SpamAssassin 2010 bug

If you use SpamAssassin and today it's suddenly scoring every email you receive with at least 3.2 points, and it says that "the date is grossly in the future," then you should read this.


Update: Daryl C. W. O'Shea, VP, Apache SpamAssassin, posted the following to the SpamAssassin Announce mailing list on Saturday, January 2nd:

I've posted the following note on the Apache SpamAssassin website about an issue with a rule that may cause wanted email to be classified as spam by SpamAssassin. If you're running SpamAssassin 3.2.x you are encouraged to update you rules (updates were released on sa-update around 1900 UTC Jan 1, 2010).

Y2K10 Rule Bug - Update Your Rules Now!

2010-01-01: Versions of the FH_DATE_PAST_20XX rule released with versions of Apache SpamAssassin 3.2.0 thru 3.2.5 will trigger on most mail with a Date header that includes the year 2010 or later. The rule will add a score of up to 3.6 towards the spam classification of all email. You should take corrective action immediately; there are two easy ways to correct the problem:

1) If your system is configured to use sa-update run sa-update now. An update is available that will correct the rule. No further action is necessary (other than restarting spamd or any service that uses SpamAssassin directly).

2) Add "score FH_DATE_PAST_20XX 0" without the quotes to the end of your local.cf file to disable the rule. If you require help updating your rules to correct this issue you are encouraged to ask for assistance on the Apache SpamAssassin Users' list. Users' mailing list info is here.

On behalf of the Apache SpamAssassin project I apologize for this error and the grief it may have caused you.

3 comments:

  1. How long do you think it'll take everyone to update their filters? I'm betting on one month.

    ReplyDelete
  2. Smart people probably have mostly updated already. I bet a lot of people never update, so who knows what version they're even running. There will probably be live installs with the bug running for years to come.

    ReplyDelete
  3. Just discovered this tonight because I had mail getting caught by it. Will be interesting to see how quickly web hosting farms update their servers for this problem.

    I posted to my blog about it at http://ow.ly/TCpb

    ReplyDelete

Comments policy: Al is always right. Kidding, mostly. Be polite, and you're welcome to join in, even if it's a differing viewpoint.