Ukukhululwa kweplatifomu yokuhlunga ogaxekile kuyatholakala - I-SpamAssassin 3.4.5. I-SpamAssassin isebenzisa indlela edidiyelwe yokunquma ukuthi ivinjwe yini: umlayezo ungaphansi kokuhlolwa okuningiliziwe (ukuhlaziywa kokuqukethwe, izinhlu ze-DNSBL ezimnyama nezimhlophe, izihlukanisi eziqeqeshiwe zaseBayesia, ukuhlolwa kwesiginesha, ukuqinisekiswa komthumeli kusetshenziswa i-SPF ne-DKIM, njll.). Ngemva kokuhlola umlayezo usebenzisa izindlela ezahlukene, i-coefficient ethile yesisindo iyanqwabelana. Uma i-coefficient ebaliwe idlula umkhawulo othile, umlayezo uyavinjwa noma umakwa njengogaxekile. Amathuluzi okubuyekeza ngokuzenzakalelayo imithetho yokuhlunga ayasekelwa. Iphakheji ingasetshenziswa kuzo zombili izinhlelo zeklayenti neseva. Ikhodi ye-SpamAssassin ibhalwe ku-Perl futhi isatshalaliswa ngaphansi kwelayisensi ye-Apache.
Ukukhishwa okusha kulungisa ukuba sengozini (CVE-2020-1946) okuvumela umhlaseli ukuthi asebenzise imiyalo yesistimu kuseva lapho efaka imithetho yokuvimbela engaqinisekisiwe etholwe emithonjeni yezinkampani zangaphandle.
Phakathi kwezinguquko ezingahlobene nokuvikeleka ukuthuthukiswa komsebenzi wama-plugin we-OLEVBMacro kanye ne-AskDNS, ukuthuthukiswa kwenqubo yokufanisa idatha kuzihloko Okutholiwe kanye ne-EnvelopeFrom, ukulungiswa kwe-schema yomsebenzisipref SQL, ikhodi ethuthukisiwe yokuhlola ku-rbl ne-hashbl, kanye isixazululo senkinga ngamathegi e-TxRep.
Kuyaphawulwa ukuthi ukuthuthukiswa kochungechunge lwe-3.4.x kuyekiwe futhi izinguquko ngeke zisabekwa kuleli gatsha. Okuhlukile kwenziwa kuphela kumapeshi okuba sengozini, esimweni lapho ukukhishwa okungu-3.4.6 kuzokwenziwa. Wonke umsebenzi wonjiniyela ugxile ekuthuthukisweni kwegatsha le-4.0, elizosebenzisa ukucubungula okwakhelwe ngaphakathi kwe-UTF-8 okuphelele.
Source: opennet.ru