The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Apache SpamAssassin since cp11...

Discussion in 'EasyApache' started by shaun, May 18, 2007.

  1. shaun

    shaun Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    698
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    San Clemente, Ca
    I noticed the problem right away, Spamassassin was allowing alot more spam through to my inbox. Soon after than i noticed more and more customers complaining about the same thing. I now have a huge amount of people reporting the same thing, spamassassin just doesn't seam to be working as well as it once did and it appears to have happened right after the cp11 push. With the amount of customers reporting seeing the same thing i am i'm sure you guys are seeing the same problem. So is there a solution to get spamassassin working as it once did?
     
  2. metsfan

    metsfan Registered

    Joined:
    Nov 11, 2004
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    I got the same complaint from someone on my server.
     
  3. jrehmer

    jrehmer Well-Known Member

    Joined:
    Apr 10, 2003
    Messages:
    287
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Denver, CO
    Have you looked at the headers to determine the score Spam Assassin has given all these messages? If not I highly recommend that you do, you may find that it's not filtering at all, or that the users need to modify their score. I haven't noticed any additional spam in my inbox since the update to 11, neither have any of my customers across 4 servers.
     
  4. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,381
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Indeed, I would check on this. I know cPanel 11 has some new exim configuration options and I do not believe subject rewrites are enabled by default. If you had previously configured your SpamAssassin configuration to rewrite the subject of spam messages, then it may not be doing this any longer.

    The new cPanel 11 has the option of automatically rewriting the subject of spam messages to include ***SPAM*** in the subject, but I am not sure if this is enabled by default. This is a server-wide option, meaning that all accounts on the server that have spamassassin enabled would be subjected to having their subjects rewritten to include ***SPAM*** in the subject. There's no way to enable customized per account subject rewrites, unless you enable the old spamassassin acl in the Exim Configuration Editor.
     
  5. Daniel15

    Daniel15 Well-Known Member

    Joined:
    Oct 7, 2006
    Messages:
    84
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    I'm having the same problems. Messages which are obviously spam are showing a SpamAssassin score of 0 in the message header (which is definitely incorrect).
    I may try the server-wide spam protection as detailed at http://www.rvskin.com/index.php?page=public/antispam, and see if this works better. I've previously used MailScanner, but it increased the load dramatically.

    Edit: Looks like spamd is not operating correctly. Here's what I saw in /var/log/exim_mainlog:
    Edit 2: Make sure that you do not have a file called /etc/spamdisable. If you do, remove it. This was the problem in my case - spamd wasn't starting because it was disabled (due to the /etc/spamdisable file).
     
    #5 Daniel15, May 18, 2007
    Last edited: May 18, 2007
  6. jrehmer

    jrehmer Well-Known Member

    Joined:
    Apr 10, 2003
    Messages:
    287
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Denver, CO
    Since multiple people appear to be having the problem I recommend you all open support tickets. If you don't have direct access to open tickets, your provider can do it for you, and they shouldn't have any problem doing so!
     
  7. anup123

    anup123 Well-Known Member

    Joined:
    Mar 29, 2004
    Messages:
    897
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    This Planet
    It broke server wide scanning and blocking at SMTP time. They fixed it saying go back to old transport method. It broke again with the cp upgrade yesterday CURRENT TREE. OLD Transport Method set all permissions are fine but maillog shows no scanning after this update and tons of spam already.

    good i did not update other servers after seeing issues on 1 server.

    Anup
     
  8. shaun

    shaun Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    698
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    San Clemente, Ca
    SpamAssassin is running, it's working... it's tagging messages that are spam as spam. But about 75% of the spam that comes it is missed, the headers don't look to have had spamassassin even touch them. it's like spamassassin is choosing to only check specific messages. Logs look fine, no errors, and i can see plenty of emails coming in that are being checked and i can see the normal spamassassin processing happening in /var/log/maillog. It's a weird issue.
     
  9. jrehmer

    jrehmer Well-Known Member

    Joined:
    Apr 10, 2003
    Messages:
    287
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Denver, CO
    Hello,

    You could try doing cpan -f Mail::SpamAssassin but I'm not sure that will fix your problem.

    I'd recommend opening a support ticket for this if you are still having difficulties.

    Regards,

    Jesse
     
  10. shaun

    shaun Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    698
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    San Clemente, Ca
    Ya, that does nothing... I've been in direct contact with nick about it, just posted to see how many others might be seeing this problem.
     
  11. MuNLoK

    MuNLoK Member

    Joined:
    Jul 14, 2004
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    We have problem too... since we updated to cpanel11, spamassasin/spamd failed always.

    When I update cpanel.. spamassasin is reinstalling one time and other.
     
  12. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,426
    Likes Received:
    2
    Trophy Points:
    38
    cPanel Access Level:
    DataCenter Provider
    Exim now runs spamassassin scans @ smtp time in ACLS

    Previously all mail coming into an account was scanned every time deliver was attempted. This was grossly inefficient.
    The side affect of this is that if you have:
    * Two domains WITH SEPARATE USERS
    * spamassassin turned off on the first domain
    * spamassassin turned on on the second domain
    * Mail forwarded to an account on the second domain from the first domain

    Any email that was sent to the first domain with be forwarded to the second domain unscanned as there is no SMTP session between the account as they are local.

    Generally you just need to turn spamassassin ON for the other domain to solve the problem.
     
  13. anup123

    anup123 Well-Known Member

    Joined:
    Mar 29, 2004
    Messages:
    897
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    This Planet
    I had to downgrade from CURRENT to STANDARD (which still runs 10.x) and everything works well. I use following to block out all above a threshold at server level. It works fine. Worried what happens when standard moves to 11.x. Just need following to work (which has been working for years) not worried about ajax and other fancy stuff:

    ######## S A CHECK ###########

    warn message = X-Spam-Score: $spam_score
    spam = nobody:true

    warn message = X-Spam-Report: $spam_report
    spam = nobody:true

    warn message = Subject: **** SPAM **** $h_Subject
    spam = nobody

    deny message = This message scored $spam_score spam points. Sorry we do not
    allow such mails.
    condition = ${if <{$message_size}{128k}{1}{0}}
    spam = nobody:true
    condition = ${if >{$spam_score_int}{110}{1}{0}}

    ###Spam Assassin Check End###

    Regards
    Anup
     
  14. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,426
    Likes Received:
    2
    Trophy Points:
    38
    cPanel Access Level:
    DataCenter Provider

    It looks like you are running spamassassin multiple times on each message, once at the server level, and once at the user level. This is not supported in cPanel 11, and not recommended on any version.
     
  15. metsfan

    metsfan Registered

    Joined:
    Nov 11, 2004
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    I'm having the exact same problem. It seems some messages just aren't being scanned at all.
     
  16. DCH

    DCH Member

    Joined:
    May 4, 2006
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    But at least then the auto-whitelist on a per user basis worked. Or am I missing a way to get that running again??

    I had to switch back to the old transport because SA was disregarding user configurations.
     
  17. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,426
    Likes Received:
    2
    Trophy Points:
    38
    cPanel Access Level:
    DataCenter Provider
    It should still run as the user.. what does it say in /var/log/exim_mainlog ?
     
  18. shaun

    shaun Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    698
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    San Clemente, Ca
    The problem i was seeing was caused by what nick explained above. There were 2 users created on the server, and user1 was using a domain forward (under mail section) to forward all mail from user1's domain to user2's domain. user2 has spamassassin enabled but user1 did not. in the past this worked fine but not with the new setup.

    All my messages are now being tagged by spamassassin, but i can say that spamassassin for some reason is doing a very poor job detecting spam... I went from having a few emails per day in mailbox's to having hundreds, it's getting quiet annoying and i don't have a good answer for other customers asking why this has happened.

    One thing i did notice, spamassassins website has this on it "2007-05-02: SpamAssassin 3.2.0 released! This release contains a significant number of changes and major enhancements" that version was pushed right about the time cpanel pushed 11, i'm starting to wonder if the SA guys messed something up... I think I'm going to attempt a downgrade of spamassassin on a server and see what happens.
     
  19. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    Cpanel has totally nuked my Exim config following updates on several occasions too!

    This thread is example of why I keep a backup copy of all my "exim*" files in /etc
    and have a cronjob running that automatically restores the original files if any
    changes are detected to my exim configuration.

    With the above in place, my Spamassassin, Exim, and everything is still working
    perfectly under Cpanel 11 even under all the current recent mass updates
    released over the past two weeks.

    Bottom line though .... keep good config backups
     
  20. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Just a note, any manual editing of the Exim configuration done outside WHM's Advanced Configuration Editor for Exim will likely be overwritten in the future with updates. Modifications made through the WHM interface's configuration editor will not be overwritten.

    Please refrain from directly editing the Exim configuration outside the WHM interface.
     
Loading...

Share This Page