Hello!
Debian 12.5
SpamAssassin version 4.0.0
running on Perl version 5.36.0
Server setup with iRedMail
A few days ago a lot of false negatives landed in our inboxes. As it
turned out the reason was that the for nearly all mails the
RCVD_IN_VALIDITY_CERTIFIED and RCVD_IN_VALIDITY_SAFE rules matched.
I now know that validity introduced a query limit which we hit, because
I have to admit, I wasn't aware that I shouldn't use public DNS
resolvers for blacklists and therefore we got "Excessive Number of
Queries" answers. I also found this patch
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8244 which introduces
new rules addressing the query limit.
Those *BLOCKED rules where never applied because our spamassassin
received an updated rule-set which was saved to
/var/lib/spamassassin/4.000000/updates_spamassassin_org/ but never
received an update for the active.list file located in
/usr/share/spamassassin/
After I manually added the changes from the above mentioned patch to the
active.list file it started to work.
Now for my questions:
*) as is stated in active.list it should not be edited. What's the
correct place to add the new rules to activate them? local.cf?
*) If I understand it correctly
/var/lib/spamassassin/4.000000/updates_spamassassin_org/ is updated by
the SA update mechanism but it's the Linux distribution's responsibility
to update /var/lib/spamassassin? In that case should I fill a Debian
bug? Or should the SA updates also include the file active.list?
Thanks and best regards
Flo
