We have released Rspamd 1.8.3 today.
There are no incompatible changes introduced with this version to our best knowledge. However, due to Bayes changes, you might see slightly different Bayes outcomes (not likely).
The most important features and fixes
-
Large Unicode handling rework
Rspamd now provides better access to normalized/unnormalized unicode. There are various of changes in the internal routines that work with Unicode, including statistics, language detector and regular expressions. The outcome of this project is the ability to fight against certain techniques applied by spammers to obfuscate messages.
-
Critical fixes related to Unicode
We have added some fail-safety checks against certain types of messages that could cause Rspamd crashes due to invalid unicode in headers. This has been also backported to 1.8.2.
-
Redis sentinel support
Rspamd 1.8.3 includes limited support for Redis Sentinel to allow high-availability for access to the non-volatile data. You can get more details on the Redis documentation page
-
Kaspersky antivirus support
Rspamd now supports Kaspersky antivirus using its
clamav
compatible interface via antivirus module -
Improvements of the Authentication-Results header
Now, Rspamd produces more readable
Authentication-Results
header used by milter_headers and arc modules. It now can deal with multiple DKIM signatures, provides selector information and more extended (and traditional) data about SPF checks. -
Better statistical tokens
We continue to improve Bayes filtering quality by adding more tokens produced from URLs found in the text. In some rare cases this might cause slightly changed results with pre-trained statistical corpus.
-
Better and RFC conformant support of
pct
in DMARC module
Full list of the meaningful changes
- [CritFix] Make flags mutually exclusive for mime parts
- [CritFix] Strictly deny unencoded bad utf8 sequences in headers
- [Feature] Add Kaspersky antivirus support
- [Feature] Add method to get dkim results
- [Feature] Add more words regexp classes
- [Feature] Allow to choose words format in
rspamadm mime
- [Feature] Allow to get all types of words from Lua
- [Feature] Allow to get task flags in C expressions
- [Feature] Allow to require encryption when accepting connections
- [Feature] Ignore bogus whitespaces in the words
- [Feature] Implement more strict configuration tests
- [Feature] Improve SPF results in Authentication-Results
- [Feature] Support ClickHouse database
- [Fix] Add fail-safety for utf8 regexps
- [Fix] Do not trigger BROKEN_CONTENT_TYPE on innocent text parts
- [Fix] Emit error if connection has been terminated with no stop pattern
- [Fix] Fix boundaries checks in embedded messages
- [Fix] Fix double free
- [Fix] Perform policy downgrade on sample out, add tests
- [Fix] Properly escape utf8 regexps in hyperscan mode
- [Fix] Selectors - attachments args condition
- [Fix] Some fixes for raw parts
- [Fix] Treat learning errors as non-fatal
- [Fix] Use tld when looking for DKIM domains
- [Project] Words unicode structure rework
- [Project] Add preliminary Redis Sentinel support
- [Project] Improve Authentication-Results header
- [Project] Rework DKIM checks results
- [Project] Use more generalised API to produce meta words