Exim / Apache SpamAssassin X-Spam-Score configuration

accretor

Member
Feb 3, 2012
18
0
51
cPanel Access Level
Root Administrator
Background follows, here are the specific questions I have:

  1. Will setting X-Spam-Score equal to SpamAssassin score pooch anything in cPanel?
  2. This appears to be possible in the Exim configuration editor, though I know very little about Exim. Does anyone have a resource that he would recommend?

Background

We've encountered a problem with the hosted email management solution HelpScout.

HelpScout is apparently looking at X-Spam-Score, which cPanel sets to SpamAssassin score × 10.

HelpScout then is "helpfully" using some non-configurable internal threshold setting and comparing it to X-Spam-Score and decided some of our emails are spam. I have been advised the X-Spam-Score header should equal the SA score, not be a factor of ten greater.

I'm not particularly interested in theory or assigning blame. We have a very simple problem: We want to stop our emails on HelpScout silently being shuffled to the Spam folder. According to their engineer, this is happening because the X-Spam-Score appears grossly high to their application. Unfortunately, there is no way to set the threshold in their application.

Here are some example headers from a real case that was flagged as spam in their system:

Code:
X-Spam-Status: No, score=3.1
X-Spam-Score: 31
X-Spam-Bar: +++
X-Ham-Report: [Actual content of email removed for client privacy.]
    Content analysis details: (3.1 points, 5.0 required)
    pts rule name description
    ---- ---------------------- --------------------------------------------------
    0.0 TVD_RCVD_IP TVD_RCVD_IP
    0.0 HTML_MESSAGE BODY: HTML included in message
    1.0 HTML_IMAGE_ONLY_16 BODY: HTML: images with 1200-1600 bytes of words
    0.0 T_REMOTE_IMAGE Message contains an external image
    2.1 FROM_12LTRDOM From a 12-letter domain
X-Spam-Flag: NO
 

accretor

Member
Feb 3, 2012
18
0
51
cPanel Access Level
Root Administrator
Re: Exim / SpamAssassin X-Spam-Score configuration

OK, I'm not sure if its the absolute best way to do this, but here's what I've done.

  1. Exim Configuration Editor -> Advanced Editor
  2. copied the entire default_spam_scan section to the clipboard
  3. unchecked default_spam_scan
  4. checked custom_begin_spam_scan
  5. pasted the clipboard contents there
  6. corrected undesired line break
  7. changed all lines
    Code:
    add_header = X-Spam-Score: $spam_score_int
    to
    Code:
    add_header = X-Spam-Score: $spam_score
  8. saved

I tested this with http://spamassassin.apache.org/gtube/gtube.txt and everything seems to work fine. The message is still flagged as spam, including the subject rewrite, but the X-Spam-Score header, which used to report 9995 now reports 999.5 as desired.

I hope this is of use, and maybe if someone out there sees a better way for me to implement this, we can get more information posted here. I know next to nothing about Exim and find it's documentation and configuration quite complex and muddy, so I'd like to know if this way of achieving my objective is sensible. Is there something more robust and elegant that you would suggest, dear reader?

Thanks.