SpamAssassin 2010 Bug 115
SEWilco writes "You might want to check your spam folder, as SpamAssassin has a rule which is tending to mark email sent in 2010 as spam. There is some discussion in a bug report. The SpamAssassin Wiki FH_DATE_PAST_20XX page doesn't have discussion, but it was updated today with a different date rule."
Re:Millenium bug, how I have missed thee (Score:5, Informative)
A lot of gross little hacks look like (and are) great ideas when hardware costs a fortune and you don't yet know how persistent legacy stuff is going to be.
Re:crapola (Score:2, Informative)
Is there any way around this that doesn't involve root access?
No.
FIX details: (Score:5, Informative)
this is also happening on Ubuntu server, running Spamassassin 3.2.5
The linked article references a workaround: /etc/spamassassin/local.cf
add this line to the "local.cf" spamassassin config file, on this system is was
score FH_DATE_PAST_20XX 0.0
If you're running spamassassin as a daemon, you *may* also want to restart spamd
with something like:
sudo /etc/init.d/spamassassin restart
This solution simply removes the rule by setting the score for that rule to 0.
You'll want to undo this once a solution is deployed.
Re:FIX details: (Score:5, Informative)
Since nearly 14 hours ago, you can simply run "sa-update".
It is in cron.daily in the default install, too.
Re:crapola (Score:5, Informative)
Yes, but it isn't a good way. Check your scores file for the scores associated with the FH_DATE_PAST_20XX. This indicates the number of points added to the spam score of every message that fails this test. Basically, increase your spam threshold by this amount until you can apply this patch.
Good for a quick-n-dirty fix.
One hack replaced by another (Score:3, Informative)
From the "fix"
> FH_DATE_PAST_20XX
> change '/20[1-9][0-9]/' to '/20[2-9][0-9]/'
That's no fix, it just puts the problem off for another 10 years. Why call the rule FH_DATE_PAST_20XX, shouldn't it be FH_DATE_PAST_201X? At least then the hack would be documented.
Re:crapola (Score:3, Informative)
Re:Fixed in spamassassin 3.2.5-7 in Debian/Unstabl (Score:3, Informative)
toncho/~ sudo apt-get install spamassassin ... 163295 files and directories currently installed.) .../spamassassin_3.2.5-7_all.deb) ... ... ...
Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
libmail-dkim-perl
Recommended packages:
re2c
The following packages will be upgraded:
spamassassin
1 upgraded, 0 newly installed, 0 to remove and 1086 not upgraded.
Need to get 1097kB of archives.
After this operation, 0B of additional disk space will be used.
Get:1 http://ftp.us.debian.org/ [debian.org] unstable/main spamassassin 3.2.5-7 [1097kB]
Fetched 1097kB in 13s (84.2kB/s)
Reading changelogs... Done
apt-listchanges: Mailing root: apt-listchanges: news for toncho.dhh.gt.org
(Reading database
Preparing to replace spamassassin 3.2.5-6 (using
Stopping SpamAssassin Mail Filter Daemon: spamd.
Unpacking replacement spamassassin
Setting up spamassassin (3.2.5-7)
Starting SpamAssassin Mail Filter Daemon: spamd.
Here is the apt-listchanges message:
spamassassin (3.2.5-7) unstable; urgency=high
This version of SpamAssassin fixes a bug which caused mails sent
in 2010 to be flagged as suspiciously spammy. If upgrading to this
version, you are recommended to update any per-user caches previously
created by sa-compile, and to check mail already in your spam folder
for false positives more carefully than usual.
-- Joey Hess Fri, 01 Jan 2010 12:03:40 -0500
holy crap (Score:2, Informative)
Thanks for the heads up, my kid's birthday party is next weekend and when I look at the spam folder it turns out 3 more people have replied that I hadn't seen.
Great workaround (Score:4, Informative)
The suggested fix is just silly... They postpone the problem to 2020-01-01:
3) change '/20[1-9][0-9]/' to '/20[2-9][0-9]/'
Re:crapola (Score:4, Informative)
The new rule gets picked up when "sa-update" is run. spamassassin deployments should run sa-update automatically on a regular basis, for example every day via a cronjob. Thus, most deployments will pick up the update automatically tonight if a sysadmin doesn't do it first.
Re:crapola (Score:2, Informative)
OpenBSD spamd(8) is wholly unrelated from spamassassin spamd. FYI.
OpenBSD spamd(8) has no code from any other project. Its similarity in appellation is name deep.
OpenBSD spamd(8) approach is different and was created by deraadt@.
Re:crapola (Score:5, Informative)
My provider runs spamassassin, and given their track record in updating their other software, I rather doubt that they'll update spamassassin anytime soon. Is there any way around this that doesn't involve root access?
If you have shell access, it should be trivial, although you do have to edit a file.
Add the following to ~/.spamassassin/user_prefs:
score FH_DATE_PAST_20XX 0.0
Re:End User (Score:3, Informative)
Note from the VP, Apache SpamAssassin (Score:5, Informative)
Clearly we dropped the ball on this one. As far as I know it's our first big rule screw up in the project's 10 years. If you're going to screw up you might as well do it well.
I posted the following note to the Apache SpamAssassin website (http://spamassassin.apache.org/). Updates are available via sa-update, please run sa-update immediately. It's included in all versions of 3.2.x (the affected version of SpamAssassin). Alternatively zero the rule's score in your local.cf file if you have access to it. If you don't, increase your spam threshold by 3.6 points if your mail provider allows you to do that.
Y2K10 Rule Bug - Update Your Rules Now!
2010-01-01:
Versions of the FH_DATE_PAST_20XX rule released with versions of Apache SpamAssassin 3.2.0 thru 3.2.5 will trigger on most mail with a Date header that includes the year 2010 or later. The rule will add a score of up to 3.6 towards the spam classification of all email. You should take corrective action immediately; there are two easy ways to correct the problem:
* If your system is configured to use sa-update run sa-update now. An update is available that will correct the rule. No further action is necessary (other than restarting spamd or any service that uses SpamAssassin directly).
* Add "score FH_DATE_PAST_20XX 0" without the quotes to the end of your local.cf file to disable the rule.
If you require help updating your rules to correct this issue you are encouraged to ask for assistance on the Apache SpamAssassin Users' list. Users' mailing list info is here.
On behalf of the Apache SpamAssassin project I apologize for this error and the grief it may have caused you.
Regards,
Daryl C. W. O'Shea
VP, Apache SpamAssassin
Re:Fixed in spamassassin 3.2.5-7 in Debian/Unstabl (Score:3, Informative)
It was an oversight. The rule fix got committed but never added to the update channel. Nobody noticed before it was too late.
Re:crapola (Score:2, Informative)
FX_DATE_20XX rule due to be obsoleted (Score:2, Informative)
I think 2038 is a nonissue.
In this case it really is as this rule is due to be removed in future releases of SpamAssassin, for details see: https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6271 [apache.org]