Matt Kettler wrote: > At 03:26 PM 1/4/2005 +0100, Per Jessen wrote: >>Same here. I was hoping that the 2 and 3 branches would live parallel >>lives for a while. > > Highly unlikely, largely due to lack of developer resources. SA has enough > of a devel team to support their existing projects, but supporting older > versions would draw away from their efforts. Keeping ahead of spammers is > tough.
Fully appreciated. > Keeping ahead of spammers and trying to work on a 2.6 version, which > has to run on an obsolete version of perl few of the developers have any > experience with, in parallel with the 3.0 version, is even harder. Which obsolete version of perl does 2.64 require? I'm using 5.8.5 - is that already obsolete? > It's also partly due to licensing differences. SA is now an ASF project, > but SA 2.x has a non-apache license. SA 3.0 code cannot always be > backported to SA 2.x in a trivial manner. Also fully appreciated. Just in case I were to backport some 3.0 features, can you point to specific licensing problems I would need to be aware of? > No, the fix isn't 3.0 specific. They fixed it by removing the rule entirely > from the 3.0 series. If you want a backport of that particular fix, the > score 0 trick has the exact same effect. It doesn't appear to have been fixed at all (except maybe in CVS?) - as I said in my follow-up, the rule is still present in 3.0.2 in exactly the same form as in 2.64. And the scores have even been upped : 50_scores.cf: score FORGED_MUA_OUTLOOK 3.200 3.037 3.800 3.920 >> I finally had to put a score in my local.cf that reduces the score to zero. >> I've already got a couple of those caused by similar problems, and I'm not >> overly enthusiastic about it. > > Well, in the long run, removing lots of rules means your score set becomes > unbalanced. > This is why, in the long run, an upgrade really is the better answer. > However, in the short run, disabling the errant rules is pretty much the > only option you have. And really, it's not *that* detrimental. Totally agree with all of the above. However, it is also a fact of life in a production environment that changes do not happen as fast as in development. Apache 2.0 has been out for quite some time now, yet thousand of installations are still using 1.3 - even php still officially only supports 1.3. -- Per Jessen, Zurich Let your spam stop here -- http://www.spamchek.com
