Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SOLVED SpamAssassin is now Integer only instead of Decimal in WHM 70 [case CPANEL-20394]

Discussion in 'E-mail Discussion' started by martin MHC, May 11, 2018.

  1. martin MHC

    martin MHC Well-Known Member

    Joined:
    Sep 14, 2016
    Messages:
    95
    Likes Received:
    12
    Trophy Points:
    8
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    On WHM version 70.0.34 there is a severe issue with SpamAssassin.

    On the CPanel page where SpamAssassin is set: two figures are set: a decimal value is given for the spam identification threshold. This value was previously a decimal value such as 3.8 (emails with a SpamAssassin score above 3.8 would be marked as Spam).

    This has now been removed and replace by a Integer Only value (3 or 4) . This is EXTREMELY coarse, and is not appreciated.

    Second to this: The system for deleting spam has a threshold that is also in integers but I can't change this. An account has an inherited detection score of 3.8 and for some reason the Deletion score must be relative to the detection score but also must be an integer so I could set it as 4.8 or 5.8 etc. But I can't set it to 6. bu because it's 5.8 It's not an integer so it's not valid.

    Look at inherited spam assassin scores. Where the Detecton score is [integer].[decimal] . Try to adjust the Deletion Score for this account.

    STEPS TO SOLVE THE ISSUE.

    1) Stop correlating Detection and Deletion values. Surely all you needis deletion threshold value to be above detection threshold value.

    2) RE-allow Spam Assassin Decimal values on Detection levels.

    I look forward to this change to SpamAssassin interace on CPanel being quickly fixed.

    I have spent a long time with clients of certain accounts setting their SpamAssassin Detection score just so (such as 3.8) and their deletion scores just so (6)... now I'm stuck between 3 or 4 Detection Score, neither of which is suitable and Deletion scores can't be changed (as 3.8 +/- 1 is never an integer).

    How do I add manual SpamAssassin detection and Deletion scores from the CPanel interface on a per-account basis. This was previously very simple and straight forward.

    Cheers

    Martin

    P.s> I have submitted a Support request for this issue. I look forward to a tweaked relese of WHM where SpamAssassin can be more easily fine tuned in Cpanel (as previously was the case). support request ID: 9541277
     
    #1 martin MHC, May 11, 2018
    Last edited: May 11, 2018
  2. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,517
    Likes Received:
    251
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @martin MHC


    Can you reply here with the ticket ID so I can update myself on what's been looked into there so far?


    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. martin MHC

    martin MHC Well-Known Member

    Joined:
    Sep 14, 2016
    Messages:
    95
    Likes Received:
    12
    Trophy Points:
    8
    Location:
    UK
    cPanel Access Level:
    Root Administrator
  4. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,517
    Likes Received:
    251
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @martin MHC

    Thank you for adding that! I went ahead and opened a new internal case on this CPANEL-20394 - SpamAssassin No longer Accepts Decimals for scoring and quoted most of your initial response as well as my own findings.

    You can manually modify the settings at /home/$user/.spamassassin/user_prefs for example if I change my SPAM score threshold to 8:

    Code:
    [root@server .spamassassin]# cat user_prefs
    required_score 8.5
    
    It also shows up in the UI as this

    spam_box.png

    Though I cannot guarantee the file won't be overwritten.

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,775
    Likes Received:
    120
    Trophy Points:
    343
    cPanel Access Level:
    Root Administrator
    Exim always read SpamAassin scores as an integer. I was never sure if this was an Exim thing or a SpamAssassin thing.

    But if you were configuring anything in Exim to read SpamAssassin scores it was always an integer. Whatever was in the user_prefs file would essentially have to be multiplied by 10. So 8.5 became 85.

    SpamAssassin configurations were based on tenths (i.e. 8.5, 5.1, 5.0 - I don't think it read hundreths, i.e. 8.53, 7.59) but Exim configurations were based on integers.

    I never was sure where this came from. But it's probably a good idea to get all of this on the same page and just use integers.

    Essentially this would mean that the default required_score of 5.0 now becomes 50. Essentially rebasing everything to a new base of 100 from an old base of 10.
     
    martin MHC likes this.
  6. martin MHC

    martin MHC Well-Known Member

    Joined:
    Sep 14, 2016
    Messages:
    95
    Likes Received:
    12
    Trophy Points:
    8
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    @sparek-3 Yes that would make perfect sense, but that is not what happens at the moment: The DELETION score is an integer that goes up to 50 only ; whereas by Exim that would be equivilant maximum to SpamAssassin 5.0 / exim 50 (so EXTREMELY low).

    @cPanelLauren that's good, thanks -- however in light of what is stated above, by Sparek-3 and myself, the deletion score (int: 0-50) seems to have no relationship to SpamAssassin score system (decimal: 0-20) or Exims base 10 of this (int: 0-200).
     
  7. martin MHC

    martin MHC Well-Known Member

    Joined:
    Sep 14, 2016
    Messages:
    95
    Likes Received:
    12
    Trophy Points:
    8
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    @sparek-3 SpamAssassin's DETECTION threshold measures rules in hundreds (0.07) and then comes to a judgement rounded to tenths (0.1) which as you say, is the converted by Exim to an int (1). The SpamAssassin DELETION threshold only went to 10ths; (0.2) ; according to the way I've seen custom rules set out in Spam Assassin configs and assessed emails (and the way it worked in WHM 68).
     
    #7 martin MHC, May 11, 2018
    Last edited: May 11, 2018
  8. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,517
    Likes Received:
    251
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @martin MHC

    I'm going to leave the case open as I believe there's a good point being made as far as rebasing everything. At the very least it will bring some attention, and spawn some further documentation on how we're expecting it to function.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,775
    Likes Received:
    120
    Trophy Points:
    343
    cPanel Access Level:
    Root Administrator
    I haven't upgraded anything to cPanel 70 yet. I'll probably spin up a testbed next week to look at things.

    But it's nerve racking that things like this weren't caught while cPanel 70 was in EDGE and CURRENT. This is why I don't take cPanel versions hitting RELEASE at face value.

    Does cPanel have any figures into how many clients actually use CURRENT? The numbers for EDGE are probably inconsequential because they probably aren't production level servers. Perhaps servers on CURRENT aren't either. It just seems that develop stays in EDGE and CURRENT for a prolonged time, but bugs aren't found until it reaches RELEASE. This makes me wonder what the point of EDGE and CURRENT are.
     
  10. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,775
    Likes Received:
    120
    Trophy Points:
    343
    cPanel Access Level:
    Root Administrator
    This should be converted to 1 (0.1*10). If you say it's converting it to 7 (i.e. 0.07*100) then that would seem to be another issue.

    Since I'm not yet running cPanel 70 any where, I can't verify any of this, so I probably shouldn't be commenting. But this discovery is interesting to me and I will be watching to see how this plays out.
     
  11. martin MHC

    martin MHC Well-Known Member

    Joined:
    Sep 14, 2016
    Messages:
    95
    Likes Received:
    12
    Trophy Points:
    8
    Location:
    UK
    cPanel Access Level:
    Root Administrator

    Yes sorry I made a mistake. I have edited and corrected. But the point remains that a rule can be given set as a hundredth amount , but I'm not sure how much these values carry through to the final total. Cheers
     
  12. martin MHC

    martin MHC Well-Known Member

    Joined:
    Sep 14, 2016
    Messages:
    95
    Likes Received:
    12
    Trophy Points:
    8
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    I was thinking the very same thing. I was surprised to see this in RELEASE tier WHM. :-/
     
  13. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,775
    Likes Received:
    120
    Trophy Points:
    343
    cPanel Access Level:
    Root Administrator
    No worries. Bottom line, it would seem that something was changed in the way score values are passed back and forth, and thus how limits are defined.
     
    cPanelLauren likes this.
  14. martin MHC

    martin MHC Well-Known Member

    Joined:
    Sep 14, 2016
    Messages:
    95
    Likes Received:
    12
    Trophy Points:
    8
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Thanks again @cPanelLauren . To be absolutely clear (sorry if this is obvious to you):


    • Detection threshold should be a valid value with the same precision as SpamAssassin and/or Exim: using SpamAssassin scales it's 0.0 --> 20.0 or using Exim scales it's 0 --> 200.
    • I would expect to be able to set my own decimal number for Spam Detection by SpamAssassin (be it in Exim scale 0-200 or SpamAssassin scale 0.0-20.0), rather than need to fit what I want into one of four pre-chosen best-of integers.
    • I would expect that if any correlation is needed between Deletion threshold and Detection threshold it's ONLY that Deletion threshold must equal or exceed detection threshold

    NOTE: I use the number 20 because I remember on Tweak Settings on WHM 68 there was a setting defining the SpamAssassin maximum level and 20 was a default (int any value I believe); I can't see this on WHM 70 so perhaps @sparek-3 can confirm this for me?

    Cheers
     
    cPanelLauren likes this.
  15. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,775
    Likes Received:
    120
    Trophy Points:
    343
    cPanel Access Level:
    Root Administrator
    Where is this setting? I'll look for it.
     
  16. martin MHC

    martin MHC Well-Known Member

    Joined:
    Sep 14, 2016
    Messages:
    95
    Likes Received:
    12
    Trophy Points:
    8
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    In WHM --> Tweak Settings --> use the search box and type in "spam"; I forget the exact info row but it was a SpamAssassin level with an integer input value and default was 20 ; I think it was wording implying maximum spam assessment etc. Sorry I can't be more specific.
     
  17. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,775
    Likes Received:
    120
    Trophy Points:
    343
    cPanel Access Level:
    Root Administrator
    Hmm. I don't seem to be finding this.

    When I search in Tweak Settings for "spam" all I see are:

    Prevent "nobody" from sending mail
    Enable BoxTrapper spam trap
    Enable Apache SpamAssassin spam filter
    Enable Apache SpamAssassin Spam Box delivery for messages marked as spam
    Dormant services

    That's on cPanel 68 and cPanel 66.
     
  18. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,775
    Likes Received:
    120
    Trophy Points:
    343
    cPanel Access Level:
    Root Administrator
    I do see some references of this in

    /usr/local/cpanel/etc/exim/acls/ACL_RATELIMIT_SPAM_BLOCK/ratelimit_spam_score_over_200
    /usr/local/cpanel/etc/exim/acls/ACL_SPAM_BLOCK/deny_spam_score_over_200
    /usr/local/cpanel/etc/exim/sysfilter/options/fail_spam_score_over_200


    Although I'm not sure where specifically you go to enable these. And these would appear to be coded correctly.
     
  19. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,517
    Likes Received:
    251
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi guys,

    I just wanted to let you know that due to the case that this thread prompted our developers are implementing a "custom" option and field which is in "test" right now. As soon as our QA have tested it and the resolution is pushed I'll update here again.

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  20. martin MHC

    martin MHC Well-Known Member

    Joined:
    Sep 14, 2016
    Messages:
    95
    Likes Received:
    12
    Trophy Points:
    8
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    @sparek-3 thanks for looking. Yes Exim 200 would be the equivilant setting to SpamAssassin 20.0 . I'm only running from my memory of V68 so no worries if it's not there; I hope the CPanel Devs. know that these things are not in a 0-10 window, that was my concern!

    @cPanelLauren Thanks for the update. As long as the "custom" option allows the three points in my previous post, that's all good!

    At a later point it may be easier for you as devs to unify the SpamAssassin / Exim ranking system into one magically consistent thing; as raised by Sparek-3 .
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice