2010 Mails Trigger SpamAssassin

01/04/2010

The Apache Project has warned of a bug in versions 3.2.0 to 3.2.5 of SpamAssassin that triggers an excessive number of spam alerts by mails from 2010. Debian Lenny is also infected.

The bug was discovered by Mike Cardwell. On his blog, he reports that older versions of SpamAssassin contain a rule called FH_DATE_PAST_20XX, which falsely identifies mails from 2010 as coming from the future and declares them as spam.

Because the version 3.2.5 is used by the Debian Project Lenny, Debian developers have issued an update 3.2.5-2+lenny1.1~volitile1 which should fix the bug. Unstable users should, according to this blog post, upgrade to version 3.2.5-7.

Most mainstream distributions are also under threat. Details of the problem can be found on the SpamAssassin homepage.

( Marcel Hilzinger)

Related content

  • SpamAssassin 3.3.0 Splits Off Rules

    With version 3.3.0, the free spam filter SpamAssassin has its first big release since May, 2007.

    more »
  • rawpixel, 123RF.com
    Nine easy security tools

    Let's face it: Except for the most paranoid (or best-informed) of us, security is a drag – it's what you have to deal with before you can get on with real work. Luckily, Ubuntu comes with a complete toolset of security utilities that make the process much less painful.

    more »

© 2025 Linux New Media USA, LLCLegal Notice