Bug 131580 - (IT_48576) osirusoft.com RBL in default config causes false positives
osirusoft.com RBL in default config causes false positives
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: spamassassin (Show other bugs)
All Linux
medium Severity high
: ---
: ---
Assigned To: Chip Turner
Depends On:
Blocks: 123574
  Show dependency treegraph
Reported: 2004-09-02 10:52 EDT by Keith McDuffee
Modified: 2007-11-30 17:07 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-12-21 16:31:24 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Keith McDuffee 2004-09-02 10:52:47 EDT
Description of problem:

Using the default configuration of spamassassin, there are rules
included for the following in /usr/share/spamassassin/20_head_tests.cf:


These rules check a now defunct due to osirusoft.com no longer being a
RBL source.  According to this page:


osirusoft.com has decided to consider ALL sites as open relays in
order to force people to stop using them as a source.  Since RHEL3u2
still has these rules in place, there are several false positived for
every mail checked.

Version-Release number of selected component (if applicable):


How reproducible:

Use default /etc/mail/spamassassin/local.cf configuration (i.e., do
not alter scoring of rules mentioned above).

Recommended resolution:

Update at least to version 2.61 of spamassassin, which does not
contain the errant rules.
Comment 2 Sean E. Millichamp 2004-09-02 12:22:26 EDT
I second this suggestion.  

While I know I can I override these rules in local.cf, I think
SpamAssassin should ship with a sensible ruleset in an enterprise
product and if the definition of "sensible" changes from the original
release then it is time to issue an update.

Ideally, I would like to see a SpamAssassin 2.6x (2.64 maybe?) update
pushed out in RHEL3.  When I switched my servers to RHEL3 I ended up
having to downgrade to the shipped SA 2.55 on a few of them and it
seems to do a far worse job then the 2.6x series.
Comment 3 Jeff Needle 2004-09-07 08:28:28 EDT
We'll get this addressed.  In the meanwhile, you can add these lines to 
/etc/mail/spamassassin/local.cf to skip the Osirusoft checks:

score   X_OSIRU_DUL             0
score   X_OSIRU_DUL_FH          0
score   X_OSIRU_OPEN_RELAY      0
score   X_OSIRU_SPAM_SRC        0
Comment 4 Chip Turner 2004-10-11 11:03:14 EDT
rules have been zeroed out in cvs.  uncertain as of yet which U release this will make it out 
Comment 5 John Flanagan 2004-12-21 16:31:24 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.