• New version of SpamAssassin v4.0.
• Support for Windows Server 2022 (64-bit) has been added.
• Support for Windows 11 (64-bit) was added.
• Windows Server 2008 R2 is no longer supported.
• Windows 7 is no longer supported.
• Shortcircuit rules "USER_IN_WHITELIST" has been replaced with "USER_IN_WELCOMELIST" and "USER_IN_DEF_WHITELIST" has been replaced with "USER_IN_DEF_WELCOMELIST".
• Shortcircuit rules "USER_IN_BLACKLIST" has been replaced by "USER_IN_BLOCKLIST" and "USER_IN_BLACKLIST_TO" has been replaced by "USER_IN_BLOCKLIST_TO".
• A problem with restarting the SpamD process has been fixed.

27 March 2023

• Added new options to configure SSL: Ssl, SslKey, SslCertificate.  
• Fixed a problem in DNS whitelisting and blacklisting.
• An error when stopping the SpamD process was fixed.
• An error when changing the ListenIP or ListenPort settings was fixed.

Changed compatibilities

• SpamAssassin in a Box now requires .NET Framework 4.8.

22 March 2022

• SpamAssassin in a Box v2.5 now only supports 64 bit operating systems.
• SpamAssassin in a Box now uses a new license management. Starting with version 2.5, new license keys are valid and replace the previously used license keys. The new keys can be found in the customer area.
• A problem with starting the service has been fixed.
• A bug that caused the "MaxChildren" setting to be reset to its default value when starting the service has been fixed.
• The SpamAssassin binaries are now digitally signed with the JAM software certificate for MS Authenticode.

New version SpamAssassin v3.4.4. The changes from spamassassin.apache.org:

• FromNameSpoof: the default value of the fns_extrachars parameter was increased to 50.
• nosubject and maxhits tflags now work correctly with sa-compile.
• Added new subject prefix keyword. This can be used to add a prefix to an email subject if the original email matches a certain rule.
• New function Util::is_fqdn_valid() to validate the format of hostnames (DNS names) (error 7736). To check if a name contains a valid TLD, it is still necessary to additionally use RegistryBoundaries::is_domain_valid().
• New OLEVBMacro plugin to detect OLE macro in documents attached to emails, this plugin requires Archive::Zip and IO::String Perl modules to work.
• Due to the dangerous nature of the sa-update --allowplugins option, a warning is now issued that --reallyallowplugins is required to use it. This is to ensure that all legacy installations and wiki guides, etc. that still use it unnecessarily are fixed.
• The TxRep and Awl plugins have been modified to be compatible with the latest Postgresql versions. You should update your SQL database with the following command: MySQL: "ALTER TABLE `txrep` CHANGE `count` `msgcount` INT(11) NOT NULL DEFAULT '0';";" "ALTER TABLE `awl` CHANGE `count` `msgcount` INT(11) NOT NULL DEFAULT '0';";" "ALTER TABLE `awl` ADD last_hit timestamp NOT NULL default CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP;";" PostgreSQL: "ALTER TABLE txrep RENAME COLUMN count TO msgcount;" PostgreSQL: "ALTER TABLE txrep RENAME COLUMN count TO msgcount;" "ALTER TABLE awl RENAME COLUMN count TO msgcount;" "ALTER TABLE awl ADD last_hit timestamp NOT NULL default CURRENT_TIMESTAMP;".
• body_part_scan_size 50000, rawbody_part_scan_size 500000 default values added (error 6582) These allow safer and faster scanning of large emails.
• All pseudo-headers now return decoded headers, so their usage is consistent with simple header matching (:raw returns undecoded and folded as before).
• RegistryBoundaries did not load 20_aux_tlds.cf correctly in older versions. The old hardcoded list is now removed and RB prints "no tlds defined, need to run sa-update" unless it can find a list from the configuration files.
• Deprecated functions: Parser::is_delimited_regexp_valid(), Parser::is_regexp_valid(), Util::regexp_remove_delimiters(), Use::make_qr(). These are all combined into the new Util::compile_regexp() function.
• DNSEval: adds "check_rbl_headers" to check specific headers in RBL.
• DNSEval: adds "check_rbl_ns_from" to check against an RBL for DNS servers.
• HashBL: adds check_hashbl_bodyre, check_hashbl_emails, check_hashbl_uris, hashbl_ignore.
• ASN: support IPv6 with asn_lookup_ipv6 (bug 7211).
• sa-update: new --httputil option to force the download program used.
• Added rules_matching() expression to meta rules.
• Added tflags domains_only/ips_only to DNSEval.pm functions.
• RelayCountry: added new metadata: X-Spam-Country-External (_RELAYCOUNTRYEXT_), X-Spam-Country-Auth (_RELAYCOUNTRYAUTH_), X-Spam-Country-All (_RELAYCOUNTRYAUTH_) - New tflag "nosubject" for "body" rules to stop matching the subject that is part of the body text.

2 September 2021

• Due to a bug in the setup, the 32-bit version of SpamAssassin was installed. This is now fixed.

7 April 2020

• The system service was completely revised.
• The system service now writes the log to the Windows event log "SpamAssassin in a Box".
• Support for 32-bit operating systems has been discontinued.
• Stopping the SpamAssassin service could cause a timeout under certain circumstances. This is now fixed.
• An issue where the SpamAssassin service crashed has been fixed.

2 April 2020

• New Apache SpamAssassin Version 3.4.2
  • Sa-update now uses SHA-256 and SHA-512 hashing for verification.
  • Corrupted HTML-E-Mails do not crash the service anymore.
  • Several new Plugins, Mail::SpamAssassin::Plugin::HashBL and Mail::SpamAssassin::Plugin::Phishing.
  • More security issues have been fixed.
• Errors while loading the configuration file could cause the "SpamAssassin Daemon Controller" system service to crash. This has been fixed.

30 January 2019

• A critical error in the system service has been fixed: In some cases the spam detection stopped working. This is no longer the case.

07 November 2016

• A critical error in DNS-based spam tests (e.g. blacklists) that caused a drop in the spam detection rate has been fixed. All external blacklists are now queried again.

07 June 2016

• SpamAssassin for Windows 3.4.1 (includes Apache SpamAssassin 3.4.1) has been integrated.
• Please note: Support for Windows XP and Server 2003 has been dropped.
• More than one IP address can be specified as a ListenIP in file SpamD.config.
• The service considers open connections to clients. Periodic restarts of the SpamAssassin daemon are delayed accordingly.
• Proxy settings are respected in all cases.
• Several minor improvements and minor fixes have been incorporated.

02 May 2016

• For bayes and rules files SpamAssassin now uses the paths configured in the file "path.config" to access Bayes filter and rules files.
• Several minor improvements and minor fixes have been incorporated.

05 March 2015

• SpamAssassin for Windows 3.4.0.30 (includes Apache SpamAssassin 3.4.0) has been integrated.
• The CPU load of the SpamAssassin daemon was reduced significantly. This was achieved by using a set of native compiled anti spam rules ("Rule2XSBody" plugin).
• A problem that caused the service to stop itself sometimes, has been solved.
• Under certain conditions a wrong scan date was shown in the spam report. This problem has been solved.
• The bayes files are no more persisted in the user profile but in the %programdata% directory instead.
• On certain systems, the service didn't start automatically with the system. This problem was solved.
• The maximum size of the service log file (Service.log) can now be specified in the Service.config.
• Several minor improvements and minor fixes have been incorporated.

18 June 2014

Updated SpamAssassin version

• The integrated SpamAssassin was updated to version 3.4.0 (RC5).

New folder structure and XML file based configuration

• Configuration files, SpamAssassin rules, and log files are no longer written to the installation directory but to a dedicated application data directory
• XML-based files can now be used for configuration instead of the Windows registry.
• The service can now be configured via the "Service.config" file. Please refer to the "Configuration" topic for more information.
• The SpamAssassin daemon is now configured separately via the "SpamD.config" file. Please refer to the "Configuration" topic for more information.

Improved logging

• The log file (SpamD.log) of the SpamAssassin daemon is no longer reset at each restart of the daemon but each day instead.
• In addition to the EventLog, each message from the service is now also written to a separate text file "Service.log" that is located in the application data directory.

Numerous minor changes and improvements

• The batch script "trainbayes.bat" allowing quick and simple training of spam/ham mails in a specific folder has been added.
• The setup now queries for a contact address for users whose mails were identified as false positives.
• A problem has been solved which could lead to a handle leak of the service.
• The firewall rules are now deleted when uninstalling the application.
• A new copy protection was integrated. Please note that old installation keys are no longer valid. You will find your new installation keys in the customer area.
• Numerous further improvements and a few minor bug fixes have been incorporated.

24 March 2014