SpamAssassin auto-enabled

Hello @coursevector,

Can you verify which cPanel & WHM versions are installed on the source and destination servers you reproduced this issue with? Also, can you browse to the SpamAssassin tab in WHM >> Exim Configuration Manager >> Basic Editor on the destination server and confirm how the option below is configured?

Apache SpamAssassin™: Forced Global ON

Thank you.

 

Hello @garconcn,

Allow me to first offer some additional background information for other users seeing this thread for the first time.

1. We introduced the following option to the WHM >> Create A New Account and WHM >> Modify An Account interfaces in cPanel & WHM version 70:

Enable Apache SpamAssassin™

This option is enabled by default at account creation time. You must uncheck this option when creating a new account to disable SpamAssassin. For existing accounts, this option is changeable through WHM >> Modify an Account. This setting is also adjustable through the following WHM API 1 functions:

WHM API 1 Functions - createacct - Developer Documentation - cPanel Documentation
WHM API 1 Functions - modifyacct - Developer Documentation - cPanel Documentation

If you don't want to manually uncheck the Enable Apache SpamAssassin™ option each time you create a new account, you could setup a post account creation hook that makes use of the modifyacct WHM API 1 function to disable SpamAssassin. Information about our standardized hooks is available at:

Guide to Standardized Hooks - Developer Documentation - cPanel Documentation

2. The intent of the "Apache SpamAssassin™: Forced Global ON" feature in WHM >> Exim Configuration Manager is to provide a way for administrators to prevent cPanel users and WHM resellers from disabling SpamAssassin in their accounts.

It's important to note that Enable Apache SpamAssassin™ will remain enabled by default at account creation time, even if "Apache SpamAssassin™: Forced Global ON" is disabled. The two options are not interconnected in this manner.

3. The following case was published in cPanel & WHM version 76 to address an issue where SpamAssassin was enabled for transferred accounts despite the SpamAssassin service being disabled on the destination server (WHM >> Tweak Settings >> Enable Apache SpamAssassin™ spam filter).

Fixed case CPANEL-22435: Fix disabling SpamAssassin during xfer when spamd is disabled.

The individual account's SpamAssassin feature state is enabled by default for transferred accounts if SpamAssassin is enabled on the destination server and is enabled in the feature list assigned to the transferred account. You would need to update the Default Feature List on the destination server, or create/transfer a new Feature List for the the account if you want SpamAssassin disabled at transfer time.

Let me know if you're still seeing this behavior when transferring accounts to servers running cPanel & WHM version 78 or higher, or if you have any other questions about the intended functionality.

Thank you.

 

Hello @coursevector,

Thanks for sharing the information quoted above. CPANEL-22435 was published to cPanel & WHM version 76 prior to that date, so the noted fix should have already been applied to your server (unless you were running a version older than 76 at the end of March).

However, I believe the confusion stems from the purpose of that case. It's intent was to ensure that SpamAssassin was disabled for transferred accounts if the spamd service was disabled on the destination server in WHM >> Tweak Settings >> Enable Apache SpamAssassin™ spam filter). It's intent was not to ensure the SpamAssassin feature state associated with an individual account is preserved during a transfer. I've updated my previous response to reflect this information.

The individual account's SpamAssassin feature state is enabled by default for transferred accounts if SpamAssassin is enabled on the destination server and is enabled in the feature list assigned to the transferred account. You'd need to update the Default Feature List on the destination server, or create/transfer a new Feature List for the the account if you want SpamAssassin disabled at transfer time.

Let me know if this helps to clarify the current behavior.

Thank you.

 

Hello @coursevector,

1. I recommend submitting a feature request if you'd like to see an option in WHM >> Transfer Tool that allows you to control how SpamAssassin is enabled for the transferred accounts:

Submit A Feature Request

You can post the URL here once it's approved so others can vote for it.

2. In the meantime, you could disable SpamAssassin in your default feature list, and then setup a separate feature list named "default-spamassassin" or similar. Then, setup packages that makes use of the "default-spamassassin" feature list and assign one of those packages to any account that you want SpamAssassin enabled with.

Thank you.