3.3.2 3.3.2-r1104058 3.2.5 http://spamassassin.apache.org/downloads.cgi?update=201106220000 3.3.x 3.3.x http://svn.apache.org/repos/asf/spamassassin/branches/3.3 3.1.0-rc2 2011-06-16: SpamAssassin 3.3.2 has been released, a minor new release primarily to support perl-5.12 and later. Visit the downloads page to pick it up, and for more info. <{set title="News and Announcements"}> ${badges_block} Atom feed

News and Announcements

${latest_news_snippet} 2010-03-19: SpamAssassin 3.3.1 has been released, a minor new release which adds some new rules. Visit the downloads page to pick it up, and for more info. 2010-01-27: SpamAssassin 3.3.0 has been released, a major new release! Visit the downloads page to pick it up, and for more info. 2010-01-01: Y2K10 Rule Bug - Update Your Rules Now! Versions of the FH_DATE_PAST_20XX rule released with versions of Apache SpamAssassin 3.2.0 thru 3.2.5 will trigger on most mail with a Date header that includes the year 2010 or later.  The rule will add a score of up to 3.6 towards the spam classification of all email.  You should take corrective action immediately; there are two easy ways to correct the problem:

If you require help updating your rules to correct this issue you are encouraged to ask for assistance on the Apache SpamAssassin Users' list.  Users' mailing list info is here.

On behalf of the Apache SpamAssassin project I apologize for this error and the grief it may have caused you.

Regards,

Daryl C. W. O'Shea

VP, Apache SpamAssassin

 

2008-06-12: SpamAssassin 3.2.5 has been released, a minor bug-fix release. Visit the downloads page to pick it up, and for more info. 2008-01-05: SpamAssassin 3.2.4 has been released. Visit the downloads page to pick it up, and for more info. 2007-09-12: SpamAssassin has won an InfoWorld ''Best Of Open Source Software'' BOSSIE Award, as the winner in the anti-spam category for 2007! 2007-08-09: SpamAssassin 3.2.3 released! Visit the downloads page to pick it up, and for more info. 2007-07-25: SpamAssassin 3.2.2 released! Visit the downloads page to pick them up, and for more info. 2007-06-11: SpamAssassin 3.2.1 and 3.1.9 released! These releases contain a fix for a local user symlink-attack denial of service vulnerability for an uncommon spamd configuration, along with other fixes. Visit the downloads page to pick them up. 2007-05-02: SpamAssassin 3.2.0 released! This release contains a significant number of changes and major enhancements -- please use it! Visit the downloads page to pick it up. (The release announcement) 2007-02-14: SpamAssassin 3.1.8 released! This release fixes security bug CVE-2007-0451, so is recommended. Visit the downloads page to get the latest version. 2006-11-21: SpamAssassin wins 'Best Linux-based Anti-spam Solution' at the Linux New Media Awards 2006, winning 69% of the vote. 2006-10-10: SpamAssassin 3.1.7 released! (The release announcement) 2006-10-05: SpamAssassin 3.1.6 released! Visit the downloads page to get the latest version. (The release announcement) 2006-08-30: SpamAssassin 3.1.5 released! Visit the downloads page to get the latest version. (The release announcement) 2006-07-26: SpamAssassin 3.1.4 released! Visit the downloads page to get the latest version. (The release announcement) 2006-06-06: SpamAssassin 3.1.3 released! This is an important security release to fix CVE 2006-2447; read the advisory to see if you need to upgrade. (The release announcement) 2006-06-05: SpamAssassin 3.0.6 released! This is an important security release to fix CVE 2006-2447; read the advisory to see if you need to upgrade. Visit the downloads page to get the latest version. (The release announcement) 2006-05-25: SpamAssassin 3.1.2 released! (The release announcement) 2006-03-11: SpamAssassin 3.1.1 released! (The release announcement) 2006-02-21: Receiving three times as many votes as the closest contender, SpamAssassin took top honors in the Anti-Spam category of Datamation's Product of the Year 2006. 2005-09-14: SpamAssassin 3.1.0 released! (The release announcement) 2005-02-09: Receiving twice as many votes as the closest contender, SpamAssassin took top honors in the Anti-Spam category of Datamation's Product of the Year 2005.

Subscribing

News about SpamAssassin, and new releases, can be received by mail by subscribing to the ''announce'' mailing list. There is also an Atom feed.
[preferred]/spamassassin/source http://www.apache.org/dist/spamassassin/source <{perl # important: ensure the umask is 002 at least. my $um = umask; umask ($um & 0007); # this should not be part of the mirrored data; it includes an entire # checkout of at least one source tree use vars qw($SITE_SRC_DIR); $SITE_SRC_DIR = '/home/jm/sitebuild'; umask 002; # DQ # system ("cd $SITE_SRC_DIR/versions/b2_6_0; ". # "svn update; ./build/update_website_docs"); # DQ # system ("cd $SITE_SRC_DIR/versions/3.0; ". # "svn update; ./build/update_website_docs"); # system ("cd $SITE_SRC_DIR/versions/3.1; ". # "svn update; ./build/update_website_docs"); # system ("cd $SITE_SRC_DIR/versions/trunk; svn update; ./build/update_website_docs"); ''; }> http://mail-archives.apache.org/mod_mbox/spamassassin-announce/?format=atom
InfoWorld BOSSIE Award 2007


Linux New Media Award 2006


Datamation's Product of the Year 2006


Datamation's Product of the Year 2005


OSDir.com Editor's Choice 2003


- Version 2.6x (old) - Version 3.0.x (old) - Version 3.1.x (old) - Version 3.2.x (old) - Version 3.3.x (current) - Version 2.6x (old) - Version 3.0.x (old) - Version 3.1.x (old) - Version 3.2.x (old) - Version 3.3.x (current) <{set title="Tests Performed: v2.6x"}> ${testsheader} <{perl # calls out to a script in the spamassassin build dir `cd $SITE_SRC_DIR/versions/b2_6_0; ./build/cf_to_html rules/*.cf` }> <{set title="Tests Performed: v3.0.x"}> ${testsheader} <{perl # calls out to a script in the spamassassin build dir `cd $SITE_SRC_DIR/versions/3.0; ./build/cf_to_html rules/*.cf` }> <{set title="Tests Performed: v3.1.x"}> ${testsheader} <{perl # calls out to a script in the spamassassin build dir `cd $SITE_SRC_DIR/versions/3.1; ./build/cf_to_html rules/*.cf` }> <{set title="Tests Performed: v3.2.x"}> ${testsheader} <{perl # calls out to a script in the spamassassin build dir `cd $SITE_SRC_DIR/versions/3.2; ./build/cf_to_html rules/*.cf` }> <{set title="Tests Performed: v3.3.x"}> ${testsheader} <{perl # calls out to a script in the spamassassin build dir `cd $SITE_SRC_DIR/versions/3.3; ./build/cf_to_html rules/*.cf` }> <{perl # backwards compat: we still have a /dist and a /doc subdir # containing the "current version's" doco to avoid 404s. # In particular, the freshmeat record points to /dist/CHANGES # if I recall correctly. # my $docsline = get_content ("docsline"); # system ("rm -rf dist"); # system ("mkdir -p dist"); # system ("cp -r full/${docsline}/dist/* dist/"); ''; }> ${title} --------- This is the current list of tests SpamAssassin performs on mail messages to determine if they're spam or not. If you wish to change the score from the default, add a line like this to your ##~/.spamassassin/user_prefs##: ##score NAME_OF_TEST 3.0## Where ##3.0## is the hits you wish that test to incur, and ##NAME_OF_TEST## is the test name from the **TEST NAME** column below. If you wish to disable a test, set the score to 0 by adding a line like this to your ##~/.spamassassin/user_prefs##: ##score NAME_OF_TEST 0## Note that these are the scores for the current stable release of SpamAssassin; they may be different from the ones you're running on your servers, if SpamAssassin is installed there. The 'More Info' links, if present, lead to a section of our Wiki for collaborative documentation of rules; some of the rules include additional user-contributed documentation there. If you feel like adding a page describing a rule in further detail, feel free to create a page at that link, using the RuleDescriptionTemplate format. <{set title="Using SpamAssassin For An Entire Site"}> ${title} --------- (Page moved to http://wiki.apache.org/spamassassin/UsingSiteWide) <{set title="Tests Performed"}> ${title} --------- ${testsbyversion} <{set title="Welcome to SpamAssassin"}> ${badges_block}

Note

This is the home page for the open-source Apache SpamAssassin Project. There are also numerous prepackaged versions for Windows, commercial versions, and specialized front-ends. If you were sent here because you received an e-mail message which was modified by SpamAssassin, please read this page.

Latest News

${latest_news_snippet} (Older news items can be read at the News and Announcements page. Atom feed )

Features

- **Wide-spectrum**: SpamAssassin uses a wide variety of local and network tests to identify spam signatures. This makes it harder for spammers to identify one aspect which they can craft their messages to work around. - **Free software**: it is distributed under the same terms and conditions as other popular open-source software packages such as the Apache web server. - **Easy to extend**: Anti-spam tests and configuration are stored in plain text, making it easy to configure and add new rules. - **Flexible**: SpamAssassin encapsulates its logic in a well-designed, abstract API so it can be integrated anywhere in the email stream. The Mail::SpamAssassin classes can be used on a wide variety of email systems including **procmail**, **sendmail**, **Postfix**, **qmail**, and many others. - **Easy Configuration**: SpamAssassin requires very little configuration; you do not need to continually update it with details of your mail accounts, mailing list memberships, etc. Once classified, site and user-specific policies can then be applied against spam. Policies can be applied on both mail servers and later using the user's own mail user-agent application.
<{set title="FAQ has moved"}> ${title} --------- If you've received a mail from SpamAssassin, and you want to know how and why, please visit this page. **The key point is that the most probable situation is that your ISP has set this up on your mail account, and to switch it off, you MUST contact their Tech Support desk. Nobody in the SpamAssassin development team can do this, ONLY your ISP can.** Otherwise, please visit the new SpamAssassin FAQ Wiki here. <{set title="Downloads"}> ${title} --------- Upgrading From an Older Version? ~~~~~~~~~~~~~~~~~~~ If so, please take the time to read Upgrade Notes while you're downloading. Product Information ~~~~~~~~~~~~~~~~~~~ The **core distribution** consists of command line tools to perform filtering along with Mail::SpamAssassin, a set of perl modules which allow SpamAssassin to be used in a wide range of products. System Administrators ~~~~~~~~~~~~~~~~~~~~~ Please create a local copy of the __report_template__ text in a file named something like ##/etc/mail/spamassassin/10_local_report.cf##, and modify it to provide your tech support desk's contact information, instead of the default. Otherwise your users will be confused, and some may ultimately contact the SpamAssassin development team, which is not appreciated; we cannot help them with whitelisting/blacklisting/customisation of settings at your site, after all. The default report text can be found in the file ##rules/10_misc.cf##. Mirrors ~~~~~~~

[if-any logo][end] The currently selected mirror is [preferred]. If you encounter a problem with this mirror, please select another mirror. If all mirrors are failing, there are backup mirrors (at the end of the mirrors list) that should be available.

Other mirrors: You may also consult the complete list of mirrors. Released version, ${relversion} ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - SpamAssassin in tar.gz format. (signatures: GPG MD5 SHA1) - SpamAssassin in tar.bz2 format. (signatures: GPG MD5 SHA1) - SpamAssassin in ZIP format. (signatures: GPG MD5 SHA1) - Change log summary, more detail - SpamAssassin sa-update rules tarball, for use if you cannot run "sa-update" to download these automatically after installing. (signatures: GPG MD5 SHA1) Previous Released version, ${prevbranchrelversion} ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ NOTE: This version is no longer supported. See http://wiki.apache.org/spamassassin/ReleaseGoals for more information. - SpamAssassin in tar.gz format. (signatures: GPG MD5 SHA1) - SpamAssassin in tar.bz2 format. (signatures: GPG MD5 SHA1) - SpamAssassin in ZIP format. (signatures: GPG MD5 SHA1) Packages ~~~~~~~~ - **Fedora, Red Hat Enterprise Linux, CentOS, Scientific Linux users**: See SpamTips.org for the latest upgrade directions. - **Debian users**: install SpamAssassin using: ##sudo apt-get install spamassassin## - **Gentoo Linux users** install SpamAssassin using: ##sudo emerge mail-filter/spamassassin## - **BSD users**: SpamAssassin is available in BSD package systems under the following names: - FreeBSD: ##mail/p5-Mail-SpamAssassin## - NetBSD: ##mail/spamassassin## - OpenBSD: ##mail/p5-Mail-SpamAssassin## - **Everyone**: SpamAssassin can be downloaded from CPAN, as the module ##Mail::SpamAssassin##: ##sudo cpan Mail::SpamAssassin## Other stuff regarding released versions ~~~~~~~~~~~~~~ - Michael Moncur has written a very good configuration tool which will generate a local.cf or user_prefs file for you, once you fill out a few simple questions. - **MacOS X users**: Ben Trott of MovableType has written a good how-to on installing SpamAssassin on OSX. A possibly more up-to-date article is 'Fighting Spam on Mac OS X Server' at Apple Developer Connection. Latest bleeding-edge code ~~~~~~~~~~~~~~~~~~~~~~~~~~ The latest development version can be obtained at any given time from the SpamAssassin Subversion (SVN) repository. See http://wiki.apache.org/spamassassin/DownloadFromSvn for more information. Nightly snapshots are no longer available. GPG Signing Key ~~~~~~~~~~~~~~~~ If you want to use GPG to verify the downloads listed above, please use the SpamAssassin Release GPG Keys to verify them. Note: GnuPG 1.4.0, and possibly 1.3.x versions, seem to have problems verifying certain signature files, including the type as used for SpamAssassin releases. If you are running an affected version, please verify the code using both MD5 and SHA1 sum values instead, or upgrade GPG. Old releases ~~~~~~~~~~~~~ Old Apache-licensed versions (from version 3.0.0 on) can be downloaded from archive.apache.org. Older, Perl-licensed versions can be found via CPAN.
<{set title="Hacking On SpamAssassin"}> ${title} --------- (Page moved to http://wiki.apache.org/spamassassin/DevelopmentStuff) <{set title="SpamAssassin Presentations"}> ${title} --------- (Page moved to http://wiki.apache.org/spamassassin/PresentationsAndPapers) <{set title="Contributors"}> ${title} --------- This page has been replaced by the CREDITS file in the distribution. <{set title="Information For End-Users"}> ${title} -------- **If you have received a mail modified by something called 'SpamAssassin', PLEASE READ THIS PAGE IN FULL.** **In most cases when this happens, it means that the company who set up your web site has installed the software on their servers. They should have told you, but they didn't. If you contact them, they can disable it.** **Nobody in the SpamAssassin development team can do this, ONLY your ISP or web hosting company can -- we have no access to their mail systems to change whether your mail is filtered.** Why Are You Spamming Me? ======================== If you are seeing SpamAssassin data in the mail message, then this indicates that __somebody__ at your ISP, your web hosting company, your employers, etc. has set up a mail filter which detects spam and adds these markings so that you can filter it more easily, should you wish to. Why was the e-mail altered? =========================== Your system administrator or ISP has implemented a policy to block ''spam'' (also known as unsolicited commercial e-mail). Each incoming e-mail is scanned for signs that it may be ''spam'', and if it is determined that it's likely to be spam, it is altered to clearly reflect this, so that you can decide whether to delete or keep it. If you have concerns about the scanning policy, please talk to your system administrator or ISP support desk. Who are you and what are you doing to my mail? ============================================== We are the writers of this software -- we did not install it on your system. As a result, you need to talk to your system administrator or ISP, not us. Although we wrote the program, it is your system administrator who chose to use it, and we have __absolutely no control__ over the filtering rules set up by the administrator. We strongly urge ISPs installing the product to notify their users when it's installed, and to not enable it by default -- but many seem to ignore this advice. We agree, that's totally unprofessional. :( This Is The First I've Heard About It! ====================================== **You should have been informed that this was going to happen.** We plaster this message all over our installation manuals, website, etc. However, we __still__ receive reports from people whose first contact with SpamAssassin is when it suddenly appears in their mail -- which indicates that whoever installed it on their mail systems __never bothered__ to tell them about it. Unsurprisingly, we think this is a little unprofessional. Typically the person to contact is your ISP's tech support department, your web hosting company's tech support department, or your systems administrator. My ISP Says They Know Nothing About It! ======================================= Recently, we've noticed a lot of companies who host websites, set up SpamAssassin on those accounts. This means that all mail traffic sent to addresses at that website are filtered. Even though the ISP that you connect to the internet through, does not know anything about it, the __website hosting ISP__ is another possibility. But The Message Was Not Spam! ============================= Sometimes SpamAssassin will get a ''false positive'', resulting in tagged mails which are not actually spam at all. Since spammers don't usually highlight the fact that their mail is unwanted, unsolicited ads, SpamAssassin has to try to work it out -- and it's not always easy to do. But I Don't Get Much Spam! ========================== Count yourself lucky, then! The longer your email address stays valid, the more spam you will get. It may not be a problem for you -- yet -- but others find it very frustrating. Some recent research has indicated that several ISPs find their incoming mail is between 40% and 80% spam, overall; and quite a few old-timers who've used the same address for years, get over 30 spams a day. If you don't get much spam, you probably find SpamAssassin more annoying than useful. In this case, see __How Can I Turn It Off?__, below. How Can I Turn It Off? ====================== You have two options. Firstly, SpamAssassin can be made a lot less sensitive. To do this, ask your systems administrator or ISP's helpdesk to ''increase the SpamAssassin threshold''. Alternatively, if you just want all your mail, unfiltered, ask your systems administrator or ISP's helpdesk to ''add your address to the whitelist_to list''. What is SpamAssassin, After All That? ===================== SpamAssassin is a mail filter which scans, and attempts to block, spam. More information here. __(thanks to Roaring Penguin's enduser page for large chunks of this text.)__ <{set title="The GTUBE"}> ${title} --------- This is the GTUBE -- the **Generic Test for Unsolicited Bulk Email**. If your spam filter supports it, the GTUBE provides a test by which you can verify that the filter is installed correctly and is detecting incoming spam, in a similar fashion to the EICAR anti-virus test file. Spam filter developers should add a rule, where possible, to recognise the following 68-byte string in the message body, and trigger on it:
  XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
Note that this should be reproduced in one line, without whitespace or line breaks. A suitable mail message in RFC-822 format can be downloaded here. This string and mail can be reproduced freely, without attribution; they are hereby placed in the public domain.
<{set title="Where SpamAssassin Is Used"}> ${title} -------- This Page Is Obsolete! =========== Please read the relevant pages on the SpamAssassin wiki instead. <{set title="Mailing Lists"}> ${title} -------- (Page moved to http://wiki.apache.org/spamassassin/MailingLists) <{set title="Documentation"}> ${title} -------- - The list of tests SpamAssassin includes by default. - Top-level README file. - Top-level INSTALL file, for notes on how to install. - Top-level UPGRADE file, for notes on how to upgrade. - README for the 'spamd' daemon. - README for SQL user preferences. - Wiki, including Frequently Asked Questions. - Books that cover SpamAssassin. - Some presentations and papers about SpamAssassin. Michael Moncur has written a very good configuration tool which will generate a local.cf or user_prefs file for you, once you fill out a few simple questions. <{!-- The POD documentation:
    <{perlout for my $docfile (get_list ("alldocs")) { my $name = $docfile; $name =~ s/\.html//; print "
  • $name
  • \n"; } }>
--}> The Mail::SpamAssassin::Conf POD documentation describes the configuration commands that SpamAssassin accepts. POD Documentation ================== ${docslistbyversion} Walk-throughs and How-To's ========================== - http://www.geekly.com/entries/archives/00000155.htm - Greg Webster's How-To on installing SpamAssassin with Postfix+procmail on a site-wide basis, with individual 'spam' mailboxes. - http://advosys.ca/papers/postfix-filtering.html - Advosys Consulting's step-by-step instructions on how to get Postfix to use both SpamAssassin and Anomy Sanitizer (a virus blocking system). - http://www.peregrinehw.com/downloads/ - How-To's for setting up a stable Red Hat mail server with SpamAssassin. - http://codesorcery.net/old/docs/spamtricks.html - Some notes on using SpamAssassin with Mutt, by Justin R. Miller.
<{perl # create a ${all_files} variable containing the list # of all the text files we just loaded. $_ = ""; foreach my $pg (content_matching ("*.txt")) { $pg =~ s/.txt//; $_ .= "$pg "; } $_; }> SpamAssassin: $[title]

${navbar}

AREA TESTED LOCALE DESCRIPTION OF TEST TEST NAME DEFAULT SCORES
(local, net, with bayes, with bayes+net)
MORE INFO
(additional wiki docs)

Copyright © 2003-2014 The Apache Software Foundation. All rights reserved.
Apache SpamAssassin, SpamAssassin, and the SpamAssassin logo are trademarks of The Apache Software Foundation.
SpamAssassin

The Apache SpamAssassin Project

The Powerful #1 Open-Source Spam Filter

<{perl # create a ${all_txt_files} variable containing the list # of all the text files we just loaded, with .txt extension. $_ = ""; foreach my $pg (content_matching ("*.txt")) { $_ .= "$pg "; } $_; }> <{perl require './weblist.pl'; sub get_file_listing { my $dir = shift; print "
"; use Cwd; my $old = getcwd; chdir $dir; weblist ("/".$dir."/"); chdir $old; print "
"; } ''; }> <{perlout get_file_listing ("released"); }> <{perlout get_file_listing ("devel"); }> ${header}${users.txt}${footer} ${header}${gtube.txt}${footer} ${header}${${out}.txt}${footer} ${header}${released.listing}${footer} ${header}${devel.listing}${footer} Redirect /downloads.html http://spamassassin.apache.org/downloads.cgi Redirect /favicon.ico http://spamassassin.apache.org/images/favicon.ico RewriteEngine On RewriteBase / RewriteRule ^doc/(.*)$ http://spamassassin.apache.org/full/${docsline}/doc/$1 [R=permanent] RewriteRule ^doc.html/(.*)$ http://spamassassin.apache.org/full/${docsline}/doc/$1 [R=permanent] RewriteRule ^dist/(.*)$ http://svn.apache.org/repos/asf/spamassassin/tags/spamassassin_current_release_${docsline}/$1 [R=permanent] RewriteRule ^full/${docsline}/dist/doc/(.*)$ http://spamassassin.apache.org/full/${docsline}/doc/$1 [R=permanent] RewriteRule ^full/${docsline}/dist/(.*)$ http://svn.apache.org/repos/asf/spamassassin/tags/spamassassin_current_release_${docsline}/$1 [R=permanent] RewriteRule ^doc$ http://spamassassin.apache.org/full/${docsline}/doc/ [R=permanent]