Wednesday, March 23, 2011

SEM Rules Mistakenly Enabled, How to Disable

UPDATED 3/24/2011:
sa-update rules were reverted to an earlier state to avoid this and other possible surprises.  Bug #6560 has a patch under review to avoid this problem in the future.

https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6220
Some kind of bug in the auto-promotion backend has mistakenly made active several of the SpamEatingMonkey (SEM) network rules including the SEM DNSBL and URIBL's.  It is a matter of policy that Spamassassin NEVER adds new network rules in stable updates because it can cause significant unexpected problems to server administrators.  Furthermore, SpamTips.org strongly recommends against the use of  SEM's DNSBL due to its extremely high overlap with the high scoring PBL.  The Bug #6220 indicates one kind of serious issue that can happen when network rules are mistakenly added to sa-update where they very quickly hit usage limits and the provider causes all queries to become false positive hits.  Read more to learn how to workaround this issue.


It is strongly recommended that until upstream fixes this with another sa-update push, everyone should disable these network rules.  Insert the following lines into your local.cf then restart your spamd.

score RCVD_IN_SEMBLACK    0
score URIBL_SEM           0
score URIBL_SEM_FRESH     0
score URIBL_SEM_FRESH_10  0
score URIBL_SEM_FRESH_15  0
score URIBL_SEM_RED       0

Background Information
Since December 2010 sa-update auto-promotion of new rules was broken due to insufficient quantities of ham and spam in the nightly masscheck corpora. It took us a few months with new volunteers to build our quantities enough for auto-promotion to resume. But now that it was broken for so long we seem to have run into some unexpected surprises.

This erroneous auto-promotion was caused by this separate bug.

No comments:

Post a Comment