SOLVED [CPANEL-26054] SpamAssassin forwards locally delivered SPAM

LBJ

Well-Known Member
Nov 1, 2003
93
5
158
cPanel Access Level
DataCenter Provider
G'day All,

I can never find an obvious place to lodge bug reports other than by raising a support ticket, so I'll try it here.

On all our 76.0.20 servers, the option to scan outgoing and forwarded email is not detecting definite spam created on-server and sent to an external address via a forwarder.

Only email sent directly to an external address is being correctly handled.

This makes it very easy to spam from a compromised account on cPanel servers.


Steps to reproduce:

1. Enable the following Exim options...

Scan outgoing messages for spam and reject based on defined Apache SpamAssassin™ score

Do not forward mail to external recipients based on the defined Apache SpamAssassin™ score

2. Generate a spam message from the server (PHP mailto() for example) to a forwarder pointing to an external address. Use the SpamAssassin GTUBE string for spam.

The spam will be delivered without issue.

Outgoing spam is only blocked if sent directly to the external address. Using a forwarder completely bypasses the security.

Best regards,

LBJ
 
  • Like
Reactions: akust0m

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Hi @LBJ,

As you noted, internal case CPANEL-26054 was opened to report an issue where the option to scan outgoing and forwarded email is not detecting definite SPAM created on-server and sent to an external address via a forwarder. I'll monitor this case and update this thread with more information on it's status as it becomes available.

Thank you.
 

LBJ

Well-Known Member
Nov 1, 2003
93
5
158
cPanel Access Level
DataCenter Provider
Hi @LBJ,

As you noted, internal case CPANEL-26054 was opened to report an issue where the option to scan outgoing and forwarded email is not detecting definite SPAM created on-server and sent to an external address via a forwarder. I'll monitor this case and update this thread with more information on it's status as it becomes available.

Thank you.
G'day Michael,

Is there any update on this, or at least a likely time-frame?

We're still forced to add complex code to fully block webform spam where users have opted to email out via a configured forwarder to an external email address.

Best regards,

LBJ
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Hello @LBJ,

This case is fixed in cPanel & WHM version 82 (this version is not yet available to the public). You should see this version published to the EDGE release tier some time after version 80 reaches STABLE.

Thank you.