After a year of development release of a spam filtering platform - . SpamAssassin implements an integrated approach to deciding whether to block: the message is subjected to a number of checks (contextual analysis, DNSBL black and white lists, trained Bayesian classifiers, signature checking, sender authentication using SPF and DKIM, etc.). After evaluating the message using different methods, a certain weight coefficient is accumulated. If the calculated coefficient exceeds a certain threshold, the message is blocked or marked as spam. Tools for automatically updating filtering rules are supported. The package can be used on both client and server systems. The SpamAssassin code is written in Perl and distributed under the Apache license.
new release:
- Added a new plugin OLEVBMacro, designed to detect OLE macros and VB code inside documents;
- The speed and security of scanning large emails has been improved with the settings body_part_scan_size and
rawbody_part_scan_size settings; - Support for the “nosubject” flag has been added to the rules for processing the body of the letter to stop searching for the Subject header as part of the text in the body of the letter;
- For security reasons, the 'sa-update --allowplugins' option has been deprecated;
- A new keyword “subjprefix” has been added to the settings to add a prefix to the subject of the letter when the rule is triggered. The “_SUBJPREFIX_” tag has been added to the templates, reflecting the value of the “subjprefix” setting;
- The rbl_headers option has been added to the DNSEval plugin to define the headers to which the check should be applied in RBL lists;
- Added check_rbl_ns_from function to check the DNS server in the RBL list. Added check_rbl_rcvd function to check domains or IP addresses from all Received headers in RBL;
- Options have been added to the check_hashbl_emails function to determine the headers whose contents need to be checked in the RBL or ACL;
- Added check_hashbl_bodyre function to search the body of an email using a regular expression and check the found matches in RBL;
- Added check_hashbl_uris function to detect URLs in the body of an email and check them in RBL;
- A vulnerability (CVE-2018-11805) has been fixed that allows system commands to be executed from CF files (SpamAssassin configuration files) without displaying information about their execution;
- A vulnerability (CVE-2019-12420) that could be used to cause a denial of service when processing an email with a specially designed Multipart section has been fixed.
The SpamAssassin developers also announced the preparation of a 4.0 branch, which will implement full built-in UTF-8 processing. On March 2020, 1, the publication of rules with signatures based on the SHA-3.4.2 algorithm will also cease (in release 1, SHA-256 was replaced by the SHA-512 and SHA-XNUMX hash functions).
Source: opennet.ru