To: users, dev, announce Subject: ANNOUNCE: Apache SpamAssassin 3.4.0 available Release Notes -- Apache SpamAssassin -- Version 3.4.0 Introduction ------------ This is a major release. It introduces nearly 18 months of bug fixes and introduces native IPv6 functionality. Downloading and availability ---------------------------- Downloads are available from: http://spamassassin.apache.org/downloads.cgi md5sum of archive files: 406d3d096c3bfd290dce28ffdbb2a630 Mail-SpamAssassin-3.4.0-pre3.tar.bz2 b4aafbabb4d3e78fdef47df11a9e7343 Mail-SpamAssassin-3.4.0-pre3.tar.gz 2f0747ca36caa70eda2662f4e527804e Mail-SpamAssassin-3.4.0-pre3.zip 5e1cc2427b2d3d8ef58e8929704a2a3b Mail-SpamAssassin-rules-3.4.0-pre3.r1434591.tgz sha1sum of archive files: 8d58628910fa276ade1ef69370b61e9057fc489c Mail-SpamAssassin-3.4.0-pre3.tar.bz2 4908ac3453a01f05a8bbf979e61ec2f312e35509 Mail-SpamAssassin-3.4.0-pre3.tar.gz b5cbf092d125164f4fcfcab0ec3261889b4b6eca Mail-SpamAssassin-3.4.0-pre3.zip bf4f9e26ec70be76010d8b7f3ba47421f31bcd9f Mail-SpamAssassin-rules-3.4.0-pre3.r1434591.tgz Note that the *-rules-*.tar.gz files are only necessary if you cannot, or do not wish to, run "sa-update" after install to download the latest fresh rules. See the INSTALL and UPGRADE files in the distribution for important installation notes. GPG Verification Procedure -------------------------- The release files also have a .asc accompanying them. The file serves as an external GPG signature for the given release file. The signing key is available via the wwwkeys.pgp.net key server, as well as http://www.apache.org/dist/spamassassin/KEYS The key information is: pub 4096R/F7D39814 2009-12-02 Key fingerprint = D809 9BC7 9E17 D7E4 9BC2 1E31 FDE5 2F40 F7D3 9814 uid SpamAssassin Project Management Committee uid SpamAssassin Signing Key (Code Signing Key, replacement for 1024D/265FA05B) sub 4096R/7B3265A5 2009-12-02 To verify a release file, download the file with the accompanying .asc file and run the following commands: gpg -v --keyserver wwwkeys.pgp.net --recv-key F7D39814 gpg --verify Mail-SpamAssassin-3.4.0-pre1.tar.bz2.asc gpg --fingerprint F7D39814 Then verify that the key matches the signature. Note that older versions of gnupg may not be able to complete the steps above. Specifically, GnuPG v1.0.6, 1.0.7 & 1.2.6 failed while v1.4.11 worked flawlessly. See http://www.apache.org/info/verification.html for more information on verifying Apache releases. Summary of major changes since 3.3.2 ------------------------------------ NOTE: Complete changes are available at http://svn.apache.org/repos/asf/spamassassin/branches/3.4/Changes About Apache SpamAssassin ------------------------- Apache SpamAssassin is a mature, widely-deployed open source project that serves as a mail filter to identify spam. SpamAssassin uses a variety of mechanisms including mail header and text analysis, Bayesian filtering, DNS blocklists, and collaborative filtering databases. In addition, Apache SpamAssassin has a modular architecture that allows other technologies to be quickly incorporated as an addition or as a replacement for existing methods. Apache SpamAssassin typically runs on a server, classifies and labels spam before it reaches your mailbox, while allowing other components of a mail system to act on its results. Most of the Apache SpamAssassin is written in Perl, with heavily traversed code paths carefully optimized. Benefits are portability, robustness and facilitated maintenance. It can run on a wide variety of POSIX platforms. The server and the Perl library feels at home on Unix and Linux platforms, and reportedly also works on MS Windows systems under ActivePerl. For more information, visit http://spamassassin.apache.org/ About The Apache Software Foundation ------------------------------------ Established in 1999, The Apache Software Foundation provides organizational, legal, and financial support for more than 100 freely-available, collaboratively-developed Open Source projects. The pragmatic Apache License enables individual and commercial users to easily deploy Apache software; the Foundation's intellectual property framework limits the legal exposure of its 2,500+ contributors. For more information, visit http://www.apache.org/