Someone on IRC pointed me to this wonderful bug in Spamassassin, it’s easy to quickfix, but the fix itself will become a bug in 10 years, in any case, until they push an update that correctly fixes this:
##{ FH_DATE_PAST_20XX
header FH_DATE_PAST_20XX Date =~ /20[1-9][0-9]/ [if-unset: 2006]
describe FH_DATE_PAST_20XX The date is grossly in the future.
( meaning emails sent in 2010 will also trigger the scoring )
should be changed into:
##{ FH_DATE_PAST_20XX
header FH_DATE_PAST_20XX Date =~ /20[2-9][0-9]/ [if-unset: 2006]
describe FH_DATE_PAST_20XX The date is grossly in the future.
Making it not a problem until we reach 2020 🙂
On my ubuntu box the rule is found in:
/usr/share/spamassassin/72_active.cf
Special thanks to Habbie for making me aware of the problem on IRC!
oh and by the way:
Happy New Year!
🙂
update: sa-update should now update 72_active.cf with the same ‘fix’ as above.
it’s still a bit wobbly, as it leaves a yearly decreasing immense gap of dates spam could slip through. Anything send with a date between 1-1-2010 and 1-1-2020 is deemed ‘acceptable’, and will therefor not get a scoring appropriate to the situation.
Gebruikers van een _echt_ OS kunnen uiteraard ook gebruik maken van sa-update. Ik draai het 1 keer per dag vanuit cron, en de fix was op 2 januari al automatisch geinstalleerd, in /var/db/spamassassin/3.002005/updates_spamassassin_org/.
Het probleem was echter ook dat met sa-update soms de verkeerde bleef staan. Ik heb ‘t op meerdere systemen zien gebeuren.
bovendien is 2 januari toch wel een beetje laat, voor iets wat vanaf 1-1-2010 al voor problemen begon te zorgen, en al tijden geleden aangepast was.