The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Forwarders bypass spamassassin protection?

Discussion in 'E-mail Discussions' started by sehh, Mar 15, 2010.

  1. sehh

    sehh Well-Known Member

    Joined:
    Feb 11, 2006
    Messages:
    579
    Likes Received:
    5
    Trophy Points:
    18
    Location:
    Europe
    We noticed that forwarders bypass SpamAssassin protection against spam.

    Is there a way to enable SA scanning of emails passing through a forwarder, at least for its own domain?
     
  2. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,281
    Likes Received:
    37
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    This has been widely discussed on these forums over time. I'm really surprised this comes as a surprise to you :)

    The [typical] solution: for every forwarder that you want spam filtering, create a POP3 account as well. As long as it is a POP3 account, it will be filtered before being forwarded.

    Of course, then, if you are concerned about those POP3 accounts filling up because nobody checks them since the emails are forwarded elsewhere, you'll need to create a method to remove those emails from the POP3 accounts on a regular / semi-regular basis to keep the mailboxes clean.

    But yeah, a simple forwarder has no spam filtering applied. Fortunately though, RBLs and any other ACLs you have will still act upon them... just no SpamAssassin.

    Mike
     
  3. sehh

    sehh Well-Known Member

    Joined:
    Feb 11, 2006
    Messages:
    579
    Likes Received:
    5
    Trophy Points:
    18
    Location:
    Europe
    hehe yeah it took me a while to figure it out :)

    creating pop3 accounts is not the best way, it would be nice if cPanel developers forced SA on forwarded emails as well.

    I guess I have no other options, so I'll do just that.

    Thank you for your help!
     
  4. adsessor

    adsessor Registered

    Joined:
    Mar 22, 2010
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    There is also another area that SA and Cpanel fails to check.

    Even if you create pop3 accounts SA can be bypassed.

    If you forward from one account (domain forward etc. as well as email forward) to another on the same server using cpanel or between cpanel servers then Spam Assassin ignores the emails that were forwarded.

    Hence mail for domain A forwarded to domain B and put into a mailbox will be ignored by SA.
    Likewise email forwarded between accounts will be ignored by SA.

    So spam can easily be passed and is ignored.
     
  5. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    You do know Spamassassin has a configuration setting for that, right?
     
Loading...

Share This Page