Red Hat Bugzilla – Bug 131580
osirusoft.com RBL in default config causes false positives
Last modified: 2007-11-30 17:07:03 EST
Description of problem:
Using the default configuration of spamassassin, there are rules
included for the following in /usr/share/spamassassin/20_head_tests.cf:
These rules check a now defunct due to osirusoft.com no longer being a
RBL source. According to this page:
osirusoft.com has decided to consider ALL sites as open relays in
order to force people to stop using them as a source. Since RHEL3u2
still has these rules in place, there are several false positived for
every mail checked.
Version-Release number of selected component (if applicable):
Use default /etc/mail/spamassassin/local.cf configuration (i.e., do
not alter scoring of rules mentioned above).
Update at least to version 2.61 of spamassassin, which does not
contain the errant rules.
I second this suggestion.
While I know I can I override these rules in local.cf, I think
SpamAssassin should ship with a sensible ruleset in an enterprise
product and if the definition of "sensible" changes from the original
release then it is time to issue an update.
Ideally, I would like to see a SpamAssassin 2.6x (2.64 maybe?) update
pushed out in RHEL3. When I switched my servers to RHEL3 I ended up
having to downgrade to the shipped SA 2.55 on a few of them and it
seems to do a far worse job then the 2.6x series.
We'll get this addressed. In the meanwhile, you can add these lines to
/etc/mail/spamassassin/local.cf to skip the Osirusoft checks:
score RCVD_IN_OSIRUSOFT_COM 0
score X_OSIRU_DUL 0
score X_OSIRU_DUL_FH 0
score X_OSIRU_OPEN_RELAY 0
score X_OSIRU_SPAM_SRC 0
score X_OSIRU_SPAMWARE_SITE 0
rules have been zeroed out in cvs. uncertain as of yet which U release this will make it out
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.