Main Inclusion Report for spamassassin

Requirements

1. Availability: spamassassin; available for all supported architectures or some subset ? All

2. Rationale:

   • Spec'ed for Intrepid:

     • ClamavSpamassassinInMain

3. Security:

   • CVE entries: Doesn't have any during 2008 so far, the CVEs are for past versions.

   • Secunia history: All relate to earlier versions as well.

   • Any binaries running as root or suid/sgid ? No Any daemons ? Yes, spamd a deamonized version of spamassassin with the aim of improving performance.
   • Network activity: does it open any port ? It has the option to listen on a port, 783 by default. Does it handle incoming network data ? It has the option, but by default only allows local connections.
   • Does it directly (not through a library) process binary (video, audio, etc) or structured (PDF, etc) data ? Yes
   • Any source code review performed ? (The approver will do a quick and shallow check.) No

4. Quality assurance:

   • In what situations does the package not work out of the box without configuration ? Default config does not enable spamd. You have to modify /etc/defaults/spamassassin.
   • Does the package ask any debconf questions higher than priority 'medium' ? No

   • Debian bugs: (mention any that are particularly relevant, and any showstoppers) None

   • Maintenance in Debian vigorous.

   • Upstream is calm, seem to release a couple of times a year.

   • Upstream bug tracker: (mention any particularly relevant or critical) None

   • Hardware: Does this package deal with hardware and if so how exotic is it ? No
   • Is there a test suite in the upstream source or packaging ? Yes Is it enabled to run in the build ? No

5. Standards compliance:

   • FHS Yes, Debian Policy compliance ? Yes

   • Debian library packaging guide standards compliance ? Yes

   • Packaging system (debhelper/cdbs/dbs) ? debhelper Patch system ? dpatch Any packaging oddities ? No

6. Dependencies:

   • libssl-dev
   • libhtml-parser-perl
   • libdigest-sha1-perl
   • libnet-dns-perl
   • Are these all in main ? Yes or MIR filed.

7. Background information:

   • The general purpose and context of the package should be clear from the package's debian/control file. If it isn't then please explain.
   • What do upstream call this software ? spamassassin Has it had different names in the past ? No

Reviewers

MIR bug: 261968

Author Asommer; reviewers will add comments etc. too