Alert: SpamAssassin’s Year 2010 Bug

If you haven’t been getting as much email as usual this past week, the culprit may be SpamAssassin. It turns out that SpamAssassin 3.2.5 (the current version, released in June of 2008) has a Year 2010 Bug.

The problem lies in the core configuration file 72_active.cf, which contains a wide variety of “currently active” rules. On line 543, it says:

header FH_DATE_PAST_20XX Date =~ /20[1-9][0-9]/ [if-unset: 2006]

For those who don’t read regular expressions, this rule will match any Date: header that contains a string like 201x, 202x, 203x, etc., where “x” could be replaced by any digit. So, back in 2008, this rule would catch email that claimed to hail from the year 2010 or later. (Well, up to 2099.)

Starting on the morning of last Friday, this rule started triggering on pretty much all mail that hadn’t been delayed, thus adding 3.384 points to every piece of incoming email. Naturally, this could easily push mail over the threshold from “not spam” into “spam” when it doesn’t belong there.

If you’ve been expecting some mail that hasn’t arrived, and your mail host uses SpamAssassin, you might want to check your spam folder.

According to a note on the SpamAssassin project’s main page, you can easily correct this problem in either of two ways:

  1. If your system is configured to use sa-update, run it now.
  2. Remove the FH_DATE_PAST_20XX rule altogether by putting “score FH_DATE_PAST_20XX 0” at the end of your local.cf file.

Alternatively, if you’re the mail administrator, and you don’t mind setting up a Year 2020 Bug for yourself, you could always change the part that says Date =~ /20[1-9][0-9]/ so that it says Date =~ /20[2-9][0-9]/ instead. After all, stuff that claims to be from years in the future (or past) is likely to be something you don’t feel like reading. But if you do this, I strongly urge you to find some way to send yourself an alert around December of 2019, warning yourself that you need to fix that problem. (And that may be easier said than done.)

Post a Comment

Your email is never shared. Required fields are marked *

*
*