Bug#454595: spamassassin: Updated patch

Jon Daley Sun, 14 Jun 2026 02:49:15 -0700

Package: spamassassin
Version: 4.0.1-5
Followup-For: Bug #454595

The code has changed since the original report, the same bug still exists.


New patch:

/usr/local/sbin#diff spamd /usr/sbin/spamd                                      
                                                    5:15am
2794,2798c2794,2795
<     if ( ! -f $prefsfile ) {
<       info("spamd: using default config for $username: $prefsfile");
<       handle_user_set_user_prefs(File::Basename::dirname($userdir), 
$username);
---
>     if (-f $prefsfile) {
>       info("spamd: using default config for $username: $prefsfile");

(line numbers are slightly off due to some removed comments and the 
combined patch with #1139978)


The behavior from the original bug report remains the same, and this 
patch replaces the original patch.



-- System Information:
Debian Release: 13.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-42-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages spamassassin depends on:
ii  adduser                     3.152
ii  curl                        8.14.1-2+deb13u3
ii  libhtml-parser-perl         3.83-1+b2
ii  libhttp-date-perl           6.06-1
ii  libio-string-perl           1.08-4
ii  libmail-dkim-perl           1.20240923-1
ii  libnet-dns-perl             1.50-1
ii  libnetaddr-ip-perl          4.079+dfsg-2+b5
ii  libsocket6-perl             0.29-3+b4
ii  libsys-hostname-long-perl   1.5-3
ii  libwww-perl                 6.78-1
ii  perl [libarchive-tar-perl]  5.40.1-6

Versions of packages spamassassin recommends:
ii  gnupg                      2.4.7-21+deb13u1
ii  libbsd-resource-perl       1.2911-2+b4
ii  libmail-dmarc-perl         1.20240314-1
ii  libmail-spf-perl           3.20250505-1
ii  perl [libsys-syslog-perl]  5.40.1-6
ii  sa-compile                 4.0.1-5
ii  spamc                      4.0.1-5

Versions of packages spamassassin suggests:
ii  libdbi-perl                   1.647-1+deb13u1
pn  libencode-detect-perl         <none>
ii  libgeoip2-perl                2.006002-2
ii  libio-socket-ssl-perl         2.089-1
pn  libnet-patricia-perl          <none>
ii  perl [libcompress-zlib-perl]  5.40.1-6
pn  pyzor                         <none>
pn  razor                         <none>

-- Configuration Files:
/etc/spamassassin/init.pre changed:
enable_compat welcomelist_blocklist
loadplugin Mail::SpamAssassin::Plugin::RelayCountry
loadplugin Mail::SpamAssassin::Plugin::URIDNSBL
loadplugin Mail::SpamAssassin::Plugin::SPF
loadplugin Mail::SpamAssassin::Plugin::Shortcircuit
loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody

/etc/spamassassin/local.cf changed:
report_safe 0
trusted_networks 204.16.245.96/28  # orange/tangerine/clementine
trusted_networks 74.104.149.25/32   # snurgle
trusted_networks 204.16.243.104/29 # pummelo/tangelo
trusted_networks 52.201.176.171/32 # kumquat
internal_networks 204.16.245.96/28  
internal_networks 204.16.243.104/29
lock_method flock
required_score 3.0
bayes_ignore_header X-Bogosity
bayes_ignore_header X-Spam-Flag
bayes_ignore_header X-Spam-Status
score DNS_FROM_RFC_POST 0.0
score MULTIPLE_DIGEST 0.0
fold_headers 1
dns_available yes
ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
shortcircuit USER_IN_WELCOMELIST       on
shortcircuit USER_IN_DEF_WELCOMELIST   on
shortcircuit USER_IN_ALL_SPAM_TO     on
shortcircuit SUBJECT_IN_WELCOMELIST    on
shortcircuit USER_IN_BLOCKLIST       on
shortcircuit USER_IN_BLOCKLIST_TO    on
shortcircuit SUBJECT_IN_BLOCKLIST    on
shortcircuit ALL_TRUSTED             on
shortcircuit NO_RELAYS               on
shortcircuit BAYES_99                spam
endif # Mail::SpamAssassin::Plugin::Shortcircuit
score HK_RANDOM_FROM 0.0 # what a broken rule.  It matches on 
[email protected]
score RCVD_IN_BL_SPAMCOP_NET 1.0 # let's increase spamcop's relay checker
score RCVD_IN_SORBS_SPAM 0.5
score DKIM_INVALID 3.0
score NA_DOLLARS 1.5
score BITCOIN_MALWARE 3.0
score BITCOIN_TOEQFM 5.0
SCORE URIBL_CT_SURBL 0.5  # lots of legitimate people use click trackers now...
header    CUSTOM_DMARC_FAIL   Authentication-Results =~ /dmarc=fail/
describe  CUSTOM_DMARC_FAIL   This email failed DMARC check
score     CUSTOM_DMARC_FAIL   2.0
score DMARC_MISSING 1.0
score HEADER_FROM_DIFFERENT_DOMAINS 0.0
dns_query_restriction deny sa-trusted.bondedsender.org
dns_query_restriction deny sa-accredit.habeas.com
dns_query_restriction deny bl.score.senderscore.com
welcomelist_from [email protected]
welcomelist_from [email protected]
welcomelist_from *@bakertilly.ua
welcomelist_from *@email.informeddelivery.usps.com
welcomelist_from *@ccac.edu
header CUSTOM_FACEBOOK_BUSINESS_FROM    From =~ 
/noreply\@business\.facebook\.com/
score CUSTOM_FACEBOOK_BUSINESS_FROM     -0.1
describe CUSTOM_FACEBOOK_BUSINESS_FROM  Facebook business email
header CUSTOM_FACEBOOK_BUSINESS_SUBJECT    Subject =~ /You\'ve received a 
Business Manager partner request/
score CUSTOM_FACEBOOK_BUSINESS_SUBJECT     0.5
describe CUSTOM_FACEBOOK_BUSINESS_SUBJECT  Facebook business manager email
meta CUSTOM_FACEBOOK_BUSINESS_SCAM      CUSTOM_FACEBOOK_BUSINESS_SUBJECT && 
CUSTOM_FACEBOOK_BUSINESS_FROM
score CUSTOM_FACEBOOK_BUSINESS_SCAM     100
describe CUSTOM_FACEBOOK_BUSINESS_SCAM  Facebook sends out lots of business 
spam that is not real


-- no debconf information

Bug#454595: spamassassin: Updated patch

Reply via email to