Package: spamassassin Version: 4.0.2-4 Severity: important Last year, I had reported
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106669 There is now a low limit on the Validity requests. This yields RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RCVD_IN_VALIDITY_RPBL_BLOCKED RCVD_IN_VALIDITY_SAFE_BLOCKED even on personal servers. To solve this issue, upstream has changed the Validity rules to have zero scores: https://lists.apache.org/thread/75rhgh5cmx5bcv0thsqwq1pkw80f90cn ---- I had not checked the fix since in the mean time I had added dns_query_restriction deny sa-trusted.bondedsender.org dns_query_restriction deny bl.score.senderscore.com dns_query_restriction deny sa-accredit.habeas.com to /etc/spamassassin/local.cf (and anyway, the fix was not available in Debian/stable). But in a test with "spamc -R" on a Debian/unstable machine, I can still see the issue: 1.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [217.70.182.74 listed in sa-trusted.bondedsender.org] 1.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [217.70.182.74 listed in sa-accredit.habeas.com] 1.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [217.70.182.74 listed in bl.score.senderscore.com] This adds 3 points to the spam score! I think that it would actually be better to disable the checks by default. -- System Information: Debian Release: forky/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable-debug'), (500, 'proposed-updates-debug'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 6.7.12-amd64 (SMP w/16 CPU threads; PREEMPT) Kernel taint flags: TAINT_WARN Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages spamassassin depends on: ii adduser 3.154 ii curl 8.19.0-3 ii libhtml-parser-perl 3.83-1+b2 ii libhttp-date-perl 6.06-1 ii libio-string-perl 1.08-4 ii libmail-dkim-perl 1.20240923-1 ii libnet-dns-perl 1.54-1 ii libnetaddr-ip-perl 4.079+dfsg-2+b5 ii libsocket6-perl 0.29-3+b4 ii libsys-hostname-long-perl 1.5-3 ii libwww-perl 6.81-1 ii perl [libarchive-tar-perl] 5.40.1-7 ii w3m 0.5.3+git20230121-2.3 Versions of packages spamassassin recommends: ii gnupg 2.4.9-4 ii libbsd-resource-perl 1.2911-2+b4 ii libmail-dmarc-perl 1.20260301-1 ii libmail-spf-perl 3.20250505-1 ii perl [libsys-syslog-perl] 5.40.1-7 ii sa-compile 4.0.2-4 ii spamc 4.0.2-4 Versions of packages spamassassin suggests: pn libdbi-perl <none> pn libencode-detect-perl <none> pn libgeoip2-perl <none> ii libio-socket-ssl-perl 2.098-1 pn libnet-patricia-perl <none> ii perl [libcompress-zlib-perl] 5.40.1-7 pn pyzor <none> pn razor <none> -- no debconf information -- Vincent Lefèvre <[email protected]> - Web: <https://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / Pascaline project (LIP, ENS-Lyon)
