SOLVED SpamAssassin is now Integer only instead of Decimal in WHM 70 [case CPANEL-20394]

[martin MHC]

On WHM version 70.0.34 there is a severe issue with SpamAssassin.

On the CPanel page where SpamAssassin is set: two figures are set: a decimal value is given for the spam identification threshold. This value was previously a decimal value such as 3.8 (emails with a SpamAssassin score above 3.8 would be marked as Spam).

This has now been removed and replace by a Integer Only value (3 or 4) . This is EXTREMELY coarse, and is not appreciated.

Second to this: The system for deleting spam has a threshold that is also in integers but I can't change this. An account has an inherited detection score of 3.8 and for some reason the Deletion score must be relative to the detection score but also must be an integer so I could set it as 4.8 or 5.8 etc. But I can't set it to 6. bu because it's 5.8 It's not an integer so it's not valid.

Look at inherited spam assassin scores. Where the Detecton score is [integer].[decimal] . Try to adjust the Deletion Score for this account.

STEPS TO SOLVE THE ISSUE.

1) Stop correlating Detection and Deletion values. Surely all you needis deletion threshold value to be above detection threshold value.

2) RE-allow Spam Assassin Decimal values on Detection levels.

I look forward to this change to SpamAssassin interace on CPanel being quickly fixed.

I have spent a long time with clients of certain accounts setting their SpamAssassin Detection score just so (such as 3.8) and their deletion scores just so (6)... now I'm stuck between 3 or 4 Detection Score, neither of which is suitable and Deletion scores can't be changed (as 3.8 +/- 1 is never an integer).

How do I add manual SpamAssassin detection and Deletion scores from the CPanel interface on a per-account basis. This was previously very simple and straight forward.

Cheers

Martin

P.s> I have submitted a Support request for this issue. I look forward to a tweaked relese of WHM where SpamAssassin can be more easily fine tuned in Cpanel (as previously was the case). support request ID: 9541277

 

[cPanelLauren]

Hi @martin MHC


Can you reply here with the ticket ID so I can update myself on what's been looked into there so far?


Thanks!

 

[martin MHC]

@cPanelLauren Hello - Ticket ID is 9541277. Cheers

 

[cPanelLauren]

Hi @martin MHC

Thank you for adding that! I went ahead and opened a new internal case on this CPANEL-20394 - SpamAssassin No longer Accepts Decimals for scoring and quoted most of your initial response as well as my own findings.

You can manually modify the settings at /home/$user/.spamassassin/user_prefs for example if I change my SPAM score threshold to 8:

[[email protected] .spamassassin]# cat user_prefs
required_score 8.5

It also shows up in the UI as this



Though I cannot guarantee the file won't be overwritten.

Thanks!

 

[sparek-3]

Exim always read SpamAassin scores as an integer. I was never sure if this was an Exim thing or a SpamAssassin thing.

But if you were configuring anything in Exim to read SpamAssassin scores it was always an integer. Whatever was in the user_prefs file would essentially have to be multiplied by 10. So 8.5 became 85.

SpamAssassin configurations were based on tenths (i.e. 8.5, 5.1, 5.0 - I don't think it read hundreths, i.e. 8.53, 7.59) but Exim configurations were based on integers.

I never was sure where this came from. But it's probably a good idea to get all of this on the same page and just use integers.

Essentially this would mean that the default required_score of 5.0 now becomes 50. Essentially rebasing everything to a new base of 100 from an old base of 10.

 

[martin MHC]

@sparek-3 Yes that would make perfect sense, but that is not what happens at the moment: The DELETION score is an integer that goes up to 50 only ; whereas by Exim that would be equivilant maximum to SpamAssassin 5.0 / exim 50 (so EXTREMELY low).

@cPanelLauren that's good, thanks -- however in light of what is stated above, by Sparek-3 and myself, the deletion score (int: 0-50) seems to have no relationship to SpamAssassin score system (decimal: 0-20) or Exims base 10 of this (int: 0-200).

 

[martin MHC]

@sparek-3 SpamAssassin's DETECTION threshold measures rules in hundreds (0.07) and then comes to a judgement rounded to tenths (0.1) which as you say, is the converted by Exim to an int (1). The SpamAssassin DELETION threshold only went to 10ths; (0.2) ; according to the way I've seen custom rules set out in Spam Assassin configs and assessed emails (and the way it worked in WHM 68).

 

[cPanelLauren]

Hi @martin MHC

I'm going to leave the case open as I believe there's a good point being made as far as rebasing everything. At the very least it will bring some attention, and spawn some further documentation on how we're expecting it to function.

 

[sparek-3]

I haven't upgraded anything to cPanel 70 yet. I'll probably spin up a testbed next week to look at things.

But it's nerve racking that things like this weren't caught while cPanel 70 was in EDGE and CURRENT. This is why I don't take cPanel versions hitting RELEASE at face value.

Does cPanel have any figures into how many clients actually use CURRENT? The numbers for EDGE are probably inconsequential because they probably aren't production level servers. Perhaps servers on CURRENT aren't either. It just seems that develop stays in EDGE and CURRENT for a prolonged time, but bugs aren't found until it reaches RELEASE. This makes me wonder what the point of EDGE and CURRENT are.

 

[sparek-3]

SpamAssassin's DETECTION threshold measures rules in hundreds (0.07) and then comes to a judgement rounded to tenths (0.1) which as you say, is the converted by Exim to an int (7)

This should be converted to 1 (0.1*10). If you say it's converting it to 7 (i.e. 0.07*100) then that would seem to be another issue.

Since I'm not yet running cPanel 70 any where, I can't verify any of this, so I probably shouldn't be commenting. But this discovery is interesting to me and I will be watching to see how this plays out.

 

[martin MHC]

This should be converted to 1 (0.1*10). If you say it's converting it to 7 (i.e. 0.07*100) then that would seem to be another issue.

Since I'm not yet running cPanel 70 any where, I can't verify any of this, so I probably shouldn't be commenting. But this discovery is interesting to me and I will be watching to see how this plays out.

Yes sorry I made a mistake. I have edited and corrected. But the point remains that a rule can be given set as a hundredth amount , but I'm not sure how much these values carry through to the final total. Cheers

 

[martin MHC]

But it's nerve racking that things like this weren't caught while cPanel 70 was in EDGE and CURRENT. This is why I don't take cPanel versions hitting RELEASE at face value.

Does cPanel have any figures into how many clients actually use CURRENT? The numbers for EDGE are probably inconsequential because they probably aren't production level servers. Perhaps servers on CURRENT aren't either. It just seems that develop stays in EDGE and CURRENT for a prolonged time, but bugs aren't found until it reaches RELEASE. This makes me wonder what the point of EDGE and CURRENT are.

I was thinking the very same thing. I was surprised to see this in RELEASE tier WHM. :-/

 

[sparek-3]

No worries. Bottom line, it would seem that something was changed in the way score values are passed back and forth, and thus how limits are defined.

 

[martin MHC]

Hi @martin MHC

I'm going to leave the case open as I believe there's a good point being made as far as rebasing everything. At the very least it will bring some attention, and spawn some further documentation on how we're expecting it to function.

Thanks again @cPanelLauren . To be absolutely clear (sorry if this is obvious to you):

• Detection threshold should be a valid value with the same precision as SpamAssassin and/or Exim: using SpamAssassin scales it's 0.0 --> 20.0 or using Exim scales it's 0 --> 200.

• I would expect to be able to set my own decimal number for Spam Detection by SpamAssassin (be it in Exim scale 0-200 or SpamAssassin scale 0.0-20.0), rather than need to fit what I want into one of four pre-chosen best-of integers.

• I would expect that if any correlation is needed between Deletion threshold and Detection threshold it's ONLY that Deletion threshold must equal or exceed detection threshold

NOTE: I use the number 20 because I remember on Tweak Settings on WHM 68 there was a setting defining the SpamAssassin maximum level and 20 was a default (int any value I believe); I can't see this on WHM 70 so perhaps @sparek-3 can confirm this for me?

Cheers

 

[sparek-3]

Where is this setting? I'll look for it.

 

[martin MHC]

Where is this setting? I'll look for it.

In WHM --> Tweak Settings --> use the search box and type in "spam"; I forget the exact info row but it was a SpamAssassin level with an integer input value and default was 20 ; I think it was wording implying maximum spam assessment etc. Sorry I can't be more specific.

 

[sparek-3]

Hmm. I don't seem to be finding this.

When I search in Tweak Settings for "spam" all I see are:

Prevent "nobody" from sending mail
Enable BoxTrapper spam trap
Enable Apache SpamAssassin spam filter
Enable Apache SpamAssassin Spam Box delivery for messages marked as spam
Dormant services

That's on cPanel 68 and cPanel 66.

 

[sparek-3]

I do see some references of this in

/usr/local/cpanel/etc/exim/acls/ACL_RATELIMIT_SPAM_BLOCK/ratelimit_spam_score_over_200
/usr/local/cpanel/etc/exim/acls/ACL_SPAM_BLOCK/deny_spam_score_over_200
/usr/local/cpanel/etc/exim/sysfilter/options/fail_spam_score_over_200

Although I'm not sure where specifically you go to enable these. And these would appear to be coded correctly.

 

[cPanelLauren]

Hi guys,

I just wanted to let you know that due to the case that this thread prompted our developers are implementing a "custom" option and field which is in "test" right now. As soon as our QA have tested it and the resolution is pushed I'll update here again.

Thanks!

 

[martin MHC]

@sparek-3 thanks for looking. Yes Exim 200 would be the equivilant setting to SpamAssassin 20.0 . I'm only running from my memory of V68 so no worries if it's not there; I hope the CPanel Devs. know that these things are not in a 0-10 window, that was my concern!

@cPanelLauren Thanks for the update. As long as the "custom" option allows the three points in my previous post, that's all good!

At a later point it may be easier for you as devs to unify the SpamAssassin / Exim ranking system into one magically consistent thing; as raised by Sparek-3 .