Problem with Exim/Filter

I have troubles with the CP 11 Mail filters too.

With CP 10 I used ****** with any headers to filter out spam mails above a certain score. With CP 11 it's ++++. But when I try to add this to a rule no mail arrives at all. When I remove the rule the mails appear again. I also tried to escape the +. It seems like the frontend for the filter rules has some bugs here.

I finally found out that it works with "Spam Score above" and a number (Score * 10).

I have another account on the server. One email address of this domain is forwarded to the domain which is filtered (my main domain/email address) Sometimes I send mails with cc to this other email address for documentation purpose. So this mail is sent from my main email address to another email address of another account and should be forwarded back to the main address.

Now I found out that the mail gets lost when I have the "Spam Score above" filter active. If not the mail goes through - even without any spamassassin header.


I tried to test the filter with the "Spam Score above" rule and got th following error:

Filter error: malformed numerical string ""

When I remove the filter rule I get no error.

Could it be that there are some bugs in the email filtering system.

 

Yes, it will look at the header and see if the mail has been marked as spam by assassin.
What seems to be missing or malformed is the 'action' of the rule.

I'm only an end-user of control-panel, so I can't answer that.
But when my webhost created my account, there were no filters created. I created all my filters manually.
Perhaps when boxtrapper is enabled it creates this rule automatically, but makes an error in doing so?
I don't know... I've never used boxtrapper.

What you are seeing is simply the TITLE that the user/script gave the rule when it was created. So it doesn't have to be correct syntax; it could easily have been called 'spam rule'. Don't you see an 'edit' link to the right of that title line? You should be able to click on that and edit the rule. There should also be a link to delete the rule too.

Anyway, all this points to a script (possibly boxtrapper or perhaps a cpanel config file) that has modified:
root/.cpanel/filter.yaml if the rule is at account level OR
root/etc/DOMAIN/USEREMAILADDRESS/filter.yaml if the rule is at user level.

The rule should look like this in that file:

---
filter:
-
actions:
-
action:
dest:
filtername: "$h_X-Spam-Status: begins with Yes"
rules:
-
match: begins
opt: or
part: "$h_X-Spam-Status:"
val: Yes



It sounds to me like the highlighted lines in the file are malformed or missing. For instance, action could be 'deliver' and dest could be 'spambin@mydomain.com', which means all mail marked by assassin as spam would be redirected to that email address.

You don't need this rule if you want the spam mail to still be delivered to the users, and so let them filter it themselves using their email clients. However, I have set this rule up at account level because I find that assassin almost never makes false positive errors. I deliver all the spam to a 'spambin' email account and keep a couple of weeks back-log just in case someone at our company asks me to check whether a legitimate email has been sent to the 'spambin' by mistake.


EDIT: I just noticed that the 'delete' function does not work for user-level filters. You need to manually delete:
root/etc/DOMAIN/USEREMAILADDRESS/filter.yaml and
root/etc/DOMAIN/USEREMAILADDRESS/filter

or if you have multiple rules, then you have to edit these files to erase just that one rule rather than delete the whole file.


.