Upstream has not made any official announcement yet, but it is apparent that continuing to use spamassassin 3.2.x is a bad idea and you should really upgrade to 3.3.x.  Why?

  • Rule updates for 3.2.x effectively stopped late 2008.  The last time an update was pushed was January 1st, 2010 only for the year 2010 bug.
  • Thousands of other bugs were fixed, and 3.3.x has far more effective rules than 3.2.x. 3.3.x continues to receive regular rule updates via its sa-update channel.
  • There is no intent upstream to fix serious problems like RCVD_ILLEGAL_IP in spamassassin-3.2.x.

RHEL5/CentOS5 users may be interested in the custom RPM’s that I personally use on production servers. These builds are essentially identical to the RHEL6 version, but built and tested on RHEL5.

If you are forced to use Spamassassin 3.2.x for some reason, then here are all custom rules that I recommend for your local.cf.  Please be sure that you have run sa-update at least once to get the last official rule updates.

# Disable Broken Rules
score    RCVD_ILLEGAL_IP 0

# SpamTips.org approved DNSBL's
header   RCVD_IN_PSBL eval:check_rbl('psbl-lastexternal', 'psbl.surriel.com.')
describe RCVD_IN_PSBL Received via a relay in PSBL
score    RCVD_IN_PSBL 2.3
header   RCVD_IN_MSPIKE_BL eval:check_rbl('mspike-lastexternal', 'mailspike.net.')
score    RCVD_IN_MSPIKE_BL 2.1