Switch branches/tags
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
237 lines (178 sloc) 9.95 KB
SpamPD Change Log
2.51 (01-May-18)
- Fix listening to IP address, broken in 2.50 "Unix ports" feature. (#18)
- Add --setsid option to start server with setsid if running in background (#18)
2.50 (30-Apr-18)
- Replace IO::Socket::INET with IO::Socket::IP for IPv6 support (#9).
- Unix ports (ability to listen on UNIX sockets) (#13).
- Add X-Envelope-* headers before Received (#14).
- Add /usr/local/bin and /usr/local/sbin to PATH (#17).
Please refer to commit notes at ( for details and credits.
2.42 (08-Dec-13) (experimental)
- Untaint some params for compatibility with Perl 5.18.
2.41 (11-Aug-10) (experimental)
- Added setting of user name at SA init time.
2.40 (10-Jan-09) (experimental)
- New config option to load a specific configuration file after the default file, thereby overriding any settings therein. The new option is
--saconfig=filename. Thanks to Sven Mueller for code and Bernd Zeimetz for
bringing it up. (
- Integrated code by Alexander Wirt to introduce a parameter which
sets a proper home directory (--homedir=path) and also cleans up the
environment before backgrounding.
* NOTE: * default homedir is /var/spool/spamassassin/spampd which needs to be
writable by the user spampd is running as. Previously, some files like the
auto-whitelist were written to the .spamassassin folder inside the users home
directory who started spampd, typically root.
- Integrated fix from Vladislav Kurz for LMTP multi-line response after DATA
is sent. (
- Yet another fix for older Net::Server versions (<= 0.87) dying when logging
a % character to Sys::Syslog. This also fixes the bug in 2.30 that logs "%s"
instead of the actual messages on some system.
- Fixed bug with temp files sticking around until spampd child exists,
introduced when SA 3.0 was released
Thanks to Simon Matter for bringing this to my attention.
2.30 (31-Oct-05)
- Another, hopefully final, fix for the Sys::Syslog issue of % signs in the log
string. Fixes possible DoS vulnerability. Thanks to Sven Mueller and Florian
Weimer for the solution.
- Added new options for adding X-Envelope-From and (optionally) X-Envelope-To
headers to messages before SA processing. The idea is to help SA process any
blacklist/whitelist to/from directives on the actual sender/recipients instead
of the possibly bogus envelope headers. Use --seh or --set-envelope-headers
to enable setting both headers, or use --sef or --set-envelope-from to enable
only X-Envelope-From. If added, spampd attempts to remove the X-Envelope-To
header after SA processing to preserve BCC recipient anonymity, but enabling
this header may still expose recipient information. See man page for more
details. This patch was originally submitted by Sven Mueller, was slightly
modified, and the --sef option was added.
2.21 (23-Oct-05) (unreleased)
- fixed SA version check on alphanumeric version strings. Stops the annoying
Perl warning messages in the mail log. Thanks to Sven Mueller for the fix.
2.20 (05-Oct-04)
- added support for SpamAssassin version 3. spampd should now support all
SA versions (tested with 2.6.3 and 3.0.0).
- removed --add-sc-header feature. It is now redundant with SA v2.6 ability
to (almost fully) customize headers, which v3 improves on. If anyone
really needs this feature, please let me know.
- added --nodetach option to prevent daemon process backgrounding. Patch
provided by Urban Petry. Can be useful for win32/cygwin.
- if --debug is specified, Net::Server log level is increased to 4 (debug)
to provide some more info in the log (can be useful for diagnosing
user/permission issues). Thanks to Urban Petry for idea.
- the message sender (From header) is now included in the log along with message
ID, recipient, and scoring info. Thanks to Roland Koeckel for the patch.
2.13 (24-Nov-03)
- SA debug messages redirected from STDERR (warn) to syslog. Thanks to Roland
Koeckel for the suggestion.
2.12 (15-Nov-03)
- fixed bug related to Sys::Syslog where we needed to escape % signs in
Message IDs. Thanks to Jeffrey W. Collyer and Yann Grossel for the bug reports.
- minor performance improvement in SpamPD::Client using buffered write to send
message data. Thanks to Sam Horrocks for the tip.
- fixed error condition when an error response ([4|5]xx) was returned after a
DATA command was sent. Thanks to Rodrigo Ventura for bug reports about this.
2.11 (15-Jul-03):
- fix for occasional corrupted message headers which caused blank messages
(seemed to have only affected certain malformed spam mail).
- added --logsock option for syslog socket. Defaults to 'unix' except for
HP-UX and SunOS (Solaris) which I'm told prefer 'inet'.
2.10 (01-Jul-03):
- added optional 'X-Spam-Checked-By: {hostname}' header, where {hostname} is,
theoretically, the name of the machine doing the message scanning. New
options --add-sc-header and --hostname=name control this behavior.
2.00 (10-Jun-03):
- major rewrite of how mail is handled internally. spampd now takes no
responsibility for the mail at any point, instead acting as a transparent
proxy between the originating and the destination servers. That is, the
servers speak to each other through spampd so final mail delivery
occurs only when the destination server acknowledges receipt of the data.
Idea based on smtpprox by Bennett Todd (
Unfortunately this breaks the ability to redirect the mail based on spam
score, since scoring happens after all recipients have been specified and
accepted. But, it is much cleaner and safer than the previous method.
- new architecture doesn't store the mail data in memory any more. Message
is still written to memory before scanning by SpamAssassin, but messages
larger than the --maxsize to be scanned won't eat up a bunch of memory.
From smtpprox documentation by Bennet Todd:
"it [spampd] stores the body of the message in an unlinked file
under /tmp, which should be a tmpfs; this prevents the allocation
overhead associated with large strings (often 2-3x) and ensures that
space will be returned to the OS as soon as it's not needed."
- as a bonus feature, LMTP is now supported by virtue of spampd's transparency.
- added a timeout check around the socket operations as suggested in the
Net::Server docs. Added new parameter to control this: --childtimeout=n
where n is number of seconds.
- added a timeout check around the message processing (spam checking) routines
to guard against a SpamAssassin hang. Added new parameter to control
this: --satimeout=n where n is number of seconds. If a timeout (or error)
occurs while processing, the mail is still passed on unless the new --dose
(die-on-sa-errors) paramater is given.
- added --children=n parameter to specify how many child
servers to spawn and maintain. Default is 5 children (plus
one parent).
- now uses Net::Server::PreForkSimple instead of PreFork. (Tried utilizing the
advanced children pool features of PreFork but either couldn't figure it out
or they're kinda broken. If anyone has experience here, please let me know.)
- improved logging including the Message-ID, recipients, 100ths precision
on spam score, processing time, and file size. Logging format now better
resembles that of spamd (which hopefully means spamd log analysis tools can be
made to work with spampd easily).
- removed dependencies on Net::SMTP, Net::SMTP::Server::Client, and Error
- host/port and relay host/port can both be specified as xx.xx.xx.xx:nn in
the --host and --relayhost parameters, or as individual parameters (--host,
--port, --relayhost, --relayport).
# The next 3 items are ideas/patches by
# Kurt Andersen,
# Agilent Technologies Postmaster
# Global Messaging Team, Agilent Technologies
- added optional support for Time::HiRes for more accurate processing time
reporting in the log (automatically loaded if Time::HiRes is available).
- added optional logging of which SA rules matched a message. New option is
--log-rules-hit or --rh for short.
- Added auto HPUX OS detection for syslog loggging
"(for some reason HPUX chokes on using the 'unix' socket type)."
# Thanks Kurt!
- added much more verbose spampd logging when using the --debug option.
- 3 parameters are now deprecated but accepted for backwards compatability:
--dead-letters, --heloname, and --stop-at-threshold
- added shorthand choice for some options:
--aw for --auto-whitelist; --L for --local-only; --a for --tagall
--u for --user; --g for --group; --p for --pid
--d for --debug; --h for --help;
- documentation updates
- licensing change due to use of Bennet Todd's code (to GNU GPL from Perl
1.0.2 (13-Apr-03):
- added 'local-only' parameter to pass on to SA which turns off all
network-based tests (DNS, Razor, etc).
1.0.1 (3-Feb-03):
- fixed minor but substantial bug preventing child processes
from exiting properly since the counter wasn't being incremented (d'oh!).
Thanks to Mark Blackman for pointing this out.
- fixed typo in pod docs (Thx to James Sizemore for pointing out)
Changes to assassind (1.0.0 initial release of spampd - May 2002):
A different message rewriting method (using
Mail::SpamAssassin::NoMailAudit instead of Dave Carrigan's
custom headers and Mail::Audit);
Adding more options for message handling, network/protocol options,
some options to pass on to SpamAssassin (such as whitelist usage);
More orientation to being used as a content filter for the
Postfix MTA, mostly by changing some default values;
Documentation changes;
## EOF ##