The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

New Apache SpamAssassin lets in too much spam

Discussion in 'E-mail Discussions' started by wkdwich, Jul 17, 2007.

  1. wkdwich

    wkdwich Well-Known Member

    Joined:
    Apr 11, 2005
    Messages:
    105
    Likes Received:
    0
    Trophy Points:
    16
    I am so frustrated.. updated cpanel the other day to
    WHM 11.2.0 cPanel 11.6.0-C15032
    FEDORA 4 i686 - WHM X v3.1.0

    This in turn updated SA to 3.002001 (3.2.1 I guess)
    I have run sa-update, restarted exim.. and it runs and it definately catches spam.. no question there..
    Exim statistics from 2007-07-15 04:06:11 to 2007-07-17 22:06:20
    Received 5871
    Delivered 7195
    Rejects 48228
    thats 66 hours and 48k soam received.. and trashed

    But I am still getting way to many spams.. more than I did before the update -- cialis, viagra, all kinds of meds, all scoring betwen 0.6 and 3.5

    How can these mails score that low?

    I used to be able to see the rules it hit on, but can no longer see this.. Also I see that since the upgrade local deliver ails are not being scanned at all.. not that those really matter IMHO.. they come from my forums or forms..

    Other settings

    Reject mail at SMTP time if the spam score from spamassassin is greater than 10.0.
    Reject messages with potentially dangerous attachments.
    Rewrite messages SpamAssassin marks as spam with ***SPAM*** at the beginning of the subject line.

    OH WAIT.. Turn on SpamAssassin for all accounts (Global ON). of NOT checked... aand neither is use old transport system.. am I just being dumb blond here??
    BUt id the global is not ON.. how is SA running?> OK so I am really confused now
     
  2. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,279
    Likes Received:
    36
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    RE: SPAMASSASSIN (GLOBAL OR NOT)

    If you enable SpamAssassin GLOBALLY, then ALL mail is run through SpamAssassin.

    If you do NOT enable SpamAssassin globally, then each Cpanel accountholder can log into their Cpanel and enable/disable SpamAssassin on any/all/none of their domains if they wish.

    So either you need to enable SpamAssassin globally (if you don't mind forcing all of your customers to use spamassassin), OR do NOT enable SpamAssassin globally (and then let your customers decide if they want to turn on SpamAssassin or not in their Cpanel).

    RE: USING OLD TRANSPORT SYSTEM

    If you want to Exim/SpamAssassin to work the way it did in Cpanel 10, you can turn on old transport system. BUT, the default in Cpanel 11 is the 'new' transport system. Unless you have a compelling reason to use the old transport system, you don't want to enable it. The only people who would really need to use the old transport system are those people who have many customers that rewrite their subjects in different ways. Cpanel 11 / New Transport System does not support selective subject rewriting. You can enable rewriting in WHM for Cpanel 11, but it will _globally_ rewrite subject lines with ***SPAM***. If you don't mind this, do not enable old transport system.

    Mike
     
    #2 mtindor, Jul 17, 2007
    Last edited: Jul 17, 2007
  3. wkdwich

    wkdwich Well-Known Member

    Joined:
    Apr 11, 2005
    Messages:
    105
    Likes Received:
    0
    Trophy Points:
    16
    OK I did turn it ON globally and am tailing the mail logs right now.. what I saw:
    Jul 17 22:30:18 server spamd[7755]: rules: meta test FM_DDDD_TIMES_2 has dependency 'FH_HOST_EQ_D_D_D_D' with a zero score
    Jul 17 22:30:18 server spamd[7755]: rules: meta test FM_SEX_HOSTDDDD has dependency 'FH_HOST_EQ_D_D_D_D' with a zero score
    Jul 17 22:30:18 server spamd[7755]: rules: meta test HS_PHARMA_1 has dependency 'HS_SUBJ_ONLINE_PHARMACEUTICAL' with a zero score


    how do I fix that??


    And mails created locally from my forum and forms are still not getting scanned

    and the server seems to be running at higher loads than before.. my forum is quite busy this time of night though so it is hard to say where that lies
     
  4. MaraBlue

    MaraBlue Well-Known Member

    Joined:
    May 3, 2005
    Messages:
    335
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Carmichael, CA
    cPanel Access Level:
    Root Administrator
    I noticed the same thing when cP upgraded SA to 3.2.1 (and I'm still on cP 10, so transport method has nothing to do with it). I was told in June that 3.2.1 was untested in cPanel...guess they tested it.

    It seemed to "even out" after about 5 hours after the upgrade. EDIT: It was after the
    Code:
    /usr/bin/sa-update --nogpg --channel saupdates.openprotect.com
    cron ran.
     
    #4 MaraBlue, Jul 18, 2007
    Last edited: Jul 18, 2007
Loading...

Share This Page