SpamAssassin since cp11...

[shaun]

I noticed the problem right away, Spamassassin was allowing alot more spam through to my inbox. Soon after than i noticed more and more customers complaining about the same thing. I now have a huge amount of people reporting the same thing, spamassassin just doesn't seam to be working as well as it once did and it appears to have happened right after the cp11 push. With the amount of customers reporting seeing the same thing i am i'm sure you guys are seeing the same problem. So is there a solution to get spamassassin working as it once did?

[metsfan]

I got the same complaint from someone on my server.

[jrehmer]

I noticed the problem right away, Spamassassin was allowing alot more spam through to my inbox. Soon after than i noticed more and more customers complaining about the same thing. I now have a huge amount of people reporting the same thing, spamassassin just doesn't seam to be working as well as it once did and it appears to have happened right after the cp11 push. With the amount of customers reporting seeing the same thing i am i'm sure you guys are seeing the same problem. So is there a solution to get spamassassin working as it once did?

Have you looked at the headers to determine the score Spam Assassin has given all these messages? If not I highly recommend that you do, you may find that it's not filtering at all, or that the users need to modify their score. I haven't noticed any additional spam in my inbox since the update to 11, neither have any of my customers across 4 servers.

[sparek-3]

Have you looked at the headers to determine the score Spam Assassin has given all these messages? If not I highly recommend that you do, you may find that it's not filtering at all, or that the users need to modify their score. I haven't noticed any additional spam in my inbox since the update to 11, neither have any of my customers across 4 servers.

Indeed, I would check on this. I know cPanel 11 has some new exim configuration options and I do not believe subject rewrites are enabled by default. If you had previously configured your SpamAssassin configuration to rewrite the subject of spam messages, then it may not be doing this any longer.

The new cPanel 11 has the option of automatically rewriting the subject of spam messages to include ***SPAM*** in the subject, but I am not sure if this is enabled by default. This is a server-wide option, meaning that all accounts on the server that have spamassassin enabled would be subjected to having their subjects rewritten to include ***SPAM*** in the subject. There's no way to enable customized per account subject rewrites, unless you enable the old spamassassin acl in the Exim Configuration Editor.

[Daniel15]

I'm having the same problems. Messages which are obviously spam are showing a SpamAssassin score of 0 in the message header (which is definitely incorrect).
I may try the server-wide spam protection as detailed at http://www.rvskin.com/index.php?page=public/antispam, and see if this works better. I've previously used MailScanner, but it increased the load dramatically.

Edit: Looks like spamd is not operating correctly. Here's what I saw in /var/log/exim_mainlog:

2007-05-18 23:35:35 1HpGfH-0002Cq-As spam acl condition: warning - spamd connection to 127.0.0.1, port 783 failed: Connection refused
2007-05-18 23:35:35 1HpGfH-0002Cq-As spam acl condition: all spamd servers failed

Edit 2: Make sure that you do not have a file called /etc/spamdisable. If you do, remove it. This was the problem in my case - spamd wasn't starting because it was disabled (due to the /etc/spamdisable file).

[jrehmer]

I'm having the same problems. Messages which are obviously spam are showing a SpamAssassin score of 0 in the message header (which is definitely incorrect).

I may try the server-wide spam protection as detailed at http://www.rvskin.com/index.php?page=public/antispam, and see if this works better. I've previously used MailScanner, but it used too much CPU time.

Since multiple people appear to be having the problem I recommend you all open support tickets. If you don't have direct access to open tickets, your provider can do it for you, and they shouldn't have any problem doing so!

[anup123]

It broke server wide scanning and blocking at SMTP time. They fixed it saying go back to old transport method. It broke again with the cp upgrade yesterday CURRENT TREE. OLD Transport Method set all permissions are fine but maillog shows no scanning after this update and tons of spam already.

good i did not update other servers after seeing issues on 1 server.

Anup

[shaun]

SpamAssassin is running, it's working... it's tagging messages that are spam as spam. But about 75% of the spam that comes it is missed, the headers don't look to have had spamassassin even touch them. it's like spamassassin is choosing to only check specific messages. Logs look fine, no errors, and i can see plenty of emails coming in that are being checked and i can see the normal spamassassin processing happening in /var/log/maillog. It's a weird issue.

[jrehmer]

Hello,

You could try doing cpan -f Mail::SpamAssassin but I'm not sure that will fix your problem.

I'd recommend opening a support ticket for this if you are still having difficulties.

Regards,

Jesse

[shaun]

Ya, that does nothing... I've been in direct contact with nick about it, just posted to see how many others might be seeing this problem.

[MuNLoK]

We have problem too... since we updated to cpanel11, spamassasin/spamd failed always.

When I update cpanel.. spamassasin is reinstalling one time and other.

[cpanelnick]

Exim now runs spamassassin scans @ smtp time in ACLS

Previously all mail coming into an account was scanned every time deliver was attempted. This was grossly inefficient.
The side affect of this is that if you have:
* Two domains WITH SEPARATE USERS
* spamassassin turned off on the first domain
* spamassassin turned on on the second domain
* Mail forwarded to an account on the second domain from the first domain

Any email that was sent to the first domain with be forwarded to the second domain unscanned as there is no SMTP session between the account as they are local.

Generally you just need to turn spamassassin ON for the other domain to solve the problem.

[anup123]

I had to downgrade from CURRENT to STANDARD (which still runs 10.x) and everything works well. I use following to block out all above a threshold at server level. It works fine. Worried what happens when standard moves to 11.x. Just need following to work (which has been working for years) not worried about ajax and other fancy stuff:

######## S A CHECK ###########

warn message = X-Spam-Score: $spam_score
spam = nobody:true

warn message = X-Spam-Report: $spam_report
spam = nobody:true

warn message = Subject: **** SPAM **** $h_Subject
spam = nobody

deny message = This message scored $spam_score spam points. Sorry we do not
allow such mails.
condition = ${if <{$message_size}{128k}{1}{0}}
spam = nobody:true
condition = ${if >{$spam_score_int}{110}{1}{0}}

###Spam Assassin Check End###

Regards
Anup

[cpanelnick]

I had to downgrade from CURRENT to STANDARD (which still runs 10.x) and everything works well. I use following to block out all above a threshold at server level. It works fine. Worried what happens when standard moves to 11.x. Just need following to work (which has been working for years) not worried about ajax and other fancy stuff:

######## S A CHECK ###########

warn message = X-Spam-Score: $spam_score
spam = nobody:true

warn message = X-Spam-Report: $spam_report
spam = nobody:true

warn message = Subject: **** SPAM **** $h_Subject
spam = nobody

deny message = This message scored $spam_score spam points. Sorry we do not
allow such mails.
condition = ${if <{$message_size}{128k}{1}{0}}
spam = nobody:true
condition = ${if >{$spam_score_int}{110}{1}{0}}

###Spam Assassin Check End###

Regards
Anup

It looks like you are running spamassassin multiple times on each message, once at the server level, and once at the user level. This is not supported in cPanel 11, and not recommended on any version.

[metsfan]

Ya, that does nothing... I've been in direct contact with nick about it, just posted to see how many others might be seeing this problem.

I'm having the exact same problem. It seems some messages just aren't being scanned at all.