[case 60473] Scan Outgoing email not working in Cpanel

cPanelTristan

Quality Assurance Analyst
Staff member
Oct 2, 2010
7,607
43
348
somewhere over the rainbow
cPanel Access Level
Root Administrator
re: [case 60473] Scan Outgoing email not working in Cpanel

Are you on cPanel 11.30 or on cPanel 11.32 currently?

Code:
cat /usr/local/cpanel/version
 

cesarlwh

Well-Known Member
Sep 23, 2008
63
0
56
re: [case 60473] Scan Outgoing email not working in Cpanel

I need to use this too, I am using cPanel 11.32 how to configure the spamassassin to SCAN Outgoing emails?

And how to create outsite cpanel rules for all domains to block SPAM outgoing from my server?
 

SoftDux

Well-Known Member
May 27, 2006
1,023
5
168
Johannesburg, South Africa
cPanel Access Level
Root Administrator
re: [case 60473] Scan Outgoing email not working in Cpanel

Those instructions needs to be modified to work with cPanel 11.32.x since the interface had changed quite a bit.

I also want to add: what exactly happens when those settings are applied? Are the spam messages blocked, deleted, or does the server admin just get a notice about the spam?
 

cPGoodJosh

Member
Staff member
Mar 6, 2012
5
0
51
Houston
cPanel Access Level
Root Administrator
re: [case 60473] Scan Outgoing email not working in Cpanel

Hello all,

I have some steps so you can get those rules added to your exim configuration in 11.32, however I have been unable to get it to work for detecting SPAM (at least with the GTUBE test).

1) Log in to WHM
2) Go to Main >> Service Configuration >> Exim Configuration Manager
3) Click on the "Advanced Editor" tab
4) From the very top, scroll down until you see the button labeled "Add additional configuration setting", and click on that button
5) Type in "acl_not_smtp" in to the first box
6) Type "check_local" in to the second box
7) Scroll down until you see "acl_not_smtp"
8) In the box right after "custom_begin_not_smtp" put the following in to it:

check_local:
deny message = This message contains malware ($malware_name)
demime = *
malware = *

deny message = This message was classified as SPAM
spam = nobody

accept

(refer to the screen shot attached if you're having problems finding the right place)

9) Scroll all the way down and click on "Save"

After you do that, if you test it with the EICAR test file, you should notice that the email doesn't get send out. The error in the exim logs will look like this:

Error while reading message with no usable sender address (R=<redacted>): rejected by non-SMTP ACL: This message contains malware ()


EICAR test file - Wikipedia, the free encyclopedia

Summary:

With those steps, the malware test file gets caught, but not the spam test string.

View attachment 12062
 

wemnael

Member
Oct 23, 2010
9
0
51
re: [case 60473] Scan Outgoing email not working in Cpanel

I tried steps indicated by cPGoodJosh , tried to send a test email via SMTP with EICAR test file attached, but malware test file is still there and filter seems NOT to work. I have last cPanel version.
 

cPanelNick

Administrator
Staff member
Mar 9, 2015
3,481
35
208
cPanel Access Level
DataCenter Provider
re: [case 60473] Scan Outgoing email not working in Cpanel

case 60473 is planned to add official support for this functionality (as well as outgoing malware scanning of non-smtp messages .. if enabled) The support is current written and awaiting code review.
 

wwwcad

Member
PartnerNOC
Oct 4, 2006
22
6
153
cPanel Access Level
DataCenter Provider
Ok, i did it myself and Joshua is right. In 11.32 you should add the params in custom_begin_not_smtp but avoid check_local, the rules are already under check_not_smtp

ONLY IF YOU HAVE CLAMAV CONNECTOR USE THE RULE:

deny message = This message contains malware ($malware_name)
demime = *
malware = *

ONLY IF YOU HAVE SPAM ASSASIN USE THE RULE

deny message = This message was classified as SPAM
spam = nobody

accept

Regards