We recently installed a new CentOS4 server, which comes with SA 3.0.6 prepackaged, to serve as our local mail store (runs sendmail, clamassassin, spamd, and an imap server). The perl version is 5.8.5, and it's an x86_64 platform.
Since migrating our users to this machine we frequently have spam mis-classified as ham with USER_IN_WHITELIST as the culprit. There are no whitelist_from or whitelist_from_rcvd directives at the /etc/mail/spamassassin/* level, and only one user who has any of these directives in his user_prefs file, but *every* user has at random times had spam mismarked as whitelisted. In every case the spam so mis-marked was forwarded from a role address on another server that matches one of the whitelist_from_rcvd lines in the single aforementioned user_prefs. If the same misclassified message is put through "spamassasssin" rather than spamd, or even if it is run through "spamc" a second time, USER_IN_WHITELIST disappears (the rest of the rules hit remain unchanged). Looking at the mail logs, there does seem to be a correlation: If the first message scanned by a new spamd child is scanned on behalf of the user who has whiltelist lines in his user_prefs, every other message scanned by that child is misclassified. As long as the very first scan is not for this user, the child behaves properly with respect to the whitelist settings. I don't see any bugzilla for this using a search on USER_IN_WHITELIST. Has anyone else encountered this issue? Can anyone verify that it's fixed in 3.1?
