[Prev] Thread [Next]  |  [Prev] Date [Next]

ANNOUNCE: Apache SpamAssassin 3.2.0-rc3 PRERELEASE available! Justin Mason Tue Apr 24 06:07:26 2007

Apache SpamAssassin 3.2.0-rc3 is now available!  This is a *PRERELEASE*,
not the full release of 3.2.0.

Downloads are available from:



md5sum of archive files:
23299659a018a1e316ce450c28ac2e29  Mail-SpamAssassin-3.2.0-rc3.tar.bz2
43b7774fab7ac7a3ba5a4257af8eb700  Mail-SpamAssassin-3.2.0-rc3.tar.gz
1451c9770e70dfe21bf7156955d0c19c  Mail-SpamAssassin-3.2.0-rc3.zip

sha1sum of archive files:
bec7332ba34a702d1b3b3d7c990dea2f34ceb0cf  Mail-SpamAssassin-3.2.0-rc3.tar.bz2
5074e8131a3ce13953d8e390aa8bcb386b046154  Mail-SpamAssassin-3.2.0-rc3.tar.gz
38939a3b51fcc6ec1adc1782ca31b9a2a182295c  Mail-SpamAssassin-3.2.0-rc3.zip

The release files also have a .asc accompanying them.  The file serves
as an external GPG signature for the given release file.  The signing
key is available via the wwwkeys.pgp.net key server, as well as

The key information is:

pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <[EMAIL PROTECTED]>
    Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24  F6D7 DEE0 1987 265F A05B

See the INSTALL and UPGRADE files in the distribution for important
installation notes.

Summary of major changes since 3.1.8

Changes to the core code:

 * new behavior for trusted_networks/internal_networks: the 127.* network is 
now always considered trusted and internal, regardless of configuration.

 * bug 3109: short-circuiting of 'definite ham' or 'definite spam' messages 
based on individual short-circuit rules using the 'shortcircuit' setting, by 
Dallas Engelken <dallase /at/ uribl.com>.

 * bug 5305: implement 'msa_networks', for ISPs to specify their Mail 
Submission Agents, and extend network trust accordingly.

 * bug 4636: Add support for charset normalization, so rules can be written in 
UTF-8 to match text in other charsets.

 * sa-compile: compilation of SpamAssassin rules into a fast parallel-matching 
DFA, implemented in native code.

 * "tflags multiple": allow writing of rules that count multiple hits in a 
single message.

 * bug 4363: if a message uses CRLF for line endings, we should use it as well, 
otherwise stay with LF as usual; important for Windows users.

 * bug 4515: content preview was omitting first paragraph when no Subject: 
header was present.

 * The third-party modules used by sa-update are now required by the 
SpamAssassin package, instead of being optional.

 * Bug 5165: 'sa-update --checkonly' added to check for updates without 
applying them; thanks to <anomie /at/ users.sourceforge.net>

 * Bugs 4606, 4609: Adjust MIME parsing limits for nested multipart/* and 
message/rfc822 MIME parts.

 * bug 5295: add 'whitelist_auth', to whitelist addresses that send mail using 
sender-authorization systems like SPF, Domain Keys, and DKIM

 * Removed dependency on Text::Wrap CPAN module.

 * Received header parsing updates/fixes/additions.

Spamc / spamd:

 * bug 4603: Mail::SpamAssassin::Spamd::Apache2 -- mod_perl2 module, 
implementing spamd as a mod_perl module, contributed as a Google Summer of Code 
project by Radoslaw Zielinski.

 * bug 3991: spamd can now listen on UNIX domain, TCP, and SSL sockets 
simultaneously.  Command-line semantics extended slightly, although fully 
backwards compatibly; add the --ssl-port switch to allow TCP and SSL listening 
at the same time.

 * bug 3466: do Bayes expiration, if required, after results have been passed 
back to the client from spamd; this helps avoid client timeouts.

 * more complete IPv6 support.

 * spamc: Add '-K' switch, to ping spamd.

 * spamc: add '-z' switch, which compresses mails to be scanned using zlib 
compression; very useful for long-distance use of spamc over the internet.

 * bug 5296: spamc '--headers' switch, which scans messages and transmits back 
just rewritten headers.  This is more bandwidth-efficient than the normal mode 
of scanning, but only works for 'report_safe 0'.
 * Bump spamd's protocol version to 1.4, to reflect new HEADERS verb used for 

Mail::SpamAssassin modules and API:

 * bug 4589: allow M::SA::Message to use IO::File objects to read in message 
(same as GLOB).

 * bug 4517: rule instrumentation plugin hooks, to measure performance, from 
John Gardiner Myers <jgmyers /at/ proofpoint.com>.

 * add two features to core rule-parsing code; 1. optional behaviour to recurse 
through subdirs looking for .cf/.pre's, to support rules compilers working on 
rulesrc dir.  2. call back into invoking code on lint failure, so rule compiler 
can detect which rules exactly fail the lint check.

 * bug 5206: detect duplicate rules, and silently merge them internally for 
greater efficiency.

 * bug 5243: add Plugin::register_method_priority() API, allowing plugins to 
control the relative ordering of plugin callbacks relative to other plugins' 

 * Reduced memory footprint.


 * bug 5236: Support Mail::SPF replacement for Mail::SPF::Query.

 * bug 5127: allow mimeheader :raw rules to match newlines and folded-header 
whitespace in MIME header strings.

 * bug 4770: add ASN.pm plugin, contributed by Matthias Leisi <matthias at 

 * bug 5271: move ImageInfo ruleset into 3.2.0 core rules, thanks to Dallas 
Engelken <dallase /at/ uribl.com>.

 * VBounce ruleset and plugin: detect spurious bounce messages sent by broken 
mail systems in response to spam or viruses.  (Based on Tim Jackson's 
"bogus-virus-warnings.cf" ruleset.)

 * DomainKeys/DKIM: Mail::DKIM is now preferred over Mail::DomainKeys, since 
the latter module is no longer actively maintained, and Mail::DKIM can handle 
both DomainKeys and DKIM signatures.

 * DKIM: separate signature verification from fetching a policy: can save a DNS 
lookup for each unverified message by setting score to 0 for all policy-related 
(thanks to Mark Martinec)

 * DKIM: support testing flags in the public key, as well as in the policy 
record. (thanks to Mark Martinec)

 * DKIM: skip fetching a policy (SSP) if a signature does verify, according to 
draft-allman-dkim-ssp-02 (thanks to Mark Martinec)

 * Move rule functionality and checking into separate Check plugin, allowing 
third parties to implement alternative scanner core algorithms.

 * core EvalTests code moved into various plugins.

* Plus lots of miscellaneous bug fixes.

A more detailed change log can be read here: