Slashdot Mirror

← Back to Stories (view on slashdot.org)

SpamAssassin 2010 Bug

Posted by Soulskill on from the who-could-have-known-when-2010-would-happen dept.

SEWilco writes "You might want to check your spam folder, as SpamAssassin has a rule which is tending to mark email sent in 2010 as spam. There is some discussion in a bug report. The SpamAssassin Wiki FH_DATE_PAST_20XX page doesn't have discussion, but it was updated today with a different date rule."

20 of 115 comments (clear)

  1. crapola by DNS-and-BIND · · Score: 3, Interesting

    My provider runs spamassassin, and given their track record in updating their other software, I rather doubt that they'll update spamassassin anytime soon. Is there any way around this that doesn't involve root access? (I love helpful responses from idiots that start with "first, edit the /etc/spamassassin.conf file" or whatever.)

    Oh yeah, the other wonderfully helpful stock response "stop using the software if you don't like it". Sure, I'd love to go back to getting 500 spams a day.

    --
    Shutting down free speech with violence isn't fighting fascism. It IS fascism!
    1. Re:crapola by godrik · · Score: 3, Funny

      I love helpful responses from idiots that start with "first, edit the /etc/spamassassin.conf file"

      Yes. That's easy! First edit the /etc/spamassassin.conf file!
      Wait a sec...

    2. Re:crapola by DaMattster · · Score: 3, Interesting

      Well, I am not sure what OS your running, but you can use OpenBSD Spamd which works very well. Rather than taking a defensive approach, Spamd goes on the offense by allowing known spam-sending IP addresses to attempt to send to you but throttling the connection down to 1 byte per second. This shakes most people off with no perceivable impact on your part. Even if the spam bot decides to wait the entire time to complete the connection, Spamd ends up dropping the message anyway. I use this solution in my business and I've gone from getting 500+ per day to maybe 2 per week. It is delightfully elegant.

    3. Re:crapola by ngc5194 · · Score: 5, Informative
      "Is there a way to work around this that doesn't involve root access?"

      Yes, but it isn't a good way. Check your scores file for the scores associated with the FH_DATE_PAST_20XX. This indicates the number of points added to the spam score of every message that fails this test. Basically, increase your spam threshold by this amount until you can apply this patch.

      Good for a quick-n-dirty fix.

    4. Re:crapola by karnal · · Score: 5, Funny

      I think you missed the "My provider runs spamassassin" part of the parent post.

      --
      Karnal
    5. Re:crapola by smartaleckkill · · Score: 3, Informative

      depends--i have a cheap n cheerful shared hosting account with the same issue, but i do have cpanel access which allows me to override the score for any rule--check out the last link in the summary basically if you have access to local config files (even through a frontend like cpanel) you can do it without root access

    6. Re:crapola by mhrivnak · · Score: 4, Informative

      The new rule gets picked up when "sa-update" is run. spamassassin deployments should run sa-update automatically on a regular basis, for example every day via a cronjob. Thus, most deployments will pick up the update automatically tonight if a sysadmin doesn't do it first.

    7. Re:crapola by nabsltd · · Score: 4, Informative

      My provider runs spamassassin, and given their track record in updating their other software, I rather doubt that they'll update spamassassin anytime soon. Is there any way around this that doesn't involve root access?

      If you have shell access, it should be trivial, although you do have to edit a file.

      Add the following to ~/.spamassassin/user_prefs:

      score FH_DATE_PAST_20XX 0.0

  2. Re:Millenium bug, how I have missed thee by fuzzyfuzzyfungus · · Score: 5, Informative

    Given what memory cost in 1970, I suspect that using 64-bit time would have been an expensive decision.

    A lot of gross little hacks look like (and are) great ideas when hardware costs a fortune and you don't yet know how persistent legacy stuff is going to be.

  3. FIX details: by drDugan · · Score: 4, Informative

    this is also happening on Ubuntu server, running Spamassassin 3.2.5

    The linked article references a workaround:
    add this line to the "local.cf" spamassassin config file, on this system is was /etc/spamassassin/local.cf

    score FH_DATE_PAST_20XX 0.0

    If you're running spamassassin as a daemon, you *may* also want to restart spamd
    with something like:

    sudo /etc/init.d/spamassassin restart

    This solution simply removes the rule by setting the score for that rule to 0.
    You'll want to undo this once a solution is deployed.

    1. Re:FIX details: by KiloByte · · Score: 4, Informative

      Since nearly 14 hours ago, you can simply run "sa-update".
      It is in cron.daily in the default install, too.

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
  4. One hack replaced by another by tomp · · Score: 3, Informative

    From the "fix"

    > FH_DATE_PAST_20XX
    > change '/20[1-9][0-9]/' to '/20[2-9][0-9]/'

    That's no fix, it just puts the problem off for another 10 years. Why call the rule FH_DATE_PAST_20XX, shouldn't it be FH_DATE_PAST_201X? At least then the hack would be documented.

    1. Re:One hack replaced by another by 6Yankee · · Score: 3, Insightful

      Exactly. This is the right "fix" right now - the bug is out there causing real problems, and the fix (while definitely a filthy hack) is well-understood and can be pushed out immediately. If the same thing were to happen ten years from now (or the threshold quietly got pushed back to 2030), that would be nothing short of negligent.

  5. Nice.... by kramer · · Score: 5, Funny

    [url]https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5852[/url]

    Noticed 14 months ago. Fixed 5 months ago. Released today.

  6. Re:"I'll just use a regex!" by ubrgeek · · Score: 3, Funny

    It depends. If the email from San Francisco was traveling east going 400 miles per hour and the email from NZ is going west at .... ;)

    --
    Bark less. Wag more.
  7. Great workaround by xororand · · Score: 3, Informative

    The suggested fix is just silly... They postpone the problem to 2020-01-01:
    3) change '/20[1-9][0-9]/' to '/20[2-9][0-9]/'

  8. I almost missed some important mail! by darthwader · · Score: 5, Funny

    "You might want to check your spam folder, as SpamAssassin has a rule ...

    Thanks for the heads-up. There was a very important e-mail from the Internet Lottery people telling me my e-mail address had been picked as the winner of the EUR 20,000 prize. All I have to do is send them $200 by Western Union to cover the processing fees. And to think I almost missed it!

    It's terrible that SpamAssassin flags such important messages as spam.

    --
    I hate it when I make a joke and I get modded "+5 insightful". Mod the stupid comments "funny", not "insightful", pleas
  9. Re:"I'll just use a regex!" by Hal+The+Computer · · Score: 3, Insightful

    Your solution doesn't work.
    It fails on new years eve if someone is in a different time zone or if their clock is slightly off.

    I'd suggest that any message sent more than seven (pick your favorite number) days in the future is spam.

    --

    int main(void){int x=01232;while(malloc(x));return x;}
  10. Note from the VP, Apache SpamAssassin by doshea · · Score: 5, Informative

    Clearly we dropped the ball on this one. As far as I know it's our first big rule screw up in the project's 10 years. If you're going to screw up you might as well do it well.

    I posted the following note to the Apache SpamAssassin website (http://spamassassin.apache.org/). Updates are available via sa-update, please run sa-update immediately. It's included in all versions of 3.2.x (the affected version of SpamAssassin). Alternatively zero the rule's score in your local.cf file if you have access to it. If you don't, increase your spam threshold by 3.6 points if your mail provider allows you to do that.

    Y2K10 Rule Bug - Update Your Rules Now!

    2010-01-01:

    Versions of the FH_DATE_PAST_20XX rule released with versions of Apache SpamAssassin 3.2.0 thru 3.2.5 will trigger on most mail with a Date header that includes the year 2010 or later. The rule will add a score of up to 3.6 towards the spam classification of all email. You should take corrective action immediately; there are two easy ways to correct the problem:

    * If your system is configured to use sa-update run sa-update now. An update is available that will correct the rule. No further action is necessary (other than restarting spamd or any service that uses SpamAssassin directly).

    * Add "score FH_DATE_PAST_20XX 0" without the quotes to the end of your local.cf file to disable the rule.

    If you require help updating your rules to correct this issue you are encouraged to ask for assistance on the Apache SpamAssassin Users' list. Users' mailing list info is here.

    On behalf of the Apache SpamAssassin project I apologize for this error and the grief it may have caused you.

    Regards,

    Daryl C. W. O'Shea

    VP, Apache SpamAssassin

  11. Re:Fixed in spamassassin 3.2.5-7 in Debian/Unstabl by doshea · · Score: 3, Informative

    It was an oversight. The rule fix got committed but never added to the update channel. Nobody noticed before it was too late.