[Bug 1412830] Re: [AHBL] spamassassin is returning false positives by default

Robie Basak 1412830 at bugs.launchpad.net
Wed Jan 28 02:40:14 UTC 2015 

Uploaded SRUs for Lucid, Precise, Trusty and Utopic. Now awaiting review
from the SRU team.

** Description changed:

+ [Impact]
+ 
+ spamassassin users have a regression in behaviour in the last month or
+ so. The AHBL DNS check is now returning a false positive. This causes
+ mail to be more likely to be classified as spam. Depending on user
+ configuration, this could cause emails to be rejected when they should
+ be accepted, or placed in a spam folder when they should not, or for
+ emails to be incorrectly discarded (data loss).
+ 
+ [Workaround]
+ 
+ Use sa-update to download the latest rules from upstream. However, not
+ all users run sa-update and may not have noticed this bug. So given that
+ sa-update is not run automatically by default, an SRU is appropriate to
+ change the default installation to not use the AHBL blacklist.
+ 
+ [Development Fix]
+ 
+ Disable use of the AHBL DNS blacklist in the default rules list.
+ 
+ [Stable Fix]
+ 
+ Same as development fix.
+ 
  [Test Case]
  
  Run test.sh (attached). This reads testcase (attached) and will print
  whether spamassassin is affected, and return with an appropriate exit
  status. Due to the nature of this bug this requires Internet
  connectivity; problems or changes online could lead to a false negative.
+ 
+ [Regression Potential]
+ 
+ Unlikely. The highest risk is of some problem in package rebuild or that
+ there's a mistake in the patch causing some other change in behaviour.
+ But that seems very unlikely given that the configuration change is
+ quite trivial.
+ 
+ Be aware that Internet connectivity is required when verifying this SRU.
  
  [Original Description]
  
  AHBL has discontinued their operations and is deliberetly marking all
  checks as positive:
  
  http://www.ahbl.org/content/last-notice-wildcarding-services-jan-1st
  
  AHBL is enabled by default in SpamAssassin in at least 10.04, 12.04 and
  14.04. This means that every mail gets 2 points on spam score list.
  
  10.04:
  
  # grep -sr AHBL /usr/share/spamassassin/
  /usr/share/spamassassin/30_text_de.cf:lang de describe DNS_FROM_AHBL_RHSBL Absenderadresse in Liste von dnsbl.ahbl.org
  /usr/share/spamassassin/20_dnsbl_tests.cf:header DNS_FROM_AHBL_RHSBL      eval:check_rbl_envfrom('ahbl', 'rhsbl.ahbl.org.')
  /usr/share/spamassassin/20_dnsbl_tests.cf:describe DNS_FROM_AHBL_RHSBL    Envelope sender listed in dnsbl.ahbl.org
  /usr/share/spamassassin/20_dnsbl_tests.cf:tflags DNS_FROM_AHBL_RHSBL      net
  /usr/share/spamassassin/20_dnsbl_tests.cf:reuse  DNS_FROM_AHBL_RHSBL
  /usr/share/spamassassin/50_scores.cf:score DNS_FROM_AHBL_RHSBL 0 2.438 0 2.699 # n=0 n=2
  
  12.04:
  
  # grep -sr AHBL /usr/share/spamassassin/
  /usr/share/spamassassin/50_scores.cf:score DNS_FROM_AHBL_RHSBL 0 2.438 0 2.699 # n=0 n=2
  /usr/share/spamassassin/30_text_de.cf:lang de describe DNS_FROM_AHBL_RHSBL Absenderadresse in Liste von dnsbl.ahbl.org
  /usr/share/spamassassin/20_dnsbl_tests.cf:header DNS_FROM_AHBL_RHSBL      eval:check_rbl_envfrom('ahbl', 'rhsbl.ahbl.org.')
  /usr/share/spamassassin/20_dnsbl_tests.cf:describe DNS_FROM_AHBL_RHSBL    Envelope sender listed in dnsbl.ahbl.org
  /usr/share/spamassassin/20_dnsbl_tests.cf:tflags DNS_FROM_AHBL_RHSBL      net
  /usr/share/spamassassin/20_dnsbl_tests.cf:reuse  DNS_FROM_AHBL_RHSBL
  
  14.04:
  
  # grep -sr AHBL /usr/share/spamassassin/
  /usr/share/spamassassin/30_text_de.cf:lang de describe DNS_FROM_AHBL_RHSBL Absenderadresse in Liste von dnsbl.ahbl.org
  /usr/share/spamassassin/50_scores.cf:score DNS_FROM_AHBL_RHSBL 0 2.438 0 2.699 # n=0 n=2
  /usr/share/spamassassin/30_text_pt_br.cf:lang pt_BR describe DNS_FROM_AHBL_RHSBL Envelope sender consta em dnsbl.ahbl.org
  /usr/share/spamassassin/20_dnsbl_tests.cf:header DNS_FROM_AHBL_RHSBL      eval:check_rbl_envfrom('ahbl', 'rhsbl.ahbl.org.')
  /usr/share/spamassassin/20_dnsbl_tests.cf:describe DNS_FROM_AHBL_RHSBL    Envelope sender listed in dnsbl.ahbl.org
  /usr/share/spamassassin/20_dnsbl_tests.cf:tflags DNS_FROM_AHBL_RHSBL      net
  /usr/share/spamassassin/20_dnsbl_tests.cf:reuse  DNS_FROM_AHBL_RHSBL
  
  AHBL should be removed from SpamAssassin ASAP.

** Changed in: spamassassin (Ubuntu Lucid)
       Status: Triaged => In Progress

** Changed in: spamassassin (Ubuntu Precise)
       Status: Triaged => In Progress

** Changed in: spamassassin (Ubuntu Trusty)
       Status: Triaged => In Progress

** Changed in: spamassassin (Ubuntu Utopic)
       Status: Triaged => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1412830

Title:
  [AHBL] spamassassin is returning false positives by default

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/spamassassin/+bug/1412830/+subscriptions

More information about the Ubuntu-server-bugs mailing list