[Mimedefang] SpamAssassin 3.2.0 released

Kevin A. McGrail kmcgrail at pccc.com
Wed May 2 11:33:26 EDT 2007

Here's the official announcement.  It was sent out a few hours ago:

Apache SpamAssassin 3.2.0 is now available!  This is the official release,
and contains a significant number of changes and major enhancements --
please use it!

Downloads are available from:

md5sum of archive files:
6840e3be132e2c3cbf66298b0227e880  Mail-SpamAssassin-3.2.0.tar.bz2
aed988bb6cf463afc868a64d4cd771a3  Mail-SpamAssassin-3.2.0.tar.gz
484045c69499b2fa59f024179f1f49c2  Mail-SpamAssassin-3.2.0.zip

sha1sum of archive files:
2fb864f01fc1c287e6f6e62fab8338f32cd20fb1  Mail-SpamAssassin-3.2.0.tar.bz2
af3941ab4f9548107d06966780ba71f751ab0216  Mail-SpamAssassin-3.2.0.tar.gz
bf785d7088371ad3beafe6084bf296ee3434038c  Mail-SpamAssassin-3.2.0.zip

The release files also have a .asc accompanying them.  The file serves
as an external GPG signature for the given release file.  The signing
key is available via the wwwkeys.pgp.net key server, as well as

The key information is:

pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key 
<release at spamassassin.org>
    Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24  F6D7 DEE0 1987 265F A05B

See the INSTALL and UPGRADE files in the distribution for important
installation notes.

Summary of major changes since 3.1.8

Changes to the core code:

 * new behavior for trusted_networks/internal_networks: the 127.* network is 
now always considered trusted and internal, regardless of configuration.

 * bug 3109: short-circuiting of 'definite ham' or 'definite spam' messages 
based on individual short-circuit rules using the 'shortcircuit' setting, by 
Dallas Engelken <dallase /at/ uribl.com>.

 * bug 5305: implement 'msa_networks', for ISPs to specify their Mail 
Submission Agents, and extend network trust accordingly.

 * bug 4636: Add support for charset normalization, so rules can be written 
in UTF-8 to match text in other charsets.

 * sa-compile: compilation of SpamAssassin rules into a fast 
parallel-matching DFA, implemented in native code.

 * "tflags multiple": allow writing of rules that count multiple hits in a 
single message.

 * bug 4363: if a message uses CRLF for line endings, we should use it as 
well, otherwise stay with LF as usual; important for Windows users.

 * bug 4515: content preview was omitting first paragraph when no Subject: 
header was present.

 * The third-party modules used by sa-update are now required by the 
SpamAssassin package, instead of being optional.

 * Bug 5165: 'sa-update --checkonly' added to check for updates without 
applying them; thanks to <anomie /at/ users.sourceforge.net>

 * Bugs 4606, 4609: Adjust MIME parsing limits for nested multipart/* and 
message/rfc822 MIME parts.

 * bug 5295: add 'whitelist_auth', to whitelist addresses that send mail 
using sender-authorization systems like SPF, Domain Keys, and DKIM

 * Removed dependency on Text::Wrap CPAN module.

 * Received header parsing updates/fixes/additions.

Spamc / spamd:

 * bug 4603: Mail::SpamAssassin::Spamd::Apache2 -- mod_perl2 module, 
implementing spamd as a mod_perl module, contributed as a Google Summer of 
Code project by Radoslaw Zielinski.

 * bug 3991: spamd can now listen on UNIX domain, TCP, and SSL sockets 
simultaneously.  Command-line semantics extended slightly, although fully 
backwards compatibly; add the --ssl-port switch to allow TCP and SSL 
listening at the same time.

 * bug 3466: do Bayes expiration, if required, after results have been 
passed back to the client from spamd; this helps avoid client timeouts.

 * more complete IPv6 support.

 * spamc: Add '-K' switch, to ping spamd.

 * spamc: add '-z' switch, which compresses mails to be scanned using zlib 
compression; very useful for long-distance use of spamc over the internet.

 * bug 5296: spamc '--headers' switch, which scans messages and transmits 
back just rewritten headers.  This is more bandwidth-efficient than the 
normal mode of scanning, but only works for 'report_safe 0'.

 * Bump spamd's protocol version to 1.4, to reflect new HEADERS verb used 
for '--headers'.

Mail::SpamAssassin modules and API:

 * bug 4589: allow M::SA::Message to use IO::File objects to read in message 
(same as GLOB).

 * bug 4517: rule instrumentation plugin hooks, to measure performance, from 
John Gardiner Myers <jgmyers /at/ proofpoint.com>.

 * add two features to core rule-parsing code; 1. optional behaviour to 
recurse through subdirs looking for .cf/.pre's, to support rules compilers 
working on rulesrc dir.  2. call back into invoking code on lint failure, so 
rule compiler can detect which rules exactly fail the lint check.

 * bug 5206: detect duplicate rules, and silently merge them internally for 
greater efficiency.

 * bug 5243: add Plugin::register_method_priority() API, allowing plugins to 
control the relative ordering of plugin callbacks relative to other plugins' 

 * Reduced memory footprint.


 * bug 5236: Support Mail::SPF replacement for Mail::SPF::Query.

 * bug 5127: allow mimeheader :raw rules to match newlines and folded-header 
whitespace in MIME header strings.

 * bug 4770: add ASN.pm plugin, contributed by Matthias Leisi <matthias at 

 * bug 5271: move ImageInfo ruleset into 3.2.0 core rules, thanks to Dallas 
Engelken <dallase /at/ uribl.com>.

 * VBounce ruleset and plugin: detect spurious bounce messages sent by 
broken mail systems in response to spam or viruses.  (Based on Tim Jackson's 
"bogus-virus-warnings.cf" ruleset.)

 * DomainKeys/DKIM: Mail::DKIM is now preferred over Mail::DomainKeys, since 
the latter module is no longer actively maintained, and Mail::DKIM can 
handle both DomainKeys and DKIM signatures.

 * DKIM: separate signature verification from fetching a policy: can save a 
DNS lookup for each unverified message by setting score to 0 for all 
DKIM_POLICY_TESTING). (thanks to Mark Martinec)

 * DKIM: support testing flags in the public key, as well as in the policy 
record. (thanks to Mark Martinec)

 * DKIM: skip fetching a policy (SSP) if a signature does verify, according 
to draft-allman-dkim-ssp-02 (thanks to Mark Martinec)

 * Move rule functionality and checking into separate Check plugin, allowing 
third parties to implement alternative scanner core algorithms.

 * core EvalTests code moved into various plugins.

* Plus lots of miscellaneous bug fixes.

A more detailed change log can be read here:


----- Original Message ----- 
From: "Martin Blapp" <mb at imp.ch>
> I just found out that SpamAssassin 3.2.0 with the exciting
> short-circuit feature has beed released.
> I guess the official announcement will follow later, but it's already 
> downloadable on the SpamAssassin Webpage.

More information about the MIMEDefang mailing list