--- /dev/null
+Description: Unescaped left brace in regex leads to warnings with perl 5.26
+Origin: https://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm?r1=1708863&r2=1791010&diff_format=h
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869408
+
+Index: spamassassin-3.4.1/lib/Mail/SpamAssassin/PerMsgStatus.pm
+===================================================================
+--- spamassassin-3.4.1.orig/lib/Mail/SpamAssassin/PerMsgStatus.pm
++++ spamassassin-3.4.1/lib/Mail/SpamAssassin/PerMsgStatus.pm
+@@ -916,16 +916,16 @@ sub get_content_preview {
+ $str .= shift @{$ary};
+ }
+ undef $ary;
+- chomp ($str); $str .= " [...]\n";
+
+ # in case the last line was huge, trim it back to around 200 chars
+ local $1;
+- $str =~ s/^(.{,200}).*$/$1/gs;
++ $str =~ s/^(.{200}).+$/$1 [...]/gm;
++ chomp ($str); $str .= "\n";
+
+ # now, some tidy-ups that make things look a bit prettier
+- $str =~ s/-----Original Message-----.*$//gs;
++ $str =~ s/-----Original Message-----.*$//gm;
+ $str =~ s/This is a multi-part message in MIME format\.//gs;
+- $str =~ s/[-_\*\.]{10,}//gs;
++ $str =~ s/[-_*.]{10,}//gs;
+ $str =~ s/\s+/ /gs;
+
+ # add "Content preview:" ourselves, so that the text aligns
--- /dev/null
+upstream fix for bug #771408
+Index: spamassassin-3.4.1/lib/Mail/SpamAssassin/Conf/Parser.pm
+===================================================================
+--- spamassassin-3.4.1.orig/lib/Mail/SpamAssassin/Conf/Parser.pm
++++ spamassassin-3.4.1/lib/Mail/SpamAssassin/Conf/Parser.pm
+@@ -536,6 +536,9 @@ sub handle_conditional {
+ elsif ($token eq 'perl_version') {
+ $eval .= $]." ";
+ }
++ elsif ($token eq 'perl_version') {
++ $eval .= $]." ";
++ }
+ elsif ($token =~ /^\w[\w\:]+$/) { # class name
+ my $u = untaint_var($token);
+ $eval .= '"' . $u . '" ';
--- /dev/null
+From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
+Date: Thu, 22 Sep 2016 11:19:42 +0000
+Subject: [PATCH] spamassassin: get it compiled against openssl 1.1.0
+
+CRYPTO_lock was part of the old locking API which got removed. I picked
+a different symbol.
+
+Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
+---
+ spamc/configure | 22 +++++++++++-----------
+ spamc/configure.in | 2 +-
+ 2 files changed, 12 insertions(+), 12 deletions(-)
+
+Index: spamassassin-3.4.1/spamc/configure
+===================================================================
+--- spamassassin-3.4.1.orig/spamc/configure
++++ spamassassin-3.4.1/spamc/configure
+@@ -943,7 +943,7 @@ esac
+ else
+ echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2
+ fi
+- cd "$ac_popdir"
++ cd $ac_popdir
+ done
+ fi
+
+@@ -1874,7 +1874,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -1932,7 +1933,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -2048,7 +2050,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -2102,7 +2105,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -2147,7 +2151,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -2191,7 +2196,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -2523,7 +2529,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -2693,7 +2700,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -2764,7 +2772,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -2917,7 +2926,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -3069,7 +3079,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -3260,7 +3271,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -3323,7 +3335,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -3388,7 +3401,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -3491,7 +3505,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -3557,7 +3572,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -3628,7 +3644,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -3666,9 +3683,9 @@ fi
+ SSLLIBS=""
+ SSLCFLAGS=""
+ if test yes = "$sa_ssl_enabled"; then
+- echo "$as_me:$LINENO: checking for CRYPTO_lock in -lcrypto" >&5
+-echo $ECHO_N "checking for CRYPTO_lock in -lcrypto... $ECHO_C" >&6
+-if test "${ac_cv_lib_crypto_CRYPTO_lock+set}" = set; then
++ echo "$as_me:$LINENO: checking for CRYPTO_malloc in -lcrypto" >&5
++echo $ECHO_N "checking for CRYPTO_malloc in -lcrypto... $ECHO_C" >&6
++if test "${ac_cv_lib_crypto_CRYPTO_malloc+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+ else
+ ac_check_lib_save_LIBS=$LIBS
+@@ -3686,11 +3703,11 @@ extern "C"
+ #endif
+ /* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+-char CRYPTO_lock ();
++char CRYPTO_malloc ();
+ int
+ main ()
+ {
+-CRYPTO_lock ();
++CRYPTO_malloc ();
+ ;
+ return 0;
+ }
+@@ -3704,7 +3721,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -3716,20 +3734,20 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+- ac_cv_lib_crypto_CRYPTO_lock=yes
++ ac_cv_lib_crypto_CRYPTO_malloc=yes
+ else
+ echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+
+-ac_cv_lib_crypto_CRYPTO_lock=no
++ac_cv_lib_crypto_CRYPTO_malloc=no
+ fi
+ rm -f conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+ LIBS=$ac_check_lib_save_LIBS
+ fi
+-echo "$as_me:$LINENO: result: $ac_cv_lib_crypto_CRYPTO_lock" >&5
+-echo "${ECHO_T}$ac_cv_lib_crypto_CRYPTO_lock" >&6
+-if test $ac_cv_lib_crypto_CRYPTO_lock = yes; then
++echo "$as_me:$LINENO: result: $ac_cv_lib_crypto_CRYPTO_malloc" >&5
++echo "${ECHO_T}$ac_cv_lib_crypto_CRYPTO_malloc" >&6
++if test $ac_cv_lib_crypto_CRYPTO_malloc = yes; then
+ SSLLIBS="-lcrypto $SSLLIBS"
+ fi
+
+@@ -3771,7 +3789,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -3804,7 +3823,7 @@ fi
+ # before defining SPAMC_SSL check that all its requirements are
+ # actually available
+ if test yes = "$ac_cv_header_openssl_crypto_h" && \
+- test yes = "$ac_cv_lib_crypto_CRYPTO_lock" && \
++ test yes = "$ac_cv_lib_crypto_CRYPTO_malloc" && \
+ test yes = "$ac_cv_lib_ssl_SSL_CTX_free"; then
+ SSLCFLAGS="-DSPAMC_SSL"
+ else
+@@ -3854,7 +3873,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -3927,7 +3947,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -4000,7 +4021,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -4073,7 +4095,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -4182,7 +4205,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -4246,7 +4270,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -4311,7 +4336,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -4368,7 +4394,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -4435,7 +4462,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -4500,7 +4528,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -4564,7 +4593,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -4628,7 +4658,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -4692,7 +4723,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err'
++ { ac_try='test -z "$ac_c_werror_flag"
++ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+@@ -5527,6 +5559,11 @@ esac
+
+
+
++ if test x"$ac_file" != x-; then
++ { echo "$as_me:$LINENO: creating $ac_file" >&5
++echo "$as_me: creating $ac_file" >&6;}
++ rm -f "$ac_file"
++ fi
+ # Let's still pretend it is `configure' which instantiates (i.e., don't
+ # use $as_me), people would be surprised to read:
+ # /* config.h. Generated by config.status. */
+@@ -5565,12 +5602,6 @@ echo "$as_me: error: cannot find input f
+ fi;;
+ esac
+ done` || { (exit 1); exit 1; }
+-
+- if test x"$ac_file" != x-; then
+- { echo "$as_me:$LINENO: creating $ac_file" >&5
+-echo "$as_me: creating $ac_file" >&6;}
+- rm -f "$ac_file"
+- fi
+ _ACEOF
+ cat >>$CONFIG_STATUS <<_ACEOF
+ sed "$ac_vpsub
+Index: spamassassin-3.4.1/spamc/configure.in
+===================================================================
+--- spamassassin-3.4.1.orig/spamc/configure.in
++++ spamassassin-3.4.1/spamc/configure.in
+@@ -64,13 +64,13 @@ AC_CHECK_LIB(socket, socket)
+ SSLLIBS=""
+ SSLCFLAGS=""
+ if test yes = "$sa_ssl_enabled"; then
+- AC_CHECK_LIB(crypto, CRYPTO_lock,[SSLLIBS="-lcrypto $SSLLIBS"])
++ AC_CHECK_LIB(crypto, CRYPTO_malloc,[SSLLIBS="-lcrypto $SSLLIBS"])
+ AC_CHECK_LIB(ssl, SSL_CTX_free,[SSLLIBS="-lssl $SSLLIBS"],,-lcrypto)
+
+ # before defining SPAMC_SSL check that all its requirements are
+ # actually available
+ if test yes = "$ac_cv_header_openssl_crypto_h" && \
+- test yes = "$ac_cv_lib_crypto_CRYPTO_lock" && \
++ test yes = "$ac_cv_lib_crypto_CRYPTO_malloc" && \
+ test yes = "$ac_cv_lib_ssl_SSL_CTX_free"; then
+ SSLCFLAGS="-DSPAMC_SSL"
+ else
--- /dev/null
+[Unit]
+Description=Spamassassin Rules Updates
+
+[Service]
+ExecStart=/usr/share/spamassassin/sa-update.cron
--- /dev/null
+[Unit]
+Description=Spamassassin Rules Updates timer
+
+[Timer]
+OnCalendar=4:10
+
+[Install]
+WantedBy=cronjobs.target
--- /dev/null
+Index: spamassassin-3.4.1/spamc/libspamc.c
+===================================================================
+--- spamassassin-3.4.1.orig/spamc/libspamc.c
++++ spamassassin-3.4.1/spamc/libspamc.c
+@@ -1187,7 +1187,7 @@ int message_filter(struct transport *tp,
+ unsigned int throwaway;
+ SSL_CTX *ctx = NULL;
+ SSL *ssl = NULL;
+- SSL_METHOD *meth;
++ const SSL_METHOD *meth;
+ char zlib_on = 0;
+ unsigned char *zlib_buf = NULL;
+ int zlib_bufsiz = 0;
+@@ -1213,11 +1213,7 @@ int message_filter(struct transport *tp,
+ if (flags & SPAMC_USE_SSL) {
+ #ifdef SPAMC_SSL
+ SSLeay_add_ssl_algorithms();
+- if (flags & SPAMC_TLSV1) {
+- meth = TLSv1_client_method();
+- } else {
+- meth = SSLv3_client_method(); /* default */
+- }
++ meth = SSLv23_client_method();
+ SSL_load_error_strings();
+ ctx = SSL_CTX_new(meth);
+ #else
+@@ -1596,7 +1592,7 @@ int message_tell(struct transport *tp, c
+ int failureval;
+ SSL_CTX *ctx = NULL;
+ SSL *ssl = NULL;
+- SSL_METHOD *meth;
++ const SSL_METHOD *meth;
+
+ assert(tp != NULL);
+ assert(m != NULL);
+@@ -1604,7 +1600,7 @@ int message_tell(struct transport *tp, c
+ if (flags & SPAMC_USE_SSL) {
+ #ifdef SPAMC_SSL
+ SSLeay_add_ssl_algorithms();
+- meth = SSLv3_client_method();
++ meth = SSLv23_client_method();
+ SSL_load_error_strings();
+ ctx = SSL_CTX_new(meth);
+ #else
+Index: spamassassin-3.4.1/spamc/spamc.c
+===================================================================
+--- spamassassin-3.4.1.orig/spamc/spamc.c
++++ spamassassin-3.4.1/spamc/spamc.c
+@@ -368,16 +368,11 @@ read_args(int argc, char **argv,
+ case 'S':
+ {
+ flags |= SPAMC_USE_SSL;
+- if (!spamc_optarg || (strcmp(spamc_optarg,"sslv3") == 0)) {
+- flags |= SPAMC_SSLV3;
+- }
+- else if (strcmp(spamc_optarg,"tlsv1") == 0) {
+- flags |= SPAMC_TLSV1;
+- }
+- else {
+- libspamc_log(flags, LOG_ERR, "Please specify a legal ssl version (%s)", spamc_optarg);
+- ret = EX_USAGE;
+- }
++ if(spamc_optarg) {
++ libspamc_log(flags, LOG_ERR,
++ "Explicit specification of an SSL/TLS version no longer supported.");
++ ret = EX_USAGE;
++ }
+ break;
+ }
+ #endif
+Index: spamassassin-3.4.1/spamd/spamd.raw
+===================================================================
+--- spamassassin-3.4.1.orig/spamd/spamd.raw
++++ spamassassin-3.4.1/spamd/spamd.raw
+@@ -409,7 +409,6 @@ GetOptions(
+ 'sql-config!' => \$opt{'sql-config'},
+ 'ssl' => \$opt{'ssl'},
+ 'ssl-port=s' => \$opt{'ssl-port'},
+- 'ssl-version=s' => \$opt{'ssl-version'},
+ 'syslog-socket=s' => \$opt{'syslog-socket'},
+ 'syslog|s=s' => \$opt{'syslog'},
+ 'log-timestamp-fmt:s' => \$opt{'log-timestamp-fmt'},
+@@ -743,11 +742,6 @@ if ( defined $ENV{'HOME'} ) {
+
+ # Do whitelist later in tmp dir. Side effect: this will be done as -u user.
+
+-my $sslversion = $opt{'ssl-version'} || 'sslv3';
+-if ($sslversion !~ /^(?:sslv3|tlsv1)$/) {
+- die "spamd: invalid ssl-version: $opt{'ssl-version'}\n";
+-}
+-
+ $opt{'server-key'} ||= "$LOCAL_RULES_DIR/certs/server-key.pem";
+ $opt{'server-cert'} ||= "$LOCAL_RULES_DIR/certs/server-cert.pem";
+
+@@ -898,9 +892,8 @@ sub compose_listen_info_string {
+ $socket_info->{ip_addr}, $socket_info->{port}));
+
+ } elsif ($socket->isa('IO::Socket::SSL')) {
+- push(@listeninfo, sprintf("SSL [%s]:%s, ssl version %s",
+- $socket_info->{ip_addr}, $socket_info->{port},
+- $opt{'ssl-version'}||'sslv3'));
++ push(@listeninfo, sprintf("SSL [%r]:%s", $socket_info->{ip_addr},
++ $socket_info->{port}));
+ }
+ }
+
+@@ -1071,7 +1064,6 @@ sub server_sock_setup_inet {
+ $sockopt{V6Only} = 1 if $io_socket_module_name eq 'IO::Socket::IP'
+ && IO::Socket::IP->VERSION >= 0.09;
+ %sockopt = (%sockopt, (
+- SSL_version => $sslversion,
+ SSL_verify_mode => 0x00,
+ SSL_key_file => $opt{'server-key'},
+ SSL_cert_file => $opt{'server-cert'},
+@@ -1092,7 +1084,8 @@ sub server_sock_setup_inet {
+ if (!$server_inet) {
+ $diag = sprintf("could not create %s socket on [%s]:%s: %s",
+ $ssl ? 'IO::Socket::SSL' : $io_socket_module_name,
+- $adr, $port, $!);
++ $adr, $port, $ssl && $IO::Socket::SSL::SSL_ERROR ?
++ "$!,$IO::Socket::SSL::SSL_ERROR" : $!);
+ push(@diag_fail, $diag);
+ } else {
+ $diag = sprintf("created %s socket on [%s]:%s",
+@@ -3232,7 +3225,6 @@ Options:
+ -H [dir], --helper-home-dir[=dir] Specify a different HOME directory
+ --ssl Enable SSL on TCP connections
+ --ssl-port port Override --port setting for SSL connections
+- --ssl-version sslversion Specify SSL protocol version to use
+ --server-key keyfile Specify an SSL keyfile
+ --server-cert certfile Specify an SSL certificate
+ --socketpath=path Listen on a given UNIX domain socket
+@@ -3720,14 +3712,6 @@ Optionally specifies the port number for
+ SSL connections (default: whatever --port uses). See B<--ssl> for
+ more details.
+
+-=item B<--ssl-version>=I<sslversion>
+-
+-Specify the SSL protocol version to use, one of B<sslv3> or B<tlsv1>.
+-The default, B<sslv3>, is the most flexible, accepting a SSLv3 or
+-higher hello handshake, then negotiating use of SSLv3 or TLSv1
+-protocol if the client can accept it. Specifying B<--ssl-version>
+-implies B<--ssl>.
+-
+ =item B<--server-key> I<keyfile>
+
+ Specify the SSL key file to use for SSL connections.
+Index: spamassassin-3.4.1/spamc/spamc.pod
+===================================================================
+--- spamassassin-3.4.1.orig/spamc/spamc.pod
++++ spamassassin-3.4.1/spamc/spamc.pod
+@@ -177,12 +177,10 @@ The default is 1 time (ie. one attempt a
+ Sleep for I<sleep> seconds between failed spamd filtering attempts.
+ The default is 1 second.
+
+-=item B<-S>, B<--ssl>, B<--ssl>=I<sslversion>
++=item B<-S>, B<--ssl>, B<--ssl>
+
+ If spamc was built with support for SSL, encrypt data to and from the
+ spamd process with SSL; spamd must support SSL as well.
+-I<sslversion> specifies the SSL protocol version to use, either
+-C<sslv3>, or C<tlsv1>. The default, is C<sslv3>.
+
+ =item B<-t> I<timeout>, B<--timeout>=I<timeout>
+
+Index: spamassassin-3.4.1/t/spamd_ssl_tls.t
+===================================================================
+--- spamassassin-3.4.1.orig/t/spamd_ssl_tls.t
++++ /dev/null
+@@ -1,28 +0,0 @@
+-#!/usr/bin/perl
+-
+-use lib '.'; use lib 't';
+-use SATest; sa_t_init("spamd_ssl_tls");
+-use Test; plan tests => (($SKIP_SPAMD_TESTS || !$SSL_AVAILABLE) ? 0 : 9);
+-
+-exit if ($SKIP_SPAMD_TESTS || !$SSL_AVAILABLE);
+-
+-# ---------------------------------------------------------------------------
+-
+-%patterns = (
+-
+-q{ Return-Path: sb55sb55@yahoo.com}, 'firstline',
+-q{ Subject: There yours for FREE!}, 'subj',
+-q{ X-Spam-Status: Yes, score=}, 'status',
+-q{ X-Spam-Flag: YES}, 'flag',
+-q{ X-Spam-Level: **********}, 'stars',
+-q{ TEST_ENDSNUMS}, 'endsinnums',
+-q{ TEST_NOREALNAME}, 'noreal',
+-q{ This must be the very last line}, 'lastline',
+-
+-
+-);
+-
+-ok (sdrun ("-L --ssl --ssl-version=tlsv1 --server-key data/etc/testhost.key --server-cert data/etc/testhost.cert",
+- "--ssl=tlsv1 < data/spam/001",
+- \&patterns_run_cb));
+-ok_all_patterns();
+Index: spamassassin-3.4.1/t/spamd_ssl_v3.t
+===================================================================
+--- spamassassin-3.4.1.orig/t/spamd_ssl_v3.t
++++ /dev/null
+@@ -1,28 +0,0 @@
+-#!/usr/bin/perl
+-
+-use lib '.'; use lib 't';
+-use SATest; sa_t_init("spamd_sslv3");
+-use Test; plan tests => (($SKIP_SPAMD_TESTS || !$SSL_AVAILABLE) ? 0 : 9);
+-
+-exit if ($SKIP_SPAMD_TESTS || !$SSL_AVAILABLE);
+-
+-# ---------------------------------------------------------------------------
+-
+-%patterns = (
+-
+-q{ Return-Path: sb55sb55@yahoo.com}, 'firstline',
+-q{ Subject: There yours for FREE!}, 'subj',
+-q{ X-Spam-Status: Yes, score=}, 'status',
+-q{ X-Spam-Flag: YES}, 'flag',
+-q{ X-Spam-Level: **********}, 'stars',
+-q{ TEST_ENDSNUMS}, 'endsinnums',
+-q{ TEST_NOREALNAME}, 'noreal',
+-q{ This must be the very last line}, 'lastline',
+-
+-
+-);
+-
+-ok (sdrun ("-L --ssl --ssl-version=sslv3 --server-key data/etc/testhost.key --server-cert data/etc/testhost.cert",
+- "--ssl=sslv3 < data/spam/001",
+- \&patterns_run_cb));
+-ok_all_patterns();
+Index: spamassassin-3.4.1/t/spamd_ssl_accept_fail.t
+===================================================================
+--- spamassassin-3.4.1.orig/t/spamd_ssl_accept_fail.t
++++ spamassassin-3.4.1/t/spamd_ssl_accept_fail.t
+@@ -23,9 +23,9 @@ q{ This must be the very last line}, 'la
+
+ );
+
+-ok (start_spamd ("-L --ssl --ssl-version=sslv3 --server-key data/etc/testhost.key --server-cert data/etc/testhost.cert"));
++ok (start_spamd ("-L --ssl --server-key data/etc/testhost.key --server-cert data/etc/testhost.cert"));
+ ok (spamcrun ("< data/spam/001", \&patterns_run_cb));
+-ok (spamcrun ("--ssl=sslv3 < data/spam/001", \&patterns_run_cb));
++ok (spamcrun ("--ssl < data/spam/001", \&patterns_run_cb));
+ ok (stop_spamd ());
+
+ ok_all_patterns();
+Index: spamassassin-3.4.1/t/spamd_ssl.t
+===================================================================
+--- spamassassin-3.4.1.orig/t/spamd_ssl.t
++++ spamassassin-3.4.1/t/spamd_ssl.t
+@@ -2,10 +2,7 @@
+
+ use lib '.'; use lib 't';
+ use SATest; sa_t_init("spamd_ssl");
+-use Test; plan tests => (($SKIP_SPAMD_TESTS || !$SSL_AVAILABLE) ? 0 : 9),
+- onfail => sub {
+- warn "\n\nNote: This may not be a SpamAssassin bug, as some platforms require that you" .
+- "\nspecify a protocol in spamc --ssl option, and possibly in spamd --ssl-version.\n\n" };
++use Test; plan tests => (($SKIP_SPAMD_TESTS || !$SSL_AVAILABLE) ? 0 : 9);
+
+ exit if ($SKIP_SPAMD_TESTS || !$SSL_AVAILABLE);
+
+Index: spamassassin-3.4.1/MANIFEST
+===================================================================
+--- spamassassin-3.4.1.orig/MANIFEST
++++ spamassassin-3.4.1/MANIFEST
+@@ -511,8 +511,6 @@ t/spamd_report_ifspam.t
+ t/spamd_sql_prefs.t
+ t/spamd_ssl.t
+ t/spamd_ssl_accept_fail.t
+-t/spamd_ssl_tls.t
+-t/spamd_ssl_v3.t
+ t/spamd_stop.t
+ t/spamd_symbols.t
+ t/spamd_syslog.t
--- /dev/null
+Description: Support signer subdomain matching in whitelist_from_dkim
+Origin: upstream, https://svn.apache.org/viewvc?view=revision&revision=1693414
+Bug: https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7226
+Index: spamassassin-3.4.1/lib/Mail/SpamAssassin/Plugin/DKIM.pm
+===================================================================
+--- spamassassin-3.4.1.orig/lib/Mail/SpamAssassin/Plugin/DKIM.pm
++++ spamassassin-3.4.1/lib/Mail/SpamAssassin/Plugin/DKIM.pm
+@@ -178,13 +178,18 @@ sub set_config {
+
+ Works similarly to whitelist_from, except that in addition to matching
+ an author address (From) to the pattern in the first parameter, the message
+-must also carry a Domain Keys Identified Mail (DKIM) signature made by a
+-signing domain (SDID, i.e. the d= tag) that is acceptable to us.
++must also carry a valid Domain Keys Identified Mail (DKIM) signature made by
++a signing domain (SDID, i.e. the d= tag) that is acceptable to us.
+
+ Only one whitelist entry is allowed per line, as in C<whitelist_from_rcvd>.
+ Multiple C<whitelist_from_dkim> lines are allowed. File-glob style characters
+ are allowed for the From address (the first parameter), just like with
+-C<whitelist_from_rcvd>. The second parameter does not accept wildcards.
++C<whitelist_from_rcvd>.
++
++The second parameter (the signing-domain) does not accept full file-glob style
++wildcards, although a simple '*.' (or just a '.') prefix to a domain name
++is recognized and implies any subdomain of the specified domain (but not
++the domain itself).
+
+ If no signing-domain parameter is specified, the only acceptable signature
+ will be an Author Domain Signature (sometimes called first-party signature)
+@@ -205,7 +210,8 @@ Examples of whitelisting based on third-
+ whitelist_from_dkim jane@example.net example.org
+ whitelist_from_dkim rick@info.example.net example.net
+ whitelist_from_dkim *@info.example.net example.net
+- whitelist_from_dkim *@* remailer.example.com
++ whitelist_from_dkim *@* mail7.remailer.example.com
++ whitelist_from_dkim *@* *.remailer.example.com
+
+ =item def_whitelist_from_dkim author@example.com [signing-domain]
+
+@@ -376,7 +382,8 @@ some valid signature on a message has no
+ associated with a particular domain), regardless of its key size - anyone can
+ prepend its own signature on a copy of some third party mail and re-send it,
+ which makes it no more trustworthy than without such signature. This is also
+-a reason for a rule DKIM_VALID to have a near-zero score.
++a reason for a rule DKIM_VALID to have a near-zero score, i.e. a rule hit
++is only informational.
+
+ =cut
+
+@@ -1257,8 +1264,12 @@ sub _wlcheck_list {
+ # identity (AUID). Nevertheless, be prepared to accept the full e-mail
+ # address there for compatibility, and just ignore its local-part.
+
+- $acceptable_sdid = $1 if $acceptable_sdid =~ /\@([^\@]*)\z/;
+- $matches = 1 if $sdid eq lc $acceptable_sdid;
++ $acceptable_sdid = $1 if $acceptable_sdid =~ /\@([^\@]*)\z/s;
++ if ($acceptable_sdid =~ s/^\*?\.//s) {
++ $matches = 1 if $sdid =~ /\.\Q$acceptable_sdid\E\z/si;
++ } else {
++ $matches = 1 if $sdid eq lc $acceptable_sdid;
++ }
+ }
+ if ($matches) {
+ if (would_log("dbg","dkim")) {
--- /dev/null
+Description: Import upstream fix for uninitialized value warning in Mail::SpamAssassin::PerMsgStatus::get_names_of_tests_hit_with_scores()
+Origin: https://svn.apache.org/viewvc?view=revision&revision=1685843
+Bug: https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7212
+Index: spamassassin-3.4.1/lib/Mail/SpamAssassin/PerMsgStatus.pm
+===================================================================
+--- spamassassin-3.4.1.orig/lib/Mail/SpamAssassin/PerMsgStatus.pm
++++ spamassassin-3.4.1/lib/Mail/SpamAssassin/PerMsgStatus.pm
+@@ -738,7 +738,7 @@ test names and individual scores of the
+ sub get_names_of_tests_hit_with_scores_hash {
+ my ($self) = @_;
+
+- my ($line, %testsscores);
++ my (%testsscores);
+
+ #BASED ON CODE FOR TESTSSCORES TAG - KAM 2014-04-24
+ foreach my $test (@{$self->{test_names_hit}}) {
+@@ -763,6 +763,8 @@ sub get_names_of_tests_hit_with_scores {
+
+ my ($line, %testsscores);
+
++ $line = '';
++
+ #BASED ON CODE FOR TESTSSCORES TAG - KAM 2014-04-24
+ foreach my $test (sort @{$self->{test_names_hit}}) {
+ my $score = $self->{conf}->{scores}->{$test};
--- /dev/null
+### OPTIONAL: Spamassassin Rules Updates ###
+#
+# http://wiki.apache.org/spamassassin/RuleUpdates
+# Highly recommended that you read the documentation before using this.
+# ENABLE UPDATES AT YOUR OWN RISK.
+#
+
+#10 4 * * * root /usr/share/spamassassin/sa-update.cron
--- /dev/null
+#!/bin/sh
+
+umask 022
+OPT=""
+
+# sa-update must create keyring
+if [ ! -d /etc/mail/spamassassin/sa-update-keys ]; then
+ sa-update
+fi
+
+# Initialize Channels and Keys
+CHANNELLIST=""
+KEYLIST=""
+# Process each channel defined in /etc/mail/spamassassin/channel.d/
+for file in /etc/mail/spamassassin/channel.d/*.conf; do
+ [ ! -f "$file" ] && continue
+ # Validate config file
+ PREFIXES="CHANNELURL KEYID BEGIN"
+ for prefix in $PREFIXES; do
+ if ! grep -q "$prefix" $file; then
+ echo "ERROR: $file missing $prefix"
+ exit 255
+ fi
+ done
+ . "$file"
+ #echo "CHANNELURL=$CHANNELURL"
+ #echo "KEYID=$KEYID"
+ CHANNELLIST="$CHANNELLIST $CHANNELURL"
+ KEYLIST="$KEYLIST $KEYID"
+ sa-update --import "$file"
+done
+
+# Using --channelfile breaks channel.d support :-/ Need better way but stays for now for backward compat
+grep -q "^[a-zA-Z0-9]" /etc/mail/spamassassin/channels && OPT="$OPT --channelfile /etc/mail/spamassassin/channels"
+
+# Run sa-update on each channel, restart spam daemon if success
+for channel in $CHANNELLIST; do
+ OPT="$OPT --channel $channel"
+done
+for keyid in $KEYLIST; do
+ OPT="$OPT --gpgkey $keyid"
+done
+
+# Only restart spamd if sa-update returns 0, meaning it updated the rules
+/usr/bin/sa-update $OPT || exit $?
+
+if [ -x /usr/bin/sa-compile ]; then
+ out=$(/usr/bin/sa-compile 2>&1)
+ rc=$?
+ if [ $rc -gt 0 ]; then
+ echo >&2 "$out"
+ exit $rc
+ fi
+fi
+
+if [ -x /etc/rc.d/init.d/spamd -a -e /var/lock/subsys/spamd ]; then
+ /sbin/service spamd restart > /dev/null
+fi
--- /dev/null
+# http://wiki.apache.org/spamassassin/SoughtRules
+CHANNELURL=sought.rules.yerp.org
+KEYID=6C6191E3
+# Ignore everything below.
+return 0
+
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.1 (GNU/Linux)
+
+mQGiBEa/l+YRBACC+uJfIThEoEWrNxdDD/1tAwb5L8v7H3gGt+LtuOwwn5ZU7XsT
+s1DOok1oZVRnTQJYdlth7QlU9wqijwLEVzW1LDWnxXXKwPmlTlkcdGoBcb+cBbYI
+miJ/TlAetvbprcZdROS4Ey31GjPRmWPPnVE2Xcwy+e4+RmnhqfZBmOaE7wCgo1GG
+pkik2OPD1le4LGGOGHL5HiED/0TyvTiSS3NnUtoDFQAPrnezOCjxv8zMjYEnJs/I
+h7uyIgHRsbB75cD2O1LWyO8Vz8r/snVuG35zcZagPf/7Tc9AJoaxVmCIk9DEmWZp
+iuvqpMhwHAbNvY3jY2oKsDl1rNx0IIctoJwjXia99kvNTHK/Yz/HqhIyLModhiMB
+aYYZA/wIdPOHGHaP5vjlbWBwGlRR9m0Rf4ob5sul8MjCyehOYcRVLwfOEfzX308v
+0enOGnbbBKXU2QvA0Z068aBmJkJaaPhlIjZApQJDsb7pt6k8jMPj/Xpr779wAFQ8
+IZC7Tw21OtqkjrUb3dZlEljrTwWNc6FVxuIidBBg7HCdP24WKLRESnVzdGluIE1h
+c29uIFNpZ25pbmcgS2V5IChDb2RlIFNpZ25pbmcgT25seSkgPHNpZ25pbmdrZXlA
+am1hc29uLm9yZz6IZAQTEQIAJAUCRr+X5gIbAwUJEswDAAYLCQgHAwIDFQIDAxYC
+AQIeAQIXgAAKCRDchTQfbGGR4/GJAKCC6X6AF8nM+H00b/XeZl9vYihXBgCcDYuU
+AtXjWWxndkneakmbnD0O4Z25BA0ERr+YdxAQAIYYUQHMzVsRAzpIRLfni0aeczrr
+armwXMJ8y5p74lVLbJyQOjkQyIJWP80twrN8SjNyUFBr/52SlOPOuAbGZY1ZKpux
+vkbsug2wWvkoj8xGjnexrSDahRgpNhf/otLRNTyUFZTM6mjZt0ItnYDl6xszY4kd
+O5rVzjQuivNB4BsHcd8qQ7zVo9+VZ5R77iM4dtk6t5ycpXlAom5pD8qLb7ZzTVe0
+SuhzOeynF51rwjS+wa3hzZisvJqZA5uJcAyYslgP1UTW+2e5wutSktSZmL/XnlEF
+p86GPjAgDPL2Q0TgzVL6sPt0blNCyzOJrcBqBHrgZfraYgqtmGepLpk72q4VD23c
+aV2wTqjnfJAsNR3y8jgVNwF8LpXtlbxrBByFRwEqsc/gzdMEnJ728XBDqT2IhZLY
+maL/WxiDKNWD/Mae69HTyInIYgrfT7nJKDeKQA81+e5+UmqBVoi5/AICMlDm1DgR
+gG6bbOXGhLVPh+gHjGG4Jdd/ZLedncUsjW9KyK261sqM3tSDSfgnF99w2/32ToFu
+ChN8JOfQ6VZ7QbL1BWRtQWZ3tyauUUXmsrYDv1w1nx51MqxQdlitnmTRWaRW0GmD
+b5XapJfSK+FiGXaynl3HHxHHpcUauX9zBa/LRp8oXiGPLfJEWmjWcGCyGZawASj3
+pTTJUnbkYs0fUyUXAAQND/42mh8f3mTA+24I3lY4K8mxH9GSFgOkLoYwok8xL5Md
+OUJAyvs34ixqvM2u560YJkegEO/xzg2abddfoqL8eNnjfvG3bI7KOCT+m+mM/5Cg
+ul8XFSnHIEivuOXNtc/x/dwYSidKM8atkdpKtv++psd6hVbJQMfLlzf0S2QyiaGk
+yXur/pM3A97lvkjAgvIKQt8NbJ/sITFlrN2TFxcbE8OED7LC4nBo54TJ1AxVsHlT
+LB5XPKU8pBv0fABZrNKxf6a2iXx9jT9sSYdnb0y+hBjnoWZUNbhxo6jpAqt1quUy
+buGWugvG8J75JvT6X+lwEEkg1lplmm+HuaFtegOqTUTKmffKduY+E00le+3Kh8gW
+bLR8P1qp/xnxQxZJYcQ+mT4QsYpj6Pkcj0ON3NQO5wP6dr2UGhGcSzS2Cxv8TERN
+7HSdFbFXQWPCekx+i7OjeRSY/XTUf2zYquPNP2oU0MjgnXhnkHq+6EaQPpM59fMd
+MyLeOiUMOxpPOkeaAC8Ku0Oj2aZU/eyizuBDnhq1PAxBprSW5SSkxP4kz9BnA42x
+tkMKMzzPohdfMIRI6zSu0chr76w2UeoViSsMtmWnR6qAXbQvzR+HHxhhB/Rzp6Gc
+u9gybrv58IBkybn5ztST6NqgIgcQ/E7XIsB0Eooohfw+QiPlCdoghSxspbzwqcEZ
+B4hPBBgRAgAPBQJGv5h3AhsMBQkSzAMAAAoJENyFNB9sYZHjUh0AnA3u5TNYHGLQ
+DXLPP0qWHkTeOz8dAJ4wkrLBTaXz3CPCjoTdoBiQsNt3fw==
+=nK43
+-----END PGP PUBLIC KEY BLOCK-----
--- /dev/null
+commit e064e2844aede6026433fa9635d4181b3de396aa
+Author: Mark Martinec <mmartinec@apache.org>
+Date: Mon Jul 20 18:23:18 2015 +0000
+
+ Bug 7223: Net::DNS 1.01 breaks DnsResolver
+
+ git-svn-id: https://svn.apache.org/repos/asf/spamassassin/trunk@1691991 13f79535-47bb-0310-9956-ffa450edef68
+
+diff --git a/lib/Mail/SpamAssassin/DnsResolver.pm b/lib/Mail/SpamAssassin/DnsResolver.pm
+index ce51bee83..612245cac 100644
+--- a/lib/Mail/SpamAssassin/DnsResolver.pm
++++ b/lib/Mail/SpamAssassin/DnsResolver.pm
+@@ -581,7 +581,7 @@ sub new_dns_packet {
+ # time, $domain, $type, $packet->id);
+ 1;
+ } or do {
+- # this can if a domain name in a query is invalid, or if a timeout signal
++ # get here if a domain name in a query is invalid, or if a timeout signal
+ # happened to be trapped by this eval, or if Net::DNS signalled an error
+ my $eval_stat = $@ ne '' ? $@ : "errno=$!"; chomp $eval_stat;
+ # resignal if alarm went off
+@@ -592,6 +592,9 @@ sub new_dns_packet {
+ };
+
+ if ($packet) {
++ # RD flag needs to be set explicitly since Net::DNS 1.01, Bug 7223
++ $packet->header->rd(1);
++
+ # my $udp_payload_size = $self->{res}->udppacketsize;
+ my $udp_payload_size = $self->{conf}->{dns_options}->{edns};
+ if ($udp_payload_size && $udp_payload_size > 512) {
+@@ -861,7 +864,8 @@ Emulates C<Net::DNS::Resolver::send()>.
+ This subroutine is a simple synchronous leftover from SpamAssassin version
+ 3.3 and does not participate in packet query caching and callback grouping
+ as implemented by AsyncLoop::bgsend_and_start_lookup(). As such it should
+-be avoided for mainstream usage.
++be avoided for mainstream usage. Currently used through Mail::SPF::Server
++by the SPF plugin.
+
+ =cut
+
+commit 41f4c5ac8f275593a2bad1cb614b5185172ef568
+Author: Mark Martinec <mmartinec@apache.org>
+Date: Tue Aug 4 23:10:16 2015 +0000
+
+ Bug 7231: Net::DNS 1.01 returns answers formatted differently, breaks SA
+
+ git-svn-id: https://svn.apache.org/repos/asf/spamassassin/trunk@1694122 13f79535-47bb-0310-9956-ffa450edef68
+
+diff --git a/lib/Mail/SpamAssassin/Dns.pm b/lib/Mail/SpamAssassin/Dns.pm
+index 55e1640f8..1c305c939 100644
+--- a/lib/Mail/SpamAssassin/Dns.pm
++++ b/lib/Mail/SpamAssassin/Dns.pm
+@@ -171,7 +171,7 @@ sub dnsbl_hit {
+ if (substr($rule, 0, 2) eq "__") {
+ # don't bother with meta rules
+ } elsif ($answer->type eq 'TXT') {
+- # txtdata returns a non- zone-file-format encoded result, unlike rdatastr;
++ # txtdata returns a non- zone-file-format encoded result, unlike rdstring;
+ # avoid space-separated RDATA <character-string> fields if possible,
+ # txtdata provides a list of strings in a list context since Net::DNS 0.69
+ $log = join('',$answer->txtdata);
+@@ -215,12 +215,14 @@ sub dnsbl_uri {
+
+ my $qname = $question->qname;
+
+- # txtdata returns a non- zone-file-format encoded result, unlike rdatastr;
++ # txtdata returns a non- zone-file-format encoded result, unlike rdstring;
+ # avoid space-separated RDATA <character-string> fields if possible,
+ # txtdata provides a list of strings in a list context since Net::DNS 0.69
+ #
+- my $rdatastr = $answer->UNIVERSAL::can('txtdata') ? join('',$answer->txtdata)
+- : $answer->rdatastr;
++ # rdatastr() is historical/undocumented, use rdstring() since Net::DNS 0.69
++ my $rdatastr = $answer->UNIVERSAL::can('txtdata') ? join('',$answer->txtdata)
++ : $answer->UNIVERSAL::can('rdstring') ? $answer->rdstring
++ : $answer->rdatastr;
+ if (defined $qname && defined $rdatastr) {
+ my $qclass = $question->qclass;
+ my $qtype = $question->qtype;
+@@ -267,8 +269,13 @@ sub process_dnsbl_result {
+ my $answ_type = $answer->type;
+ # TODO: there are some CNAME returns that might be useful
+ next if ($answ_type ne 'A' && $answ_type ne 'TXT');
+- # skip any A record that isn't on 127/8
+- next if ($answ_type eq 'A' && $answer->rdatastr !~ /^127\./);
++ if ($answ_type eq 'A') {
++ # Net::DNS::RR::A::address() is available since Net::DNS 0.69
++ my $ip_address = $answer->UNIVERSAL::can('address') ? $answer->address
++ : $answer->rdatastr;
++ # skip any A record that isn't on 127.0.0.0/8
++ next if $ip_address !~ /^127\./;
++ }
+ for my $rule (@{$rules}) {
+ $self->dnsbl_hit($rule, $question, $answer);
+ }
+@@ -284,12 +291,14 @@ sub process_dnsbl_result {
+ sub process_dnsbl_set {
+ my ($self, $set, $question, $answer) = @_;
+
+- # txtdata returns a non- zone-file-format encoded result, unlike rdatastr;
++ # txtdata returns a non- zone-file-format encoded result, unlike rdstring;
+ # avoid space-separated RDATA <character-string> fields if possible,
+ # txtdata provides a list of strings in a list context since Net::DNS 0.69
+ #
+- my $rdatastr = $answer->UNIVERSAL::can('txtdata') ? join('',$answer->txtdata)
+- : $answer->rdatastr;
++ # rdatastr() is historical/undocumented, use rdstring() since Net::DNS 0.69
++ my $rdatastr = $answer->UNIVERSAL::can('txtdata') ? join('',$answer->txtdata)
++ : $answer->UNIVERSAL::can('rdstring') ? $answer->rdstring
++ : $answer->rdatastr;
+
+ while (my ($subtest, $rule) = each %{ $self->{dnspost}->{$set} }) {
+ next if $self->{tests_already_hit}->{$rule};
+diff --git a/lib/Mail/SpamAssassin/Plugin/AskDNS.pm b/lib/Mail/SpamAssassin/Plugin/AskDNS.pm
+index 3511162e8..4f41ff0ff 100644
+--- a/lib/Mail/SpamAssassin/Plugin/AskDNS.pm
++++ b/lib/Mail/SpamAssassin/Plugin/AskDNS.pm
+@@ -539,7 +539,7 @@ sub process_response_packet {
+ @answer = ( undef );
+ }
+
+- # NOTE: $rr->rdatastr returns the result encoded in a DNS zone file
++ # NOTE: $rr->rdstring returns the result encoded in a DNS zone file
+ # format, i.e. enclosed in double quotes if a result contains whitespace
+ # (or other funny characters), and may use \DDD encoding or \X quoting as
+ # per RFC 1035. Using $rr->txtdata instead avoids this unnecessary encoding
+@@ -566,19 +566,24 @@ sub process_response_packet {
+ # special case, no answer records, only rcode can be tested
+ } else {
+ $rr_type = uc $rr->type;
+- if ($rr->UNIVERSAL::can('txtdata')) { # TXT, SPF
+- # join with no intervening spaces, as per RFC 5518
++ if ($rr_type eq 'A') {
++ # Net::DNS::RR::A::address() is available since Net::DNS 0.69
++ $rr_rdatastr = $rr->UNIVERSAL::can('address') ? $rr->address
++ : $rr->rdatastr;
++ if ($rr_rdatastr =~ m/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\z/) {
++ $rdatanum = Mail::SpamAssassin::Util::my_inet_aton($rr_rdatastr);
++ }
++ } elsif ($rr->UNIVERSAL::can('txtdata')) {
++ # TXT, SPF: join with no intervening spaces, as per RFC 5518
+ if ($txtdata_can_provide_a_list || $rr_type ne 'TXT') {
+ $rr_rdatastr = join('', $rr->txtdata); # txtdata() in list context!
+ } else { # char_str_list() is only available for TXT records
+ $rr_rdatastr = join('', $rr->char_str_list); # historical
+ }
+ } else {
+- $rr_rdatastr = $rr->rdatastr;
+- if ($rr_type eq 'A' &&
+- $rr_rdatastr =~ m/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\z/) {
+- $rdatanum = Mail::SpamAssassin::Util::my_inet_aton($rr_rdatastr);
+- }
++ # rdatastr() is historical, use rdstring() since Net::DNS 0.69
++ $rr_rdatastr = $rr->UNIVERSAL::can('rdstring') ? $rr->rdstring
++ : $rr->rdatastr;
+ }
+ # dbg("askdns: received rr type %s, data: %s", $rr_type, $rr_rdatastr);
+ }
+diff --git a/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm b/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm
+index 9602eba4e..674f42bd4 100644
+--- a/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm
++++ b/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm
+@@ -942,9 +942,8 @@ sub complete_ns_lookup {
+ next unless (defined($str) && defined($dom));
+ dbg("uridnsbl: got($j) NS for $dom: $str");
+
+- if ($str =~ /IN\s+NS\s+(\S+)/) {
+- my $nsmatch = lc $1;
+- $nsmatch =~ s/\.$//;
++ if ($rr->type eq 'NS') {
++ my $nsmatch = lc $rr->nsdname; # available since at least Net::DNS 0.14
+ my $nsrhblstr = $nsmatch;
+ my $fullnsrhblstr = $nsmatch;
+
+@@ -1025,9 +1024,11 @@ sub complete_a_lookup {
+ }
+ dbg("uridnsbl: complete_a_lookup got(%d) A for %s: %s", $j,$hname,$str);
+
+- local $1;
+- if ($str =~ /IN\s+A\s+(\S+)/) {
+- $self->lookup_dnsbl_for_ip($pms, $ent->{obj}, $1);
++ if ($rr->type eq 'A') {
++ # Net::DNS::RR::A::address() is available since Net::DNS 0.69
++ my $ip_address = $rr->UNIVERSAL::can('address') ? $rr->address
++ : $rr->rdatastr;
++ $self->lookup_dnsbl_for_ip($pms, $ent->{obj}, $ip_address);
+ }
+ }
+ }
+@@ -1038,7 +1039,8 @@ sub lookup_dnsbl_for_ip {
+ my ($self, $pms, $obj, $ip) = @_;
+
+ local($1,$2,$3,$4);
+- $ip =~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/;
++ $ip =~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/
++ or warn "lookup_dnsbl_for_ip: not an IPv4 address: $ip\n";
+ my $revip = "$4.$3.$2.$1";
+
+ my $conf = $pms->{conf};
+@@ -1100,12 +1102,14 @@ sub complete_dnsbl_lookup {
+ my $rr_type = $rr->type;
+
+ if ($rr_type eq 'A') {
+- $rdatastr = $rr->rdatastr;
++ # Net::DNS::RR::A::address() is available since Net::DNS 0.69
++ $rdatastr = $rr->UNIVERSAL::can('address') ? $rr->address
++ : $rr->rdatastr;
+ if ($rdatastr =~ m/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/) {
+ $rdatanum = Mail::SpamAssassin::Util::my_inet_aton($rdatastr);
+ }
+ } elsif ($rr_type eq 'TXT') {
+- # txtdata returns a non- zone-file-format encoded result, unlike rdatastr;
++ # txtdata returns a non- zone-file-format encoded result, unlike rdstring;
+ # avoid space-separated RDATA <character-string> fields if possible;
+ # txtdata provides a list of strings in list context since Net::DNS 0.69
+ $rdatastr = join('',$rr->txtdata);
+commit 0d95b5b9280c3f8febffd418227a10f03747939a
+Author: Mark Martinec <mmartinec@apache.org>
+Date: Mon Aug 10 23:43:53 2015 +0000
+
+ Bug 7236: Net::DNS assumes strings in TXT resource records are in UTF-8 and gratuitously tries to decodes it
+
+ git-svn-id: https://svn.apache.org/repos/asf/spamassassin/trunk@1695182 13f79535-47bb-0310-9956-ffa450edef68
+
+diff --git a/lib/Mail/SpamAssassin/Plugin/ASN.pm b/lib/Mail/SpamAssassin/Plugin/ASN.pm
+index 3b406b00f..a5143fd12 100644
+--- a/lib/Mail/SpamAssassin/Plugin/ASN.pm
++++ b/lib/Mail/SpamAssassin/Plugin/ASN.pm
+@@ -355,8 +355,10 @@ sub process_dns_result {
+ foreach my $rr (@answer) {
+ dbg("asn: %s: lookup result packet: %s", $zone, $rr->string);
+ next if $rr->type ne 'TXT';
+- my @strings = $rr->char_str_list;
++ my @strings = Net::DNS->VERSION >= 0.69 ? $rr->txtdata
++ : $rr->char_str_list;
+ next if !@strings;
++ for (@strings) { utf8::encode($_) if utf8::is_utf8($_) }
+
+ my @items;
+ if (@strings > 1 && join('',@strings) !~ m{\|}) {
+diff --git a/lib/Mail/SpamAssassin/Plugin/AskDNS.pm b/lib/Mail/SpamAssassin/Plugin/AskDNS.pm
+index 4cb37e1e1..b9b880ec3 100644
+--- a/lib/Mail/SpamAssassin/Plugin/AskDNS.pm
++++ b/lib/Mail/SpamAssassin/Plugin/AskDNS.pm
+@@ -574,6 +574,7 @@ sub process_response_packet {
+ if ($rr_rdatastr =~ m/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\z/) {
+ $rdatanum = Mail::SpamAssassin::Util::my_inet_aton($rr_rdatastr);
+ }
++
+ } elsif ($rr->UNIVERSAL::can('txtdata')) {
+ # TXT, SPF: join with no intervening spaces, as per RFC 5518
+ if ($txtdata_can_provide_a_list || $rr_type ne 'TXT') {
+@@ -581,10 +582,22 @@ sub process_response_packet {
+ } else { # char_str_list() is only available for TXT records
+ $rr_rdatastr = join('', $rr->char_str_list); # historical
+ }
++ # Net::DNS attempts to decode text strings in a TXT record as UTF-8,
++ # which is bad: octets failing the UTF-8 decoding are converted to
++ # three octets \x{EF}\x{BF}\x{BD} (i.e. to a Unicode "replacement
++ # character" U+FFFD encoded as UTF-8), and ASCII text is unnecessarily
++ # flagged as perl native characters (utf8 flag on), which can be
++ # disruptive on later processing, e.g. implicitly upgrading strings
++ # on concatenation. Unfortunately there is no way of legally bypassing
++ # the UTF-8 decoding by Net::DNS::RR::TXT in Net::DNS::RR::Text.
++ # Try to minimize damage by encoding back to UTF-8 octets:
++ utf8::encode($rr_rdatastr) if utf8::is_utf8($rr_rdatastr);
++
+ } else {
+ # rdatastr() is historical, use rdstring() since Net::DNS 0.69
+ $rr_rdatastr = $rr->UNIVERSAL::can('rdstring') ? $rr->rdstring
+ : $rr->rdatastr;
++ utf8::encode($rr_rdatastr) if utf8::is_utf8($rr_rdatastr);
+ }
+ # dbg("askdns: received rr type %s, data: %s", $rr_type, $rr_rdatastr);
+ }
+diff --git a/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm b/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm
+index a35037dbe..978a2af7d 100644
+--- a/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm
++++ b/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm
+@@ -1108,6 +1108,7 @@ sub complete_dnsbl_lookup {
+ # avoid space-separated RDATA <character-string> fields if possible;
+ # txtdata provides a list of strings in list context since Net::DNS 0.69
+ $rdatastr = join('',$rr->txtdata);
++ utf8::encode($rdatastr) if utf8::is_utf8($rdatastr);
+ } else {
+ next;
+ }
+commit 7e9872e5b45a7793b9aabeb513e45acde9dce652
+Author: Mark Martinec <mmartinec@apache.org>
+Date: Tue Aug 11 16:22:27 2015 +0000
+
+ Bug 7236: Net::DNS assumes strings in TXT resource records are in UTF-8 and gratuitously tries to decodes it (also in Dns.pm)
+
+ git-svn-id: https://svn.apache.org/repos/asf/spamassassin/trunk@1695336 13f79535-47bb-0310-9956-ffa450edef68
+
+diff --git a/lib/Mail/SpamAssassin/Dns.pm b/lib/Mail/SpamAssassin/Dns.pm
+index 0926a030e..014ab2bf6 100644
+--- a/lib/Mail/SpamAssassin/Dns.pm
++++ b/lib/Mail/SpamAssassin/Dns.pm
+@@ -177,6 +177,7 @@ sub dnsbl_hit {
+ # avoid space-separated RDATA <character-string> fields if possible,
+ # txtdata provides a list of strings in a list context since Net::DNS 0.69
+ $log = join('',$answer->txtdata);
++ utf8::encode($log) if utf8::is_utf8($log);
+ local $1;
+ $log =~ s{ (?<! [<(\[] ) (https? : // \S+)}{<$1>}xgi;
+ } else { # assuming $answer->type eq 'A'
+@@ -215,16 +216,27 @@ sub dnsbl_hit {
+ sub dnsbl_uri {
+ my ($self, $question, $answer) = @_;
+
+- my $qname = $question->qname;
++ my $rdatastr;
++ if ($answer->UNIVERSAL::can('txtdata')) {
++ # txtdata returns a non- zone-file-format encoded result, unlike rdstring;
++ # avoid space-separated RDATA <character-string> fields if possible,
++ # txtdata provides a list of strings in a list context since Net::DNS 0.69
++ $rdatastr = join('',$answer->txtdata);
++ } else {
++ # rdatastr() is historical/undocumented, use rdstring() since Net::DNS 0.69
++ $rdatastr = $answer->UNIVERSAL::can('rdstring') ? $answer->rdstring
++ : $answer->rdatastr;
++ # encoded in a RFC 1035 zone file format (escaped), decode it
++ $rdatastr =~ s{ \\ ( [0-9]{3} | (?![0-9]{3}) . ) }
++ { length($1)==3 && $1 <= 255 ? chr($1) : $1 }xgse;
++ }
++ # Bug 7236: Net::DNS attempts to decode text strings in a TXT record as
++ # UTF-8 since version 0.69, which is undesired: octets failing the UTF-8
++ # decoding are converted to a Unicode "replacement character" U+FFFD, and
++ # ASCII text is unnecessarily flagged as perl native characters.
++ utf8::encode($rdatastr) if utf8::is_utf8($rdatastr);
+
+- # txtdata returns a non- zone-file-format encoded result, unlike rdstring;
+- # avoid space-separated RDATA <character-string> fields if possible,
+- # txtdata provides a list of strings in a list context since Net::DNS 0.69
+- #
+- # rdatastr() is historical/undocumented, use rdstring() since Net::DNS 0.69
+- my $rdatastr = $answer->UNIVERSAL::can('txtdata') ? join('',$answer->txtdata)
+- : $answer->UNIVERSAL::can('rdstring') ? $answer->rdstring
+- : $answer->rdatastr;
++ my $qname = $question->qname;
+ if (defined $qname && defined $rdatastr) {
+ my $qclass = $question->qclass;
+ my $qtype = $question->qtype;
+@@ -293,14 +305,25 @@ sub process_dnsbl_result {
+ sub process_dnsbl_set {
+ my ($self, $set, $question, $answer) = @_;
+
+- # txtdata returns a non- zone-file-format encoded result, unlike rdstring;
+- # avoid space-separated RDATA <character-string> fields if possible,
+- # txtdata provides a list of strings in a list context since Net::DNS 0.69
+- #
+- # rdatastr() is historical/undocumented, use rdstring() since Net::DNS 0.69
+- my $rdatastr = $answer->UNIVERSAL::can('txtdata') ? join('',$answer->txtdata)
+- : $answer->UNIVERSAL::can('rdstring') ? $answer->rdstring
+- : $answer->rdatastr;
++ my $rdatastr;
++ if ($answer->UNIVERSAL::can('txtdata')) {
++ # txtdata returns a non- zone-file-format encoded result, unlike rdstring;
++ # avoid space-separated RDATA <character-string> fields if possible,
++ # txtdata provides a list of strings in a list context since Net::DNS 0.69
++ $rdatastr = join('',$answer->txtdata);
++ } else {
++ # rdatastr() is historical/undocumented, use rdstring() since Net::DNS 0.69
++ $rdatastr = $answer->UNIVERSAL::can('rdstring') ? $answer->rdstring
++ : $answer->rdatastr;
++ # encoded in a RFC 1035 zone file format (escaped), decode it
++ $rdatastr =~ s{ \\ ( [0-9]{3} | (?![0-9]{3}) . ) }
++ { length($1)==3 && $1 <= 255 ? chr($1) : $1 }xgse;
++ }
++ # Bug 7236: Net::DNS attempts to decode text strings in a TXT record as
++ # UTF-8 since version 0.69, which is undesired: octets failing the UTF-8
++ # decoding are converted to a Unicode "replacement character" U+FFFD, and
++ # ASCII text is unnecessarily flagged as perl native characters.
++ utf8::encode($rdatastr) if utf8::is_utf8($rdatastr);
+
+ while (my ($subtest, $rule) = each %{ $self->{dnspost}->{$set} }) {
+ next if $self->{tests_already_hit}->{$rule};
+diff --git a/lib/Mail/SpamAssassin/Plugin/AskDNS.pm b/lib/Mail/SpamAssassin/Plugin/AskDNS.pm
+index d26117bbb..ac533a779 100644
+--- a/lib/Mail/SpamAssassin/Plugin/AskDNS.pm
++++ b/lib/Mail/SpamAssassin/Plugin/AskDNS.pm
+@@ -584,9 +584,9 @@ sub process_response_packet {
+ $rr_rdatastr = join('', $rr->char_str_list); # historical
+ }
+ # Net::DNS attempts to decode text strings in a TXT record as UTF-8,
+- # which is bad: octets failing the UTF-8 decoding are converted to
+- # three octets \x{EF}\x{BF}\x{BD} (i.e. to a Unicode "replacement
+- # character" U+FFFD encoded as UTF-8), and ASCII text is unnecessarily
++ # which is undesired: octets failing the UTF-8 decoding are converted
++ # to a Unicode "replacement character" U+FFFD (encoded as octets
++ # \x{EF}\x{BF}\x{BD} in UTF-8), and ASCII text is unnecessarily
+ # flagged as perl native characters (utf8 flag on), which can be
+ # disruptive on later processing, e.g. implicitly upgrading strings
+ # on concatenation. Unfortunately there is no way of legally bypassing
--- /dev/null
+# send mail through spamassassin
+:0fw
+| /usr/bin/spamassassin
--- /dev/null
+# http://wiki.apache.org/spamassassin/RuleUpdates
+CHANNELURL=updates.spamassassin.org
+KEYID=5244EC45
+# Ignore everything below.
+return 0
+
+This is the GPG key that updates are signed with (currently,
+as of Wed Dec 21 19:31:38 PST 2005. Please contact <dev /at/
+spamassassin.apache.org> with any questions.
+
+
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.2 (SunOS)
+
+mQILBEOnbDQBEADBfda+hU8cGXD/2WYrIHsZ5CmvC2eCYKgQ87W706tzwmxoZWQS
+JfnRpkZnBqS5WDhXhNBOhk9CgF5/e9yHnDQCusNYfRstKd+t0XTFvq30/tacrJNe
+67zgq+DtWqIK9C7akfElc+2M5NkX6mF4cjaMXZoW17ltPy0XSSeirf584nvK3pXf
+oEFLYQ/0AUV9EBpo9+i2DkMUd8d5tz7A6O5foB3ijYPzIcVtVJ1eyCg6gO1I4cIA
+YbIZCH0WIVx5MQjydfKyCR4D7VFPpZgwcZ1PmyZSsy3lrigGVvYEoUS2fWTt2jUO
+pB3wg5pgzuu9hN5CpChZGvq65t4PGtAeShnBkddIH4l+iDC6sAc6W06KidSaUCW1
+BKvNMa39lyEkO4bfLblZRjoZbj7Tjq3wQV/PLpPyKDa8ZZ88GfWaeRDUNRgZG6Qq
+e6UKlFGfrw2RXOImUje7Sjy/eG4Ud/BOeGkV913yWBm9CHsPNtaVDK+iQI6vkAWS
+3QkiPjBkXGTZFHsUx9/i3k5Iga6d4Gq2cBIVBur3sDxjKuuSazLwA9OAybpzQe2s
+PvTzbGc/f1P7plT++HBFlBHwFtl/v68Q8pkbMWlEc5M9nYJ6yXHATHZzFfThxBwt
+OYfF25XGaclUMkOMX++RiRkmjaEaT7Whv5aPbeb3+H3v6Omjvnebge24lQAGKbQ/
+dXBkYXRlcy5zcGFtYXNzYXNzaW4ub3JnIFNpZ25pbmcgS2V5IDxyZWxlYXNlQHNw
+YW1hc3Nhc3Npbi5vcmc+iQI2BBMBAgAgBQJDp2w0AhsDBgsJCAcDAgQVAggDBBYC
+AwECHgECF4AACgkQQFamGlJE7EVkfg//ZjBQ6UXDizX9UPsEmogWXIqbBsyP5DJH
+uToaFa6OzCbOJqcYnXNfOjovYdDOTje+x3ZEkwbx+y6MSfhmDuHPDPqBU7hXenxx
+oRktC68mJasKo0wXym2YfyWFnhSZMlXXFQ9We48zNGcVRckzaxLzM67BFJuRUfOM
+EV6Lf3HxMvoUK3/Xzq9YPEq2sqFO1Eu+qPC3nq726Tj/aYBBFHgHmbjDrZTaQNyV
+fHvEjDzPcDRjlJI+vZw1UEuXG+BKATPpiT7U7I1OGLDa2ExDIxh0+eJnsmA3YyHG
+VweE7nDN2GmkXMVfa5vXHH49Ae9Ee8jIIRipfgMgZWnkZ0XYDvLj2ueH0Ixu4o9R
+D2zJIwqzRh1sytG+1YOfHrOMUCplImJaY/ARgOM324ZdBvhkgIi1XvT7Sy/ZmGWd
+DKFo+GjX0r2cujR8Pd4i7VlKsF9wRypk+n/aupXiaz5GY44EIVbnweyS5IlCNrwn
+4UtqcB9/9uk1tmUNIcC5xjbq5ud/Y+iMIqCKCH0C9WUwSNSdsg+K+9xoZuvlaXY0
+JeXWNcDdq+tMir+x+/o0U4ENVYBkSFesnotmHwN6jZj4lSMRmvcFHPBljXqLqzM+
+y5wZxnCo1N7T+erZaI7BUrpJYm8JxcJ2VCWV0JFoO1Ec//B6XYB0pckbRuSTX/Zw
+pKEkNqOdmjm5AgsEQ6dsigEQAKvdggbwqJgfDbRE2Lcy2gsn4j7haqu3IVBbyUDn
+kGuuDuEtSeoRjCZXEb5DaKibIpEy5vzvRGvCFFkrBs4KXk/uamkgCpGnQZFnoz/S
+rNZ8U7+e1pecEePpIkhQyafUKox9+p43UVoq4UybdPRDvE9SmQ1qaNUhyQY2FP9S
+WT1a63u5GA73aH4puGO0BuZ9R3MNaDYZe/MOlRRjmlAsbY4oqWOudlNVaZ71EV3O
+FFmOH4pnpxdO0X0l6sF6nvqvO5/gdZ3dI5iqrJjUneVgVOmPkREq7tQ5qHS/2pny
+rDrH8NZCDNT5TXciBxBrt53bxxL/V/HWaolmtJi8gK82uXt8YlmT6zuEsofufDmu
+P/HMDZ+BhGI+ggNzY2AVwERTRD6ecHDOI3iIuCP4Ck26YNHRCLyocL3CSlIpjQPu
+tb3qfdAcqKLJ/fVyLtGkXr24crel6IeJY7/AGjYBrfh47DWnK7Xds8bAqJ8VCjOc
+/q1usFTHgGkYocvtv0gmcjbu8YypzuG8HxOg9Yk9qRLQgg1fNhzXE2lqEPyMlBfj
+eLmMNRvKP70fH8CK8adinPIegaRrS6gZ/iIdv8+YV+1rlEt28qzzGJxnmzUEmW6X
+Xj44u91umg9WOsLxTOCQWdjGHonytHqj/xIsf45N2JIGLhU0lF04hYfEo5p65AyM
+PpYhAAYpiQIfBBgBAgAJBQJDp2yKAhsCAAoJEEBWphpSROxFungP/iWKe7o8szOz
+VmXkj89xDVFZ69nthVKkbgSYIZYQC+QLF8P1MWRnNWO/8TY+XsaCT3SrqxDFQ/R/
+9mlAPGUM1ySVihOPmP/DPiOlWLCsc0mb6OzYF2olcOR33s05MqvJlqXSmIrdB+hI
+KkC7G5byZ+XZwPXVj4XlxIEOzs18+0YJqy0IPZPXTiMet4k2KyWyWkJpJYUCb19G
+R6QC8hZQD97EYTbkbr5Ss26jjY/9AqLofW5F1/98pLDo+ron7pI2k8Ymn5DngEsa
+XoGsQuyvPfTAjS4p9q/XwExJcX3gvQesdw18mpoSaGAOgDISolBPRqpHpy7v7vuw
+3UMnsefKOX3F0Rossevw+c2/JCulnGmJDlgz6nHSR6FhHsbrDKF8oBeYPfGW/Kjw
+NvzB1i9yubAMrsTQVu1Q8e5LsnL/MNYKb6oEJbBywdeHxBkehGWFXVdSoFvVSih/
+VNqX9f7jlybpLZW/n8cQ2r1ax19v7FleO/xSGvkYm7B1+4BW0mjy6A5dta5+e5WG
+D5R06Uya3/xRAPGdmV6t4Mw8fFsuyCvs+vC73PR3+eS1UvCYsDpcQD8KpVBnsHaA
+duWRKKhjuFL0vdOWAr25tFOTKAj5Ywas47PBukO0isov2WBCA1rVqOr6FUvdP76y
+mqHv/0E6/vnTLxFoNsu4Ce42nAQ/A/jRiQQ+BBgBAgAJAhsCBQJHhbheAinBXSAE
+GQECAAYFAkOnbIoACgkQbFU5eCT0NM68MQ/8DvYqxRm3vP0Gwnr+63kzET8S+6vf
+gxOghnU+eMlqUeUu/ajqnVDMzoAIRDw9QgQc9ZZoklOSJQwOuloAbdpL4TwQ2XfJ
+MLU60JkZWnEOXJwClb0qG1GqtcBPbMEUPfZcQfphdRL3jpWZlaexFiJRSD+A0riw
+7q3NZKPDt4FrF7F3GY9krFy+P0nRt5f462DeDhCYZgguBQH+oGtjc5Hx+kOVWDsS
+txo5xkt4/0DG50ZklPkTlCohmJwRLACy+NswdQ9q83eWAhzKOPgkal7xF6a+LyE+
+ytVYy2EgEU74r2gVw5iizy92FDj//Z2QAUyf/c4BMuAhvfwVIHd8n2DPHvpMP15L
+6fwoymh0OjzmhwK94Z2u1YqNC1CK27/hfB6okQ/Tct7/Ik61dBjtiYdUC9tTA5Ze
+W8X5ouSmttS1QFixx+Z4hiXV7Qj12lgVKuJohjrVshfcbVzTHljjAo3YkOZIHIoA
+IJTUMRNzTIx9k4hrPVbxbVQhKjKTwFNtBuxvmptGTcLEIv9THpqlq8jkcStJ2Zrd
+hhofPCWRT/Kzo+WE+Kgefv88T5Li7Ku12U/UpiK85+6nRspXj3rnkfDOUbLZjGM+
+1NET0xQTPuyxN6CXF7MMxfGCpszCudYxMANDQqNXu9brcPN/+EIxGRjqin4E7q+h
+kYUaY7Ki8mXtJ8cJEEBWphpSROxFktcQALWQv996bFq1iFcGuQ0ITxNDlOWCsses
+bgEM5zR10DH+6s2bXEO8xyDHQJtrvdCPetRDosnuOToBMnGMXTYVytnWzwwAzwq1
+YM+bGAeTHaIX+2UmxwFyX4GMOdqsNB+xDZ8pmRKjamJSgUQt6e18YpZlg1Y4QkxS
+Vptq7OZBjiKeLUhLhGJ6GWgEIedLcoCtFzKCfz3zwn0Oxl+1EnVu8yqN+quWTf8P
+7EZn+0ztqZY059BrcK2jmOyXvtOZBcAHXCUknh/uPHwAJV2WFWSNid2kNiLOrV+J
+3eLTs5sF9wNhxWRhl6/10cwTzjy0Onv5cJh2tjdwksigMRMwz4c839zXORni/tnY
++IY22kNTKu84gB8rBuqUq8MQXNdS3bbROwwNUzpC0D1C1z1fBvyXDL1EwJdz70Wc
+2m/Sw6tIid5g98+XMW+Ibt43Jk2XbK71JLhbVbePbAcHVh/UXEtnjhRfX7oyWlwS
+a+lkKMiJd/6CQ6bvYsgklE7uEzTpRskpkkOcCk1O+8jfl+DsDwKrvVaNu8tpx45k
+TtV4JDA6iEHKakD/zZdVTR79W2CFqBvRfRikc5INOl1OfMQ4ODmjkMl3yI9wrHwS
+SQQxdq2XsS7xbU9HDFBEguQDu0rfzILZ9DuKIVHyr/CsRoJ5joj+JvKaUQC81ywQ
+aB8EKy5bg4U6
+=IbYW
+-----END PGP PUBLIC KEY BLOCK-----
--- /dev/null
+diff -ruNp Mail-SpamAssassin-3.4.1.orig/spamc/configure.pl Mail-SpamAssassin-3.4.1/spamc/configure.pl
+--- Mail-SpamAssassin-3.4.1.orig/spamc/configure.pl 2015-04-28 21:56:59.000000000 +0200
++++ Mail-SpamAssassin-3.4.1/spamc/configure.pl 2017-07-21 23:34:50.122992872 +0200
+@@ -66,7 +66,7 @@ print join(' ', $Config{'perlpath'}, "ve
+ # Do the same thing as for the preprocessor below.
+ package version_h;
+ my $Z = $0;
+- local $0 = "version.h.pl";
++ local $0 = "./version.h.pl";
+ local @ARGV = ();
+ # Got to check for defined because the script returns shell error level!
+ unless (defined do $0) {
--- /dev/null
+# send mail through spamassassin
+:0fw
+| /usr/bin/spamc
--- /dev/null
+#!/bin/sh
+#
+# spamassassin This script starts and stops the spamd daemon
+#
+# chkconfig: 2345 80 30
+#
+# description: spamd is a daemon process which uses SpamAssassin to check \
+# email messages for SPAM. It is normally called by spamc \
+# from a MDA.
+# processname: spamd
+# pidfile: /var/run/spamd.pid
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+# Source networking configuration.
+. /etc/sysconfig/network
+
+SPAMD_OPTS="-d -c"
+# Source configureation.
+if [ -f /etc/sysconfig/spamd ] ; then
+ . /etc/sysconfig/spamd
+fi
+
+# Check that networking is up.
+if is_no "${NETWORKING}"; then
+ msg_network_down "SpamAssassin"
+ exit 1
+fi
+
+start() {
+ # Start daemon.
+ if [ -f /var/lock/subsys/spamd ]; then
+ msg_already_running "SpamAssassin"
+ return
+ fi
+
+ # Check if database is installed.
+ if [ "$(find /var/lib/spamassassin/ -name '*.cf' | head -n1 | wc -l)" -eq 0 ]; then
+ show 'Spamassassin database not found. Run sa-update first.'; fail
+ return 1
+ fi
+
+ msg_starting "SpamAssassin"
+ daemon /usr/bin/spamd -r /var/run/spamd.pid $SPAMD_OPTS
+ RETVAL=$?
+ [ $RETVAL -eq 0 ] && touch /var/lock/subsys/spamd
+}
+
+stop() {
+ # Stop daemons.
+ if [ ! -f /var/lock/subsys/spamd ]; then
+ msg_not_running "SpamAssassin"
+ return
+ fi
+
+ msg_stopping "SpamAssassin"
+ killproc --pidfile spamd.pid spamd
+ RETVAL=$?
+ rm -f /var/lock/subsys/spamd
+}
+
+condrestart() {
+ if [ ! -f /var/lock/subsys/spamd ]; then
+ msg_not_running "SpamAssassin"
+ RETVAL=$1
+ return
+ fi
+
+ stop
+ start
+}
+
+# See how we were called.
+case "$1" in
+ start)
+ start
+ ;;
+ stop)
+ stop
+ ;;
+ restart)
+ stop
+ start
+ ;;
+ try-restart)
+ condrestart 0
+ ;;
+ force-reload)
+ condrestart 7
+ ;;
+ status)
+ status --pidfile spamd.pid spamd
+ ;;
+ *)
+ msg_usage "$0 {start|stop|restart|try-restart|force-reload|status}"
+ exit 1
+esac
+
+exit $RETVAL
--- /dev/null
+# TODO
+# - build lib{,ssl}spamc.so (if there is a point)
+# - sa-check_spamd into nagios-plugin-check_spamd subpackage
+#
+# Conditional build:
+%bcond_without tests # do not perform "make test"
+
+%define pdir Mail
+%define pnam SpamAssassin
+%define sa_version %(printf %d.%03d%03d $(echo %{version} | tr '.' ' '))
+%include /usr/lib/rpm/macros.perl
+Summary: A spam filter for email which can be invoked from mail delivery agents
+Summary(pl.UTF-8): Filtr antyspamowy, przeznaczony dla programów dostarczających pocztę (MDA)
+Name: spamassassin
+Version: 3.4.1
+Release: 8
+License: Apache v2.0
+Group: Applications/Mail
+Source0: http://ftp.ps.pl/pub/apache//spamassassin/source/%{pdir}-%{pnam}-%{version}.tar.bz2
+# Source0-md5: 0db5d27d7b782ff5eadee12b95eae84c
+Source1: %{name}.sysconfig
+Source2: %{name}-spamd.init
+Source3: %{name}-default.rc
+Source4: %{name}-spamc.rc
+Source5: sa-update.sh
+Source6: sa-update.cron
+Source7: spamassassin-official.conf
+Source8: sought.conf
+Source9: cronjob-sa-update.service
+Source10: cronjob-sa-update.timer
+Patch0: spamassassin-3.4.1-netdns.patch
+Patch1: %{name}-perl-fix.patch
+Patch2: bug_771408_perl_version
+Patch3: bug_828552-openssl-1.1.0
+Patch4: bug-869408-unescaped-brace-in-regex.patch
+Patch5: disable_sslv3
+Patch6: dkim_subdomains
+Patch7: fix-uninitialized-concat
+URL: http://spamassassin.apache.org/
+BuildRequires: openssl-devel >= 0.9.7d
+BuildRequires: perl(ExtUtils::MakeMaker) >= 6.16
+BuildRequires: perl-Archive-Tar
+BuildRequires: perl-DBI
+BuildRequires: perl-DB_File
+BuildRequires: perl-Digest-SHA1 >= 2.10
+BuildRequires: perl-HTML-Parser >= 3
+BuildRequires: perl-IO-Socket-INET6 >= 2.51
+BuildRequires: perl-IO-Socket-SSL
+BuildRequires: perl-IO-Zlib
+BuildRequires: perl-IP-Country
+BuildRequires: perl-Mail-SPF-Query
+BuildRequires: perl-Net-DNS >= 0.65-3
+BuildRequires: perl-Net-Ident
+BuildRequires: perl-NetAddr-IP >= 4.000
+#BuildRequires: perl-Razor2
+BuildRequires: perl-devel >= 1:5.8.0
+BuildRequires: perl-libwww
+BuildRequires: re2c
+BuildRequires: rpm-perlprov >= 4.1-13
+BuildRequires: rpmbuild(macros) >= 1.453
+%if %{with tests}
+# are these really needed?
+#BuildRequires: perl-Compress-Zlib
+BuildRequires: perl-Encode-Detect
+BuildRequires: perl-MIME-Base64
+BuildRequires: perl-MIME-tools
+BuildRequires: perl-Mail-DKIM
+BuildRequires: perl-Mail-DomainKeys
+BuildRequires: perl-Mail-SPF
+BuildRequires: perl-MailTools
+BuildRequires: perl-Razor > 2.61
+%endif
+Requires: perl-Mail-SpamAssassin = %{version}-%{release}
+Obsoletes: SpamAssassin
+Obsoletes: spamassassin-tools
+BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+
+%define _noautoreq 'perl(Razor2::Client::Agent)' 'perl(Razor::Agent)' 'perl(Razor::Client)' 'perl(DBI)' 'perl(Net::Ident)'
+
+%description
+Apache SpamAssassin provides you with a way to reduce if not
+completely eliminate Unsolicited Commercial Email (SPAM) from your
+incoming email. It can be invoked by a MDA such as sendmail or
+postfix, or can be called from a procmail script, .forward file, etc.
+It uses a genetic-algorithm evolved scoring system to identify
+messages which look spammy, then adds headers to the message so they
+can be filtered by the user's mail reading software. This distribution
+includes the spamd/spamc components which create a server that
+considerably speeds processing of mail.
+
+To enable spamassassin, if you are receiving mail locally, simply add
+this line to your ~/.procmailrc:
+INCLUDERC=/etc/mail/spamassassin/spamassassin-default.rc
+
+To filter spam for all users, add that line to /etc/procmailrc
+(creating if necessary).
+
+%description -l pl.UTF-8
+Apache SpamAssassin daje możliwość zredukowania, jeśli nie kompletnego
+wyeliminowania niezamawianej komercyjnej poczty (Unsolicited
+Commercial Email, spamu) z poczty. Może być wywoływany z MDA, np.
+Sendmaila czy Postfiksa, lub z pliku ~/.forward itp. Używa ogólnego
+algorytmu oceniania w celu identyfikacji wiadomości, które wyglądają
+na SPAM, po czym dodaje nagłówki do wiadomości, umożliwiając
+filtrowanie przez oprogramowanie użytkownika. Ta dystrybucja zawiera
+programy spamd/spamc, umożliwiające uruchomienie serwera, co znacznie
+przyspieszy proces przetwarzania poczty.
+
+Aby uruchomić spamassassina dla lokalnie przychodzącej poczty,
+wystarczy dodać do własnego ~/.procmailrc linię:
+INCLUDERC=/etc/mail/spamassassin/spamassassin-default.rc
+
+Aby filtrować spam dla wszystkich użytkowników, należy dodać tę linię
+do pliku /etc/procmailrc (tworząc go w razie potrzeby).
+
+%package spamd
+Summary: spamd - daemonized version of spamassassin
+Summary(pl.UTF-8): spamd - spamassassin w postaci demona
+Group: Applications/Mail
+Requires(post,preun): /sbin/chkconfig
+Requires: perl-Mail-SpamAssassin = %{version}-%{release}
+Requires: rc-scripts
+Suggests: perl-Apache-Test
+Suggests: perl-IO-Socket-IP
+Suggests: perl-IO-Socket-SSL
+Suggests: perl-IO-Socket-INET6
+Suggests: perl-Net-Ident
+
+%description spamd
+The purpose of this program is to provide a daemonized version of the
+spamassassin executable. The goal is improving throughput performance
+for automated mail checking.
+
+This is intended to be used alongside "spamc", a fast, low-overhead C
+client program.
+
+%description spamd -l pl.UTF-8
+Spamd jest "demoniczną" wersją spamassassina. Jego zadaniem jest
+poprawa wydajności automatycznego sprawdzania poczty.
+
+Spamd powinien być używany wespół ze "spamc", który jest szybkim i
+wydajnym programem klienckim.
+
+%package spamc
+Summary: spamc - client for spamd
+Summary(pl.UTF-8): spamc - klient dla spamd
+Group: Applications/Mail
+Suggests: perl-Compress-Zlib
+
+%description spamc
+Spamc is the client half of the spamc/spamd pair. It should be used in
+place of "spamassassin" in scripts to process mail. It will read the
+mail from STDIN, and spool it to its connection to spamd, then read
+the result back and print it to STDOUT. Spamc has extremely low
+overhead in loading, so it should be much faster to load than the
+whole spamassassin program.
+
+To enable spamassassin, if you are receiving mail locally, simply add
+this line to your ~/.procmailrc:
+INCLUDERC=/etc/mail/spamassassin/spamassassin-spamc.rc
+
+To filter spam for all users, add that line to /etc/procmailrc
+(creating if necessary).
+
+%description spamc -l pl.UTF-8
+Spamc powinien być używany zamiast "spamassassina" w skryptach
+przetwarzających pocztę. Zczytuje pocztę ze STDIN, kolejkuje ją a
+następnie przekazuje spamdowi, odczytuje wynik i podaje go na STDOUT.
+Spamc stara się nie obciążać zbytnio procesora podczas ładowania,
+dzięki czemu powinien działać szybciej niż sam spamassassin.
+
+Aby uruchomić spamassassina dla lokalnie przychodzącej poczty,
+wystarczy dodać do własnego ~/.procmailrc linię:
+INCLUDERC=/etc/mail/spamassassin/spamassassin-spamc.rc
+
+Aby filtrować spam dla wszystkich użytkowników, należy dodać tę linię
+do pliku /etc/procmailrc (tworząc go w razie potrzeby).
+
+%package compile
+Summary: sa-compile - compile SpamAssassin ruleset into native code
+Summary(pl.UTF-8): sa-compile - kompilowanie reguł SpamAssasina do kodu natywnego
+Group: Applications/Mail
+Requires: gcc
+Requires: glibc-devel
+Requires: make
+Requires: perl(ExtUtils::MakeMaker)
+Requires: perl-Mail-SpamAssassin = %{version}-%{release}
+Requires: perl-devel
+Requires: re2c >= 0.10
+
+%description compile
+sa-compile uses "re2c" to compile the SpamAssassin ruleset. This is
+then used by the "Mail::SpamAssassin::Plugin::Rule2XSBody" plugin to
+speed up SpamAssassin's operation, where possible, and when that
+plugin is loaded.
+
+%description compile -l pl.UTF-8
+sa-compile wykorzystuje re2c do kompilacji reguł SpamAssassina. Służy
+to do przyspieszenia operacji SpamAssassina w miarę możliwości, kiedy
+ta wtyczka jest wczytana.
+
+%package update
+Summary: sa-update - automate SpamAssassin rule updates
+Summary(pl.UTF-8): sa-update - automatyczne uaktualnianie regułek SpamAssassina
+Group: Applications/Mail
+Requires: cronjobs
+Requires: gnupg
+Requires: perl-Archive-Tar
+Requires: perl-Mail-SpamAssassin = %{version}-%{release}
+Requires: perl-libwww
+
+%description update
+sa-update automates the process of downloading and installing new
+rules and configuration, based on channels. The default channel is
+updates.spamassassin.org, which has updated rules since the previous
+release.
+
+Update archives are verified by default using SHA1 hashes and GPG
+signatures.
+
+%description update -l pl.UTF-8
+sa-update automatyzuje proces ściągania i instalowania nowych regułek
+i konfiguracji w oparciu o kanały. Domyślny kanał to
+updates.spamassassin.org, który ma uaktualnione regułki od czasu
+poprzedniego wydania.
+
+Archiwa uaktualnień są sprawdzane domyślnie przy użyciu skrótów SHA1 i
+podpisów GPG.
+
+%package -n perl-Mail-SpamAssassin
+Summary: Mail::SpamAssassin - SpamAssassin e-mail filter libraries
+Summary(pl.UTF-8): Mail::SpamAssassin - biblioteki filtra poczty SpamAssassin
+Group: Development/Languages/Perl
+Requires: perl-HTML-Parser >= 3
+# what for this one?
+#Requires: perl-Sys-Hostname-Long
+Suggests: Razor
+Suggests: perl-Cache-DB_File >= 0.2
+Suggests: perl-DBD-mysql
+Suggests: perl-Encode-Detect
+Suggests: perl-Geo-IP
+Suggests: perl-IO-Socket-INET6 >= 2.51
+Suggests: perl-IP-Country
+Suggests: perl-Mail-DKIM
+#Suggests: perl-Mail-DomainKeys
+#Suggests: perl-Mail-SPF
+Suggests: perl-Mail-SPF-Query
+Suggests: perl-Net-DNS >= 0.34
+Suggests: perl-Net-Patricia
+Suggests: spamassassin-compile
+Suggests: spamassassin-plugin-fuzzyocr
+Suggests: spamassassin-update
+
+%description -n perl-Mail-SpamAssassin
+Mail::SpamAssassin is a Mail::Audit plugin to identify spam using text
+analysis and several internet-based realtime blacklists. Using its
+rule base, it uses a wide range of heuristic tests on mail headers and
+body text to identify ``spam'', also known as unsolicited commercial
+email. Once identified, the mail can then be optionally tagged as spam
+for later filtering using the user's own mail user-agent application.
+
+%description -n perl-Mail-SpamAssassin -l pl.UTF-8
+Mail::SpamAssassin jest pluginem dla Mail::Audit, służącym do
+identyfikacji spamu przy użyciu analizy zawartości i/lub internetowych
+czarnych list. Do zidentyfikowania jako ,,spam'' stosuje szeroki
+zakres testów heurystycznych na nagłówkach i treści, posiłkując się
+stworzoną wcześniej bazą reguł. Po zidentyfikowaniu, poczta może być
+oznaczona jako spam w celu późniejszego wyfiltrowania, np. przy użyciu
+aplikacji do czytania poczty.
+
+%prep
+%setup -q -n %{pdir}-%{pnam}-%{version}
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+
+# disable broken test
+%{__mv} t/sa_compile.t{,.disabled}
+
+# this test needs network, does not work on builders
+%{__mv} t/dnsbl_subtests.t{,.disabled}
+
+%build
+# for spamc/configure
+export CFLAGS="%{rpmcflags}"
+%{__perl} Makefile.PL \
+ INSTALLDIRS=vendor \
+ PREFIX=%{_prefix} \
+ SYSCONFDIR=%{_sysconfdir} \
+ DATADIR=%{_datadir}/spamassassin \
+ ENABLE_SSL=yes \
+ CONTACT_ADDRESS="postmaster@localhost" \
+ PERL_BIN=%{__perl} < /dev/null
+
+%{__make} \
+ CC="%{__cc}" \
+ OPTIMIZE="%{rpmcflags}"
+
+%{__sed} -e "s,@@LOCAL_STATE_DIR@@,$(pwd)," sa-compile.raw > sa-compile.pl
+%{__perl} -T sa-compile.pl --siteconfigpath=rules
+
+%{?with_tests:%{__make} -j1 TEST_VERBOSE=1 test}
+
+%install
+rm -rf $RPM_BUILD_ROOT
+install -d $RPM_BUILD_ROOT{/etc/{cron.d,sysconfig,rc.d/init.d},%{_sysconfdir}/mail/spamassassin/channel.d,%{systemdunitdir}}
+
+%{__make} install \
+ DESTDIR=$RPM_BUILD_ROOT
+
+install %{SOURCE1} $RPM_BUILD_ROOT/etc/sysconfig/spamd
+install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/spamd
+install %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin
+install %{SOURCE4} $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin
+install %{SOURCE5} $RPM_BUILD_ROOT%{_datadir}/spamassassin/sa-update.cron
+install %{SOURCE6} $RPM_BUILD_ROOT/etc/cron.d/sa-update
+install %{SOURCE7} $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channel.d
+install %{SOURCE8} $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channel.d
+install %{SOURCE9} $RPM_BUILD_ROOT%{systemdunitdir}/cronjob-sa-update.service
+install %{SOURCE10} $RPM_BUILD_ROOT%{systemdunitdir}/cronjob-sa-update.timer
+
+# sa-update, sa-compile
+install -d $RPM_BUILD_ROOT/var/lib/spamassassin/{%{sa_version},compiled/%{sa_version}}
+install -d $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/sa-update-keys
+touch $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/sa-update-keys/{pubring,secring,trustdb}.gpg
+
+rm -f $RPM_BUILD_ROOT{%{perl_archlib}/perllocal.pod,%{perl_vendorarch}/auto/Mail/SpamAssassin/.packlist,%{_mandir}/man3/spamassassin-run.*}
+
+cat > $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channels << 'EOF'
+# Use %{_sysconfdir}/mail/spamassassin/channel.d/*.conf for new channels
+EOF
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%post spamd
+/sbin/chkconfig --add spamd
+%service spamd restart
+
+%preun spamd
+if [ "$1" = "0" ]; then
+ %service spamd stop
+ /sbin/chkconfig --del spamd
+fi
+
+%triggerpostun spamd -- spamassassin-spamd < 3.1.0-5.3
+# temp hack, should we care of the dead link?
+ln -s spamd /etc/rc.d/init.d/spamassassin
+/sbin/chkconfig --del spamassassin
+rm -f /etc/rc.d/init.d/spamassassin
+if [ -f /etc/sysconfig/spamassassin.rpmsave ]; then
+ mv -f /etc/sysconfig/spamassassin.rpmsave /etc/sysconfig/spamd
+fi
+
+%files
+%defattr(644,root,root,755)
+%doc CREDITS Changes INSTALL README TRADEMARK UPGRADE USAGE
+%doc procmailrc.example sql/ ldap/
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mail/spamassassin/spamassassin-default.rc
+%attr(755,root,root) %{_bindir}/sa-learn
+%attr(755,root,root) %{_bindir}/sa-awl
+%attr(755,root,root) %{_bindir}/spamassassin
+%attr(755,root,root) %{_bindir}/sa-check_spamd
+
+# It's needed for help of spamassassin command.
+%{perl_vendorlib}/spamassassin-run.pod
+%{_mandir}/man1/sa-learn.1*
+%{_mandir}/man1/spamassassin.1*
+%{_mandir}/man1/spamassassin-run.1*
+%{_mandir}/man1/sa-awl.1*
+
+%files spamd
+%defattr(644,root,root,755)
+%doc spamd/README*
+%attr(754,root,root) /etc/rc.d/init.d/spamd
+%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/spamd
+%attr(755,root,root) %{_bindir}/spamd
+%{_mandir}/man1/spamd.1*
+
+%files spamc
+%defattr(644,root,root,755)
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mail/spamassassin/spamassassin-spamc.rc
+%attr(755,root,root) %{_bindir}/spamc
+%{_mandir}/man1/spamc.1*
+
+%files compile
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_bindir}/sa-compile
+%{_mandir}/man1/sa-compile.1*
+%dir /var/lib/spamassassin/compiled
+%dir /var/lib/spamassassin/compiled/%{sa_version}
+
+%files update
+%defattr(644,root,root,755)
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mail/spamassassin/channels
+%dir %{_sysconfdir}/mail/spamassassin/channel.d
+%{_sysconfdir}/mail/spamassassin/channel.d/spamassassin-official.conf
+%{_sysconfdir}/mail/spamassassin/channel.d/sought.conf
+%attr(700,root,root) %dir %{_sysconfdir}/mail/spamassassin/sa-update-keys
+%attr(700,root,root) %ghost %{_sysconfdir}/mail/spamassassin/sa-update-keys/*
+%config(noreplace) %verify(not md5 mtime size) /etc/cron.d/sa-update
+%attr(755,root,root) %{_bindir}/sa-update
+%attr(755,root,root) %{_datadir}/spamassassin/sa-update.cron
+%{_datadir}/spamassassin/sa-update-pubkey.txt
+%dir /var/lib/spamassassin/%{sa_version}
+%{_mandir}/man1/sa-update.1*
+%{systemdunitdir}/cronjob-sa-update.service
+%{systemdunitdir}/cronjob-sa-update.timer
+
+%files -n perl-Mail-SpamAssassin
+%defattr(644,root,root,755)
+%doc sample-nonspam.txt sample-spam.txt
+%dir %{_sysconfdir}/mail/spamassassin
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mail/spamassassin/*.pre
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mail/spamassassin/*.cf
+%exclude %{_sysconfdir}/mail/spamassassin/sa-update-keys
+%dir %{_datadir}/spamassassin
+%config(noreplace) %{_datadir}/spamassassin/languages
+%config(noreplace) %{_datadir}/spamassassin/user_prefs.template
+%exclude %{_datadir}/spamassassin/sa-update-pubkey.txt
+
+%dir /var/lib/spamassassin
+
+%{perl_vendorlib}/Mail/*
+%{_mandir}/man3/*.3*
--- /dev/null
+# Customized settings for spamassassin (spamd)
+
+# Cmdline options
+SPAMD_OPTS="-d -c --pidfile=/var/run/spamassassin.pid"
TLD / packages / spamassassin.git / commitdiff