head 1.4; access; symbols pkgsrc-2026Q2:1.3.0.6 pkgsrc-2026Q2-base:1.3 pkgsrc-2026Q1:1.3.0.4 pkgsrc-2026Q1-base:1.3 pkgsrc-2025Q4:1.3.0.2 pkgsrc-2025Q4-base:1.3 pkgsrc-2025Q3:1.1.0.14 pkgsrc-2025Q3-base:1.1 pkgsrc-2025Q2:1.1.0.12 pkgsrc-2025Q2-base:1.1 pkgsrc-2025Q1:1.1.0.10 pkgsrc-2025Q1-base:1.1 pkgsrc-2024Q4:1.1.0.8 pkgsrc-2024Q4-base:1.1 pkgsrc-2024Q3:1.1.0.6 pkgsrc-2024Q3-base:1.1 pkgsrc-2024Q2:1.1.0.4 pkgsrc-2024Q2-base:1.1 pkgsrc-2024Q1:1.1.0.2; locks; strict; comment @# @; 1.4 date 2026.07.06.09.22.17; author wiz; state dead; branches; next 1.3; commitid KGt7Jl1y0DwqFzMG; 1.3 date 2025.11.16.21.39.50; author wiz; state Exp; branches; next 1.2; commitid 6VyWnC8U2BwGcPiG; 1.2 date 2025.11.02.21.17.43; author wiz; state Exp; branches; next 1.1; commitid uaJdJjaAbk65x1hG; 1.1 date 2024.05.16.15.22.14; author taca; state Exp; branches 1.1.2.1; next ; commitid gLliWGZvSDIlLeaF; 1.1.2.1 date 2024.05.16.15.22.14; author bsiegert; state dead; branches; next 1.1.2.2; commitid PS7ANWrAQDfbK7fF; 1.1.2.2 date 2024.06.23.15.58.45; author bsiegert; state Exp; branches; next ; commitid PS7ANWrAQDfbK7fF; desc @@ 1.4 log @rspamd: update to 4.1.1. 4.1.1: 19 Jun 2026 ** Features ** * [Feature] checkv3: Negotiate representation and compression via Accept/Accept-Encoding * [Feature] css: Detect more text-hiding tricks (off-screen positioning, clip, negative text-indent, tiny fonts) * [Feature] lua_archive: Add opt-in extraction limits (size, count, ratio) to bound zip-bomb expansion * [Feature] lua_text: Add byte-distribution statistics methods (entropy, byte mean/deviation, serial correlation, Monte-Carlo Pi) * [Feature] lua: Add zlib/YARA-compatible crc32 for rspamd_text, rspamd_util, and cryptobox hash * [Feature] multipattern: Add explicit SOM (start-of-match) flag and fix regex-fallback offsets * [Feature] neural: Add pluggable feature-provider and ANN-architecture registries * [Feature] neural: Add sequence output mode and SIF word selection to fasttext_embed * [Feature] kann: Add multi-head attention pooling operator * [Feature] lua_kann: Expose slice and concat graph transforms ** Bug fixes ** * [Fix] dns: Do not defer resolver nameservers (fixes SIGSEGV at worker startup, regression in 4.1.0) * [Fix] lua: Add state/generation guards and refcounting to the coroutine thread pool to prevent use-after-free on async completion * [Fix] lua_worker: Avoid deadlock when a spawned subprocess returns an invalid value * [Fix] milter: Send QUARANTINE even with a caller-supplied reply (regression from 3.10.0) * [Fix] neural: Stabilise training on dense embedding inputs (funnel architecture, input-typed learning rate, single-class quality gate) * [Fix] neural: Don't strand trained ANNs behind stale high-version tombstones * [Fix] mx_check: Classify loopback-only MX as MX_LOCAL_ONLY instead of MX_BOGON_ONLY * [Fix] monitored: Use alphanumeric-only random DNS prefixes for random_monitored RBL checks * [Fix] protocol: Use case-preserving boundary for v3 HTTP multipart parsing * [Fix] controller: Register the /checkv3 endpoint * [Fix] symcache: Fix timeout inflation in pre/postfilter priority grouping * [Fix] url: Scan bare query-embedded URLs containing '=' as a whole * [Fix] url: Do not multiply URLs with multiple '@@' signs and backslashes * [Fix] css: Detect text hidden via overflow clipping, opacity, and max-width/height * [Fix] mime: Fix build with OpenSSL 4.0 opaque ASN1_STRING * [Fix] mime_string: Make iterator const to fix doctest 2.5.0 build * [Fix] Prioritise bundled simdutf headers over system ones 4.1.0: 05 Jun 2026 ** Incompatible changes ** * [Rework] mx_check: three-layer Redis cache and finer outcome symbols (MX_NONE replaces MX_NXDOMAIN/MX_MISSING) * [Conf] fuzzy_check: discover rspamd.com servers via SRV by default ** Major features ** * [Feature] protocol: Expose custom metadata for /checkv3 via metadata headers and task:get_metadata() * [Feature] composites: Add hot-reloadable dynamic composites map * [Feature] lua_task: Add bulk and regexp symbol lookups * [Feature] lua_tcp: Add phase-specific timeouts (connect/read/write) and on_error callback * [Feature] task: Report pending async events and stalled symbols at scan timeout * [Feature] upstream: Load-aware selection with Power of Two Choices, latency EWMA, and slow start on revive * [Feature] upstream: Expand each SRV target into its own upstream, honouring SRV weights and per-target error budgets * [Feature] upstream: Defer DNS resolution for unreachable hosts so transient startup DNS failures no longer drop upstreams * [Feature] mx_check: Add IP-class classification, bad_mxs/bad_ips trust maps, and per-source checks * [Feature] external_services: Add per-service _CHECK anchor symbol for dependency ordering * [Feature] url_redirector: Add chain-aware cache with intermediate hop injection * [Feature] url_redirector: Add coherent browser fingerprint profiles for stealth resolution * [Feature] url_redirector: Switch redirector_hosts_map from set to glob * [Feature] url_redirector: Allow GET for a user-defined list of URLs * [Feature] http: Optional insertion-ordered header emission * [Feature] elastic: Log Reply-To, received IPs, URL metadata, and forcing module * [Feature] clickhouse: Add named extra_columns presets with an outbound preset * [Feature] selectors: Add fuzzy_digest, fuzzy_shingles, authenticated, and received_count * [Feature] html: Add HTML5 tag definitions (video/audio/picture/svg/...) * [Feature] dmarc_report: Add --batch-wait option to throttle batches * [Feature] autolearnstats: Add --sort-by and --group options * [Feature] lualib: Add lua_feedback_parsers for DSN and ARF reports * [Feature] lua_extras: Structured loader for custom selectors, maps, and regexps with cross-kind dependency ordering * [Feature] lua_scanners: Add eXpurgate engine support * [Feature] Add rspamadm control memstat for per-worker memory dumps (RSS, mempool callsites, Lua heap, jemalloc) * [Feature] Make baseline pidfile and logging env-overridable for containers * [Feature] Auto-load shipped fasttext model when present * [Feature] fpconv: Add fixed-point (%.Nf) formatting with correct rounding ** Bug fixes ** * [CritFix] mime_parser: Avoid NULL deref on S/MIME with empty pkcs7-data * [Fix] mime_parser: Bound S/MIME recursion depth to prevent stack exhaustion (DoS) * [Fix] mime_parser: Defensive guards against NULL deref and resource leaks * [Fix] multipattern: Bound URL query scan reentrancy to prevent crash on nested query URLs (DoS) * [Fix] composites: Avoid over-eager second-pass deferral so filter-stage composites are visible from postfilters * [Fix] ratelimit: Track all buckets in selector rules * [Fix] archives: Harden RAR/ZIP/7-zip parsers against malformed input (bounds, varint, infinite loop, OOB reads) * [Fix] images: Guard image linking against NULL decoded header * [Fix] css: Fix out-of-bounds read in ident escape scanner * [Fix] str_util: Fix lookahead over-read in find_eoh * [Fix] spf: Fix over-read on a bare "spf2." sender-id record * [Fix] rdns: Reject DNS labels that overrun the packet * [Fix] html: Prevent buffer overflow in entity decoding * [Fix] html: Preserve verbatim href as url->raw * [Fix] url: Fix out-of-bounds read on empty/all-dots host * [Fix] url: Canonicalise mailto: URIs and bare emails to a consistent slash-less form (RFC 6068) * [Fix] url: Do not drop URLs with long userinfo (userinfo-obfuscation phishing) * [Fix] url_suspect: Require TLD >= 3 chars for word_dot naked domain matches * [Fix] mime_headers: Avoid uninitialised bytes in rfc2047 decode * [Fix] mime_headers/encoding: Correct lengths after in-place rewrites * [Fix] arc: Emit ARC headers in a deterministic order * [Fix] Map DKIM permfail to dkim=permerror in Authentication-Results * [Fix] Honor mime_utf8 option in INVALID_MSGID rule * [Fix] fuzzy_storage: Harden network input paths * [Fix] fuzzy_storage: Fix peer-pipe partial-write resume and shutdown drain * [Fix] fuzzy_storage: Avoid per-refresh leak in dynamic ban inserts * [Fix] fuzzy_storage: Fix per-frame memory leak on persistent TCP connections * [Fix] fuzzy: Do not block allowed clients on TCP * [Fix] neural: Preserve trained ANN across symbol-list drift and symcache-driven profile rotation * [Fix] neural: Stabilise profile digest under disable_symbols_input and retarget training to the newest profile * [Fix] protocol: Apply inline metadata.settings on /checkv3 * [Fix] protocol: Populate request headers in /checkv3 * [Fix] upstream: Refill token bucket over time so a flapping upstream recovers * [Fix] upstream: Avoid infinite loop in get_random when the only candidate is excluded * [Fix] lua_tcp: Avoid connection leak on read without write * [Fix] lua_redis: Resolve Redis master for rspamadm tools under Sentinel * [Fix] elastic: Use Queue:new() instead of non-existent lua_util.newdeque() * [Fix] dmarc: Floor connect timestamp before os.date for PUC Lua compatibility * [Fix] greylist: Separate greylisting period from Redis connection timeout * [Fix] rspamadm vault: Write formatted output to stdout directly * [Fix] regexp: Do not discard capture groups following an empty one * [Fix] Skip ICU conversion for synthetic x-binaryenc charset * [Fix] Warn on task_timeout less than symcache symbol timeout * [Fix] Port security fixes from libucl upstream (msgpack, parser bounds, schema) * [Fix] Use string_view::data() for pointer access to fix libc++ builds @ text @$NetBSD: patch-src_plugins_lua_dmarc.lua,v 1.3 2025/11/16 21:39:50 wiz Exp $ os.date() require integer as second argument but get_date() returns float on NetBSD. So, convert return value of get_date() to integer. This fix is provided from Yoshitaka Tokugawa . --- src/plugins/lua/dmarc.lua.orig 2025-11-16 21:33:51.465412541 +0000 +++ src/plugins/lua/dmarc.lua @@@@ -296,7 +296,7 @@@@ local function dmarc_validate_policy(tas -- Prepare and send redis report element local period = os.date('%Y%m%d', - task:get_date({ format = 'connect', gmt = false })) + math.floor(task:get_date({ format = 'connect', gmt = false }))) -- Dmarc domain key must include dmarc domain, rua and period local dmarc_domain_key = table.concat( @ 1.3 log @rspamd: update to 3.14.0. 3.14.0: 10 Nov 2025 * [Feature] Fuzzy check: Add HTML fuzzy hashing for structural similarity matching * [Feature] Fuzzy check: Add per-rule text_hashes toggle for HTML-only fuzzy rules * [Feature] Fuzzy check: Add structured checks configuration with backward compatibility * [Feature] Fuzzy storage: Implement full TCP protocol support with auto-switch * [Feature] Fuzzy check: Add TCP connection management and error handling * [Feature] URL: Add task:get_cta_urls() API for proper CTA domain extraction * [Feature] URL: Move CTA processing into dedicated module * [Feature] URL: Add url:get_hash() method for efficient deduplication without string conversion * [Feature] GPT: Add web search context support with Redis caching * [Feature] HTML: Add infrastructure for async URL rewriting with Lua bindings * [Feature] HTML: Add task:rewrite_html_urls() and task:get_html_urls() Lua API * [Feature] WebUI: Implement dark mode with theme toggle and auto detection * [Feature] Aliases: Add advanced resolution with loop detection for converging paths * [Feature] Milter: Add ESMTP argument parsing with Lua API access * [Feature] Milter: Add per-recipient ESMTP args parsing and metadata access * [Feature] Milter: Support array of positions for remove_headers operations * [Feature] Proxy: Add client IP preservation in message headers through chain * [Feature] Rspamc: Add milter.add_headers object format support to --mime * [Feature] Configwizard: Add Postfix integration wizard using postconf utility * [Feature] Build: Add comprehensive BSD workflows (FreeBSD, NetBSD, OpenBSD) with Lua version selection * [Feature] Build: Add automated code review GitHub Actions workflow with Rspamd-specific guidelines * [Feature] Build: Add Docker-based integration test suite with ASAN and real corpus * [Feature] Build: Add automatic public suffix list synchronization * [Feature] Multimap: Add support for symbols with leading numerals * [Feature] DMARC: Add Auto-Reply-To and Precedence headers to prevent out-of-office replies * [Feature] Platform: Add NetBSD memory usage tracking support * [Feature] Utilities: Add fuzzy Redis migration utility * [Feature] Bayes: Allow skipping local/authenticated mail in autolearn condition * [Feature] ARC: Add DKIM signing key API for flexible ARC signing * [Feature] Logger: Add type specifiers support for better formatting * [Feature] Heap: Add rspamd_heap_push_slot to eliminate double allocation * [Fix] DNS: Preserve req->pos during reply validation to prevent packet truncation on UDP-to-TCP retransmits * [Fix] DNS: Regenerate transaction ID before copying to TCP buffer to avoid collisions * [Fix] DNS: Fix nameserver round-robin when using /etc/resolv.conf * [Fix] DNS: Fix TCP uninitialized memory leak * [Fix] DMARC: Add batching and forced GC for Redis connections to prevent pool exhaustion * [Fix] DMARC: Validate and normalize batch_size to prevent fractional indexing and loop errors * [Fix] DMARC: Refactor reporting to use helper functions and async maps * [Fix] Allocator: Fix jemalloc/system malloc mixing in getline() to prevent crashes * [Fix] Allocator: Fix allocator mismatches in hiredis * [Fix] Allocator: Fix allocator mismatches in libucl * [Fix] Hyperscan: Use runtime version instead of compile-time for database validation * [Fix] Hyperscan: Auto-recreate invalid unserialized cache files on version mismatch * [Fix] Memory: Fix leaks in fuzzy storage khash tables * [Fix] Memory: Fix leaks in upstream address parsing * [Fix] Memory: Fix leaks in *-any address parsing * [Fix] Memory: Fix OpenSSL providers cleanup * [Fix] Memory: Fix UCL object memory leak in Lua integration * [Fix] Memory: Fix stat metadata tokenization leak * [Fix] Fuzzy TCP: Fix double-release in fuzzy_tcp_session * [Fix] Fuzzy TCP: Fix refcount leak in destructor * [Fix] Fuzzy TCP: Fix timeout handling and buffer overflow * [Fix] Fuzzy TCP: Fix endianness mismatch in framing protocol * [Fix] Fuzzy TCP: Fix race conditions and fd reuse bugs * [Fix] Fuzzy TCP: Use pure ev_timer for session timeouts * [Fix] Fuzzy TCP: Fix server replies and client event handling * [Fix] Shutdown: Keep srv events active during shutdown to track auxiliary processes * [Fix] ARC: Restore strict header ordering to comply with RFC 8617 * [Fix] ARC: Add ed25519 key support * [Fix] Composites: Implement two-phase evaluation for postfilter dependencies * [Fix] Composites: Use null-terminated string for symbol lookup * [Fix] URL: Refactor extraction to prevent DoS with hash-based deduplication * [Fix] URL: Add 50k URL limit with warning for DoS protection * [Fix] URL: Skip HTML_DISPLAYED URLs in CTA detection * [Fix] URL: Fix CTA priority preservation in extract_specific_urls * [Fix] Bayes: Improve Redis server discovery * [Fix] Bayes: Only bypass learn when header value matches * [Fix] ESMTP: Robust per-recipient parsing in milter with safe cursor advance * [Fix] ESMTP: Refcount ESMTP args in proxy_session_refresh to avoid use-after-free * [Fix] ESMTP: Correct Lua stack cleanup in lua_task_get_rcpt_esmtp_args * [Fix] HTML: Correct attribute value offset calculation for URL rewriting * [Fix] HTML: Add HTML entity encoding for URL rewriting * [Fix] HTML: Fix segfault due to incorrect HTML features access * [Fix] HTML: Fix frequency-based ordering in domain hashing * [Fix] HTML: Fix shingles hash generation bugs * [Fix] HTML: Fix memory leaks in shingles generation * [Fix] HTML: Fix memory management in html_cta.process_html_links * [Fix] HTML: Fix CSS class normalization in fuzzy tokens * [Fix] HTML: Fix cache key collision between text and HTML fuzzy hashes * [Fix] OpenBSD: Fix kinfo_proc structure member names * [Fix] OpenBSD: Disable Hyperscan (not available) * [Fix] FreeBSD: Fix zstd package name * [Fix] FreeBSD: Add IGNORE_OSVERSION for package version mismatches * [Fix] NetBSD: Setup pkgin and PKG_PATH before installing packages * [Fix] NetBSD: Fix missing dependencies and package names * [Fix] BSD: Remove -j flag from ninja in all BSD workflows * [Fix] Multimap: Handle symbols with leading numerals * [Fix] Aliases: Prevent creation of malformed email addresses * [Fix] Aliases: Fix alias loop detection for converging paths * [Fix] Aliases: Fix is_local_domain to support backend objects * [Fix] Aliases: Correct to_local when no recipients present * [Fix] Aliases: Fix set_addr validation to prevent malformed addresses * [Fix] MIME: Remove Authentication-Results and anonymize envelope-from in Received headers * [Fix] Mempool: Prevent double-free in destructor cleanup * [Fix] Rspamadm: Unbreak dnstool command * [Fix] Integration tests: Fix ASAN configuration and startup diagnostics * [Minor] Replace GHashTable with khash in fuzzy_check.c and lua_textpart_get_cta_urls * [Minor] Update cache key prefix to match module name in llm_search_context * [Minor] Fix llm_search_context to follow Rspamd idioms * [Minor] Refactor llm_search_context to use lua_cache module * [Minor] Address review comments in various modules * [Minor] Fix droid usage * [Minor] Use GPT-5 Codex for code reviews * [Minor] Update libucl with automatic stack management * [Rework] Prioritize CTA URLs in redirector and Lua helpers * [Rework] RBL configuration: Add new from selectors, content_urls checks, and lower_utf8 for hashed domains * [Rework] Make Bayes learn guards configurable * [Rework] Refactor element visibility control to use Bootstrap classes * [Rework] Use postconf utility for Postfix configuration in configwizard * [Rework] Remove Lua-level HTTP header parsing in ESMTP args getters * [Rework] Add CFG_REF_* macros with debug logging for config refcounting * [Rework] Move OpenSSL providers from global to libs_ctx * [Rework] Convert heap to fully intrusive kvec-based implementation * [Rework] Add specialized pool types for long-lived and short-lived allocations * [Rework] Improve memory pool destructors with smart preallocation based on pool type * [Project] Restrict code review workflow to authorized maintainers * [Project] Add Claude Code and Cursor AI assistant configuration * [WebUI] Replace Glyphicons with FontAwesome SVG icons * [WebUI] Update CodeJar to version 4.3.0 * [WebUI] Update Node.js and ESLint * [WebUI] Update D3-based visualization libs * [WebUI] Replace deprecated alert-error class with alert-danger * [WebUI] Add search syntax hint to history table filter input * [WebUI] Fix theme toggle default to auto * [WebUI] Keep classifiers list when request is skipped * [WebUI] Repopulate classifier dropdown * [WebUI] Add comment for removeEventListener * [WebUI] Fix icon rendering race condition in tab initialization * [Test] Add comprehensive Lua unit tests for HTML URL rewriting * [Test] Add unit tests for HTML URL rewriting patch engine * [Test] Add functional tests for HTML fuzzy hashing * [Test] Add ARC chain verification tests with multiple signatures * [Test] Add e2e for classifier dropdown population * [Test] Multimap symbol with leading numerals * [Test] Sync public suffix list automatically * [Test] Update JS linters * [Test] Fix integration test environment variable passing * [Test] Add detailed error output for integration test failures @ text @d1 1 a1 1 $NetBSD$ @ 1.2 log @rspamd: update to 3.13.2. 3.13.2 What's Changed [Feature] Add user/domain context support for LLM-based classification by @@vstakhov in #5647 Implement Metadefender hash lookup module by @@vstakhov in #5656 Add vault kv version 2 support by @@vstakhov in #5654 Fix duplicate symbol in once_received plugin by @@vstakhov in #5658 [Fix] Enforce server-controlled HTTP map refresh intervals by @@vstakhov in #5660 [Fix] Propagate unused Redis Sentinel options by @@fatalbanana in #5597 Fix rspamd dkim key loading for ed25519 by @@vstakhov in #5664 Fix dkim relaxed bodyhash calculation for spaces by @@vstakhov in #5662 Feat: Added rua address exclusion in dmarc.lua by @@croessner in #5653 [Feature] Add separate encryption keys for read/write operations in fuzzy_check by @@vstakhov in #5665 3.13.1 Added Archive module: Full support for encrypted ZIP archives, including both ZipCrypto and AES encryption; both reading and writing of AES-encrypted ZIP archives is supported with updated Lua bindings using libarchive for flexible compatibility with all standard ZIP encryption schemes Encrypted maps: Support for encrypted maps to enable new map distribution scenarios Redis TLS: Configurable TLS connections in Redis backend for improved compatibility in secure environments Improved MIME encoding refactoring: Major overhauls and multiple fixes for MIME encoding logic, including improved handling and decoding of UTF-8 in MIME headers, resulting in more robust email processing and better compatibility Learning system: Numerous fixes to learn checks and autolearn flag handling, prevention of duplicate message learning, and extended multiclass learning test coverage Map helpers alignment: Map helpers now enforced to be aligned to 64 bytes to prevent unaligned memory access errors on certain platforms CLI enhancements: Enhanced secretbox CLI and additional security test coverage Platform compatibility: Improved compatibility with Lua versions above 5.1 and better support for 32-bit platforms Fixed Critical fixes: Fixed bug when converting zero-length strings to numbers XML parsing: Fixed XML prolog detection in lua_magic module Build issues: Fixed build issues on 32-bit platforms Empty input handling: Addressed issues with empty input handling in lua_magic Test stability: Improved stability of automated testing with multiple miscellaneous test fixes Compatibility: Minor compatibility improvements and bugfixes (buffer allocation, missing cmath include, etc.) This release introduces archive module extensibility with full encrypted archive support including AES, new map distribution capabilities, secure integration options with Redis TLS, robust email and message processing improvements, and bugfixes for broader platform compatibility. This is recommended as a major stability and feature update. 3.13.0 Highlights & Major Features Since 3.12.1 1. Multiclass Bayes Classification ([#5547](#5547)) Bayesian classifiers now support multi-class differentiation—labels like spam, ham, transactional, newsletters, phishing, and more (2-20 classes supported). Efficient: all classes for a message handled in a single Redis call. Backward compatible with old config (is_spam); new config enables named classes and labels. Autolearn and Lua API support multiclass workflows. Fully class-aware Redis caching. Examples: rspamc learn_class:transactional receipt.eml or rspamc learn_class:newsletter newsletter.eml Lua API: task:get_multiclass_result() gives class probabilities and confidence. 2. Neural Module Overhaul ([#5579](#5579)) Complete rework into a provider-based architecture: combines symbols, LLM embeddings (OpenAI, etc.), and planned providers (Bayes/FastText, in the future). Pluggable fusion—multiple feature types can be combined for richer, more accurate classification. Trained normalization (unit/zscore/none), used consistently at training/inference. Redis-backed caching for LLM embeddings to control cost/latency. Configurable via providers, versioned for safe upgrades, fully backwards compatible. 3. Multimap Selectors & Regex Enhancements ([#5615](#5615)) Powerful, SA-style “selector” rules in multimap module for regex filtering on message fields. Dedicated selector field, integrated with Hyperscan and regex cache. Example: selector FROM_CORP from:domain =~ /corp\.example$/i 4. MIME & HTML Feature Extraction ([#5619](#5619), [#5608](#5608)) MIME parser detects part types automatically. HTML parser project extracts more features for downstream modules. 5. HTTP, DNS, Upstream Improvements ([#5614](#5614), [#5603](#5603), [#5601](#5601)) Flexible HTTP timeout config and handling. Upstream reliability: probe mode, less need for forced revive. DNS nameserver resolution moved to getaddrinfo. 6. Modernization & Maintenance ([#5592](#5592), [#5598](#5598), [#5580](#5580), others) Standardized on C++20; builds, test, and CI improvements (ARM support, modern fallback maps). Regular code cleaning, bugfixes, and RPM tweaks. 7. WebUI & UX ([#5606](#5606), [#5607](#5607)) E2E scan test flows in WebUI. Bootstrap upgrade, Bayes class management from the web interface. 8. GPT & LLM Integrations ([#5612](#5612), [#5572](#5572)) Improved handling of GPT model parameters and prompts. Initial support for OpenAI GPT-5 and other models. Notable Bugfixes & Maintenance DCC plugin rewritten ([#5602](#5602)), optimized. DKIM relaxed body canonicalization ([#5593](#5593)), multimap, WebUI and configuration reliability increased. Numerous minor bugfixes, build and CI improvements. Projects & Modules Affected Core: Multiclass Bayes, Neural/LLM fusion Filtering: Multimap selectors, regex & Hyperscan Protocols: HTTP, DNS Web: WebUI, Bootstrap Plugins: DCC, DKIM, GPT, Neural @ text @d1 1 a1 1 $NetBSD: patch-src_plugins_lua_dmarc.lua,v 1.1 2024/05/16 15:22:14 taca Exp $ d8 1 a8 1 --- src/plugins/lua/dmarc.lua.orig 2025-10-05 18:04:57.000000000 +0000 d10 1 a10 1 @@@@ -323,7 +323,7 @@@@ local function dmarc_validate_policy(tas d12 4 a15 4 -- Prepare and send redis report element local period = os.date('%Y%m%d', - task:get_date({ format = 'connect', gmt = false })) + math.floor(task:get_date({ format = 'connect', gmt = false }))) d17 2 a18 2 -- Dmarc domain key must include dmarc domain, rua and period local dmarc_domain_key = table.concat( @ 1.1 log @mail/rspamd: fix DMARC report on NetBSD Fix DMARC report on NetBSD. os.date() require integer as second argument but get_date() returns float on NetBSD. So, convert return value of get_date() to integer. Without this change, data required for DMARC report would not be stored to Redis. This fix is provided from Yoshitaka Tokugawa . Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD$ d8 1 a8 1 --- src/plugins/lua/dmarc.lua.orig 2024-02-26 09:36:56.000000000 +0000 d10 1 a10 1 @@@@ -310,7 +310,7 @@@@ local function dmarc_validate_policy(tas d14 2 a15 2 - task:get_date({ format = 'connect', gmt = false })) + math.floor(task:get_date({ format = 'connect', gmt = false }))) @ 1.1.2.1 log @file patch-src_plugins_lua_dmarc.lua was added on branch pkgsrc-2024Q1 on 2024-06-23 15:58:45 +0000 @ text @d1 18 @ 1.1.2.2 log @Pullup ticket #6862 - requested by taca mail/rspamd: NetBSD bugfix Revisions pulled up: - mail/rspamd/Makefile 1.104-1.105 - mail/rspamd/cfgfiles.mk 1.10 - mail/rspamd/distinfo 1.58 - mail/rspamd/files/rspamd.sh 1.3 - mail/rspamd/patches/patch-src_plugins_lua_dmarc.lua 1.1 --- Module Name: pkgsrc Committed By: taca Date: Thu Apr 25 15:19:22 UTC 2024 Modified Files: pkgsrc/mail/rspamd: Makefile pkgsrc/mail/rspamd/files: rspamd.sh Log Message: mail/rspamd: allow rc.d script to reload Bump PKGREVISION. --- Module Name: pkgsrc Committed By: taca Date: Thu May 16 15:22:14 UTC 2024 Modified Files: pkgsrc/mail/rspamd: Makefile cfgfiles.mk distinfo Added Files: pkgsrc/mail/rspamd/patches: patch-src_plugins_lua_dmarc.lua Log Message: mail/rspamd: fix DMARC report on NetBSD Fix DMARC report on NetBSD. os.date() require integer as second argument but get_date() returns float on NetBSD. So, convert return value of get_date() to integer. Without this change, data required for DMARC report would not be stored to Redis. This fix is provided from Yoshitaka Tokugawa . Bump PKGREVISION. @ text @a0 18 $NetBSD: patch-src_plugins_lua_dmarc.lua,v 1.1 2024/05/16 15:22:14 taca Exp $ os.date() require integer as second argument but get_date() returns float on NetBSD. So, convert return value of get_date() to integer. This fix is provided from Yoshitaka Tokugawa . --- src/plugins/lua/dmarc.lua.orig 2024-02-26 09:36:56.000000000 +0000 +++ src/plugins/lua/dmarc.lua @@@@ -310,7 +310,7 @@@@ local function dmarc_validate_policy(tas -- Prepare and send redis report element local period = os.date('%Y%m%d', - task:get_date({ format = 'connect', gmt = false })) + math.floor(task:get_date({ format = 'connect', gmt = false }))) -- Dmarc domain key must include dmarc domain, rua and period local dmarc_domain_key = table.concat( @