Bug 6270

Summary: SpamAssassin wrongfully tagging mail with FH_DATE_PAST_20XX since Jan 1st, 2010
Product: Spamassassin Reporter: Jonathan <spamassassin-bugzilla>
Component: sa-updateAssignee: SpamAssassin Developer Mailing List <dev>
Status: RESOLVED DUPLICATE    
Severity: critical    
Priority: P5    
Version: unspecified   
Target Milestone: Undefined   
Hardware: Other   
OS: All   
Whiteboard:
Attachments: Wrongfully FH_DATE_PAST_20XX tagged e-mail

Description Jonathan 2010-01-01 12:47:24 UTC
Created attachment 4617 [details]
Wrongfully FH_DATE_PAST_20XX tagged e-mail

Since I am not sure where to report this, I am filing against sa_learn. If this is not the proper component please tell me and if known tell me where to go to get this fixed as due to the high score users run the risk of e-mail being dropped where it should not have happened.

We use spamassassin packaged by ATrpms on SME Server (http://www.contribs.org) as well as sa_learn to update the rules.

Now it seems that since Jan 1st, 2010 all incoming mail is scored for FH_DATE_PAST_20XX, without exception.

This bug was fixed half a year ago in SpamAsassin
(https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5852), but it seems the sa_learn script still pulls the faulty rule in:

[root@homer spamassassin]# pwd
/var/lib/spamassassin
[root@homer spamassassin]# grep -R FH_DATE_PAST_20XX *
3.002001/updates_spamassassin_org/50_scores.cf:score FH_DATE_PAST_20XX 2.075 3.384 3.554 3.188 # n=2
3.002001/updates_spamassassin_org/72_active.cf:##{ FH_DATE_PAST_20XX
3.002001/updates_spamassassin_org/72_active.cf:header   FH_DATE_PAST_20XX       Date =~ /20[1-9][0-9]/ [if-unset: 2006]
3.002001/updates_spamassassin_org/72_active.cf:describe FH_DATE_PAST_20XX       The date is grossly in the future.
3.002001/updates_spamassassin_org/72_active.cf:##} FH_DATE_PAST_20XX
3.002002/updates_spamassassin_org/50_scores.cf:score FH_DATE_PAST_20XX 2.075 3.384 3.554 3.188 # n=2
3.002002/updates_spamassassin_org/72_active.cf:##{ FH_DATE_PAST_20XX
3.002002/updates_spamassassin_org/72_active.cf:header   FH_DATE_PAST_20XX       Date =~ /20[1-9][0-9]/ [if-unset: 2006]
3.002002/updates_spamassassin_org/72_active.cf:describe FH_DATE_PAST_20XX       The date is grossly in the future.
3.002002/updates_spamassassin_org/72_active.cf:##} FH_DATE_PAST_20XX
3.002003/updates_spamassassin_org/50_scores.cf:score FH_DATE_PAST_20XX 2.075 3.384 3.554 3.188 # n=2
3.002003/updates_spamassassin_org/72_active.cf:##{ FH_DATE_PAST_20XX
3.002003/updates_spamassassin_org/72_active.cf:header   FH_DATE_PAST_20XX       Date =~ /20[1-9][0-9]/ [if-unset: 2006]
3.002003/updates_spamassassin_org/72_active.cf:describe FH_DATE_PAST_20XX       The date is grossly in the future.
3.002003/updates_spamassassin_org/72_active.cf:##} FH_DATE_PAST_20XX
3.002004/updates_spamassassin_org/50_scores.cf:score FH_DATE_PAST_20XX 2.075 3.384 3.554 3.188 # n=2
3.002004/updates_spamassassin_org/72_active.cf:##{ FH_DATE_PAST_20XX
3.002004/updates_spamassassin_org/72_active.cf:header   FH_DATE_PAST_20XX       Date =~ /20[1-9][0-9]/ [if-unset: 2006]
3.002004/updates_spamassassin_org/72_active.cf:describe FH_DATE_PAST_20XX       The date is grossly in the future.
3.002004/updates_spamassassin_org/72_active.cf:##} FH_DATE_PAST_20XX
3.002005/updates_spamassassin_org/50_scores.cf:score FH_DATE_PAST_20XX 2.075 3.384 3.554 3.188 # n=2
3.002005/updates_spamassassin_org/72_active.cf:##{ FH_DATE_PAST_20XX
3.002005/updates_spamassassin_org/72_active.cf:header   FH_DATE_PAST_20XX       Date =~ /20[1-9][0-9]/ [if-unset: 2006]
3.002005/updates_spamassassin_org/72_active.cf:describe FH_DATE_PAST_20XX       The date is grossly in the future.
3.002005/updates_spamassassin_org/72_active.cf:##} FH_DATE_PAST_20XX
[root@homer spamassassin]#

We are taking rules from the following channels:

[root@homer cron.daily]# cat /etc/mail/spamassassin/channels
updates.spamassassin.org
saupdates.openprotect.com
[root@homer cron.daily]#

Since this file seems to come from updates.spamassassin.org I am reporting this here.
Comment 1 Warren Togami 2010-01-01 12:52:59 UTC
Duplicate

Furthermore you really should stop using openprotect.  They stopped updating it a while ago and it is dangerous.

*** This bug has been marked as a duplicate of bug 6269 ***