ProHoster > Ibhulogi > iindaba ze-intanethi > Ukukhutshwa kwe-SpamAssassin 3.4.3

Ukukhutshwa kwe-SpamAssassin 3.4.3

Emva konyaka wophuhliso iyafumaneka ukukhululwa kweqonga lokucoca i-spam - I-SpamAssassin 3.4.3. I-SpamAssassin iphumeza indlela edibeneyo yokugqiba ukuba ibhlokile: umyalezo uxhomekeke kwinani leetshekhi (uhlalutyo lomxholo, uluhlu lwe-DNSBL olumnyama nolumhlophe, abahluli abaqeqeshiweyo baseBayesi, ukukhangela utyikityo, ukuqinisekiswa komthumeli usebenzisa i-SPF kunye ne-DKIM, njl.). Emva kokuvavanya umyalezo usebenzisa iindlela ezahlukeneyo, i-coefficient ethile yobunzima iqokelelwe. Ukuba i-coefficient ibalwayo ingaphezulu komda othile, umyalezo uyavalwa okanye uphawulwe njengogaxekile. Izixhobo zokuhlaziya ngokuzenzekelayo imithetho yokucoca ziyaxhaswa. Iphakheji ingasetyenziswa kuzo zombini iinkqubo zeklayenti kunye neseva. Ikhowudi ye-SpamAssassin ibhalwe kwi-Perl kwaye isasazwe phantsi kwelayisensi ye-Apache.

iimpawu ukhupho olutsha:

  • Yongeza iplagin entsha OLEVBCro, eyenzelwe ukufumanisa i-OLE macros kunye nekhowudi yeVB ngaphakathi kwamaxwebhu;
  • Isantya kunye nokhuseleko lokuskena ii-imeyile ezinkulu ziphuculwe kunye nesethingi body_part_scan_size kunye
    iisetingi zesayizi_yenxalenye_yobungakanani;
  • Inkxaso yeflegi ethi "nosubject" yongezwe kwimigaqo yokucubungula umzimba weleta ukuyeka ukukhangela isihloko sesihloko njengenxalenye yesicatshulwa kumzimba weleta;
  • Ngenxa yezizathu zokhuseleko, ukhetho 'sa-update --allowplugins' luyekisiwe;
  • Igama elitsha elingundoqo elithi "subjprefix" longezwe kwiisetingi ukufaka isimaphambili kwisihloko seleta xa umgaqo uqaliswa. Ithegi ethi "_SUBJPREFIX_" yongezwe kwiitemplates, ebonisa ixabiso le-"subjprefix" yokucwangcisa;
  • I-rbl_headers ukhetho longezwe kwi-plugin ye-DNSEval ukuchaza iiheader apho utsheki kufuneka lusetyenziswe kwizintlu ze-RBL;
  • Kongezwe i-check_rbl_ns_from ukukhangela iseva ye-DNS kuluhlu lwe-RBL. Kongezwe umsebenzi we-check_rbl_rcvd ukujonga imimandla okanye iidilesi ze-IP kuzo zonke iiheader ezifunyenweyo kwi-RBL;
  • Iinketho zongezwe kwi-check_hashbl_emails umsebenzi ukumisela iiheader ezinemixholo efuna ukutshekishwa kwi-RBL okanye kwi-ACL;
  • Kongezwe umsebenzi we-check_hashbl_bodyre ukukhangela umzimba we-imeyile usebenzisa intetho eqhelekileyo kwaye ujonge iimatshisi ezifunyenweyo kwi-RBL;
  • I-check_hashbl_uris eyongeziweyo umsebenzi wokufumana ii-URL kumzimba we-imeyile kwaye ukhangele kwi-RBL;
  • Ubuthathaka (i-CVE-2018-11805) ilungisiwe evumela ukuba imiyalelo yenkqubo iqhutywe kwiifayile zeCF (iifayile zoqwalaselo ze-SpamAssassin) ngaphandle kokubonisa ulwazi malunga nokwenziwa kwazo;
  • Ubuthathaka (CVE-2019-12420) obunokuthi busetyenziswe ukubangela ukukhanyelwa kwenkonzo xa kusetyenzwa i-imeyile enecandelo le-Multipart eyilwe ngokukodwa.

Abaphuhlisi be-SpamAssassin baphinde babhengeze ukulungiswa kwesebe le-4.0, eliza kuphumeza i-UTF-8 epheleleyo eyakhelweyo. Ngomhla woku-2020 kuMatshi, ngo-1, ukupapashwa kwemigaqo enokutyikitywa okusekwe kwi-algorithm ye-SHA-3.4.2 nako kuya kuyeka (ekukhutshweni kwe-1, i-SHA-256 yatshintshwa yi-SHA-512 kunye ne-SHA-XNUMX imisebenzi ye-hash).

umthombo: opennet.ru

Thenga ukusingathwa okuthembekileyo kwiindawo ezinokhuseleko lweDDoS, iiseva zeVPS VDS 🔥 Thenga ukusingathwa kwewebhusayithi okuthembekileyo ngokhuseleko lwe-DDoS, iiseva zeVPS VDS | ProHoster