Description of problem: Using the default configuration of spamassassin, there are rules included for the following in /usr/share/spamassassin/20_head_tests.cf: RCVD_IN_ORBS RCVD_IN_OSIRUSOFT_COM X_OSIRU_OPEN_RELAY These rules check a now defunct due to osirusoft.com no longer being a RBL source. According to this page: http://thread.gmane.org/gmane.mail.spam.spamassassin.general/36907 osirusoft.com has decided to consider ALL sites as open relays in order to force people to stop using them as a source. Since RHEL3u2 still has these rules in place, there are several false positived for every mail checked. Version-Release number of selected component (if applicable): spamassassin-2.55-3.1 How reproducible: Use default /etc/mail/spamassassin/local.cf configuration (i.e., do not alter scoring of rules mentioned above). Recommended resolution: Update at least to version 2.61 of spamassassin, which does not contain the errant rules.
I second this suggestion. While I know I can I override these rules in local.cf, I think SpamAssassin should ship with a sensible ruleset in an enterprise product and if the definition of "sensible" changes from the original release then it is time to issue an update. Ideally, I would like to see a SpamAssassin 2.6x (2.64 maybe?) update pushed out in RHEL3. When I switched my servers to RHEL3 I ended up having to downgrade to the shipped SA 2.55 on a few of them and it seems to do a far worse job then the 2.6x series.
We'll get this addressed. In the meanwhile, you can add these lines to /etc/mail/spamassassin/local.cf to skip the Osirusoft checks: score RCVD_IN_OSIRUSOFT_COM 0 score X_OSIRU_DUL 0 score X_OSIRU_DUL_FH 0 score X_OSIRU_OPEN_RELAY 0 score X_OSIRU_SPAM_SRC 0 score X_OSIRU_SPAMWARE_SITE 0
rules have been zeroed out in cvs. uncertain as of yet which U release this will make it out in.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2004-598.html