Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

"Do not forward email to external recipients" for SpamAssassin score over X

Discussion in 'E-mail Discussion' started by JamesOakley, Feb 4, 2015.

  1. JamesOakley

    JamesOakley Well-Known Member

    Joined:
    Apr 15, 2011
    Messages:
    83
    Likes Received:
    2
    Trophy Points:
    58
    cPanel Access Level:
    Root Administrator
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,803
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    Our documentation elaborates some more on these options:

    Do not forward mail to external recipients if it matches the Apache SpamAssassin™ internal spam_score setting
    Do not forward mail to external recipients based on the defined Apache SpamAssassin™ score
    To clarify, are you asking if email is forwarded to multiple addresses (local and external), if it still delivers to the local forwarded address? Could you setup a scenario like this in a test account and let me know the steps I can take to reproduce the issue?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. JamesOakley

    JamesOakley Well-Known Member

    Joined:
    Apr 15, 2011
    Messages:
    83
    Likes Received:
    2
    Trophy Points:
    58
    cPanel Access Level:
    Root Administrator
    Thanks Michael

    I looked for that documentation this morning, and nearly found it. I was on the right page, but then "search within page" didn't find it because I was on the wrong tab. :(

    Anyway, I've read it now, but it doesn't elaborate much beyond the tooltip help within WHM.

    I'll try and set up a test case if I get a few minutes. I was asking generally about what's supposed to happen (as I assume it's implemented as you intended).

    There are probably two questions rolled into one: (i) How does it fail - (a) silently, (b) at SMTP time, or (c) with a bounce message sent back after the message has been initially accepted? (ii) What happens if there are two forwarders for one address, or a forwarder for an address that also has a mailbox attached - (a) the message reaches neither recipient, (b) the message reaches the internal recipient but is not forwarded?

    Those two aspects of the question play off each other. If the answer to the second part is that the internal recipient will get the message while the external forwarder will not fire, then anything other than silent failure will be problematic. You can't bounce a message saying that the email address the message was sent to has failed delivery, if it has half succeeded.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,803
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    I've not been able to reliably test this behavior. Could you open a support ticket so we can test this on your environment and verify it's working as intended? You can post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. LDHosting

    LDHosting Well-Known Member

    Joined:
    Jan 19, 2008
    Messages:
    93
    Likes Received:
    2
    Trophy Points:
    58
    cPanel Access Level:
    Root Administrator
    Currently it seems to fire off a bounce to the sender. The message is delivered to the main recipient (or sent to the spambox/deleted based on Spamassassin settings), it is not forwarded, but a bounce is sent to the sender regarding the forward.

    redacted@gmail.com
    (ultimately generated from mainrecipient@domain.com)
    This mail cannot be forwarded because it was detected as spam.

    Since a lot of spam messages will have spoofed sender addresses, this just creates a backscatter issue instead of a spam forwarding issue.

    Ticket 6112775
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #5 LDHosting, Feb 19, 2015
    Last edited: Feb 19, 2015
  6. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,803
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Internal case number 167765 is open to address an issue where when the new Exim option "Do not forward mail to external recipients if it matches the Apache SpamAssassinô internal spam_score setting" is enabled, email sent to a forward address which is detected as spam is bounced instead of rejected, potentially resulting in backscatter. Our development team has yet to make a decision on this case, but you can monitor our change log in the event a resolution is published:

    cPanel - Change Logs

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. Tom Risager

    Tom Risager Well-Known Member

    Joined:
    Jul 10, 2012
    Messages:
    116
    Likes Received:
    5
    Trophy Points:
    18
    Location:
    Copenhagen, Denmark
    cPanel Access Level:
    Root Administrator
    We were looking forward to finally being able to use Spamassassin on forwarders, but generating backscatter is no improvement. I really hope this turns out to be a design error that can be corrected.
     
    #7 Tom Risager, Feb 20, 2015
    Last edited: Feb 20, 2015
  8. JamesOakley

    JamesOakley Well-Known Member

    Joined:
    Apr 15, 2011
    Messages:
    83
    Likes Received:
    2
    Trophy Points:
    58
    cPanel Access Level:
    Root Administrator
    Sorry - it seems I wasn't clear.

    I wasn't reporting that my installation wasn't working as intended. I was simply asking what is supposed to happen.

    Ouch.

    The backscatter isn't the big issue there - it's privacy.

    Suppose someone wishes to give out mainrecipient@domain.com to senders, but keep their personal gmail address private. This is currently possible. But if the bounce message you reported is what goes back to the sender, the target email addresses in the forwarders is being disclosed to the senders.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,803
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    The initially suggested resolution in this case is to ensure that an SMTP-time error is generated for this event instead of a bounce email. However, the case has not yet been investigated by our development team, so no decision has been made on the expected behavior at this time.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. LDHosting

    LDHosting Well-Known Member

    Joined:
    Jan 19, 2008
    Messages:
    93
    Likes Received:
    2
    Trophy Points:
    58
    cPanel Access Level:
    Root Administrator
    By "SMTP-time error" do you mean that the message would just be rejected at SMTP time? If so, wouldn't that override the user's Spamassassin settings, for example to deliver mail to their spambox?

    I could understand a reject if there was no local mailbox, but if there is both a local mailbox and a forwarder, should it not still deliver to the local mailbox and just ignore the forward?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,803
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    This is in regards to email sent to a forward address which is detected as SPAM, not the local address. The forwarded message is handled separately from the local message.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,554
    Likes Received:
    9
    Trophy Points:
    168
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    I've updated the internal case with my thoughts, but to help encourage a faster resolution, I recommend submitting a support request to further express your concerns while explicitly mentioning Case 167765. We track the number of support requests linked to internal cases and this may help influence the direction and speed at which the issue is considered.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    Feemish likes this.
  13. Feemish

    Feemish Active Member

    Joined:
    Oct 26, 2005
    Messages:
    25
    Likes Received:
    0
    Trophy Points:
    151
    I agree with the comments above. This a real shame, been waiting for this feature for over a year!
    Is there any news regarding it?
     
  14. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,803
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    There's no update to report at this time. I will update this thread with more information as it becomes available.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  15. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,554
    Likes Received:
    9
    Trophy Points:
    168
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Status Update: Progress has been made with Case 167765 in that it now has a change proposed for cPanel&WHM 11.52. The proposed changes will still have to be reviewed and tested, but the issue is now much closer to resolution.

    As cPanel&WHM version 11.52 is a ways out, if you have not already done so and this issue is affecting you or your business, I encourage you to submit a support request to express your concerns and thoughts while explicitly mentioning Case 167765, which may influence whether or not the resolution is back-ported to a future 11.50 update (e.g., 11.50.1.x or 11.50.2.x, etc.).
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice