On 1/22/25 11:15 PM, Michael Peddemors wrote:
I get it, no one likes doing the boring work.. In the old days, I would just jump in and clean stuff up myself, but the team doesn't really like me spending my time on coding anymore .. Trying to keep one day a week to keep my hand in, but lately not even getting that.But Spamassassin is so crucial to the world still, even if it doesn't always get the respect it deserves.. and everyone is playing with AI now, so even less people thinking of cleanup of SA, as long as it is working..but.. Just had a chance to check out and install/test a virgin instance of SA 4.XX, and here are some of my notes.. take it for what it is worth.. Missing descriptions on upstream rules.. (instill confidence in the product) 78 RULES with no description.. Jan 22 20:43:54.808 [7283] dbg: config: no description set for rule STOX_AND_PRICE Jan 22 20:43:54.809 [7283] dbg: config: no description set for rule MSOE_MID_WRONG_CASE .... Jan 22 20:43:54.836 [7283] dbg: config: no description set for rule STOX_REPLY_TYPE Jan 22 20:43:54.837 [7283] dbg: config: no description set for rule TVD_RCVD_SPACE_BRACKET
boring tasks someone will do sooner or later...
Undefined Dependencies.. (confusing) Most of this is simply because we aren't using checks for if the plugin is being used .. If you don't have the SPF/DKIM/ARC plugins, then everything that is the fruit of that vine is also poisoned.. Imagine people wanting to create new rules that use SPOOF_GMAIL_MID.. Jan 22 20:43:54.868 [7283] dbg: rules: meta test DIGEST_MULTIPLE has undefined dependency 'DCC_CHECK' ...
DIGEST_MULTIPLE is defined as: meta DIGEST_MULTIPLE RAZOR2_CHECK + DCC_CHECK + PYZOR_CHECK > 1 This must hit even if only one of the 3 needed plugins is enabled, it's not easy to prevent this warning. Giovanni
Jan 22 20:43:55.043 [7283] dbg: rules: meta FORGED_SPF_HELO inherits tflag net, depends on SPF_HELO_PASS ... Jan 22 20:43:55.044 [7283] dbg: rules: meta KHOP_HELO_FCRDNS inherits tflag net, depends on __RCVD_IN_DNSWL Jan 22 20:43:55.044 [7283] dbg: rules: meta __VIA_RESIGNER inherits tflag net, depends on __RESIGNER1 Jan 22 20:43:55.044 [7283] dbg: rules: meta __BITCOIN_SPAM_05 inherits tflag net, depends on __SPOOFED_FREEMAIL Jan 22 20:43:55.046 [7283] dbg: rules: meta PDS_FROM_2_EMAILS inherits tflag net, depends on __VIA_RESIGNER Jan 22 20:43:55.047 [7283] dbg: rules: meta ARC_INVALID inherits tflag net, depends on ARC_SIGNED ... Jan 22 20:43:55.047 [7283] dbg: rules: meta SPOOFED_FREEMAIL_NO_RDNS inherits tflag net, depends on __SPOOFED_FREEMAIL Jan 22 20:43:55.048 [7283] dbg: rules: meta SPOOF_GMAIL_MID inherits tflag net, depends on SPOOFED_FREEMAIL ... Jan 22 20:43:55.048 [7283] dbg: rules: meta __NOT_SPOOFED inherits tflag net, depends on SPF_PASS Maybe, we are at the point where some of those plugins, should not be optional? Remote Checks.. I do believe that while it is nice for most beginner users, to get the advantages of things like the SPAMHAUS uri checks, some of these checks could run into issues.. eg, the server is blocked from those queries.. Are our mass checks putting too much emphasis on those checks? How well does it work with remote checks off vs on? Do we need to make greater emphasis on the risk? Should remote checks be something that is off by default, and only enabled when the admin understands the risk? Just a conversation, based on reports we hear.. And then of course DNS issues.. eg, open resolvers.. not to mention the movement towards API's instead of DNS direct lookups. ............ These are just some comments I think developers might want to think about that should be addressed/considered.
OpenPGP_signature.asc
Description: OpenPGP digital signature
