Month: March 2011

SEM Rules Mistakenly Enabled, How to Disable

UPDATED 3/24/2011:
sa-update rules were reverted to an earlier state to avoid this and other possible surprises. Bug #6560 has a patch under review to avoid this problem in the future.

Some kind of bug in the auto-promotion backend has mistakenly made active several of the SpamEatingMonkey (SEM) network rules including the SEM DNSBL and URIBL’s.  It is a matter of policy that Spamassassin NEVER adds new network rules in stable updates because it can cause significant unexpected problems to server administrators. Furthermore, strongly recommends against the use of  SEM’s DNSBL due to its extremely high overlap with the high scoring PBL. The Bug #6220 indicates one kind of serious issue that can happen when network rules are mistakenly added to sa-update where they very quickly hit usage limits and the provider causes all queries to become false positive hits.  Read more to learn how to workaround this issue.


UPDATE 3/21/2011: sa-update has disabled these problematic rules.
It seems some mail is triggering a rare bug in re2c (perl) that can cause spamassassin to get stuck in a 100% loop and cause significant problems for a server.  While this is a very serious problem, it affects only non-default configurations that use sa-compile.  Upstream is working on an emergency sa-update rule push to force disable.  Until then you can workaround this problem in two possible ways below.