Scan outgoing messages for spam and reject based on defined Apache SpamAssassin™ score

[osirion]

Hi Guys,
I've enabled all the cPanel settings as recommended for 'exim hardening' to prevent SPAM.
I want to be extra safe though and was thinking of enabling:
"Scan outgoing messages for spam and reject based on defined Apache SpamAssassin™ score"

Just some questions:
1) What would be considered a 'very safe' value to set this to? I dont want any of my customers legitimate email to be marked as spam.
2) If a customers mail is marked as spam and isnt sent, do they get a bounceback saying that their mail looks like spam and wont be sent?
3)Do not forward mail to external recipients based on the defined Apache SpamAssassin™ score (Minimum: 0.1; Maximum: 99.9) > What is the difference of this setting and the above?

 

[cPanelMichael]

Hello

1. [EDIT] The default score is 5.0 and is the most common score utilized.

2. The message is rejected at SMTP time, so the customer is aware the message is not accepted.

3. This option is intended for email forwarders so ensure email that's forwarded to external mail servers such as Google are scanned by SpamAssassin before leaving the cPanel server.

Thank you.

 

[osirion]

Thanks Michael,
Just in regards to (2) though - do they get an error message? Do they get a detailed bounceback message? Perhaps you have an example of what it looks like?
I just dont want to enable this then have customers phoning me asking why their email isnt going through because a clear/detailed message wasnt presented to them...

 

[cPanelMichael]

No bounce message is sent because the sending itself will fail at SMTP time with an error message indicating the reason for the failure.

Thank you.

 

[thealien]

Hello

1. The spam score of emails you want rejected needs to be multiplied by 10. For example, if you want to reject a score of 9.8, you would need to enter in 98 in this box.

2. The message is rejected at SMTP time, so the customer is aware the message is not accepted.

3. This option is intended for email forwarders so ensure email that's forwarded to external mail servers such as Google are scanned by SpamAssassin before leaving the cPanel server.

Thank you.

There is no real "clear" explanation of how the "score" should be set as it relates to this setting, so I'd like to double check. This is about the only thread I've seen that says "multiply by 10". So eg. if the default spam_score default on the server is "5" I would set "score" to be 50 if I wanted to use the "Scan outgoing messages for spam and reject based on defined Apache SpamAssassin™ score" ? If I wanted a "higher" number ie. for it to NOT be as strict I would say make it 70 or 80 etc.

Please confirm this is correct.

Thanks,

Anton

 

[cPanelMichael]

Hello,

I'll clarify the previous statement as our documentation has since changed.

You do not have to multiply any values when configuring the SpamAssassin scores in cPanel and WHM. The default option when a user enables SpamAssassin is 5.0, so you can base your score adjustments on that. If you want to block messages more aggressively, then you would set the value lower such as 4.0 or 3.5. If you want to make SpamAssassin less aggressive, then change it to a value such as 6.0 or 7.5.

The only instance where you need to have familiarly with the scoring system is if you are viewing your Exim logs or a message header. SpamAssassin multiples the score values you enter in cPanel/WHM by 10, and that's the value you will see in logs and message headers. Sometimes a user will look in their message header, and see an entry such as:

X-Spam-Score: 40

That user might question why the message was not marked as SPAM if a SPAM threshold value of 5.0 was configured in cPanel or WHM. This happens because values you enter in cPanel/WHM are multiplied by 10. Thus, entering 5.0 for "Scan outgoing messages for spam and reject based on defined Apache SpamAssassin™ score" in "WHM >> Exim Configuration Manager" results in the following entry in /etc/exim.conf.localopts:

acl_outgoing_spam_scan_over_int=50

Thank you.

 

[000]

...you would set the value lower such as 4.0 or 3.5. If you want to make SpamAssassin less aggressive, then change it to a value such as 6.0 or 7.5.

Put 10 in the box

* Do not forward mail to external recipients based on the defined Apache SpamAssassin™ score (Minimum: 0.1; Maximum: 99.9
or
 Scan outgoing messages for spam and reject based on defined Apache SpamAssassin™ score (Minimum: 0.1; Maximum: 99.9)

means a poor filter?

Then a filter strong is 3 ?

 

[cPDavidL]

Hello @000!

I wouldn't describe it as 'poor' per se, as that implies quality instead of strength. Depending on the traffic a mail server sees, 10 may be reasonable. But you have the right idea.

A score threshold of 10, would be considered weaker than if it is set to 3. Essentially, with the higher value, a message must exhibit more spam-like attributes to be judged as being spam.

 

[000]

Essentially, with the higher value, a message must exhibit more spam-like attributes to be judged as being spam.

Thanks master @cPDavidL

, minor score means MORE RISK of lost importants emails.

Our fear is just that!, lost important messages by use scrore very strisct.

Some recomendation for reduce SPAM and no't lost emails relevants?

 

[cPRex]

There's always a balance between blocking spam and losing actual non-spam messages, so I don't have any specific numbers that will be perfect for that. You'll have to try those settings until you find what works best for your system and users.