" ourselves, so that the text aligns - diff --git a/iXhash2-2.05.tar.gz b/iXhash2-2.05.tar.gz deleted file mode 100644 index e479115..0000000 --- a/iXhash2-2.05.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:8d51fe8661bf407433db6c0fa12e3c6c66a1cd626751f51b170990089dc966a8 -size 7871 diff --git a/iXhash2-meta-rules.patch b/iXhash2-meta-rules.patch deleted file mode 100644 index 3fb534c..0000000 --- a/iXhash2-meta-rules.patch +++ /dev/null @@ -1,56 +0,0 @@ -diff -ur iXhash2-2.05.orig/iXhash2.cf iXhash2-2.05/iXhash2.cf ---- iXhash2-2.05.orig/iXhash2.cf 2012-07-08 13:29:31.000000000 +0200 -+++ iXhash2-2.05/iXhash2.cf 2012-09-26 13:41:11.874466944 +0200 -@@ -1,20 +1,40 @@ - - # Note: loadplugin should really go into local.pre or so --loadplugin Mail::SpamAssassin::Plugin::iXhash2 iXhash2.pm -+loadplugin Mail::SpamAssassin::Plugin::iXhash2 - - ifplugin Mail::SpamAssassin::Plugin::iXhash2 - --ixhashdnsbl GENERIC_IXHASH generic.ixhash.net. --body GENERIC_IXHASH eval:check_ixhash('GENERIC_IXHASH') --tflags GENERIC_IXHASH net -- --ixhashdnsbl NIXSPAM_IXHASH ix.dnsbl.manitu.net. --body NIXSPAM_IXHASH eval:check_ixhash('NIXSPAM_IXHASH') --tflags NIXSPAM_IXHASH net -- --ixhashdnsbl SEM_IXHASH ixhash.spameatingmonkey.net. --body SEM_IXHASH eval:check_ixhash('SEM_IXHASH') --tflags SEM_IXHASH net -+ixhashdnsbl __GENERIC_IXHASH generic.ixhash.net. -+body __GENERIC_IXHASH eval:check_ixhash('GENERIC_IXHASH') -+tflags __GENERIC_IXHASH net -+ -+ixhashdnsbl __NIXSPAM_IXHASH ix.dnsbl.manitu.net. -+body __NIXSPAM_IXHASH eval:check_ixhash('NIXSPAM_IXHASH') -+tflags __NIXSPAM_IXHASH net -+ -+ixhashdnsbl __SEM_IXHASH ixhash.spameatingmonkey.net. -+body __SEM_IXHASH eval:check_ixhash('SEM_IXHASH') -+tflags __SEM_IXHASH net -+ -+ixhashdnsbl __HOSTEUROPE_IXHASH hosteurope.ixhash.net. -+body __HOSTEUROPE_IXHASH eval:check_ixhash('HOSTEUROPE_IXHASH') -+tflags __HOSTEUROPE_IXHASH net -+ -+ixhashdnsbl __JUNKMAIL_IXHASH ixhash.junkemailfilter.com. -+body __JUNKMAIL_IXHASH eval:check_ixhash('JUNKMAIL_IXHASH') -+tflags __JUNKMAIL_IXHASH net -+ -+meta IXHASH_X1 (__GENERIC_IXHASH + __NIXSPAM_IXHASH + __SEM_IXHASH + __HOSTEUROPE_IXHASH + __JUNKMAIL_IXHASH) == 1 -+describe IXHASH_X1 iXhash listed on one server -+score IXHASH_X1 1.5 -+ -+meta IXHASH_X2 (__GENERIC_IXHASH + __NIXSPAM_IXHASH + __SEM_IXHASH + __HOSTEUROPE_IXHASH + __JUNKMAIL_IXHASH) == 2 -+describe IXHASH_X2 iXhash listed on two servers -+score IXHASH_X2 2.5 -+ -+meta IXHASH_X3 (__GENERIC_IXHASH + __NIXSPAM_IXHASH + __SEM_IXHASH + __HOSTEUROPE_IXHASH + __JUNKMAIL_IXHASH) > 2 -+describe IXHASH_X3 iXhash listed on more than two servers -+score IXHASH_X3 3.5 - - endif - diff --git a/patch-PgSQL b/patch-PgSQL index 141ff4e..48b1163 100644 --- a/patch-PgSQL +++ b/patch-PgSQL @@ -1,6 +1,8 @@ ---- lib/Mail/SpamAssassin/BayesStore/PgSQL.pm 2010-01-21 13:14:34.000000000 +0100 -+++ lib/Mail/SpamAssassin/BayesStore/PgSQL.pm 2010-03-17 08:44:19.000000000 +0100 -@@ -941,7 +941,7 @@ +Index: lib/Mail/SpamAssassin/BayesStore/PgSQL.pm +=================================================================== +--- lib/Mail/SpamAssassin/BayesStore/PgSQL.pm.orig ++++ lib/Mail/SpamAssassin/BayesStore/PgSQL.pm +@@ -987,7 +987,7 @@ sub _put_token { } my $escaped_token = _quote_bytea($token); @@ -9,7 +11,7 @@ unless (defined($sth)) { dbg("bayes: _put_token: SQL error: ".$self->{_dbh}->errstr()); -@@ -1004,7 +1004,7 @@ +@@ -1050,7 +1050,7 @@ sub _put_tokens { my $tokenarray = join(",", map { '"' . _quote_bytea($_) . '"' } sort keys %{$tokens}); diff --git a/patch-SQL_ASCII_SORT b/patch-SQL_ASCII_SORT deleted file mode 100644 index 15c0842..0000000 --- a/patch-SQL_ASCII_SORT +++ /dev/null @@ -1,20 +0,0 @@ ---- lib/Mail/SpamAssassin/Conf/SQL.pm 2006-09-29 15:06:39.000000000 +0200 -+++ lib/Mail/SpamAssassin/Conf/SQL.pm 2007-02-09 16:48:42.000000000 +0100 -@@ -139,9 +139,14 @@ - $sql =~ s/_DOMAIN_/$quoted_domain/g; - } - else { -- $sql = "select $f_preference, $f_value from $f_table where ". -- "$f_username = ".$dbh->quote($username). -- " or $f_username = '\@GLOBAL' order by $f_username asc"; -+ $sql = "select $f_preference, $f_value, ascii(username) as user_asci from $f_table where ". -+ "$f_username = ".$dbh->quote($username). -+ " or $f_username = '\@GLOBAL' order by user_asci asc"; -+ # changed by varkoly@novell.com on 09.02.2007 suggested by -+ # Charles Camello -+ #$sql = "select $f_preference, $f_value from $f_table where ". -+ #"$f_username = ".$dbh->quote($username). -+ #" or $f_username = '\@GLOBAL' order by $f_username asc"; - } - dbg("config: Conf::SQL: executing SQL: $sql"); - my $sth = $dbh->prepare($sql); diff --git a/patch-URIDNSBL b/patch-URIDNSBL index 2cc4fa9..0d0d759 100644 --- a/patch-URIDNSBL +++ b/patch-URIDNSBL @@ -1,10 +1,10 @@ -diff -ur Mail-SpamAssassin-3.4.0/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm Mail-SpamAssassin-3.4.0_fix/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm ---- Mail-SpamAssassin-3.4.0/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm 2014-02-07 09:36:27.000000000 +0100 -+++ Mail-SpamAssassin-3.4.0_fix/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm 2014-02-13 17:24:09.259369721 +0100 -@@ -416,6 +416,8 @@ - while (my($uri, $info) = each %{$uris}) { - # we want to skip mailto: uris - next if ($uri =~ /^mailto:/i); +diff -ur Mail-SpamAssassin-4.0.1/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm Mail-SpamAssassin-4.0.1_fix/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm +--- Mail-SpamAssassin-4.0.1/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm 2024-03-26 05:52:09.000000000 +0100 ++++ Mail-SpamAssassin-4.0.1_fix/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm 2024-04-09 15:42:31.054588924 +0200 +@@ -430,6 +430,8 @@ + if ($conf->{uridnsbl_skip_mailto}) { + next if ($uri =~ /^mailto:/i); + } + # we want to skip so-files, they are not url's + next if ($uri =~ /\.so$/); diff --git a/sa-update.service b/sa-update.service new file mode 100644 index 0000000..7e51e7c --- /dev/null +++ b/sa-update.service @@ -0,0 +1,7 @@ +[Unit] +Description=Update spamassassin +ConditionACPower=true + +[Service] +Type=oneshot +ExecStart=/usr/sbin/timed-sa-update diff --git a/sa-update.timer b/sa-update.timer new file mode 100644 index 0000000..fe05933 --- /dev/null +++ b/sa-update.timer @@ -0,0 +1,10 @@ +[Unit] +Description=Daily update of spamassasin + +[Timer] +OnCalendar=daily +AccuracySec=12h +Persistent=true + +[Install] +WantedBy=timers.target diff --git a/spamassassin-dont_use_SSLv3_methods.patch b/spamassassin-dont_use_SSLv3_methods.patch deleted file mode 100644 index b498050..0000000 --- a/spamassassin-dont_use_SSLv3_methods.patch +++ /dev/null @@ -1,28 +0,0 @@ -Index: Mail-SpamAssassin-3.4.1/spamc/libspamc.c -=================================================================== ---- Mail-SpamAssassin-3.4.1.orig/spamc/libspamc.c 2015-04-28 21:56:59.000000000 +0200 -+++ Mail-SpamAssassin-3.4.1/spamc/libspamc.c 2017-08-30 16:05:14.426823560 +0200 -@@ -1216,7 +1216,11 @@ int message_filter(struct transport *tp, - if (flags & SPAMC_TLSV1) { - meth = TLSv1_client_method(); - } else { -+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) -+ meth = TLS_client_method(); /* default */ -+#else - meth = SSLv3_client_method(); /* default */ -+#endif - } - SSL_load_error_strings(); - ctx = SSL_CTX_new(meth); -@@ -1604,7 +1608,11 @@ int message_tell(struct transport *tp, c - if (flags & SPAMC_USE_SSL) { - #ifdef SPAMC_SSL - SSLeay_add_ssl_algorithms(); -+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) -+ meth = TLS_client_method(); -+#else - meth = SSLv3_client_method(); -+#endif - SSL_load_error_strings(); - ctx = SSL_CTX_new(meth); - #else diff --git a/spamassassin-rpmlintrc b/spamassassin-rpmlintrc new file mode 100644 index 0000000..29340e5 --- /dev/null +++ b/spamassassin-rpmlintrc @@ -0,0 +1,2 @@ +addFilter("systemd-service-without-service_.* sa-update.service") +addFilter("spamassassin.* no-binary") diff --git a/spamassassin.changes b/spamassassin.changes index b6fa7a6..1e97379 100644 --- a/spamassassin.changes +++ b/spamassassin.changes @@ -1,3 +1,394 @@ +------------------------------------------------------------------- +Tue Sep 2 20:18:33 UTC 2025 - Arjen de Korte + +- update to patch release version 4.0.2 + - Add subs to HeaderEval plugin to detect invalid address headers + - TxRep data when using a SQL backend might be wrong because of + a bug in SpamAssassin 4.0.1, TxRep score can be limited with new + txrep_min_score and txrep_max_score configuration options + or you can remove email entries from TxRep database. + - Redis replication is now supported, Redis connection parameters + are splitted between read_only and read_write. Old syntax is still supported. + - Internal Mail::SpamAssassin::GeoDB module now also supports + IP::Geolocation::MMDB Perl module. + - Improved detection of MIME headers + - Improved parsing of CSS color values + - Added "replace_rules" support to Mail::SpamAssassin::Plugin::HashBL + - CNAME dns records are resolved and domains added to "uri_detail_list" + - New Mail::SpamAssassin::Plugin::Redirectors plugin + This plugin looks for URLs redirected by a list of URL redirector + services. + - improved handling of IDN domains +- Update to spampd 2.62: + - Fixed that SpamPD shares the same socket to redist between children + - Fix option names in configuration parameter validation methods + - Do not set up logging if only showing debug info + +------------------------------------------------------------------- +Mon Jan 20 13:29:51 UTC 2025 - Dirk Stoecker + +- drop iXHash plugin (last provider stopped operation) + * remove iXhash2-4.00.tar.gz + * remove iXhash2-meta-rules.patch + +------------------------------------------------------------------- +Wed Apr 10 08:25:53 UTC 2024 - Dirk Stoecker + +- fix iXhash2-meta-rules.patch + +------------------------------------------------------------------- +Tue Apr 9 13:31:41 UTC 2024 - Dirk Stoecker + +- update to patch release version 4.0.1 + - Incompatibilities with some versions of perl and some perl modules + that have been released since the release of SpamAssassin 4.0.0 + - Problems using cpan to install SpamAssassin when certain required + or optional modules are not already installed + - Support for space characters in the path name of some executables + used by certain plugins + - Improved handling of URL shortener link redirects + - Improved TxRep locking management + - Added Mail::SpamAssassin::Plugin::AuthRes plugin to use + Authentication-Results header fields in other plugins + - Added a Pyzor Perl implementation + - Perl crash when certain uri_detail rules processed some messages + with UTF-8 characters + - Inconsistent handling of newlines in header rules + - Text or HTML content placed in octet-stream attachments by + spammers to bypass SpamAssassin scanning + - Implemented TCP fallback for truncated DNS UDP replies +- Refresh patch-URIDNSBL +- Drop undocumented patch-SQL_ASCII_SORT breaking sqlite +- Drop most of iXhash2-meta-rules.patch (additional services no longer exist) + +------------------------------------------------------------------- +Mon Feb 26 13:33:28 UTC 2024 - Dominique Leuenberger + +- Use %patch -P N instead of deprecated %patchN. + +------------------------------------------------------------------- +Tue Jan 2 21:58:50 UTC 2024 - Pedro Monreal + +- Remove the dependency on perl(IO::Socket::INET6) as it has been + deprecated by upstream, is no longer suitable for use and its not + being maintained. A compatible replacement for this package is + perl(IO::Socket::IP) which is shipped by the perl-base package. + +------------------------------------------------------------------- +Sat Dec 24 18:01:29 UTC 2022 - Arjen de Korte + +- Add BuildRequires Text::Diff that was accidentally removed from + original submission +- Update known warnings + % spamassassin-rpmlintrc + +------------------------------------------------------------------- +Thu Dec 22 10:08:30 UTC 2022 - Paolo Stivanin + +- Update to spamassissin 4.0.0: + * Notable internal changes: + - Meta rules no longer use priority values, they are evaluated + dynamically when the rules they depend on are finished + - DNS and other asynchronous lookups like DCC or Razor2 plugins + are now launched when priority -100 is reached. This allows + short circuiting at lower priority without sending unneeded + DNS queries + - New internal Mail::SpamAssassin::GeoDB module supporting + RelayCountry and URILocalBL plugins provides a unified + interface to Geographic IP modules. These include: + MaxMind::DB::Reader (GeoIP2) + Geo::IP + IP::Country::DB_File + IP::Country::Fast. + * New plugins: + - Mail::SpamAssassin::Plugin::ExtractText + - Mail::SpamAssassin::Plugin::DMARC + - Mail::SpamAssassin::Plugin::DecodeShortURLs + * HashCash module has been removed completely + * Full detailed changelog: + https://svn.apache.org/repos/asf/spamassassin/trunk/Changes +- Update to iXhash2 4.00: + * Minimum required version: SpamAssassin 4.0.0 +- Update to spampd 2.61: + * Performance and diagnostic improvements, quicker startups, and + a lot of documentation updates. + * Add support for configuration files (examples included in /misc + folder and in POD). + * Add optional "scalable mode" using Net::Server::PreFork module + (16-year TODO!). More info in POD. + * Add --logfile option to control logging destination(s) (syslog, + stderr, and/or file/device). + * Add --logident, --logfacility options for syslog. + * Add multiple levels of help, including full "man" output with + optional HTML formatting. + * Add --show argument for printing default option values + and other debug. + * Fix SpamAssassin debug logging with versions 3.1+ (output + was going to stderr/wrong syslog/null). + * Fix for IPv6 addresses being used on --host and --relayhost + options (was not possible due to ":" check). + * SIGHUP will now reload SpamAssassin and SpamPD configuration files + (and all module code), still with graceful child process shutdown. + * Use SpamAssassin::Logger module (with SA 3.1+) for all logging. + * Log to stderr by default if running non-daemonized + * Child processes are now renamed to "spampd child" + to distinguish them from the parent in task lists. + * Now requires Net::Server v0.89+ (though latest 2.009 is recommended). + * The --auto-whitelist option is no longer allowed with SpamAssassin v3+. + * Improve --debug option, adding ability to specify + SpamAssassin (v3.1+) debug areas (aka channels/facilities). + * All boolean options can take 0/1 argument and be negated + with "no-" prefix. + * The --children (-c) option is now more formally named + --max-servers (-mxs), but still accepted. + * IO::Socket::UNIX and ::IP are only required if actually + needed for --relaysocket / --relayhost options. + +------------------------------------------------------------------- +Wed Jan 19 15:39:37 UTC 2022 - Johannes Segitz + +- Drop ProtectHome from spamd.service and spampd.service. Unfortunately + spamassing writes there, so ProtectHome=read-only doesn't work. + Whitelisting a specific part has a too high chance of breaking for + this package (bsc#1193248) + +------------------------------------------------------------------- +Tue Nov 23 08:23:11 UTC 2021 - Dirk Stoecker + +- Set ProtectHome=false for spampd.service, as this breaks loading + and storing data files in /home/vscan. + +------------------------------------------------------------------- +Wed Nov 17 13:56:17 UTC 2021 - Johannes Segitz + +- Added hardening to systemd service(s) (bsc#1181400). Modified: + * spamd.service + * spampd.service + +------------------------------------------------------------------- +Thu Sep 9 17:03:07 UTC 2021 - Peter Varkoly + +- spamassassin: sa-update.timer does not work + (bsc#1175375) + Remove sence less SPAM_SA_UPDATE + Document how to use sa-update.service + +------------------------------------------------------------------- +Tue Apr 13 06:17:23 UTC 2021 - Arjen de Korte + +- update spamassassin to 3.4.6 + * Fixed URIDNSBL not triggering meta rules + * Fix false positive in T_KAM_HTML_FONT_INVALID on CSS color !important + +------------------------------------------------------------------- +Wed Mar 24 17:58:15 UTC 2021 - Arjen de Korte + +- update spamassassin to 3.4.5 + * In this release, there are bug fixes for one CVE: + CVE-2020-1946 for Malicious rule configuration (.cf) files can + be configured to run system commands (boo#1184221) + * Improvements to OLEVBMacro and AskDNS plugins + * Received and EnvelopeFrom headers matching improvements + * userpref SQL schema fixes + * rbl and hashbl evaluation improvements + * fix for non working TxRep tag names + * man page fixes +- Update download links + +------------------------------------------------------------------- +Fri Feb 12 11:25:16 UTC 2021 - Pedro Monreal + +- Relax the crypto policies for the test-suite. This will allow the + tests that use certificates with small key lengths to pass. + +------------------------------------------------------------------- +Wed Dec 23 16:05:26 UTC 2020 - Arjen de Korte + +- Require perl(Mail::SpamAssassin) instead of perl-spamassassin +- Don't use BerkeleyDB (not even for unit test) +- Don't use is_opensuse conditional + +------------------------------------------------------------------- +Sat Dec 19 16:16:05 UTC 2020 - Thorsten Kukuk + +- Move spamc into an own sub-package to avoid the full spamassassin + installation on every client if there is a spamd server + +------------------------------------------------------------------- +Thu Dec 17 20:21:29 UTC 2020 - Arjen de Korte + +- Compile rules in %post if Perl and/or spamassassin version changed + and SPAM_SA_COMPILE=yes +- Enable test (add basic-lint-without-sandbox.patch) +- Ignore known warnings (add spamassassin-rpmlintrc) + +------------------------------------------------------------------- +Wed Jan 29 19:26:21 UTC 2020 - Arjen de Korte + +- update spamassassin to 3.4.4 + * In this release, there are bug fixes for two CVEs: + CVE-2020-1931 for Nefarious rule configuration (.cf) files can + be configured to run system commands with warnings. + (boo#1162200) + CVE-2020-1930 for Nefarious rule configuration (.cf) files can + be configured to run system commands with sa-compile. + (boo#1162197) + * Improvements to OLEVBMacro + * Fix for CRLF handling with SpamAssMilter & DKIM + * Small fix for a regexp to provide Perl 5.8.x compatability again + * Increased fns_extrachars default value to 50 + * Fixed nosubject and maxhits tflags when sa-compile is used + * Limited the Bayes parsed token count + * Improvements to whitespace trimming + +------------------------------------------------------------------- +Sat Dec 14 10:32:50 UTC 2019 - Arjen de Korte + +- remove old (compiled) rules in /var/lib/spamassassin directory + after package upgrade and remove entirely upon package removal +- add BuildRequires for perl(Archive::Zip) and perl(IO::String) + +------------------------------------------------------------------- +Thu Dec 12 11:55:55 UTC 2019 - Arjen de Korte + +- update spamassassin to 3.4.3 + * There is one new plugin (disabled by default) + OLEVBMacro - Detects both OLE macros and VB code inside Office + documents + * Two CVE security bug fixes are included in this release + CVE-2019-12420 for Multipart Denial of Service Vulnerability + (boo#1159133) + CVE-2018-11805 for nefarious CF files can be configured to + run system commands without any output or errors + (boo#1118987) + * Safer and faster scanning of large emails using + body_part_scan_size and rawbody_part_scan_size settings. + * New tflag "nosubject" for 'body' rules, to stop matching the + Subject header which is part of the body text. + * Security updates include deprecation of the unsafe sa-update + '--allowplugins' option, which now prints a warning that + '--reallyallowplugins' is required to use it. + +------------------------------------------------------------------- +Tue Dec 10 09:17:05 UTC 2019 - Dirk Stoecker + +- Increase maximum size for spampd to 7168 + +------------------------------------------------------------------- +Sat Nov 9 12:42:47 UTC 2019 - Arjen de Korte + +- Change architecture of perl modules to 'noarch' + +------------------------------------------------------------------- +Fri Nov 8 10:40:45 UTC 2019 - Arjen de Korte + +- Fix extraction command for default rules (proper fix for + boo#911355, rather than a workaround) +- Don't unconditionally run sa-update on spamd and spampd service + start as this doesn't honor the settings in /etc/sysconfig/spamd +- After running sa-update, only restart services if they were + running before +- Fix name in logging timed-sa-update (suse.cron-sa-update + doesn't exist anymore) + +---------------------------------------------------------- +Sun Oct 27 12:36:31 UTC 2019 - Arjen de Korte + +- update spampd to 2.53 + * Fix LMTP delivery with multiple recipients + * Fix Warning for "Use of uninitialized value in string" + update spampd to 2.52 + * Override Net::Server's HUP handling, just restart children + * Add --version option to print information about SpamPD, + Net::Server, SpamAssassin, and Perl. + * Add warnings about using deprecated options. + * Documentation updates and code cosmetics. +- Update download links (add for spampd and iXhash2 sources) +- Add source verification (add spamassassin.keyring) +- Add %{perl_requires} for perl-Mail-SpamAssassin +- Fix "PIDFile= references a path below legacy directory /var/run/" + (change /var/run/ -> /run/) +- Don't package README.SuSE which documents an init script that + was never bundled boo#1068469 + +------------------------------------------------------------------- +Tue Jun 11 12:33:05 UTC 2019 - Dominique Leuenberger + +- BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to + shortcut the build queues by allowing usage of systemd-mini + +------------------------------------------------------------------- +Wed Jan 16 11:50:16 UTC 2019 - Jan Engelhardt + +- Reduce boilerplate generated by %service_*. + +------------------------------------------------------------------- +Wed Jan 16 09:43:23 UTC 2019 - Peter Varkoly + +- bsc#1115411 spamassassin: migrate from cron to systemd timers +- Apply %license macro + +------------------------------------------------------------------- +Tue Sep 18 20:29:34 UTC 2018 - Arjen de Korte + +- update spamassassin to 3.4.2 + * There are four new plugins (disabled by default) + HashBL - interface to The Email Blocklist (EBL) + ResourceLimits - assure your spamd child processes do not exceed + specified CPU or memory limit + FromNameSpoof - detection of the From:name field being used to + mislead + Phishing - finds uris used in phishing campaigns detected by + OpenPhish (https://openphish.com) or PhishTank + (https://phishtank.com) feeds + * For security reasons SSLv3 support has been removed from spamc(1). + * Four CVE security bug fixes are included in this release for + PDFInfo.pm and the SA core: CVE-2017-15705, CVE-2016-1238, + CVE-2018-11780 & CVE-2018-11781. + * In sa-update script, optional support for SHA-256 / SHA-512 in + addition to or instead of SHA1 has been added for better validation + of rules. + * GeoIP2 support has been added to RelayCountry and URILocalBL plugins + due to GeoIP legacy API deprecations. + * several new or enhanced configuration options +- update spampd to 2.51 + * Replace IO::Socket::INET with IO::Socket::IP for IPv6 support + * Unix ports (ability to listen on UNIX sockets) + * Add X-Envelope-* headers before Received + * Add /usr/local/bin and /usr/local/sbin to PATH + * Add --setsid option to start server with setsid if running in + background +- Removed patches (are now in upstream): + * 0001-bug-7361-Allow-building-against-OpenSSL-1.1.0.patch + * 0001-Fix-bug-7367-Don-t-assume-cwd-.-is-in-INC-it-may-be-.patch + * DNS-resolver-recursion-desired-not-set.patch + * spamassassin-dont_use_SSLv3_methods.patch + * spampd-2.42_git_20170226.patch + * Unescaped_left_brace_in_regex_is_deprecated.patch + +------------------------------------------------------------------- +Mon Sep 17 19:11:13 UTC 2018 - Arjen de Korte + +- Revert incompatibility-with-NET-DNS.patch (this patch attempts to + fix a problem that was already solved by bsc#1059210) + +------------------------------------------------------------------- +Thu Sep 13 14:05:04 UTC 2018 - varkoly@suse.com + +- bsc#1107765 - spamassassin: incompatibility with Net::DNS >= 1.01 + - Add upstream patch: + incompatibility-with-NET-DNS.patch + +------------------------------------------------------------------- +Sun Sep 9 09:52:44 UTC 2018 - varkoly@suse.com + +- bsc#1069831 Running sa-update from spamassassin gives warning + about deprecated regex + o remove deprecated-regex.patch and apply upstream patch: + Unescaped_left_brace_in_regex_is_deprecated.patch + This patch also fixes the bug PerMsgStatus Warning + https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7196 + ------------------------------------------------------------------- Mon Feb 19 17:19:18 UTC 2018 - varkoly@suse.com diff --git a/spamassassin.keyring b/spamassassin.keyring new file mode 100644 index 0000000..ce4568e --- /dev/null +++ b/spamassassin.keyring @@ -0,0 +1,229 @@ +PREFACE: This file lives at https://spamassassin.apache.org/KEYS and +https://www.apache.org/dist/spamassassin/KEYS + + +This file contains the GPG keys which Apache SpamAssassin's release and +update distributions are signed with. + +Please don't use these keys for email. They are only used for code signing. + +Please realize that this file itself, or the public key servers may be +compromised. You are encouraged to validate the authenticity of this key in an +out-of-band manner. For information about our validation and signing policies, +please read http://httpd.apache.org/dev/verification.html . + +The following key is used to sign releases after, and including SA 3.3.0: + +pub 4096R/F7D39814 2009-12-02 + Key fingerprint = D809 9BC7 9E17 D7E4 9BC2 1E31 FDE5 2F40 F7D3 9814 +uid SpamAssassin Project Management Committee +uid SpamAssassin Signing Key (Code Signing Key, replacement for 1024D/265FA05B) +sub 4096R/7B3265A5 2009-12-02 + +The PUBLIC KEY BLOCK Follows. [1] + +NOTE: The following key was used to sign releases before that point, but + will NEVER be used to sign later releases: + + pub 1024D/265FA05B 2003-06-09 + Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B + uid SpamAssassin Signing Key + sub 1024D/FC51569B 2003-08-21 + +The following key is used to sign rule updates: + +pub 4096R/5244EC45 2005-12-20 + Key fingerprint = 5E54 1DC9 59CB 8BAC 7C78 DFDC 4056 A61A 5244 EC45 +uid updates.spamassassin.org Signing Key +sub 4096R/24F434CE 2005-12-20 + +The PUBLIC KEY BLOCK Follows. [2] + + +[1] +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v2.0.13 (FreeBSD) + +mQGiBD7k/bIRBADPcxP8CSNsr7zIH/UQPCJORDwmgUSDmnJmA+qDA6pYVHuaZ2lo +TZRjVX1CkeSIXmyxA3bdmokhz6UW/B/g/We8mUwdpC0jJSSKHNsP1tyNzjq0NtWq +N92WRmUe8eTF9MqfDk9FTEDl2WC2ma8vIeNqtjSbPy85yB2HkV2qfDYb3wCgvQEk +R8nD2C6YhBqHWuxE55F5hVkD+wSz6PA7f7C5cY9/icOjpzkGcqMNevlWLlLMLGgN +TIPHvNeBVZOWHGiuJpdtv8dzd/mTV7ASBzJF/JN9RcXfSSgjTTE33+Bi71w/0oVC +9RNor9d9ot89skGMJOmZzcYur2vrI6HrS0pCw5BRUqSMvHKf3haEvPnWIscUHJwI +meeNBADHWo3XneDXRoqMFqd6XJRA3DzXnN/bxoLvCxhIO8DPNHKd6Uq9UuKJATcn +xVtzpgGx0sg2FQxKzsngFGk8fbjiOJLQF5k5RyH3x+qwMafiHtwvb3tWkgmNWweZ +XvoDcjR+pEqBeuzs+3KdZq/iGTYKvsHhJG2UtY9xY3UVHjdyLrQzU3BhbUFzc2Fz +c2luIFNpZ25pbmcgS2V5IDxyZWxlYXNlQHNwYW1hc3Nhc3Npbi5vcmc+iF8EExEC +AB8CGwMECwcDAgMVAgMDFgIBAh4BAheAAhkBBQI/RTJXAAoJEN7gGYcmX6Bb/GoA +oLbPk8h6v9mOtOvDk/xhQlD5ufweAKCtlk4jWgfsPyH9bduUKrP0BQNhnIhGBBMR +AgAGBQI/RTHFAAoJEALjkFHlgLNjzrsAn1zO6xBL7FZFHNKUZf3xtV/JgvGqAJ4i +dNA3CDlr+B22fX988bF07t5AA4hGBBMRAgAGBQJAnpDvAAoJEC27dr+t1MkzcUMA +oJtKU6il0CSRPNsDnnvAC2i/yXvKAJ9eblF7XfeTVS7MMH/h57rIDOT4g4hGBBMR +AgAGBQJBW4V/AAoJEBhZ0B9ne6HsCvkAnAjxd2FSODqdxdsdpbM/ButExpVjAJ90 +n7ByUFnFY5pjq0chG9XYVZN2NYhGBBMRAgAGBQJBW4X6AAoJEIHC9+viE7aSrXsA +nA8BpKb5mWFpgysKJzr11XEQeto+AJ9rta6zjsL2RmiQDorCcrCsxNTrMYhGBBMR +AgAGBQJBW4ZdAAoJEGtw7Nldw/RzO7kAoNLFcbP0tSSrb4Yj8q3jMojR3gPpAJ90 +zIq/kMaX1bgOpaojqtP0PAyEqYhGBBARAgAGBQJImrG9AAoJEDCReXIpi8fQ8QEA +n1ktqEhfXFjGV9vKZ5WVS0WvK9LSAKCMC70d6eIdKZKVg8LLnxjiwVDufrRDU3Bh +bUFzc2Fzc2luIFNpZ25pbmcgS2V5IDxzcGFtYXNzYXNzaW4tZGV2ZWxAbGlzdHMu +c291cmNlZm9yZ2UubmV0PohxBDARAgAxBQJBIEsUKh0gc3BhbWFzc2Fzc2luLWRl +dmVsIGxpc3Qgbm8gbG9uZ2VyIGV4aXN0cwAKCRDe4BmHJl+gW3AgAJ9ABAZxdTJu +4ufA+rKwFxgqwtkTNACfffS1C2miFaCTjOIMprtwtg41H5iIWQQTEQIAGQUCPuT9 +sgQLBwMCAxUCAwMWAgECHgECF4AACgkQ3uAZhyZfoFtZCwCgnpu8rAt7MVZ+SNKc +3JLh555Dl6UAn135v3YVEzDZ+6vEsgmmySxPdahPiEYEExECAAYFAj7k/k4ACgkQ +AuOQUeWAs2NGZQCg9GZJ9vw/WtMvncxOgcVVFJg+FtkAoIA86oFXqs29FXVYnavQ +61f6oPzoiEUEEBECAAYFAj7lBhUACgkQN/YdXIyAw18RfwCVEQ12eoTgCDvwYpJn +mZ7gXwJ/lwCfRyZ1hu4IPQDnaLgdwUMVuq3CZ9OIRgQTEQIABgUCP0RKggAKCRBB +NxtQbljvCvYBAKDcsZFa9+G9YCfg3ZCFUl8nVRnV1ACffxkt9TPey7VWGLVO30Od +X828I5u5AaIEP0ROtREEAIx+lo30EOIFOYjWMuQcVDseMhMmO3Spn/zrGPZnpTNf +PaxeNM5SNhVCnwBmsC4ymyrsFpddVI0tzvjKxqqpKWBk2v18uHLUS99qIsMdLrg8 +YN4SLXnl5fZr1nXjcDekXxpgSkewNIb72kZ4FRD9F+Q8T9nNi8z0HBBFjssUrl2D +AKDYq2ewT3Y0LgeFGiuNwOT+XFcH+wP/bdR/0y2iE9CKpWViLlVyuHLDGsTdKM8i +SOj05Y98x8ap8BrewEFLQKsXh6GsGUIk6HYbDTk870/o2vZ9oYNlR/DLnADJHbk6 +5A62iw6jr1O4JOO9cmERnjOkY1ZMYs3lXzzRr7tc2SSnviJ6laq5lyYGcPOII/AF +n5hCXfwe2pwD/RZUKySbEQYhLqu92v2QmsvBwLbXg/u2zj74LoN8iIlNbebFufRD +MjePLu287rHj/wcVqo1WXalZaNmjiHS/FF3UOJtln4WLTEsbg1E2zfcMNEf8TBPG +4EakFh8/0uWboa9f4o9ZEQUAjRCio7uKYyXj5ldf2/d8E1+rQxxKa3A0iEYEGBEC +AAYFAj9ETrUACgkQ3uAZhyZfoFvoBwCfT+3EftGFurI5UsdPTcqcZk4KVEEAoIYd +cntspWaC0UjjeD7URevxKxW4mQINBEsW3ooBEACiKlghq7W/RoK6HUcy68+WjPqI +oH7Q1pc816ATCY8yuAK6ageGRO6Or6I1Zm8/9na1YsJlGv/sQV3Yh4cSGoTtyX/K +uvLihnLzCF7cytwdKcLM2lD2t4/2agyCylz/a9hmbpwFOCxClCbmn5AbRjOX0tp7 +QQjELWSX55xsyoPRX+3ngCEp+01nj7a5+rvcQ7RjxqgBWDvk4pmJN0Meaf1Agnhn +OzOpbIYtZhUIYrt65sRkzrjIxif5l+563Ch+EGaRleJOV85FTzJP9HQgPrUkUiaK +y3p/qbxTHAUBfTd6blUZLK/1KFfhcHRCpkMFHgRv1gweJ1RmCOOZTM/AxfPq0+zU +CR63FNXhbKFl1k71tv4D3UYnj7pE+yskthspfqGKfb5sTqdh6AuBCtgRXKc9DD4t +4h2k5CpoEv6KPVUYLj98aUB583lU6E09RqMTlUkqogoSdK6GoPHxxLSvEpai3HQS +o1WZo3m1NgvgBDPBwru4Non9Ki1nhpj2b++KZDR5oZbuw09Hdwce39Qipnbf3xIy +JMDBWx/M2tP/r6IJvlkN7sSqEGVOTliKyXgdJ/tIMTG7RiabnBtctG2K7kG5KxqU +nUIGVCh0gkLH2ntAZ+Z9pJaCEVBpIfWyLlT+G9zeV7o2tb/0UDiLBFLyqXIklrfQ +mSvoPIDCZ6/56MgSsQARAQABtGlTcGFtQXNzYXNzaW4gU2lnbmluZyBLZXkgKENv +ZGUgU2lnbmluZyBLZXksIHJlcGxhY2VtZW50IGZvciAxMDI0RC8yNjVGQTA1Qikg +PGRldkBzcGFtYXNzYXNzaW4uYXBhY2hlLm9yZz6JAjcEEwEKACEFAksW3ooCGwMF +CwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQ/eUvQPfTmBTPyQ//WBnWvrvwWu46 +hWWFQ25CQvJmLp1ithWIt7leVngzUDzJUNgAsOhOdlaeXshVKSea0+hlsmX1ADt+ +hlzEudl4yaCF2lmzpax0POqAfqclX06P8Hl48KwdRlm8H6yGxBKKYZW1J/XNOGi7 +kgDT2Tit4WkJHMCuKb8H6EZdcCOBE3O8Bd8FP97tAi9KuMpNr58rLtAl7wbQgPhw +qBSG3NqPXiykvi1sXzNUmYs9IYeCw0rqKQyVWkzjBHZruzZzr//zPnN9aMkPGCe9 +RRze3fMc8dkoKY0O8mdPkMOgo0+CD1CTV3tEJp+xbpZVcNFrpg9phgrevf4qRTdl +EUJ9lShX3CVo8RraBEV8WiD75ZYOQz/hWX295nZjBsPNz+ysvd14gjHI7aF55eZ9 +JAHyNPv2g8e75VgojsTOIv6z/aN6f2CsT0v9fw921rTTo5h+Fx65iAue7bbkvI/J +sr9qsZ9ODWNAGLwjapvtFlYXUXboYTYPUcULa1bc7n2Xrzyg9YnozbEECTcgt1ad +G+pf0HywSTCPqGTuHK6ivhlfNuREDJsBk1ayA/Vaym4Yrhih4l3+QxmAr1yuQIV1 +bl9CbmCBzLGcIC8jL9/whnnI4DK5odty0aEY5E6Cr0c0K7LPx6bunhHwh2MIclCI +axJy3X5y8nMpIaxhPIkObxpQQXKNS5GIRgQQEQoABgUCSxbfIgAKCRDe4BmHJl+g +WzddAJ9u/3EqTBlEv+lohLZ31U6u9sNKZgCePKyrEFjXx+98wUjIJ+AveSVWi3y0 +S1NwYW1Bc3Nhc3NpbiBQcm9qZWN0IE1hbmFnZW1lbnQgQ29tbWl0dGVlIDxwcml2 +YXRlQHNwYW1hc3Nhc3Npbi5hcGFjaGUub3JnPokCNwQTAQoAIQUCSxbfgAIbAwUL +CQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRD95S9A99OYFG9cD/42r/khRF8ViiKi +QH94gIZB/1hUg1TEjY23ZHl+an1DImM0ZgtQuazfXIyoDUAwdBrgyh9R18K9MCj1 +3Jzqfwpw1nr17F9SHGV20VbK8ge31TM+UoDceE25NWyje90Nxgw4ZBV04yHpq2IO +ZRg7Y8p/bRn+RNfF/7OQQUZQTdd2DtP6bCao12d1+yvT8PXQ4PeFiYhTY8KRSa3z +cCvGb4l5kQJ0rZ7VneN8R/iHUHBfAHORUzxiecZSY4zTLambMKvxzZ3NSTOyxxgg +YfaG2PYkcQQtz82/Ll2dU7cq3cjilYuEyrDpXDDhMYIcsIW3emybRt+VSdzeHRPo +NAxjil2b5vfGSx0O62nRsiXycuaG6UFoKltIXDzSI8WQoRgz+24FgdfIkpbhRLCe +Uu9U1wyykqUXeFmaK/e+Zqxb+QGdfq8u32c0NNAuNEg+bZkKylLKXzcRuRqftHQ8 +CXcXCMTE/rRLpIPefIhdmYl9FTW2WjhL03tqAe8IuCnJNVUas3atVvQh9jFyd/3r +99dlpvwW5Sdqnr3QVWvJiJxHBBj/RhUq/dwLFTrVecX0Lcq67t0o1U2X7VeeSygh +5V5/aElfdWUqBkN9kntsveBkRS7klUakTKfO/1GlxpSNzFtNcD8JfvVQDrYKh4R5 +yWQj7qCkjrTMzEY8HnZIc3d7WrqJPbkCDQRLFt6KARAAq2W8eG2MlAF+GJBjIzfL +6iqBOeH7TlboLsGseOonZFETqsqH/LgpaBdMt3YY2/HXsZb23fK04Qx0H+sjuyUp +UuJP2+S3//6KqrJAzMUEAU5vVjLt/YXuD2oWaRHjaV0EJpwa+LKD6BoViWw6K214 +ypY3dPNy61XRA1N4ejh6gZNsvnbN5x75VliyMGQ++p4RC4JulFQiuonkL428RPIw +zujLGdO3rL3cRLJidaMAd/y1sNqGPc83tE1pky1Sm8Dl319MEgB1aieuqj4jLGKA +uQA7n2zaUC7M7WuMCiHzg2lNNQLGNWDE/6FyfHKrF3MoEh8FMW2/NzvkOBpUh54T +i1Q7ot/Rf52hH2Sw3sb19OT03invGna3nld9xKI7HUAb6fTSQDqFPjl2Gmc9b8dy +tmwWrB1K+DsgK9yaAN5ZoWAYpmCYdFYeiL3L/0H/QrmUHrMlm+M1qrRpM0zst1rZ +Tx/pEub45oQXv9r8eeET2QLBPwh/6OXttCxzkSqHYGQGv+w8a6VpaGUsC6RWZBpE +wjJP+DoLdMZXx1IxDgSWWHY7p3U9HL5J1iAVOKKcOOZss9nu7Ellz0txkwixioUJ +RfvcbTcqP0D22YC2AlCCfqFXjVT6KZOF13STqJ00c+oewebZcuuwbR1RZqTkjatS +JuDQp/4cYMtIwr+K2mq2WWcAEQEAAYkCHwQYAQoACQUCSxbeigIbDAAKCRD95S9A +99OYFG11D/9Z3Qfcib80ArUu9U0LDJJSjvwisHagINebPyXyNjBHgkkDNXd7g3WY +FSSnT9C+Sef1Qbeol2yuCs8qa3YRIiD0jsmfsv/AykfobNCNf8UuCs13QnCPcqa5 +GlGilUYSirOO40IXO21DcdYBgtzKrabTeq5aPe5u4C7Q9ag6CVC4b9RgPHALG+qH +qEK//OgLRV5YWaXlLUO++xlBYSkDLi+gBgI0pdGCSZOHF7Uo8xolDnc/v7OO6nG2 +hZ872TIgUOWiGYwSF51ymJwfMOLRbfuBn4GSlHMrB7wAWljhed9Oa5T1gAMm5Ixc +QuMVLZ01QIk0X5UdV9CQ+OWn9rZs3AOmw1S+o/CHk/760zokAYR8TUzsvsmbAdL2 +Nf6CPai4U/Q/OFt3SqVxCkw2ID9id2GsdDSmHiIb7B+eZ7y96ALaXIREFLyMMhRW +Z3X6ecBxKDPsEGiyej1La8V1PW9hjTDNobcCJxd8bm2GE0wQ86jm+tNs6UExt2ZZ +KNO9cvi5KUpo+oV3X6RfXFEz/xZOmu9pXeDab7rP4cDqSvC4m42491oTrzn3ljgg +/qlbmnyWb7lWRV3qyNwOYetpkUybmT0IiGcfQP24Exr1jDDxwpFpmvutbGPIa6C+ +5Y2x0yvuw5VZfndWASdUK9f4qA8N227/JrWMyVFbSHgqClMg4gHA5Q== +=VQsP +-----END PGP PUBLIC KEY BLOCK----- + +[2] +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1 + +mQILBEOnbDQBEADBfda+hU8cGXD/2WYrIHsZ5CmvC2eCYKgQ87W706tzwmxoZWQS +JfnRpkZnBqS5WDhXhNBOhk9CgF5/e9yHnDQCusNYfRstKd+t0XTFvq30/tacrJNe +67zgq+DtWqIK9C7akfElc+2M5NkX6mF4cjaMXZoW17ltPy0XSSeirf584nvK3pXf +oEFLYQ/0AUV9EBpo9+i2DkMUd8d5tz7A6O5foB3ijYPzIcVtVJ1eyCg6gO1I4cIA +YbIZCH0WIVx5MQjydfKyCR4D7VFPpZgwcZ1PmyZSsy3lrigGVvYEoUS2fWTt2jUO +pB3wg5pgzuu9hN5CpChZGvq65t4PGtAeShnBkddIH4l+iDC6sAc6W06KidSaUCW1 +BKvNMa39lyEkO4bfLblZRjoZbj7Tjq3wQV/PLpPyKDa8ZZ88GfWaeRDUNRgZG6Qq +e6UKlFGfrw2RXOImUje7Sjy/eG4Ud/BOeGkV913yWBm9CHsPNtaVDK+iQI6vkAWS +3QkiPjBkXGTZFHsUx9/i3k5Iga6d4Gq2cBIVBur3sDxjKuuSazLwA9OAybpzQe2s +PvTzbGc/f1P7plT++HBFlBHwFtl/v68Q8pkbMWlEc5M9nYJ6yXHATHZzFfThxBwt +OYfF25XGaclUMkOMX++RiRkmjaEaT7Whv5aPbeb3+H3v6Omjvnebge24lQAGKbQ/ +dXBkYXRlcy5zcGFtYXNzYXNzaW4ub3JnIFNpZ25pbmcgS2V5IDxyZWxlYXNlQHNw +YW1hc3Nhc3Npbi5vcmc+iQI2BBMBAgAgBQJDp2w0AhsDBgsJCAcDAgQVAggDBBYC +AwECHgECF4AACgkQQFamGlJE7EVkfg//ZjBQ6UXDizX9UPsEmogWXIqbBsyP5DJH +uToaFa6OzCbOJqcYnXNfOjovYdDOTje+x3ZEkwbx+y6MSfhmDuHPDPqBU7hXenxx +oRktC68mJasKo0wXym2YfyWFnhSZMlXXFQ9We48zNGcVRckzaxLzM67BFJuRUfOM +EV6Lf3HxMvoUK3/Xzq9YPEq2sqFO1Eu+qPC3nq726Tj/aYBBFHgHmbjDrZTaQNyV +fHvEjDzPcDRjlJI+vZw1UEuXG+BKATPpiT7U7I1OGLDa2ExDIxh0+eJnsmA3YyHG +VweE7nDN2GmkXMVfa5vXHH49Ae9Ee8jIIRipfgMgZWnkZ0XYDvLj2ueH0Ixu4o9R +D2zJIwqzRh1sytG+1YOfHrOMUCplImJaY/ARgOM324ZdBvhkgIi1XvT7Sy/ZmGWd +DKFo+GjX0r2cujR8Pd4i7VlKsF9wRypk+n/aupXiaz5GY44EIVbnweyS5IlCNrwn +4UtqcB9/9uk1tmUNIcC5xjbq5ud/Y+iMIqCKCH0C9WUwSNSdsg+K+9xoZuvlaXY0 +JeXWNcDdq+tMir+x+/o0U4ENVYBkSFesnotmHwN6jZj4lSMRmvcFHPBljXqLqzM+ +y5wZxnCo1N7T+erZaI7BUrpJYm8JxcJ2VCWV0JFoO1Ec//B6XYB0pckbRuSTX/Zw +pKEkNqOdmjm5AgsEQ6dsigEQAKvdggbwqJgfDbRE2Lcy2gsn4j7haqu3IVBbyUDn +kGuuDuEtSeoRjCZXEb5DaKibIpEy5vzvRGvCFFkrBs4KXk/uamkgCpGnQZFnoz/S +rNZ8U7+e1pecEePpIkhQyafUKox9+p43UVoq4UybdPRDvE9SmQ1qaNUhyQY2FP9S +WT1a63u5GA73aH4puGO0BuZ9R3MNaDYZe/MOlRRjmlAsbY4oqWOudlNVaZ71EV3O +FFmOH4pnpxdO0X0l6sF6nvqvO5/gdZ3dI5iqrJjUneVgVOmPkREq7tQ5qHS/2pny +rDrH8NZCDNT5TXciBxBrt53bxxL/V/HWaolmtJi8gK82uXt8YlmT6zuEsofufDmu +P/HMDZ+BhGI+ggNzY2AVwERTRD6ecHDOI3iIuCP4Ck26YNHRCLyocL3CSlIpjQPu +tb3qfdAcqKLJ/fVyLtGkXr24crel6IeJY7/AGjYBrfh47DWnK7Xds8bAqJ8VCjOc +/q1usFTHgGkYocvtv0gmcjbu8YypzuG8HxOg9Yk9qRLQgg1fNhzXE2lqEPyMlBfj +eLmMNRvKP70fH8CK8adinPIegaRrS6gZ/iIdv8+YV+1rlEt28qzzGJxnmzUEmW6X +Xj44u91umg9WOsLxTOCQWdjGHonytHqj/xIsf45N2JIGLhU0lF04hYfEo5p65AyM +PpYhAAYpiQIfBBgBAgAJBQJDp2yKAhsCAAoJEEBWphpSROxFungP/iWKe7o8szOz +VmXkj89xDVFZ69nthVKkbgSYIZYQC+QLF8P1MWRnNWO/8TY+XsaCT3SrqxDFQ/R/ +9mlAPGUM1ySVihOPmP/DPiOlWLCsc0mb6OzYF2olcOR33s05MqvJlqXSmIrdB+hI +KkC7G5byZ+XZwPXVj4XlxIEOzs18+0YJqy0IPZPXTiMet4k2KyWyWkJpJYUCb19G +R6QC8hZQD97EYTbkbr5Ss26jjY/9AqLofW5F1/98pLDo+ron7pI2k8Ymn5DngEsa +XoGsQuyvPfTAjS4p9q/XwExJcX3gvQesdw18mpoSaGAOgDISolBPRqpHpy7v7vuw +3UMnsefKOX3F0Rossevw+c2/JCulnGmJDlgz6nHSR6FhHsbrDKF8oBeYPfGW/Kjw +NvzB1i9yubAMrsTQVu1Q8e5LsnL/MNYKb6oEJbBywdeHxBkehGWFXVdSoFvVSih/ +VNqX9f7jlybpLZW/n8cQ2r1ax19v7FleO/xSGvkYm7B1+4BW0mjy6A5dta5+e5WG +D5R06Uya3/xRAPGdmV6t4Mw8fFsuyCvs+vC73PR3+eS1UvCYsDpcQD8KpVBnsHaA +duWRKKhjuFL0vdOWAr25tFOTKAj5Ywas47PBukO0isov2WBCA1rVqOr6FUvdP76y +mqHv/0E6/vnTLxFoNsu4Ce42nAQ/A/jRiQQ+BBgBAgAJAhsCBQJHhbheAinBXSAE +GQECAAYFAkOnbIoACgkQbFU5eCT0NM68MQ/8DvYqxRm3vP0Gwnr+63kzET8S+6vf +gxOghnU+eMlqUeUu/ajqnVDMzoAIRDw9QgQc9ZZoklOSJQwOuloAbdpL4TwQ2XfJ +MLU60JkZWnEOXJwClb0qG1GqtcBPbMEUPfZcQfphdRL3jpWZlaexFiJRSD+A0riw +7q3NZKPDt4FrF7F3GY9krFy+P0nRt5f462DeDhCYZgguBQH+oGtjc5Hx+kOVWDsS +txo5xkt4/0DG50ZklPkTlCohmJwRLACy+NswdQ9q83eWAhzKOPgkal7xF6a+LyE+ +ytVYy2EgEU74r2gVw5iizy92FDj//Z2QAUyf/c4BMuAhvfwVIHd8n2DPHvpMP15L +6fwoymh0OjzmhwK94Z2u1YqNC1CK27/hfB6okQ/Tct7/Ik61dBjtiYdUC9tTA5Ze +W8X5ouSmttS1QFixx+Z4hiXV7Qj12lgVKuJohjrVshfcbVzTHljjAo3YkOZIHIoA +IJTUMRNzTIx9k4hrPVbxbVQhKjKTwFNtBuxvmptGTcLEIv9THpqlq8jkcStJ2Zrd +hhofPCWRT/Kzo+WE+Kgefv88T5Li7Ku12U/UpiK85+6nRspXj3rnkfDOUbLZjGM+ +1NET0xQTPuyxN6CXF7MMxfGCpszCudYxMANDQqNXu9brcPN/+EIxGRjqin4E7q+h +kYUaY7Ki8mXtJ8cJEEBWphpSROxFktcQALWQv996bFq1iFcGuQ0ITxNDlOWCsses +bgEM5zR10DH+6s2bXEO8xyDHQJtrvdCPetRDosnuOToBMnGMXTYVytnWzwwAzwq1 +YM+bGAeTHaIX+2UmxwFyX4GMOdqsNB+xDZ8pmRKjamJSgUQt6e18YpZlg1Y4QkxS +Vptq7OZBjiKeLUhLhGJ6GWgEIedLcoCtFzKCfz3zwn0Oxl+1EnVu8yqN+quWTf8P +7EZn+0ztqZY059BrcK2jmOyXvtOZBcAHXCUknh/uPHwAJV2WFWSNid2kNiLOrV+J +3eLTs5sF9wNhxWRhl6/10cwTzjy0Onv5cJh2tjdwksigMRMwz4c839zXORni/tnY ++IY22kNTKu84gB8rBuqUq8MQXNdS3bbROwwNUzpC0D1C1z1fBvyXDL1EwJdz70Wc +2m/Sw6tIid5g98+XMW+Ibt43Jk2XbK71JLhbVbePbAcHVh/UXEtnjhRfX7oyWlwS +a+lkKMiJd/6CQ6bvYsgklE7uEzTpRskpkkOcCk1O+8jfl+DsDwKrvVaNu8tpx45k +TtV4JDA6iEHKakD/zZdVTR79W2CFqBvRfRikc5INOl1OfMQ4ODmjkMl3yI9wrHwS +SQQxdq2XsS7xbU9HDFBEguQDu0rfzILZ9DuKIVHyr/CsRoJ5joj+JvKaUQC81ywQ +aB8EKy5bg4U6 +=IbYW +-----END PGP PUBLIC KEY BLOCK----- diff --git a/spamassassin.spec b/spamassassin.spec index d9f1f4b..1f030a1 100644 --- a/spamassassin.spec +++ b/spamassassin.spec @@ -1,7 +1,7 @@ # # spec file for package spamassassin # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2025 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,71 +12,68 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # -#Compat macro for new _fillupdir macro introduced in Nov 2017 -%if ! %{defined _fillupdir} - %define _fillupdir /var/adm/fillup-templates -%endif +%bcond_without test -%define ix_version 2.05 -%define spd_version 2.42 -# http://www.worlddesign.com/index.cfm/rd/mta/spampd.htm +%define spd_version 2.62 +%define sa_version 4.0.2 +%define sa_float %(echo %{sa_version} | awk -F. '{ printf "%d.%03d%03d", $1, $2, $3 }') +%define perl_float %(echo %{perl_version} | awk -F. '{ printf "%d.%03d", $1, $2 }') +%define rules_revision 1928015 -%define IXHASH iXhash2-%{ix_version} %define SPAMPD spampd-%{spd_version} Name: spamassassin +Version: %{sa_version} +Release: 0 Summary: Extensible email filter which is used to identify spam License: Apache-2.0 Group: Productivity/Networking/Email/Utilities -Version: 3.4.1 -Release: 0 -%define sa_version 3.4.1 -%define rules_revision 1675274 -Url: http://spamassassin.org/ -Source: http://apache.mirrors.hoobly.com//spamassassin/source/Mail-SpamAssassin-%{version}.tar.bz2 -Source1: http://apache.mirrors.hoobly.com//spamassassin/source/Mail-SpamAssassin-rules-%{version}.r%{rules_revision}.tgz -Source2: %{IXHASH}.tar.gz -Source3: %{SPAMPD}.tar.bz2 +URL: https://spamassassin.apache.org/ +Source0: https://downloads.apache.org/spamassassin/source/Mail-SpamAssassin-%{sa_version}.tar.bz2 +Source1: https://downloads.apache.org/spamassassin/source/Mail-SpamAssassin-rules-%{sa_version}.r%{rules_revision}.tgz +Source3: https://github.com/mpaperno/spampd/archive/%{spd_version}.tar.gz#/%{SPAMPD}.tar.gz Source10: local.cf +Source11: README.SUSE Source12: sysconfig.spamd Source14: sysconfig.spampd -Source15: suse.cron-sa-update +Source15: timed-sa-update Source16: spamd.service Source17: spampd.service +Source18: sa-update.service +Source19: sa-update.timer +Source100: https://downloads.apache.org/spamassassin/source/Mail-SpamAssassin-%{sa_version}.tar.bz2.asc +Source101: https://downloads.apache.org/spamassassin/source/Mail-SpamAssassin-rules-%{sa_version}.r%{rules_revision}.tgz.asc +# Keyring downloaded from https://www.apache.org/dist/spamassassin/KEYS +Source102: spamassassin.keyring +Source103: %{name}-rpmlintrc Patch1: patch-PgSQL Patch2: patch-URIDNSBL -Patch3: patch-SQL_ASCII_SORT Patch6: bnc#582111.diff -Patch7: spampd-2.42_git_20170226.patch -Patch10: iXhash2-meta-rules.patch -# add OpenSSL 1.1 support -# PATCH-FIX-UPSTREAM https://svn.apache.org/viewvc?view=revision&revision=1806555 -Patch11: 0001-bug-7361-Allow-building-against-OpenSSL-1.1.0.patch -# PATCH-FIX-SUSE don't use deprecated SSLv3_client_method -Patch12: spamassassin-dont_use_SSLv3_methods.patch -# PATCH-FIX-UPSTREAM https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7367 -Patch13: 0001-Fix-bug-7367-Don-t-assume-cwd-.-is-in-INC-it-may-be-.patch -# PATCH-FIX-UPSTREAM https://bz.apache.org/SpamAssassin/attachment.cgi?id=5314 -Patch14: DNS-resolver-recursion-desired-not-set.patch -# PATCH-FIX-UPSTREAM https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7404 -Patch15: deprecated-regex.patch -BuildRoot: %{_tmppath}/%{name}-%{version}-build -%{perl_requires} -PreReq: %fillup_prereq -BuildRequires: dos2unix -BuildRequires: openssl-devel +Patch7: basic-lint-without-sandbox.patch +BuildRequires: pkgconfig(openssl) +BuildRequires: pkgconfig(zlib) +# optional, but want them for build (test) +BuildRequires: curl >= 7.2.14 +BuildRequires: gpg +BuildRequires: netcfg +BuildRequires: re2c +BuildRequires: wget >= 1.8.2 # -Requires: perl-IO-Socket-INET6 -Requires: perl-Mail-DKIM -Requires: perl-Mail-SpamAssassin = %version Requires: re2c +Requires: spamassassin-spamc = %{sa_version} +Requires: (curl >= 7.2.14 or wget >= 1.8.2) +Requires: perl(Archive::Tar) >= 1.23 +Requires: perl(Error) +Requires: perl(IO::Zlib) >= 1.04 +Requires: perl(LWP) +Requires: perl(Mail::SpamAssassin) = %{sa_float} Requires: perl(Net::Server::PreForkSimple) -BuildRequires: systemd -%{?systemd_requires} +Requires(post): %fillup_prereq +%{?systemd_ordering} %description spamassassin adds a header line that shows if the mail has been @@ -85,127 +82,147 @@ mail within the scope of your own filtering rules in your MUA (Mail User Agent, your mail program) or your LDA (Local Delivery Agent). See the files in the documentation directory -/usr/share/doc/packages/spamassassin/ for more information on how to +%{_docdir}/spamassassin/ for more information on how to use the filter. +%package spamc +Summary: Spammassassin Client +Group: Productivity/Networking/Email/Utilities + +%description spamc +Spamc is the client to contact the spammassassin spamd daemon. It should +be used in place of "spamassassin" in scripts to process mail. + %package -n perl-Mail-SpamAssassin Summary: Perl Modules For Using Spamassassin Within An Own Perl Script Group: Development/Libraries/Perl -BuildRequires: perl -BuildRequires: perl-Error BuildRequires: perl(Archive::Tar) >= 1.23 +BuildRequires: perl(Compress::Zlib) +BuildRequires: perl(DB_File) BuildRequires: perl(Digest::SHA1) BuildRequires: perl(Errno) BuildRequires: perl(File::Copy) >= 2.02 BuildRequires: perl(File::Spec) >= 0.8 +BuildRequires: perl(Getopt::Long) >= 2.32 BuildRequires: perl(HTML::Parser) >= 3.43 BuildRequires: perl(IO::Zlib) >= 1.04 +BuildRequires: perl(MIME::Base64) BuildRequires: perl(Mail::DKIM) >= 0.37 -BuildRequires: perl(Net::DNS) >= 0.34 -BuildRequires: perl(NetAddr::IP) >= 4.000 +BuildRequires: perl(Net::DNS) >= 0.69 +BuildRequires: perl(Net::SMTP) +BuildRequires: perl(NetAddr::IP) >= 4.010 BuildRequires: perl(Pod::Usage) >= 1.10 BuildRequires: perl(Sys::Hostname) +BuildRequires: perl(Test::More) BuildRequires: perl(Time::HiRes) BuildRequires: perl(Time::Local) +# required for tests +BuildRequires: perl(Devel::Cycle) +#BuildRequires: perl(Perl::Critic::Policy::Perlsecret) +BuildRequires: perl(Perl::Critic::Policy::TestingAndDebugging::ProhibitNoStrict) +BuildRequires: perl(Test::More) +BuildRequires: perl(Text::Diff) # optional, but want them for build (test) +BuildRequires: perl(Archive::Zip) +BuildRequires: perl(BSD::Resource) +BuildRequires: perl(DBD::SQLite) BuildRequires: perl(DBI) -BuildRequires: perl(Encode::Detect) -BuildRequires: perl(IO::Socket::INET6) -BuildRequires: perl(IO::Socket::SSL) -BuildRequires: perl(IP::Country) -BuildRequires: perl(Mail::SPF) +BuildRequires: perl(Devel::Cycle) +BuildRequires: perl(Email::Address::XS) +BuildRequires: perl(Encode::Detect::Detector) +BuildRequires: perl(HTTP::Date) +BuildRequires: perl(IO::Socket::IP) +BuildRequires: perl(IO::Socket::SSL) >= 1.76 +BuildRequires: perl(IO::String) +BuildRequires: perl(IP::Country::Fast) +BuildRequires: perl(LWP::UserAgent) +BuildRequires: perl(Mail::SPF) >= 2.001 +BuildRequires: perl(Net::CIDR::Lite) BuildRequires: perl(Net::Ident) +BuildRequires: perl(Net::LibIDN) +BuildRequires: perl(Net::Patricia) >= 1.16 BuildRequires: perl(Razor2::Client::Agent) >= 2.61 # -Requires: perl-libwww-perl -Requires: perl(Archive::Tar) >= 1.23 +Requires: perl(Archive::Zip) Requires: perl(Digest::SHA1) Requires: perl(Errno) Requires: perl(File::Copy) >= 2.02 Requires: perl(File::Spec) >= 0.8 Requires: perl(HTML::Parser) >= 3.43 -Requires: perl(IO::Socket::IP) -Requires: perl(IO::Zlib) >= 1.04 -Requires: perl(Mail::DKIM) >= 0.37 -Requires: perl(Net::DNS) >= 0.34 +Requires: perl(Mail::DKIM) >= 0.31 +Requires: perl(Net::DNS) >= 0.69 Requires: perl(NetAddr::IP) >= 4.010 Requires: perl(Pod::Usage) >= 1.10 Requires: perl(Sys::Hostname) Requires: perl(Time::HiRes) Requires: perl(Time::Local) -# optional -Recommends: perl(Mail::SPF) -Recommends: perl(Net::Patricia) +Recommends: perl(Archive::Tar) >= 1.23 +Recommends: perl(BSD::Resource) +Recommends: perl(Compress::Zlib) +Recommends: perl(DB_File) +Recommends: perl(Email::Address::XS) +Recommends: perl(Encode::Detect::Detector) +Recommends: perl(Getopt::Long) >= 2.32 +Recommends: perl(HTTP::Date) +Recommends: perl(IO::Socket::IP) +Recommends: perl(IO::Socket::SSL) >= 1.76 +Recommends: perl(IO::String) +Recommends: perl(IO::Zlib) >= 1.04 +Recommends: perl(IP::Country::Fast) +Recommends: perl(LWP::UserAgent) +Recommends: perl(MIME::Base64) +Recommends: perl(Mail::DKIM) >= 0.37 +Recommends: perl(Mail::SPF) >= 2.001 +Recommends: perl(Net::CIDR::Lite) +Recommends: perl(Net::DNS) >= 0.58 +Recommends: perl(Net::Ident) +Recommends: perl(Net::LibIDN) +Recommends: perl(Net::Patricia) >= 1.16 +Recommends: perl(Net::SMTP) Recommends: perl(Razor2::Client::Agent) >= 2.61 -Recommends: perl(IO::Socket::INET6) -Recommends: perl(IO::Socket::SSL) -Recommends: perl(DBI) -Recommends: perl(Encode::Detect) -Recommends: cron -Provides: perl-spamassassin = %version -Obsoletes: perl-spamassassin < %version +Recommends: perl(Test::More) +Suggests: perl(DBD::mysql) +Suggests: perl(DBI) +Suggests: perl(Geo::IP) +Suggests: perl(GeoIP2::Database::Reader) +Provides: perl-spamassassin = %{sa_version} +Obsoletes: perl-spamassassin < %{sa_version} +BuildArch: noarch +%{perl_requires} %description -n perl-Mail-SpamAssassin This package contains the perl modules for the spamassassin, including the filter rules. This package is required for the package "spamassassin", the commandline tool. -%package -n perl-Mail-SpamAssassin-Plugin-iXhash2 -Summary: The iXhash plugin for SpamAssassin -Group: Development/Libraries/Perl -Requires: perl-Mail-SpamAssassin = %version -Requires: perl(Digest::MD5) -Version: %{ix_version} -Release: 0 -Provides: perl-Mail-SpamAssassin-Plugin-iXhash = %{ix_version} -Obsoletes: perl-Mail-SpamAssassin-Plugin-iXhash < 2 -%{perl_requires} - -%description -n perl-Mail-SpamAssassin-Plugin-iXhash2 -This archive contains the iXhash2 plugin for the SpamAssassin spam filtering -software, along with an example config file. - -Basically the plugin provides a network-based test just as razor2, pyzor -and DCC do. Working solely on the body of an email, it removes parts of it -and computes a hash value from the rest. These values will then be looked up -via DNS using the domains given in the config file(s). You need Net::DNS and -Digest::MD5 installed - %prep -%setup -q -n Mail-SpamAssassin-%{sa_version} -a 2 -a 3 -%patch1 -p0 -%patch2 -p1 -%patch3 -p0 -%patch6 -p0 -%patch7 -p0 -%patch10 -p0 -%patch11 -p1 -%patch12 -p1 -%patch13 -p1 -%patch14 -p1 -%patch15 -p2 +%setup -q -n Mail-SpamAssassin-%{sa_version} -a 3 +tar -zxf %{SOURCE1} -C rules +%patch -P 1 +%patch -P 2 -p1 +%patch -P 6 +%patch -P 7 -p1 +cp %{SOURCE11} ./ %build -if [ -e t/data/whitelists/winxpnews.com ]; then - echo "t/data/whitelists/winxpnews.com is not allowed to be distributed." - echo "see #102221" - #exit -1 # hidden bug description, so I can't see there - ignored -fi; -if [ -e build/cf_to_html ]; then - echo "build/cf_to_html is not allowed to be distributed." - echo "see #102221" - #exit -1 # hidden bug description, so I can't see there - ignored -fi; +# Run substitutions in default rules +sed -i -e 's|@@CONTACT_ADDRESS@@|postmaster|g' \ + -e 's|@@LOCAL_RULES_DIR@@|%{_sysconfdir}/mail/spamassassin|g' \ + -e 's|@@VERSION@@|%{sa_float}|g' rules/*.cf export CFLAGS="%{optflags}" perl Makefile.PL INSTALLDIRS=vendor OPTIMIZE="%{optflags}" \ - CONTACT_ADDRESS="postmaster" ENABLE_SSL="yes" + CONTACT_ADDRESS="postmaster" ENABLE_SSL="yes" -make +%make_build %check -# fails now... FIGURE out why -#make test +%if %{with test} +# Relax the crypto policies for the test-suite +export OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file +export OPENSSL_CONF='' +%make_build -j1 test +%endif %install ## perl-Mail-SpamAssassin stuff @@ -217,79 +234,97 @@ sed -i -e "/\/usr\/bin/d" %{name}.files # package only %%{_mandir}/man3 sed -i -e "s,%{_mandir}/man?,%{_mandir}/man3," %{name}.files # -## perl-Mail-SpamAssassin-Plugin-iXhash2 stuff -install -d %{buildroot}/etc/mail/spamassassin -cp %{IXHASH}/iXhash2.pm %{buildroot}/%{perl_vendorlib}/Mail/SpamAssassin/Plugin -cp %{IXHASH}/iXhash2.cf %{buildroot}/etc/mail/spamassassin/iXhash2.cf -# ## spamassassin stuff -install -d %{buildroot}/etc/cron.daily/ -install -m 0755 %{S:15} %{buildroot}/etc/cron.daily/ -install -D -m0755 %{SPAMPD}/spampd.pl %{buildroot}/%{_sbindir}/spampd -mv %{buildroot}/%{_bindir}/spamd %{buildroot}/%{_sbindir}/ -install -m 0644 %{S:10} %{buildroot}/etc/mail/spamassassin/local.cf +install -D -m0755 %{SPAMPD}/spampd.pl %{buildroot}%{_sbindir}/spampd +install -m 0755 %{SOURCE15} %{buildroot}%{_sbindir}/ +mv %{buildroot}%{_bindir}/spamd %{buildroot}%{_sbindir}/ +install -d %{buildroot}%{_sysconfdir}/mail/spamassassin +install -m 0644 %{SOURCE10} %{buildroot}%{_sysconfdir}/mail/spamassassin/local.cf ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcspamd ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcspampd -echo "Most of the documentation is at ../perl-Mail-SpamAssassin/." > README.SUSE -install -D -m 0640 %{S:12} %{buildroot}/%{_fillupdir}/sysconfig.spamd -install -m 0640 %{S:14} %{buildroot}/%{_fillupdir}/ -test -f %{buildroot}/usr/share/spamassassin/user_prefs.template || { +install -D -m 0640 %{SOURCE12} %{buildroot}%{_fillupdir}/sysconfig.spamd +install -m 0640 %{SOURCE14} %{buildroot}%{_fillupdir}/ +test -f %{buildroot}%{_datadir}/spamassassin/user_prefs.template || { echo "MakeMaker is broken again..." exit 1 } -install -d %{buildroot}/usr/share/spamassassin -pushd %{buildroot}/usr/share/spamassassin && tar -xjf %{S:1} && popd + +## default rules +install -d %{buildroot}%{_datadir}/spamassassin +install -D -m 0644 rules/[0-9]*.cf %{buildroot}%{_datadir}/spamassassin ## systemd stuff -mkdir -p %{buildroot}/%{_unitdir} -install -D -m 644 %{S:16} %{buildroot}/%{_unitdir} -install -D -m 644 %{S:17} %{buildroot}/%{_unitdir} +install -d %{buildroot}%{_unitdir} +install -D -m 644 %{SOURCE16} %{buildroot}%{_unitdir} +install -D -m 644 %{SOURCE17} %{buildroot}%{_unitdir} +install -D -m 644 %{SOURCE18} %{buildroot}%{_unitdir} +install -D -m 644 %{SOURCE19} %{buildroot}%{_unitdir} %post -%service_add_post spamd.service -%service_add_post spampd.service +%service_add_post spamd.service spampd.service sa-update.timer %{fillup_only -n spamd} %{fillup_only -n spampd} +if [ $1 -gt 1 ]; then + # Package upgrade + for dir in $(ls -d %{_sharedstatedir}/%{name}/{,compiled/*/}[0-9\.]* 2>/dev/null); do + if [ "${dir##*/}" != "%{sa_float}" ]; then + rm -rf ${dir} + fi + done + find %{_sharedstatedir}/%{name} -type d -empty -delete 2>/dev/null || : + + # Compile rules if Perl and/or spamassassin version changed + if [ ! -d %{_sharedstatedir}/%{name}/compiled/%{perl_float}/%{sa_float} ]; then + grep -q "^SPAM_SA_COMPILE.*yes.*" %{_sysconfdir}/sysconfig/spamd && %{_bindir}/sa-compile &> /dev/null || : + fi +fi %pre -%service_add_pre spamd.service -%service_add_pre spampd.service +%service_add_pre spamd.service spampd.service sa-update.timer %preun -%service_del_preun spamd.service -%service_del_preun spampd.service +%service_del_preun spamd.service spampd.service sa-update.timer %postun -%service_del_postun spamd.service -%service_del_postun spampd.service +%service_del_postun spamd.service spampd.service sa-update.timer +if [ $1 -eq 0 ]; then + # Package removal + rm -rf %{_sharedstatedir}/%{name} +fi %files %defattr(-,root,root) -%doc spamd/README* spamd/PROTOCOL -%doc %{_mandir}/man1/* -%{_bindir}/* +%doc spamd/README spamd/README.vpopmail spamd/PROTOCOL README.SUSE +%{_mandir}/man1/sa-* +%{_mandir}/man1/spamassassin* +%{_mandir}/man1/spamd.1* +%{_bindir}/sa-* +%{_bindir}/spamassassin %{_sbindir}/* %{_fillupdir}/sysconfig.spamd %{_fillupdir}/sysconfig.spampd %{_unitdir}/spamd.service %{_unitdir}/spampd.service +%{_unitdir}/sa-update.service +%{_unitdir}/sa-update.timer +%ghost %{_sharedstatedir}/%{name} + +%files spamc +%defattr(-,root,root) +%license LICENSE +%{_bindir}/spamc +%doc %{_mandir}/man1/spamc.1* %files -n perl-Mail-SpamAssassin -f %{name}.files %defattr(-,root,root) -%doc CREDITS Changes LICENSE MANIFEST* NOTICE PACKAGING README +%license LICENSE +%doc CREDITS Changes MANIFEST* NOTICE PACKAGING README %doc TRADEMARK UPGRADE USAGE sample-nonspam.txt sample-spam.txt %doc ldap sql -%dir /etc/mail -%config(noreplace) /etc/mail/spamassassin -%config(noreplace) /etc/cron.daily/suse.cron-sa-update -%exclude /etc/mail/spamassassin/iXhash2.cf -%dir /usr/share/spamassassin -/usr/share/spamassassin/* - -%files -n perl-Mail-SpamAssassin-Plugin-iXhash2 -%defattr(-,root,root) -%doc %{IXHASH}/CHANGELOG %{IXHASH}/LICENSE %{IXHASH}/README -%config(noreplace) /etc/mail/spamassassin/iXhash2.cf -%{perl_vendorlib}/Mail/SpamAssassin/Plugin/iXhash2.pm +%dir %{_sysconfdir}/mail +%config(noreplace) %{_sysconfdir}/mail/spamassassin +%exclude %{perl_vendorarch} +%dir %{_datadir}/spamassassin +%{_datadir}/spamassassin/* %changelog diff --git a/spamd.service b/spamd.service index b9dc41f..3f2e907 100644 --- a/spamd.service +++ b/spamd.service @@ -20,11 +20,22 @@ After=remote-fs.target network.target Before=mail-transfer-agent.target [Service] +# added automatically, for details please see +# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort +ProtectSystem=full +PrivateDevices=true +ProtectHostname=true +ProtectClock=true +ProtectKernelTunables=true +ProtectKernelModules=true +ProtectKernelLogs=true +ProtectControlGroups=true +RestrictRealtime=true +# end of automatic additions Type=forking -PIDFile=/var/run/spamd.pid -ExecStartPre=/bin/bash -c "sa-update || true" +PIDFile=/run/spamd.pid EnvironmentFile=-/etc/sysconfig/spamd -ExecStart=/usr/sbin/spamd $SPAMD_ARGS -r /var/run/spamd.pid +ExecStart=/usr/sbin/spamd $SPAMD_ARGS -r /run/spamd.pid ExecReload=/usr/bin/kill -HUP $MAINPID [Install] diff --git a/spampd-2.42.tar.bz2 b/spampd-2.42.tar.bz2 deleted file mode 100644 index 6993555..0000000 --- a/spampd-2.42.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:5ea0d8357b0de342d6b420e92dba9a5b4e0bd775c6a9c79e983cbdff50bf6e0a -size 112640 diff --git a/spampd-2.42_git_20170226.patch b/spampd-2.42_git_20170226.patch deleted file mode 100644 index 3441e01..0000000 --- a/spampd-2.42_git_20170226.patch +++ /dev/null @@ -1,56 +0,0 @@ -diff -ur spampd-2.42/spampd.html spampd-2.42_20170226/spampd.html ---- spampd-2.42.orig/spampd.html 2013-12-08 12:34:02.000000000 +0100 -+++ spampd-2.42/spampd.html 2015-10-18 01:22:58.000000000 +0200 -@@ -96,7 +96,7 @@ -
-
IO::File
-
--
IO::Socket
-+
IO::Socket::IP
-
-
Time::HiRes (not actually required but recommended)
-
-diff -ur spampd-2.42/spampd.pl spampd-2.42_20170226/spampd.pl ---- spampd-2.42/spampd.pl 2013-12-08 12:34:02.000000000 +0100 -+++ spampd-2.42_20170226/spampd.pl 2015-10-18 01:22:58.000000000 +0200 -@@ -307,19 +307,19 @@ - # =cut - - use strict; --use IO::Socket; -+use IO::Socket::IP; - - # =item new(interface => $interface, port => $port[, timeout = 300]); - # - # The interface and port to talk to must be specified. The interface - # must be a valid numeric IP address; the port must be numeric. If - # this call succeeds, it returns a client structure with an open --# IO::Socket::INET in it, ready to talk to. If it fails it dies, -+# IO::Socket::IP in it, ready to talk to. If it fails it dies, - # so if you want anything other than an exit with an explanatory - # error message, wrap the constructor call in an eval block and pull - # the error out of $@ as usual. This is also the case for all other - # methods; they succeed or they die. The timeout parameter is passed --# on into the IO::Socket::INET constructor. -+# on into the IO::Socket::IP constructor. - # - # =cut - -@@ -327,7 +327,7 @@ - my ($this, @opts) = @_; - my $class = ref($this) || $this; - my $self = bless { timeout => 300, @opts }, $class; -- $self->{sock} = IO::Socket::INET->new( -+ $self->{sock} = IO::Socket::IP->new( - PeerAddr => $self->{interface}, - PeerPort => $self->{port}, - Timeout => $self->{timeout}, -@@ -1171,7 +1171,7 @@ - - =item B - --=item B -+=item B - - =item B (not actually required but recommended) - diff --git a/spampd-2.62.tar.gz b/spampd-2.62.tar.gz new file mode 100644 index 0000000..6d801db --- /dev/null +++ b/spampd-2.62.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:efe016d111f8c2094f4936f2efa16ca6e78c1b485465b269fc5c4273b9c57cf8 +size 249062 diff --git a/spampd.service b/spampd.service index 90f0872..2770b89 100644 --- a/spampd.service +++ b/spampd.service @@ -20,9 +20,20 @@ After=remote-fs.target Before=mail-transfer-agent.target [Service] +# added automatically, for details please see +# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort +ProtectSystem=full +PrivateDevices=true +ProtectHostname=true +ProtectClock=true +ProtectKernelTunables=true +ProtectKernelModules=true +ProtectKernelLogs=true +ProtectControlGroups=true +RestrictRealtime=true +# end of automatic additions Type=forking -PIDFile=/var/run/spampd.pid -ExecStartPre=/bin/bash -c "sa-update || true" +PIDFile=/run/spampd.pid EnvironmentFile=-/etc/sysconfig/spampd ExecStart=/usr/sbin/spampd $SPAMPD_OPTIONS ExecReload=/usr/bin/kill -HUP $MAINPID diff --git a/suse.cron-sa-update b/suse.cron-sa-update deleted file mode 100644 index 3e9d4ad..0000000 --- a/suse.cron-sa-update +++ /dev/null @@ -1,43 +0,0 @@ -#!/bin/bash - -# -# paranoia settings -# -umask 022 - -PATH=/sbin:/bin:/usr/sbin:/usr/bin -export PATH - -if [ -e /etc/sysconfig/spamd ] -then - . /etc/sysconfig/spamd -fi - -if [ "$SPAM_SA_UPDATE" = "yes" ] -then - /usr/bin/sa-update &> /dev/null - result=$? - - if [ "$SPAM_SA_COMPILE" = "yes" -a $result = 0 ] ; then - /usr/bin/sa-compile &> /dev/null - fi - - if [ "$SPAM_SPAMD_RESTART" = "yes" -a $result = 0 ] ; then - /sbin/service spamd restart &> /dev/null - fi - - if [ "$SPAM_AMAVISD_RESTART" = "yes" -a $result = 0 ] ; then - /sbin/service amavis restart &> /dev/null - fi - - if [ $result = 2 ] ; then - echo "sa-update lint check failed" | \ - logger -t suse.cron-sa-update - fi - - if [ $result -ge 3 ] ; then - echo "sa-update failed, exitcode $result" | \ - logger -t suse.cron-sa-update - fi -fi -exit 0 diff --git a/sysconfig.spamd b/sysconfig.spamd index 2870105..b0860fa 100644 --- a/sysconfig.spamd +++ b/sysconfig.spamd @@ -9,21 +9,12 @@ # Default is "-d -c -L" SPAMD_ARGS="-d -c -L" -## Path: Network/Mail/Spamassassin -## Description: Call sa-update periodicaly -## Type: yesno -## Default: "no" -# -# Set this varible to yes if you want the daily cron job -# to call sa-update. -SPAM_SA_UPDATE="no" - ## Path: Network/Mail/Spamassassin ## Description: Compile SpamAssassin ruleset into native code ## Type: yesno ## Default: "no" # -# Set this varible to yes if you want the daily cron job +# Set this varible to yes if you want the sa-update.service # compile SpamAssassin ruleset into native code after # calling sa-update. SPAM_SA_COMPILE="no" @@ -33,7 +24,7 @@ SPAM_SA_COMPILE="no" ## Type: yesno ## Default: "yes" # -# Set this varible to yes if you want the daily cron job +# Set this varible to yes if you want the daily sa-update.service # restart spamd after recompiling spamassassin ruleset. SPAM_SPAMD_RESTART="yes" @@ -42,7 +33,7 @@ SPAM_SPAMD_RESTART="yes" ## Type: yesno ## Default: "yes" # -# Set this varible to yes if you want the daily cron job +# Set this varible to yes if you want the sa-update.service # restart amavisd after recompiling spamassassin ruleset. SPAM_AMAVISD_RESTART="yes" diff --git a/sysconfig.spampd b/sysconfig.spampd index ed74c4b..0859b03 100644 --- a/sysconfig.spampd +++ b/sysconfig.spampd @@ -1 +1 @@ -SPAMPD_OPTIONS="--host=localhost:10025 --relayhost=localhost:10026 --user=vscan --tagall --children=5 --maxsize=768 --homedir=/home/vscan" +SPAMPD_OPTIONS="--host=localhost:10025 --relayhost=localhost:10026 --user=vscan --tagall --children=5 --maxsize=7168 --homedir=/home/vscan" diff --git a/timed-sa-update b/timed-sa-update new file mode 100644 index 0000000..264de61 --- /dev/null +++ b/timed-sa-update @@ -0,0 +1,40 @@ +#!/bin/bash + +# +# paranoia settings +# +umask 022 + +PATH=/sbin:/bin:/usr/sbin:/usr/bin +export PATH + +if [ -e /etc/sysconfig/spamd ] +then + . /etc/sysconfig/spamd +fi + +/usr/bin/sa-update &> /dev/null +result=$? + +if [ "$SPAM_SA_COMPILE" = "yes" -a $result = 0 ] ; then + /usr/bin/sa-compile &> /dev/null +fi + +if [ "$SPAM_SPAMD_RESTART" = "yes" -a $result = 0 ] ; then + /sbin/service spamd try-restart &> /dev/null +fi + +if [ "$SPAM_AMAVISD_RESTART" = "yes" -a $result = 0 ] ; then + /sbin/service amavis try-restart &> /dev/null +fi + +if [ $result = 2 ] ; then + echo "sa-update lint check failed" | \ + logger -t timed-sa-update +fi + +if [ $result -ge 3 ] ; then + echo "sa-update failed, exitcode $result" | \ + logger -t timed-sa-update +fi +exit 0