Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Outbound spamassasssin scanning flaw?

Discussion in 'E-mail Discussion' started by optize, Apr 19, 2013.

  1. optize

    optize Well-Known Member

    Joined:
    Apr 27, 2005
    Messages:
    145
    Likes Received:
    0
    Trophy Points:
    166
    Is it possible to move the outbound scan for spamassassin after it checks to make sure they haven't hit their mail per hour limit?

    This is the current method:

    ---

    2013-04-19 14:25:01 1UTCFJ-0002OA-8t U=<<user>> Warning: "SpamAssassin as cpaneleximscanner detected OUTGOING not smtp message as NOT spam (4.7)"
    2013-04-19 14:25:01 1UTCFJ-0002OA-8t <= <<email>> U=<<user>> P=local S=924 T="Fw: <<spam subject here>>" for <<dest email address>>
    2013-04-19 14:25:01 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1UTCFJ-0002OA-8t
    2013-04-19 14:25:01 1UTCFJ-0002OA-8t ** <<dest email address>> R=enforce_mail_permissions: Domain <<domain>> has exceeded the max emails per hour (75/60 (125%)) allowed. Message discarded.
    2013-04-19 14:25:01 cwd=/var/spool/exim 7 args: /usr/sbin/exim -t -oem -oi -f <> -E1UTCFJ-0002OA-8t
    2013-04-19 14:25:01 1UTCFJ-0002OJ-FS <= <> R=1UTCFJ-0002OA-8t U=mailnull P=local S=1889 T="Mail delivery failed: returning message to sender" for <<email>>
    2013-04-19 14:25:01 1UTCFJ-0002OA-8t Completed

    --

    In this example, this customer got hacked we allow 60 emails per hour to prevent getting on RBLs and what not. However, it was still sending out a ton of emails every minute (and being rejected), yet each message was being scanned by spamd and killing the CPU.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice