Hi folks,
It has been discovered that latest releases of SpamAssassin, that uses
"Bayesian statistical analysis" and auto-learning feature, suffers from a
serious bug (see http://www.hughes-family.org/bugzilla/show_bug.cgi?id=2030):
When a spam message is reported using "spamassassin -r", IF this spam message
doesn't have any "Message-ID:" header, it will be WRONGLY learnt by the
Bayesian SA database as a "Ham" (= good message) instead of a "Spam".
Things gets worse as messages that doesn't have any Message-ID cannot then be
manually removed from the Bayesian database (using sa-learn --forget), so the
wrong classification that happened cannot be corrected.
The problem is that messages without a Message-ID are quite common among spam,
and qmail, by itself, doesn't add a Message-ID to messages that don't have
any.
To solve this, it would be most important that all messages submitted to
SpamAssassin have a Message-ID.
qmail-scanner add its own "X-Qmail-Scanner-Message-ID" to messages that don't
have a Message-ID, but this entry is not recognized by SpamAssassin.
I have patched my qmail-scanner 1.16 so it adds a true "Message-ID:" instead
of a "X-Qmail-Scanner-Message-ID", so here follows the changes I made to
qmail-scanner-queue.pl 1.16, lines 534 to 551 (on my system, may be slightly
different on yours):
if ($headers{'message-id'} eq "" && !$headers{$qsmsgid}) {
# MiB: If Message-ID generated by qmail-scanner, tell it ;-)
$headers{$qsmsgid}="<".time . __LINE__ . $$ .
"[EMAIL PROTECTED]>";
# MiB: Removed. We will add a "true" Message-ID below
# print TMPFILE "$V_HEADER-Message-ID: $headers{$qsmsgid}\n";
# /MiB
} else {
if (!$headers{$qsmsgid}) {
$headers{$qsmsgid}=$headers{'message-id'};
}
}
# MiB: Add Message-ID header to messages that don't have any
# To work around bug in SpamAssassin
if ($headers{'message-id'} eq "") {
print TMPFILE "$V_HEADER-$VERSION: Missing Message-ID header added
on receiving host $hostname.\n";
print TMPFILE "Message-ID: $headers{$qsmsgid}\n";
}
# /MiB
Hope this can be of some help ;-)
--
Michel Bouissou <[EMAIL PROTECTED]> OpenPGP ID 0xDDE8AC6E
-------------------------------------------------------
This SF.net email is sponsored by: Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.
_______________________________________________
Qmail-scanner-general mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
