ports/142217: Y2010 bug in spamassassin rule

[Jeffrey Goldberg]

>Number:         142217
>Category:       ports
>Synopsis:       Y2010 bug in spamassassin rule
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Jan 01 21:20:03 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator:     Jeffrey Goldberg
>Release:        FreeBSD 8.0-STABLE i386
>Organization:
>Environment:
System: FreeBSD winky.ewd.goldmark.org 8.0-STABLE FreeBSD 8.0-STABLE #6: Thu Dec 3 15:49:09 CST 2009 root at winky.ewd.goldmark.org:/usr/obj/usr/src/sys/WINKY i386


	
>Description:
	The current version of SpamAssassin rules includes a rule that scores
        very highly any email message with a header Date greater than or equal
        to 2010.

        In
         /usr/local/share/spamassassin/72_active
        there is a rule

##{ FH_DATE_PAST_20XX
header   FH_DATE_PAST_20XX      Date =~ /20[1-9][0-9]/ [if-unset: 2006]
describe FH_DATE_PAST_20XX      The date is grossly in the future.
##} FH_DATE_PAST_20XX

         which catches mail with a Date including the current year (2010), yet
         this rule is scored heavily.

>How-To-Repeat:
	
>Fix:

      There are several options to fix.

      (1) add in a local scoring rule like
         score   FH_DATE_PAST_20XX       0

      (2) change the regular expression in the current rule to look another
          10 years in the future.

      (3) Do nothing and hope that users are all using sa-update which should
          have this fixed soon.

      Note that this is being actively discussed on the spamassassin
      mailing list.
         http://mail-archives.apache.org/mod_mbox/spamassassin-users/201001.mbox/thread

>Release-Note:
>Audit-Trail:
>Unformatted: