Log message:
Updated to version 3.2.3.

Pkgsrc changes:
  - Added security/gnupg as a required package. Without it, sa-update does not
    work.
  - Added requirement for p5-INET6 which may be needed for IPv6 nameservers.
    Until now, this only worked because p5-Net-DNS already pulled in this
    package.
  - New option "inet6" (enabled by default) for switching off the \ 
requirement
    for p5-INET6.
  - Got rid of some backslashes in options.mk
  - patch-ba and patch-bc correct discrepancies between the man page
    and the code. Additionally, they adapt hard-coded paths to the actual
    installation. Submitted upstream.

Relevant changes since version 3.2.1:
=====================================
3.2.3 is a major bug-fix release.  Summary of changes:

- bug 5574: fix new setuid code to work with perl 5.6.1, and to support DCC and
  Pyzor in all releases of perl

- bug 5107: change default 'user_scores_ldap_username' to be the null string,
  allowing anonymous binding; fix 'schema' syntax error in LDAP config support

- zeroing an 'eval' rule's score did not stop it running.  fix, thanks to
  Richard Birkett <richard+spamassassin at musicbox.net>

- bug 5571: allow for new message ID format we have seen from Vista or Windows
  2003 Server MAPI to avoid false positives

- bug 5397: RDNS_DYNAMIC should never fire on a PTR with 'static' in it; thanks
  to Martin Blapp <mbr at freebsd.org>.  bug 5563: RDNS_DYNAMIC rules use
  order-dependent fields where it is unsafe to depend on this, fix.  bug 5564:
  __RDNS_DYNAMIC_IPADDR does not hit all of its test patterns, fix.

- bug 5475: fix FORGED_MUA_AOL_FROM to allow <*@{aol,cs}.*> addresses instead
  of just <*@{aol,cs}.com>

3.2.2 is a minor bug-fix release.  Summary of changes:

- bug 5548: Certain mail input can take a long time to scan with 100% CPU
  utilisation, due to backtracking in a rule's regexp. fix

- bugs 5510, 5518, 5529: fix 'make test' when running as root, needed for CPAN

- bug 5419: kill -HUP of pidof spamd causes the ps name to change from spamd
  to perl. fixed

- bug 5535: 'make test' errors in Windows caused by nonportable use of
  getpwuid

- bug 5462: multiple DNS records for a host name should allow use of spamd -H
  for load balancing installs to work

- bugs 5509, 5511: fix network lookup timeouts, where lookups were being lost
  once a timeout was hit; also fix code to match documentation on
  rbl_timeout's scaling and minimum duration of 1 second; and attempt to
  collect already-received DNS responses when the timeout is reached; improve
  related debugging output. Thanks to Mark Martinec

- bugs 5412, 5478, 5522: Fix problems using the spamc -x option with certain
  other options; 'spamc -x -R' always returned 0, instead of the exit code, on
  error.  Bug 5478: in addition, 'spamc -x -e /command' would still run the
  command, even if errors meant that the filtered text would be unavailable,
  which contradicted -x.

- bug 5445: body eval tests defined in user_rules cause ugly 'Subroutine
  _eval_tests_type11_prineg400_set3 redefined' warnings

- bug 5355: add in new entries for RegistrarBoundaries

- bug 5515: libsslspamc.so & libsslspamc.so can not build without -fPIC, but
  we were picking up the wrong CFLAGS to do this.

- bug 5501: zero score for FH_HAS_XID

- bug 5449: allow_user_rules causes sa-compile / Rule2XSBody plugin to emit
  spurious warnings; fix.  also, add a new 'user_conf_parsing_end' plugin
  hook, which is called after the per-user configuration is parsed

- bug 5182: update the sa-learn doc to mention that -u is only usable w/ sql

- bug 5534: fix harmless-but-ugly C compiler warning in sa-compile

Log message:
Full DESTDIR supports works fine.

Log message:
Updated to version 3.2.1.

Pkgsrc changes:
  - Added some comments to patch files.
  - Adapting patch-aq to changes in the README file.
  - Added forgotten direct requirement for p5-Compress-Zlib.
  - Since 3.2.0 at least version 3.43 of p5-HTML-Parser is needed.
  - Installation to DESTDIR is possible as root.
  - Substituted correct paths in spamc.pod (source file for spamc.1).
  - Added VARBASE to BUILD_DEFS to silence pkglint warnings.

Changes since version 3.2.0:
============================
3.2.1 is a major bug-fix release, including a potential local DoS.  The
major highlights are:

- bug 5480: fix for CVE-2007-2873: a local user symlink-attack DoS
  vulnerability. It only affects systems where spamd is run as root, is used
  with vpopmail or virtual users via the "-v"/"--vpopmail" OR
  "--virtual-config-dir" switch, AND with the \ 
"-x"/"--no-user-config AND
  WITHOUT the "-u"/"--username" switch AND with the \ 
"-l"/"--allow-tell" switch.
  This is not default on any distro package, and is not a common configuration.
  More details of the vulnerability can be read at
  <http://spamassassin.apache.org/advisories/cve-2007-2873.txt>.

- bug 5488: zero some rules causing false positives: FH_HOST_EQ_D_D_D_DB and
  FH_HOST_EQ_D_D_D_D.

- bug 5257: re-raise autolearn ham threshold to 1.0; the lower value
  used in 3.2.0 was creating problems.

- bug 5422: in spamd, deleting hash entries from the SIGCHLD signal handler is
  unsafe, causes corruption of the data structure, and results in 'prefork:
  ordered child N to accept, but they reported state '1', killing rogue'
  errors.  fix.

- bug 5102: tighten up regexp for FORGED_HOTMAIL_RCVD to avoid some FPs.

- bug 5457: spamc build and test should handle not having zlib available.

- bug 5379: spamd could crash at startup if its preloading temporary directory
  already exists. fix.

- bug 4616: spamc config can cause command line options to be ignored. fix.

- bug 5485: zero score DK/DKIM_POLICY_SIGNSOME rules since they'll always fire
  due to defaults (unless there's an explicit SIGNALL policy).

- bug 5492: VBounce rule was looking in header instead of body for whitelisted
  relays. fix.

- bug 5487: prevent multiple "urirhssub"s using the same zone from \ 
overwriting
  each other.

- bug 5432 - Change default in Win32 build to not build spamc.

- bug 5446: add --updatedir option to sa-compile and remove inaccurate re2c
  required version info from pod.

- bug 5436: add omitted "ifplugin" statements to the configuration, \ 
which would
  otherwise cause lint errors if the default plugins were disabled.

- bug 5477: prevent Rule2XSBody info message from appearing on stderr during
  spamd startup.

Log message:
Updated to version 3.2.0.

Pkgsrc changes:
  - Removed PKG_DESTDIR_SUPPORT until the issue with encoded ownership in
    +INSTALL files is resolved.
  - made pkglint shut up about some warnings (CONFIGURE_DIRS, BUILD_DIRS,
    hidden commands with @)
  - parse-rules-for-masses has moved in the source archive.
  - The directories "masses" and "tools" are no longer \ 
distributed in the
    archive so I simplified the post-install target.
  - Since "tools" is gone, the post-extract: target is obsolete.
  - MESSAGE now points at sa-compile.
  - Spamc depends on zlib now, so we needed the appropriate buildlink3 file.

Summary of changes since version 3.1.8:
=======================================
 * new behavior for trusted_networks/internal_networks: the 127.* network
 is now always considered trusted and internal, regardless of configuration.

 * bug 3109: short-circuiting of 'definite ham' or 'definite spam' messages
 based on individual short-circuit rules using the 'shortcircuit' setting,
 by Dallas Engelken <dallase /at/ uribl.com>.

 * bug 5305: implement 'msa_networks', for ISPs to specify their Mail
 Submission Agents, and extend network trust accordingly.

 * bug 4636: Add support for charset normalization, so rules can be written
 in UTF-8 to match text in other charsets.

 * sa-compile: compilation of SpamAssassin rules into a fast parallel-matching
 DFA, implemented in native code.

 * "tflags multiple": allow writing of rules that count multiple hits in a
 single message.

 * bug 4363: if a message uses CRLF for line endings, we should use it as
 well, otherwise stay with LF as usual; important for Windows users.

 * bug 4515: content preview was omitting first paragraph when no Subject:
 header was present.

 * The third-party modules used by sa-update are now required by the
 SpamAssassin package, instead of being optional.

 * Bug 5165: 'sa-update --checkonly' added to check for updates without
 applying them; thanks to <anomie /at/ users.sourceforge.net>

 * Bugs 4606, 4609: Adjust MIME parsing limits for nested multipart/* and
 message/rfc822 MIME parts.

 * bug 5295: add 'whitelist_auth', to whitelist addresses that send mail
 using sender-authorization systems like SPF, Domain Keys, and DKIM

 * Removed dependency on Text::Wrap CPAN module.

 * Received header parsing updates/fixes/additions.

Spamc / spamd:

 * bug 4603: Mail::SpamAssassin::Spamd::Apache2 -- mod_perl2 module,
 implementing spamd as a mod_perl module, contributed as a Google Summer of
 Code project by Radoslaw Zielinski.

 * bug 3991: spamd can now listen on UNIX domain, TCP, and SSL sockets
 simultaneously.  Command-line semantics extended slightly, although fully
 backwards compatibly; add the --ssl-port switch to allow TCP and SSL
 listening at the same time.

 * bug 3466: do Bayes expiration, if required, after results have been
 passed back to the client from spamd; this helps avoid client timeouts.

 * more complete IPv6 support.

 * spamc: Add '-K' switch, to ping spamd.

 * spamc: add '-z' switch, which compresses mails to be scanned using
 zlib compression; very useful for long-distance use of spamc over the
 internet.

 * bug 5296: spamc '--headers' switch, which scans messages and transmits
 back just rewritten headers.  This is more bandwidth-efficient than the
 normal mode of scanning, but only works for 'report_safe 0'.

 * Bump spamd's protocol version to 1.4, to reflect new HEADERS verb used
 for '--headers'.

Mail::SpamAssassin modules and API:

 * bug 4589: allow M::SA::Message to use IO::File objects to read in
 message (same as GLOB).

 * bug 4517: rule instrumentation plugin hooks, to measure performance,
 from John Gardiner Myers <jgmyers /at/ proofpoint.com>.

 * add two features to core rule-parsing code; 1. optional behaviour to
 recurse through subdirs looking for .cf/.pre's, to support rules compilers
 working on rulesrc dir.  2. call back into invoking code on lint failure,
 so rule compiler can detect which rules exactly fail the lint check.

 * bug 5206: detect duplicate rules, and silently merge them internally
 for greater efficiency.

 * bug 5243: add Plugin::register_method_priority() API, allowing plugins
 to control the relative ordering of plugin callbacks relative to other
 plugins' implementations.

 * Reduced memory footprint.

Plugins:

 * bug 5236: Support Mail::SPF replacement for Mail::SPF::Query.

 * bug 5127: allow mimeheader :raw rules to match newlines and folded-header
 whitespace in MIME header strings.

 * bug 4770: add ASN.pm plugin, contributed by Matthias Leisi <matthias at
 leisi.net>

 * bug 5271: move ImageInfo ruleset into 3.2.0 core rules, thanks to
 Dallas Engelken <dallase /at/ uribl.com>.

 * VBounce ruleset and plugin: detect spurious bounce messages sent by
 broken mail systems in response to spam or viruses.  (Based on Tim
 Jackson's "bogus-virus-warnings.cf" ruleset.)

 * DomainKeys/DKIM: Mail::DKIM is now preferred over Mail::DomainKeys,
 since the latter module is no longer actively maintained, and Mail::DKIM
 can handle both DomainKeys and DKIM signatures.

 * DKIM: separate signature verification from fetching a policy: can save
 a DNS lookup for each unverified message by setting score to 0 for all
 policy-related rules (DKIM_POLICY_SIGNALL, DKIM_POLICY_SIGNSOME, and
 DKIM_POLICY_TESTING). (thanks to Mark Martinec)

 * DKIM: support testing flags in the public key, as well as in the policy
 record. (thanks to Mark Martinec)

 * DKIM: skip fetching a policy (SSP) if a signature does verify, according
 to draft-allman-dkim-ssp-02 (thanks to Mark Martinec)

 * Move rule functionality and checking into separate Check plugin, allowing
 third parties to implement alternative scanner core algorithms.

 * core EvalTests code moved into various plugins.

* Plus lots of miscellaneous bug fixes.

Log message:
Updated to version 3.1.8.

Pkgsrc changes:
  - some cleanup of the Makefile to shut up a few pkglint notes and warnings
    (USE_TOOLS, SUBST_CLASSES).

Changes since version 3.1.7:
============================
3.1.8 is a major bug-fix release, including a potential DoS.  The major
highlights are:

- bug 5318: fix for CVE-2007-0451: possible DoS due to incredibly
  long URIs found in the message content.
- bug 5240: disable perl module usage in update channels unless
  --allowplugins is specified
- bug 5288: files with names starting/ending in whitespace weren't usable
- bug 5056: remove Text::Wrap related code due to upstream issues
- bug 5145: update spamassassin and sa-learn to better deal with STDIN
- bug 5140 and 5179: improvements and bug fixes related to DomainKeys
  and DKIM support
- several updates for Received header parsing
- several documentation updates and random taint-variable related issues

Log message:
Put rule file updates in ${VARBASE}/spamassassin instead of ${VARBASE}.  Bump
PKGREVISION.

Log message:
DESTDIR support.

Log message:
Updated to version 3.1.7.

Pkgsrc changes:
  - none

Changes since version 3.1.6:
============================
3.1.7 is a "quick-fix" release; it contains only a fix for one bug,
introduced accidentally in 3.1.6:

- bug 5119: if admins had set rule scores in the site configuration in
  /etc, sa-update would fail.  Back out this change

Log message:
update this to spamassassin 3.1.6.  changes include:

bug 5044: include local site config in sa-update lint checks
bug 5048: --lint should not use network rules or AWL
bug 5081: sometimes, SIGHUPing spamd would leave one child process still alive \ 
due to a race in the SIGHUP handler and the preforking code.  fixed
bug 5040: if in no-net scoreset, don't warn about net rules being zero-score \ 
dependencies of meta rules
bug 5105: M::SA::Client doesn't always catch failed connection to spamd, fixed
bug 5094: check for unit'd value used in AntiVirus.pm
bug 5089: enable adding headers with single digit zero value
bug 5077: fix false SPF_SOFTFAIL's when SPF queries timeout
bug 5080: fix bug in update RCVD_ILLEGAL_IP evaltest to properly deal with 127/8 fix
bug 5111: fix FORGED_JUNO_RCVD FP on webmail from untd.com's own systems
bug 4940: _get_date_header_time() should try dates one at a time not all dates \ 
joined together
bug 5098: add support for ecelerity Received headers, thanks to Joe Schaefer \ 
<joe+gmane at sunstarsys.com>
bug 4975: (trivial) avoid use of unit'd value in prefork warning message
bug 4418: remove no longer useful HTML_WEB_BUGS and HTML_LINK_IMAGE_BUG rules
bug 5101: fix bug in mbx code introduced in a backport of 3.2 AICache code
try to work around horribleness when checking in the entire built tree for the \ 
website update procedure
bug 5076: unescape hash characters in the config
add my nagios plugin for monitoring spamd to contrib/

Log message:
update to spamassassin 3.1.5.  relevant changes:

	bug 5018: update RegistrarBoundaries with new list of 2TLDs
	bug 5020: drop __OUTLOOK_DOLLARS_MSGID, replace with the superset
	rule __OE_MSGID_2
	update replace_license_blocks, have it deal with C-style comments
	better, put a sample commandline in place
	bug 4492: bayes_ignore_header was case sensitive
	add logging, enable zmi and doc mass-checks
	bug 5049: allow commented lines in gpgkeyfile and channelfile files
	bug 4952: set a default value for DEF_RULES_DIR_, LOCAL_RULES_DIR,
	and LOCAL_STATE_DIR.  this fixes an issue where third-party code
	which hasn't been updated to deal with LOCAL_STATE_DIR can still
	use updates.
	bug 4848: Pyzor, DCC, and SpamCop plugins weren't looking at the
	right place to see the 'dont_report_to_...' options
	bug 4843: skip text/calendar parts when generating the body text
	arrays
	bug 5013: deal octal obfuscation of IP addrs in URLs
	bug 5049: handle comments and whitespace in sa-update config files
	and fix an error in channel name validation
	bug 4981: remove broken urirhssub support for regexp subrule and
	make perldoc match the code
	bug 5060: backport ArchiveIterator changes for rule-QA system,
	namely: the AICache caching subsystem for faster mass-checks, support
	for combined --head/--tail semantics, more verbose 'showdots' to
	avoid buildbot timeouts, and a new intra-child IPC me chanism for
	multi-child mass-checks
	bug 5034: fix endless loop possible from bad input or network error
	bug 5065: implement whitelist_from_dk
	bug 4823: clarify M::SA::Plugin documentation