spamassassin / cpanel filters not applied to incoming forwarded mail

nsdesign

Active Member
Jul 22, 2002
32
0
156
I have a domain - mydomain.com which is setup in cpanel..
SpamAssassin runs fine on this domain, so when someone sends mail to "[email protected]", soamassassin deals with it accordingly...

However - when someone sends mail to an offserver address (eg: [email protected]) which is then forwarded to my server address [email protected], spamassassin does not appear to run on it.


Likewise - cpanel mail filters work fine for emails that are sent direct to my server email address, but when emails are forwarded to this address from an off-server address, all mail filter rules are ignored....

The result is that 90% of all my junk email comes from the off-server address(s) forwarded to my primary address. Unfortunatley its not practical to cease using these external addresses....

Any ideas?... How can I get spamassassin and cpanel filters to check these emails?...

Thanks for any advice

Gary
 

goodmove

Well-Known Member
May 12, 2003
643
4
168
Are you using the default catch-all (your main email account) to receive the forwarded messages?
 

nsdesign

Active Member
Jul 22, 2002
32
0
156
Yes... ultimately the main email account does receive all the forwarded mail.

ie: I have [email protected] forwarded to [email protected] , But [email protected] is no more than a forwarder to the main account...

(note that I have the default address set to :blackhole:)

Does this help explain things?..
Gary
 

ttremain

Well-Known Member
Feb 16, 2003
255
3
168
cPanel Access Level
Root Administrator
Gary,

I've seen the same problem... For nearly a year... If the email uses a forwarder to an off server account, Spamassassin does not test it first.

Until today, I was running an older exim.conf file, that worked, but I never knew why (nor did I have sufficient time to go line by line to figure it out.)

This change fixes that problem, but I cannot guarantee it doesn't cause more problems. Maybe someone can but in here and add their two cents.

In exim.conf, find:

sa_localuser:
driver = accept
check_local_user
headers_add="${perl{gensaheader}{$local_part}}"
condition = "${perl{checkusersa}{$local_part}{$received_protocol}}"
domains = ! lsearch;/etc/userdomains
transport = local_sa_delivery


In the "domains =" line, if you remove the "!" or the entire line altogether,
then stop and restart exim, suddenly Spamassassin will parse off server
forwards.

Can someone say why? Or what this might break?
 

goodmove

Well-Known Member
May 12, 2003
643
4
168
nsdesign said:
Yes... ultimately the main email account does receive all the forwarded mail.

ie: I have [email protected] forwarded to [email protected] , But [email protected] is no more than a forwarder to the main account...

(note that I have the default address set to :blackhole:)
I don't get it. You have all mail forwarded to the main email account and yet your main email account is set to :blackhole:? Then how do you get your mail?
 

nsdesign

Active Member
Jul 22, 2002
32
0
156
Thanks ttremain ,

I'll look into the suggested changes you have advised....

Goodmove, to explain: I have my "default mail" set to blackhole... not my main account email address. The Default mail is for "unrouted mail"... Since the main account email IS a pop3 box, then it's fine.

Cheers
Gary