The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Scan outgoing messages for spam and reject based on defined Apache SpamAssassin™ score

Discussion in 'E-mail Discussions' started by osirion, Oct 25, 2015.

  1. osirion

    osirion Active Member

    Joined:
    Jan 16, 2007
    Messages:
    28
    Likes Received:
    1
    Trophy Points:
    3
    Hi Guys,
    I've enabled all the cPanel settings as recommended for 'exim hardening' to prevent SPAM.
    I want to be extra safe though and was thinking of enabling:
    "Scan outgoing messages for spam and reject based on defined Apache SpamAssassin™ score"

    Just some questions:
    1) What would be considered a 'very safe' value to set this to? I dont want any of my customers legitimate email to be marked as spam.
    2) If a customers mail is marked as spam and isnt sent, do they get a bounceback saying that their mail looks like spam and wont be sent?
    3)Do not forward mail to external recipients based on the defined Apache SpamAssassin™ score (Minimum: 0.1; Maximum: 99.9) > What is the difference of this setting and the above?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    1. [EDIT] The default score is 5.0 and is the most common score utilized.

    2. The message is rejected at SMTP time, so the customer is aware the message is not accepted.

    3. This option is intended for email forwarders so ensure email that's forwarded to external mail servers such as Google are scanned by SpamAssassin before leaving the cPanel server.

    Thank you.
     
    #2 cPanelMichael, Oct 29, 2015
    Last edited: May 3, 2016
  3. osirion

    osirion Active Member

    Joined:
    Jan 16, 2007
    Messages:
    28
    Likes Received:
    1
    Trophy Points:
    3
    Thanks Michael,
    Just in regards to (2) though - do they get an error message? Do they get a detailed bounceback message? Perhaps you have an example of what it looks like?
    I just dont want to enable this then have customers phoning me asking why their email isnt going through because a clear/detailed message wasnt presented to them...
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    No bounce message is sent because the sending itself will fail at SMTP time with an error message indicating the reason for the failure.

    Thank you.
     
  5. thealien

    thealien Registered

    Joined:
    Apr 1, 2014
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    DataCenter Provider
    There is no real "clear" explanation of how the "score" should be set as it relates to this setting, so I'd like to double check. This is about the only thread I've seen that says "multiply by 10". So eg. if the default spam_score default on the server is "5" I would set "score" to be 50 if I wanted to use the "Scan outgoing messages for spam and reject based on defined Apache SpamAssassin™ score" ? If I wanted a "higher" number ie. for it to NOT be as strict I would say make it 70 or 80 etc.

    Please confirm this is correct.

    Thanks,

    Anton
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    I'll clarify the previous statement as our documentation has since changed.

    You do not have to multiply any values when configuring the SpamAssassin scores in cPanel and WHM. The default option when a user enables SpamAssassin is 5.0, so you can base your score adjustments on that. If you want to block messages more aggressively, then you would set the value lower such as 4.0 or 3.5. If you want to make SpamAssassin less aggressive, then change it to a value such as 6.0 or 7.5.

    The only instance where you need to have familiarly with the scoring system is if you are viewing your Exim logs or a message header. SpamAssassin multiples the score values you enter in cPanel/WHM by 10, and that's the value you will see in logs and message headers. Sometimes a user will look in their message header, and see an entry such as:

    Code:
    X-Spam-Score: 40
    That user might question why the message was not marked as SPAM if a SPAM threshold value of 5.0 was configured in cPanel or WHM. This happens because values you enter in cPanel/WHM are multiplied by 10. Thus, entering 5.0 for "Scan outgoing messages for spam and reject based on defined Apache SpamAssassin™ score" in "WHM >> Exim Configuration Manager" results in the following entry in /etc/exim.conf.localopts:

    Code:
    acl_outgoing_spam_scan_over_int=50
    Thank you.
     
Loading...

Share This Page