On behalf of the Apache SpamAssassin Project,
I am pleased to announce version 4.0.1 is available.
Release Notes -- Apache SpamAssassin -- Version 4.0.1
Introduction
------------
Apache SpamAssassin 4.0.1 is a patch release that fixes issues that
have surfaced since the release of 4.0.0. It provides compatibility
with the latest version of Perl, 5.38, which was released in July,
2023, as well as with recent release versions of some required Perl
modules.
Many thanks to the committers (see CREDITS file), contributors, rule
testers, mass checkers, and code testers who have made this release
possible.
Notable features:
=================
None noted.
Notable changes
---------------
This release addresses the following issues:
- Incompatibilities with some versions of perl and some perl modules
that have been released since the release of SpamAssassin 4.0.0
- Problems using cpan to install SpamAssassin when certain required
or optional modules are not already installed
- Support for space characters in the path name of some executables
used by certain plugins
- Improved handling of URL shortener link redirects
- Improved TxRep locking management
- Added Mail::SpamAssassin::Plugin::AuthRes plugin to use
Authentication-Results header fields in other plugins
- Added a Pyzor Perl implementation
- Perl crash when certain uri_detail rules processed some messages
with UTF-8 characters
- Inconsistent handling of newlines in header rules
- Text or HTML content placed in octet-stream attachments by
spammers to bypass SpamAssassin scanning
- Implemented TCP fallback for truncated DNS UDP replies
* Spamc can now be built on a Windows platform as part of the gmake
build procedure, using the compiler toolchain that is part of a
standard Strawberry Perl installation, with no need to install a
separate Visual Studio, msys, or mingw.
The detailed list of all commits can be found in the Changes file.
A detailed view of the issues as they were filed in the Bugzilla issue
tracker can be seen at https://s.apache.org/7apqr
New configuration options
-------------------------
None noted
Notable Internal changes
------------------------
None noted
Other updates
-------------
None noted.
Optimizations
-------------
None noted
Downloading and availability
----------------------------
Downloads are available from:
https://spamassassin.apache.org/downloads.html
sha256sum of archive files:
9775ed7559e83ec3e6c03edb2be8ffc7f15cc405fb13e85c148eb0bf191721a8 Mail-SpamAssassin-4.0.1.tar.bz2
5c6bb222e18405f1a276816d04e1ffc5cc90785e1265714b4506c2b541d6d5e5 Mail-SpamAssassin-4.0.1.tar.gz
728ffbc536fcb4f9bb07adfc72eeb706f8ff1257833bf0bf6c70ab2eea01de97 Mail-SpamAssassin-4.0.1.zip
381eadfc7e513e5f735389b78173de5af471f3d06fe6ab8f129634a6644b4bf4 Mail-SpamAssassin-rules-4.0.1.r1916528.tgz
sha512sum of archive files:
66183e356b07d1049cf5598fc1e563e4aab580dfca04bf8ec37781dfb57ef568d33c6f6455076f54f940947f5a5dfefa7a08d233833deea5fe5ea18b669cd790 Mail-SpamAssassin-4.0.1.tar.bz2
7ac2d789d8744dfe37f647013871e293de50cfcd792029956eb6cea8e51343aad135398bd91867c3c21a68e5fb6330bd6b38a04b794a24449a59287b46d4ac70 Mail-SpamAssassin-4.0.1.tar.gz
efed5a7ae2fb4f200c9f248d61bdda44a6e4103b4245b086c3b94f1880e5cee1f19a7b4d810d4553cc566208970052d4f26cc5512fa4a0e1d0d09d4fa54bdd15 Mail-SpamAssassin-4.0.1.zip
7e6093c8514e1b18f3b47215dc97d51b7b70142ca2fe7242362c021bf770b2c1c1e99a8227d1c5b9b5d303e405ab9e6a7c67a60b5b03dcb6588bd68c733e2448 Mail-SpamAssassin-rules-4.0.1.r1916528.tgz
Note that the Rules files, aka *-rules-*.tgz, are only necessary if
you cannot, or do not wish to, run "sa-update" after
installation. Using sa-update will download the latest rules
See the INSTALL and UPGRADE files in the distribution for important
installation notes
GPG Verification Procedure
--------------------------
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the keys.gnupg.net or keys.openpgp.org key
servers, as well as https://www.apache.org/dist/spamassassin/KEYS
The following key is used to sign SA releases 3.3.0 and later:
pub 4096R/F7D39814 2009-12-02
Key fingerprint = D809 9BC7 9E17 D7E4 9BC2 1E31 FDE5 2F40 F7D3 9814
uid SpamAssassin Project Management Committee <private@spamassassin.apache.org>
uid SpamAssassin Signing Key (Code Signing Key, replacement for 1024D/265FA05B) <dev@spamassassin.apache.org>
sub 4096R/7B3265A5 2009-12-02
The following key is used to sign rule updates:
pub 4096R/5244EC45 2005-12-20
Key fingerprint = 5E54 1DC9 59CB 8BAC 7C78 DFDC 4056 A61A 5244 EC45
uid updates.spamassassin.org Signing Key <release@spamassassin.org>
sub 4096R/24F434CE 2005-12-20
To verify a release file, download the file with the accompanying .asc
file and run the following commands:
gpg --verbose --keyserver keys.openpgp.org --recv-key FDE52F40F7D39814
gpg --verify Mail-SpamAssassin-4.0.0.tar.bz2.asc
gpg --fingerprint FDE52F40F7D39814
Then confirm that the key description shown by --verify matches what
is shown by --fingerprint.
See https://www.apache.org/info/verification.html for more information
on verifying Apache releases
About Apache SpamAssassin
-------------------------
Apache SpamAssassin is a mature, widely-deployed open source project
that provides filtering to classify email to block spam, malware, and
phishes.
Apache SpamAssassin uses a variety of mechanisms including mail header
and text analysis, Bayesian filtering, DNS blocklists, collaborative
filtering databases, and meta concepts to lower incorrect
classification.
Apache SpamAssassin uses a highly modular architecture that allows
other technologies to be quickly incorporated as plugins to easily add
or replace existing methods.
Apache SpamAssassin typically runs on a server using either command
line utilities or an API to classify email so a mail system can use
the results before the message reaches mailboxes.
Most of the Apache SpamAssassin is written in Perl natively supporting
Unix, Linux, and macOS platforms and Microsoft Windows using
Strawberry Perl.
For more information, visit https://spamassassin.apache.org/
About The Apache Software Foundation
------------------------------------
Established in 1999, The Apache Software Foundation provides
organizational, legal, and financial support for more than 100
freely-available, collaboratively-developed Open Source projects. The
pragmatic Apache License enables individual and commercial users to
easily deploy Apache software; the Foundation's intellectual property
framework limits the legal exposure of its 2,500+ contributors.
For more information, visit https://www.apache.org/
--
Sidney Markowitz
Chair, Apache SpamAssassin PMC
sidney@apache.org
I am pleased to announce version 4.0.1 is available.
Release Notes -- Apache SpamAssassin -- Version 4.0.1
Introduction
------------
Apache SpamAssassin 4.0.1 is a patch release that fixes issues that
have surfaced since the release of 4.0.0. It provides compatibility
with the latest version of Perl, 5.38, which was released in July,
2023, as well as with recent release versions of some required Perl
modules.
Many thanks to the committers (see CREDITS file), contributors, rule
testers, mass checkers, and code testers who have made this release
possible.
Notable features:
=================
None noted.
Notable changes
---------------
This release addresses the following issues:
- Incompatibilities with some versions of perl and some perl modules
that have been released since the release of SpamAssassin 4.0.0
- Problems using cpan to install SpamAssassin when certain required
or optional modules are not already installed
- Support for space characters in the path name of some executables
used by certain plugins
- Improved handling of URL shortener link redirects
- Improved TxRep locking management
- Added Mail::SpamAssassin::Plugin::AuthRes plugin to use
Authentication-Results header fields in other plugins
- Added a Pyzor Perl implementation
- Perl crash when certain uri_detail rules processed some messages
with UTF-8 characters
- Inconsistent handling of newlines in header rules
- Text or HTML content placed in octet-stream attachments by
spammers to bypass SpamAssassin scanning
- Implemented TCP fallback for truncated DNS UDP replies
* Spamc can now be built on a Windows platform as part of the gmake
build procedure, using the compiler toolchain that is part of a
standard Strawberry Perl installation, with no need to install a
separate Visual Studio, msys, or mingw.
The detailed list of all commits can be found in the Changes file.
A detailed view of the issues as they were filed in the Bugzilla issue
tracker can be seen at https://s.apache.org/7apqr
New configuration options
-------------------------
None noted
Notable Internal changes
------------------------
None noted
Other updates
-------------
None noted.
Optimizations
-------------
None noted
Downloading and availability
----------------------------
Downloads are available from:
https://spamassassin.apache.org/downloads.html
sha256sum of archive files:
9775ed7559e83ec3e6c03edb2be8ffc7f15cc405fb13e85c148eb0bf191721a8 Mail-SpamAssassin-4.0.1.tar.bz2
5c6bb222e18405f1a276816d04e1ffc5cc90785e1265714b4506c2b541d6d5e5 Mail-SpamAssassin-4.0.1.tar.gz
728ffbc536fcb4f9bb07adfc72eeb706f8ff1257833bf0bf6c70ab2eea01de97 Mail-SpamAssassin-4.0.1.zip
381eadfc7e513e5f735389b78173de5af471f3d06fe6ab8f129634a6644b4bf4 Mail-SpamAssassin-rules-4.0.1.r1916528.tgz
sha512sum of archive files:
66183e356b07d1049cf5598fc1e563e4aab580dfca04bf8ec37781dfb57ef568d33c6f6455076f54f940947f5a5dfefa7a08d233833deea5fe5ea18b669cd790 Mail-SpamAssassin-4.0.1.tar.bz2
7ac2d789d8744dfe37f647013871e293de50cfcd792029956eb6cea8e51343aad135398bd91867c3c21a68e5fb6330bd6b38a04b794a24449a59287b46d4ac70 Mail-SpamAssassin-4.0.1.tar.gz
efed5a7ae2fb4f200c9f248d61bdda44a6e4103b4245b086c3b94f1880e5cee1f19a7b4d810d4553cc566208970052d4f26cc5512fa4a0e1d0d09d4fa54bdd15 Mail-SpamAssassin-4.0.1.zip
7e6093c8514e1b18f3b47215dc97d51b7b70142ca2fe7242362c021bf770b2c1c1e99a8227d1c5b9b5d303e405ab9e6a7c67a60b5b03dcb6588bd68c733e2448 Mail-SpamAssassin-rules-4.0.1.r1916528.tgz
Note that the Rules files, aka *-rules-*.tgz, are only necessary if
you cannot, or do not wish to, run "sa-update" after
installation. Using sa-update will download the latest rules
See the INSTALL and UPGRADE files in the distribution for important
installation notes
GPG Verification Procedure
--------------------------
The release files also have a .asc accompanying them. The file serves
as an external GPG signature for the given release file. The signing
key is available via the keys.gnupg.net or keys.openpgp.org key
servers, as well as https://www.apache.org/dist/spamassassin/KEYS
The following key is used to sign SA releases 3.3.0 and later:
pub 4096R/F7D39814 2009-12-02
Key fingerprint = D809 9BC7 9E17 D7E4 9BC2 1E31 FDE5 2F40 F7D3 9814
uid SpamAssassin Project Management Committee <private@spamassassin.apache.org>
uid SpamAssassin Signing Key (Code Signing Key, replacement for 1024D/265FA05B) <dev@spamassassin.apache.org>
sub 4096R/7B3265A5 2009-12-02
The following key is used to sign rule updates:
pub 4096R/5244EC45 2005-12-20
Key fingerprint = 5E54 1DC9 59CB 8BAC 7C78 DFDC 4056 A61A 5244 EC45
uid updates.spamassassin.org Signing Key <release@spamassassin.org>
sub 4096R/24F434CE 2005-12-20
To verify a release file, download the file with the accompanying .asc
file and run the following commands:
gpg --verbose --keyserver keys.openpgp.org --recv-key FDE52F40F7D39814
gpg --verify Mail-SpamAssassin-4.0.0.tar.bz2.asc
gpg --fingerprint FDE52F40F7D39814
Then confirm that the key description shown by --verify matches what
is shown by --fingerprint.
See https://www.apache.org/info/verification.html for more information
on verifying Apache releases
About Apache SpamAssassin
-------------------------
Apache SpamAssassin is a mature, widely-deployed open source project
that provides filtering to classify email to block spam, malware, and
phishes.
Apache SpamAssassin uses a variety of mechanisms including mail header
and text analysis, Bayesian filtering, DNS blocklists, collaborative
filtering databases, and meta concepts to lower incorrect
classification.
Apache SpamAssassin uses a highly modular architecture that allows
other technologies to be quickly incorporated as plugins to easily add
or replace existing methods.
Apache SpamAssassin typically runs on a server using either command
line utilities or an API to classify email so a mail system can use
the results before the message reaches mailboxes.
Most of the Apache SpamAssassin is written in Perl natively supporting
Unix, Linux, and macOS platforms and Microsoft Windows using
Strawberry Perl.
For more information, visit https://spamassassin.apache.org/
About The Apache Software Foundation
------------------------------------
Established in 1999, The Apache Software Foundation provides
organizational, legal, and financial support for more than 100
freely-available, collaboratively-developed Open Source projects. The
pragmatic Apache License enables individual and commercial users to
easily deploy Apache software; the Foundation's intellectual property
framework limits the legal exposure of its 2,500+ contributors.
For more information, visit https://www.apache.org/
--
Sidney Markowitz
Chair, Apache SpamAssassin PMC
sidney@apache.org