The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SpamAssassin Not Scanning Messages

Discussion in 'E-mail Discussions' started by triwav, Oct 13, 2010.

  1. triwav

    triwav Member

    Joined:
    Dec 17, 2009
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    So I'm trying to figure out how to get SpamAssassin to actually scan my mail messages. I'm running 11.26.16 and when I look in the headers of any of the email I'm receiving, it doesn't have any SpamAssassin headers. This is confirmed by visualizing the ACLS:


    accept < true Mail is a Mailman bounce

    reject < false Recipient Verification (The destination is a valid account.)

    accept < true Sender Host is Authenticated (using SMTP AUTH)

    accept < true Sender Host has done POP/IMAP before SMTP or is local

    reject < true Sender Host is in the RBL bl.spamcop.net or zen.spamhaus.org

    reject < false Sender Address can be verified

    accept < true Recipent Domain is local

    accept < true Server is a backup mail exchanger for the Recipent Domain.

    SpamAssassin is enabled for recipient
    true

    Scan mail with SpamAssassin


    accept


    So as you can see if it's a local domain it doesn't even run SpamAssassin which all of my domains are. I don't know why it's setup like this or how to change it. It wasn't a problem up until recently but we're getting a lot more spam now and need to figure out how to get it working. Thanks for all the help in advance.
     
  2. triwav

    triwav Member

    Joined:
    Dec 17, 2009
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Just in case it helps this is my complete Exim config file taken from WHM

    Code:
    #!!# cPanel Exim 4 Config
    
    
    #!!# These options specify the Access Control Lists (ACLs) that
    #!!# are used for incoming SMTP messages - after the RCPT and DATA
    #!!# commands, respectively.
    
    acl_smtp_rcpt = check_recipient
    acl_smtp_data = check_message
    
    #!!# This setting defines a named domain list called
    #!!# local_domains, created from the old options that
    #!!# referred to local domains. It will be referenced
    #!!# later on by the syntax "+local_domains".
    #!!# Other domain and host lists may follow.
    
    domainlist local_domains = lsearch;/etc/localdomains
    
    domainlist relay_domains = lsearch;/etc/localdomains : \
        lsearch;/etc/secondarymx
    hostlist relay_hosts = lsearch;/etc/relayhosts : \
        localhost
    hostlist auth_relay_hosts = *
    
    ######################################################################
    #                  Runtime configuration file for Exim               #
    ######################################################################
    
    
    # This is a default configuration file which will operate correctly in
    # uncomplicated installations. Please see the manual for a complete list
    # of all the runtime configuration options that can be included in a
    # configuration file. There are many more than are mentioned here. The
    # manual is in the file doc/spec.txt in the Exim distribution as a plain
    # ASCII file. Other formats (PostScript, Texinfo, HTML) are available from
    # the Exim ftp sites. The manual is also online via the Exim web sites.
    
    
    # This file is divided into several parts, all but the last of which are
    # terminated by a line containing the word "end". The parts must appear
    # in the correct order, and all must be present (even if some of them are
    # in fact empty). Blank lines, and lines starting with # are ignored.
    
    
    
    ######################################################################
    #                    MAIN CONFIGURATION SETTINGS                     #
    ######################################################################
    
    perl_startup = do '/etc/exim.pl'
    
    #dns_retry = 1
    #dns_retrans = 1s
    
    # Specify your host's canonical name here. This should normally be the fully
    # qualified "official" name of your host. If this option is not set, the
    # uname() function is called to obtain the name.
    
    smtp_banner = "${primary_hostname} ESMTP Exim ${version_number} \
    \#${compile_number} ${tod_full} \n\
      We do not authorize the use of this system to transport unsolicited, \n\
      and/or bulk e-mail."
    
    
    #nobody as the sender seems to annoy people
    untrusted_set_sender = *
    local_from_check = false
    
    rfc1413_query_timeout = 2s
    
    split_spool_directory = yes
    
    smtp_connect_backlog = 50
    smtp_accept_max = 100
    
    # primary_hostname =
    deliver_queue_load_max = 3
    
    # Specify the domain you want to be added to all unqualified addresses
    # here. An unqualified address is one that does not contain an "@" character
    # followed by a domain. For example, "caesar@rome.ex" is a fully qualified
    # address, but the string "caesar" (i.e. just a login name) is an unqualified
    # email address. Unqualified addresses are accepted only from local callers by
    # default. See the receiver_unqualified_{hosts,nets} options if you want
    # to permit unqualified addresses from remote sources. If this option is
    # not set, the primary_hostname value is used for qualification.
    
    # qualify_domain =
    
    
    # If you want unqualified recipient addresses to be qualified with a different
    # domain to unqualified sender addresses, specify the recipient domain here.
    # If this option is not set, the qualify_domain value is used.
    
    # qualify_recipient =
    
    
    # Specify your local domains as a colon-separated list here. If this option
    # is not set (i.e. not mentioned in the configuration file), the
    # qualify_recipient value is used as the only local domain. If you do not want
    # to do any local deliveries, uncomment the following line, but do not supply
    # any data for it. This sets local_domains to an empty string, which is not
    # the same as not mentioning it at all. An empty string specifies that there
    # are no local domains; not setting it at all causes the default value (the
    # setting of qualify_recipient) to be used.
    
    
    
    #!!# message_filter renamed system_filter
    message_body_visible = 5000
    
    
    
    
    
    
    # If you want to accept mail addressed to your host's literal IP address, for
    # example, mail addressed to "user@[111.111.111.111]", then uncomment the
    # following line, or supply the literal domain(s) as part of "local_domains"
    # above.
    
    # local_domains_include_host_literals
    
    
    # No local deliveries will ever be run under the uids of these users (a colon-
    # separated list). An attempt to do so gets changed so that it runs under the
    # uid of "nobody" instead. This is a paranoic safety catch. Note the default
    # setting means you cannot deliver mail addressed to root as if it were a
    # normal user. This isn't usually a problem, as most sites have an alias for
    # root that redirects such mail to a human administrator.
    
    never_users = root
    
    
    # The use of your host as a mail relay by any host, including the local host
    # calling its own SMTP port, is locked out by default. If you want to permit
    # relaying from the local host, you should set
    #
    # host_accept_relay = localhost
    #
    # If you want to permit relaying through your host from certain hosts or IP
    # networks, you need to set the option appropriately, for example
    #
    #
    #
    # If you are an MX backup or gateway of some kind for some domains, you must
    # set relay_domains to match those domains. This will allow any host to
    # relay through your host to those domains.
    #
    # See the section of the manual entitled "Control of relaying" for more
    # information.
    
    # The setting below causes Exim to do a reverse DNS lookup on all incoming
    # IP calls, in order to get the true host name. If you feel this is too
    # expensive, you can specify the networks for which a lookup is done, or
    # remove the setting entirely.
    
    #host_lookup = 0.0.0.0/0
    
    
    # By default, Exim expects all envelope addresses to be fully qualified, that
    # is, they must contain both a local part and a domain. If you want to accept
    # unqualified addresses (just a local part) from certain hosts, you can specify
    # these hosts by setting one or both of
    #
    # receiver_unqualified_hosts =
    # sender_unqualified_hosts =
    #
    # to control sender and receiver addresses, respectively. When this is done,
    # unqualified addresses are qualified using the settings of qualify_domain
    # and/or qualify_recipient (see above).
    
    
    # Exim contains support for the Realtime Blocking List (RBL) that is being
    # maintained as part of the DNS. See [url]http://maps.vix.com/rbl/[/url] for background.
    # Uncommenting the first line below will make Exim reject mail from any
    # host whose IP address is blacklisted in the RBL at maps.vix.com. Some
    # others have followed the RBL lead and have produced other lists: DUL is
    # a list of dial-up addresses, and ORBS is a list of open relay systems. The
    # second line below checks all three lists.
    
    # rbl_domains = rbl.maps.vix.com
    # rbl_domains = rbl.maps.vix.com
    
    
    # If you want Exim to support the "percent hack" for all your local domains,
    # uncomment the following line. This is the feature by which mail addressed
    # to x%y@z (where z is one of your local domains) is locally rerouted to
    # x@y and sent on. Otherwise x%y is treated as an ordinary local part.
    
    # percent_hack_domains = *
    
    #sender_host_accept = +include_unknown:*
    #sender_host_reject = +include_unknown:lsearch*;/etc/spammers
    
    
    
    tls_certificate = /etc/exim.crt
    tls_privatekey = /etc/exim.key
    tls_advertise_hosts = *
    
    helo_accept_junk_hosts = *
    
    smtp_enforce_sync = false
    
    
    #!!#######################################################!!#
    #!!# This new section of the configuration contains ACLs #!!#
    #!!# (Access Control Lists) derived from the Exim 3      #!!#
    #!!# policy control options.                             #!!#
    #!!#######################################################!!#
    
    #!!# These ACLs are crudely constructed from Exim 3 options.
    #!!# They are almost certainly not optimal. You should study
    #!!# them and rewrite as necessary.
    
    begin acl
    
    
    begin authenticators
    
    
    fixed_plain:
        driver = plaintext
        public_name = PLAIN
        server_prompts = :
        server_condition = "${perl{checkuserpass}{$2}{$3}}"
        server_set_id = $2
    
    
    fixed_login:
        driver = plaintext
        public_name = LOGIN
        server_prompts = "Username:: : Password::"
        server_condition = "${perl{checkuserpass}{$1}{$2}}"
        server_set_id = $1
    
    
    
    ######################################################################
    #                      REWRITE CONFIGURATION                         #
    ######################################################################
    
    # There are no rewriting specifications in this default configuration file.
    
    begin rewrite
    
    
    
    #!!#######################################################!!#
    #!!# Here follow routers created from the old routers,   #!!#
    #!!# for handling non-local domains.                     #!!#
    #!!#######################################################!!#
    
    begin routers
    
    
    #!!# If we are trying to deliver to a remote mailman domain that is on the localhost
    #!!# let it go though even if its not in /etc/localdomains since mailman will eat
    #!!# up 100% of the cpu if we don't
    
    mailman_virtual_router:
        driver = accept
        require_files = /usr/local/cpanel/3rdparty/mailman/lists/${lc::$local_part}_${lc::$domain}/config.pck
        local_part_suffix_optional
        local_part_suffix = -admin     : \
    			-bounces   : -bounces+* : \
                            -confirm   : -confirm+* : \
    			-join      : -leave     : \
    			-owner	   : -request   : \
    			-subscribe : -unsubscribe
        transport = mailman_virtual_transport
    
    mailman_virtual_router_nodns:
        driver = accept
        require_files = /usr/local/cpanel/3rdparty/mailman/lists/${lc::$local_part}/config.pck
        condition    = \
               ${if or {{match{$local_part}{.*_.*}} \
                         {eq{$local_part}{mailman}}} \
                    {1}{0}}
        local_part_suffix_optional
        local_part_suffix = -admin     : \
    			-bounces   : -bounces+* : \
                            -confirm   : -confirm+* : \
    			-join      : -leave     : \
    			-owner	   : -request   : \
    			-subscribe : -unsubscribe
        domains = +local_domains
        transport = mailman_virtual_transport_nodns
    
    
    
    
    ######################################################################
    #                      ROUTERS CONFIGURATION                         #
    #            Specifies how remote addresses are handled              #
    ######################################################################
    #                          ORDER DOES MATTER                         #
    #  A remote address is passed to each in turn until it is accepted.  #
    ######################################################################
    
    # Remote addresses are those with a domain that does not match any item
    # in the "local_domains" setting above.
    
    #
    # Demo Safety Router
    #
    
    democheck:
        driver = redirect
        require_files = "+/etc/demouids"
        condition = "${if eq {${lookup {$originator_uid} lsearch {/etc/demouids} {$value}}}{}{false}{true}}"
        allow_fail
        data = :fail: demo accounts are not permitted to relay email
    
    
    # This router routes to remote hosts over SMTP using a DNS lookup with
    # default options.
    
    boxtrapper_autowhitelist:
      driver = accept
      condition = ${if eq {$authenticated_id}{}{0}{${if eq {$sender_address}{$local_part@$domain}{0}{${if match{$received_pr
    otocol}{local}{${perl{checkbx_autowhitelist}{$authenticated_id}}}{${if match{$received_protocol}{\N^e?smtps?a$\N}{${perl
    {checkbx_autowhitelist}{$authenticated_id}}}{0}}}}}}}}
      require_files = "+/usr/local/cpanel/bin/boxtrapper"
      transport = boxtrapper_autowhitelist
      unseen
     
    #
    # Handles nobody and webspam and mail trap checks in checkspam2 and gives a userful error
    #
    
    checkspam2:
        domains = ! +local_domains
        condition = "${perl{checkspam2}}"
        driver = redirect
        ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24
        allow_fail
        data = "${perl{checkspam2_results}}"
    
    #
    # Handles nobody and webspam and mail trap checks in checkspam2 and gives a userful error
    #
    trackbandwidth:
        domains = ! +local_domains
        condition = "${perl{trackbandwidth}}"
        driver = redirect
        ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24
        allow_fail
        verify = false
        data = "${perl{trackbandwidth_results}}"
    
    #
    # Lookup host router for remote smtp and ignores verisign site finder 'service' and uses domain keys
    #
        
    dk_lookuphost:
        driver = dnslookup
        domains = ! +local_domains
        #ignore verisign to prevent waste of bandwidth
        ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24
        require_files = "+/var/cpanel/domain_keys/private/${sender_address_domain}" 
        headers_add = "${perl{mailtrapheaders}}"
        transport = dk_remote_smtp
        
    #
    # Lookup host router for remote smtp and ignores verisign site finder 'service'
    #
        
    lookuphost:
        driver = dnslookup
        domains = ! +local_domains
        #ignore verisign to prevent waste of bandwidth
        ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24
        headers_add = "${perl{mailtrapheaders}}"
        transport = remote_smtp
    
    # This router routes to remote hosts over SMTP by explicit IP address,
    # given as a "domain literal" in the form [nnn.nnn.nnn.nnn]. The RFCs
    # require this facility, which is why it is enabled by default in Exim.
    # If you want to lock it out, set forbid_domain_literals in the main
    # configuration section above.
    
    #
    # Literal Transports .. ignores verisigns sitefinder service
    #
    
    literal:
        driver = ipliteral
        domains = ! +local_domains
        headers_add = "${perl{mailtrapheaders}}"
        ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24
        transport = remote_smtp
    
    
    
    
    #!!# This new router is put here to fail all domains that
    #!!# were not in local_domains in the Exim 3 configuration.
    
    #
    # Trap Failures to Remote Domain
    #
    
    fail_remote_domains:
      driver = redirect
      domains = ! +local_domains : ! localhost : ! localhost.localdomain
      allow_fail
      data = ":fail: The mail server could not deliver mail to $local_part@$domain.  The account or domain may not exist, th
    ey may be blacklisted, or missing the proper dns entries."
    
    
    
    #!!#######################################################!!#
    #!!# Here follow routers created from the old directors, #!!#
    #!!# for handling local domains.                         #!!#
    #!!#######################################################!!#
    
    
    
    ######################################################################
    #                      DIRECTORS CONFIGURATION                       #
    #             Specifies how local addresses are handled              #
    ######################################################################
    #                          ORDER DOES MATTER                         #
    #   A local address is passed to each in turn until it is accepted.  #
    ######################################################################
    
    # Local addresses are those with a domain that matches some item in the
    # "local_domains" setting above, or those which are passed back from the
    # routers because of a "self=local" setting (not used in this configuration).
    
    
    # This director handles aliasing using a traditional /etc/aliases file.
    # If any of your aliases expand to pipes or files, you will need to set
    # up a user and a group for these deliveries to run under. You can do
    # this by uncommenting the "user" option below (changing the user name
    # as appropriate) and adding a "group" option if necessary. Alternatively, you
    # can specify "user" on the transports that are used. Note that those
    # listed below are the same as are used for .forward files; you might want
    # to set up different ones for pipe and file deliveries from aliases.
    
    #spam_filter:
    #  driver = forwardfile
    #  file = /etc/spam.filter
    #  no_check_local_user
    #  no_verify
    #  filter
    #  allow_system_actions
    
    
    
    
    
    virtual_user_maildir_overquota:
      driver = redirect
      domains = +user_domains
      router_home_directory = ${extract{5}{:}{${lookup{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}lsearch{/etc/pass
    wd}{$value}}}}
      require_files = $home/etc/$domain
      condition = "${if exists {$home/etc/$domain/quota}{${if > {${lookup{$local_part}lsearch{$home/etc/$domain/quota}{$valu
    e}{0}}}{0}{${if eq {${if exists {$home/mail/$domain/$local_part/maildirsize}{1}{0}}}{0}{${if > {${run {/usr/local/cpanel
    /bin/eximwrap GETDISKUSED $local_part $domain}}}{${lookup{$local_part}lsearch{$home/etc/$domain/quota}{$value}{0}}}{true
    }{false}}}{${perl{checkuserquota}{$domain}{$local_part}{$message_size}{${lookup{$local_part}lsearch{$home/etc/$domain/qu
    ota}{$value}}}{$home/mail/$domain/$local_part/maildirsize}}}}}{false}}}{false}}"
      user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
      data = :fail:Mailbox quota exceeded
      allow_fail
    
            
    
    
    
            
    
    
    
    
    
    #
    # Account level filtering for everything but the main account
    #
    
    central_filter:
        driver = redirect
        allow_filter
        no_check_local_user
        file = /etc/vfilters/${domain}
        file_transport = address_file
        directory_transport = address_directory
        domains = +user_domains
        pipe_transport = virtual_address_pipe
        reply_transport = address_reply
        router_home_directory = ${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/p
    asswd}{$value}}}}
        user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
        allow_fail
        no_verify
    
    #
    # Account level filtering for the main account
    #
    # checks /etc/vfilters/maindomain if its a localuser (ie main acct)
    # 
    mainacct_central_user_filter:
        driver = redirect  
        allow_filter  
        allow_fail
        check_local_user
        domains = ! +user_domains
        condition = ${if eq {${lookup{$local_part}lsearch{/etc/domainusers}{$value}}}{}{0}{${if exists {/etc/vfilters/${look
    up{$local_part}lsearch{/etc/domainusers}{$value}}}{1}{0}}}}
        file = "/etc/vfilters/${lookup{$local_part}lsearch{/etc/domainusers}{$value}}"
        directory_transport = address_directory
        file_transport = address_file  
        pipe_transport = address_pipe
        reply_transport = address_reply
        retry_use_local_part  
        no_verify
    
    #
    # User Level Filtering for the main account
    #
    central_user_filter:
        driver = redirect
        allow_filter
        allow_fail
        check_local_user
        domains = ! +user_domains
        file = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}}/etc/filter"
        require_files = "+${extract{5}{::}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}}/etc/filter"
        router_home_directory = ${extract{5}{:}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}}
        directory_transport = address_directory
        file_transport = address_file
        pipe_transport = virtual_address_pipe
        reply_transport = address_reply
        retry_use_local_part
        no_verify
    
    #
    # User Level Filtering for virtual users
    #
    virtual_user_filter:
        driver = redirect
        allow_filter
        allow_fail
        no_check_local_user
        domains = +user_domains
        require_files = "+${extract{5}{::}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd
    }{$value}}}}/etc/$domain/$local_part/filter"
        file = "${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}
    }/etc/$domain/$local_part/filter"
        router_home_directory = ${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/p
    asswd}{$value}}}}
        directory_transport = address_directory
        file_transport = address_file
        pipe_transport = virtual_address_pipe
        reply_transport = address_reply
        user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
        no_verify
    
    virtual_aliases_nostar:
      driver = redirect
      allow_defer
      allow_fail
      require_files = "+/etc/valiases/$domain"
      data = ${lookup{$local_part@$domain}lsearch{/etc/valiases/$domain}}
      file_transport = address_file
      group = mail
      pipe_transport = virtual_address_pipe
      retry_use_local_part
      unseen
    
    #
    # Virtual User Spam Boxes
    #
    
    virtual_user_spam:
        driver = accept
        domains = +user_domains
        require_files = "+${extract{5}{::}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd
    }{$value}}}}/.spamassassinboxenable:+${extract{5}{::}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsea
    rch{/etc/passwd}{$value}}}}/etc/$domain/passwd"
        condition = ${if eq {${lookup {$local_part} lsearch {${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdom
    ains}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/$domain/passwd}}}{}{false}{${if match{$h_X-Spam-Status:}{\N^Yes\N}{tr
    ue}{false}}}}
        headers_remove="x-spam-exim"
        transport = virtual_userdelivery_spam
        
    
    virtual_boxtrapper_user:
      driver = accept 
      domains = +user_domains
      require_files = "+/usr/local/cpanel/bin/boxtrapper:+${extract{5}{::}{${lookup{${lookup{$domain}lsearch*{/etc/userdomai
    ns}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/$domain/passwd"
      condition = ${if eq {${lookup {$local_part} lsearch {${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomai
    ns}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/$domain/passwd}}}{} {false}{${if exists {${extract{5}{:}{${lookup{${loo
    kup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/$domain/$local_part/.boxtrapperenabl
    e} {true} {false}}}}
      retry_use_local_part
      transport = virtual_boxtrapper_userdelivery
    
    virtual_user:
      driver = accept
      headers_remove="x-spam-exim"
      domains = +user_domains
      require_files = "+${extract{5}{::}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{
    $value}}}}/etc/$domain/passwd"
      condition = ${if eq {${lookup {$local_part} lsearch {${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomai
    ns}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/$domain/passwd}}}{} {false}{true}}
      transport = virtual_userdelivery
    
    
    has_alias_but_no_mailbox_discarded_to_prevent_loop:
            driver = redirect
            require_files = "+/etc/valiases/$domain"
            domains = +user_domains
            condition = "${perl{checkvalias}{$domain}{$local_part}}"
            data="#Exim Filter\nseen finish"
            group = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
            user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
            allow_filter
            disable_logging = true
    
    valias_domain_file:
      driver = redirect
      allow_defer
      allow_fail
      require_files = +/etc/vdomainaliases/$domain
      condition = ${lookup {$domain} lsearch {/etc/vdomainaliases/$domain}{yes}{no} }
      data = $local_part@${lookup {$domain} lsearch {/etc/vdomainaliases/$domain} }
    virtual_aliases:
        driver = redirect
        allow_defer
        allow_fail
        require_files = "+/etc/valiases/$domain"
        data = ${lookup{*}lsearch{/etc/valiases/$domain}}
        file_transport = address_file
        group = mail
        pipe_transport = virtual_address_pipe
    
    
    
    
    # This director handles forwarding using traditional .forward files.
    # If you want it also to allow mail filtering when a forward file
    # starts with the string "# Exim filter", uncomment the "filter" option.
    # The check_ancestor option means that if the forward file generates an
    # address that is an ancestor of the current one, the current one gets
    # passed on instead. This covers the case where A is aliased to B and B
    # has a .forward file pointing to A. The three transports specified at the
    # end are those that are used when forwarding generates a direct delivery
    # to a file, or to a pipe, or sets up an auto-reply, respectively.
    
    system_aliases:
      driver = redirect
      allow_defer
      allow_fail
      data = ${lookup{$local_part}lsearch{/etc/aliases}}
      file_transport = address_file
      pipe_transport = address_pipe
      retry_use_local_part
    # user = exim
    
                                                                                                                            
                                                                                                                            
           
    local_aliases:
      driver = redirect
      allow_defer
      allow_fail
      data = ${lookup{$local_part}lsearch{/etc/localaliases}}
      file_transport = address_file
      pipe_transport = address_pipe
      check_local_user
                                                                                                                            
                                                                                                                            
           
    
    
    userforward:
      driver = redirect
      allow_filter
      check_ancestor
      check_local_user
      domains = ! +user_domains
      no_expn
      file = $home/.forward
      file_transport = address_file
      pipe_transport = address_pipe
      reply_transport = address_reply
      directory_transport = address_directory
      no_verify
    
    #
    # Optimzied spambox router
    #
    
    localuser_spam:
        driver = accept
        headers_remove="x-spam-exim"
        domains = ! +user_domains
        require_files = "+$home/.spamassassinboxenable"
        condition = ${if match{$h_X-Spam-Status:}{\N^Yes\N}{true}{false}}
        check_local_user
        transport = local_delivery_spam
    
    boxtrapper_localuser:
      driver = accept
      require_files = "+/usr/local/cpanel/bin/boxtrapper:+$home/etc/.boxtrapperenable"
      check_local_user
      domains = ! +user_domains
      transport = local_boxtrapper_delivery
    
      
    localuser:
        driver = accept
        headers_remove="x-spam-exim"
        check_local_user
        domains = ! +user_domains
        transport = local_delivery
    
    
    
    # This director matches local user mailboxes.
    
    
    
    
    
    ######################################################################
    #                      TRANSPORTS CONFIGURATION                      #
    ######################################################################
    #                       ORDER DOES NOT MATTER                        #
    #     Only one appropriate transport is called for each delivery.    #
    ######################################################################
    
    # A transport is used only when referenced from a director or a router that
    # successfully handles an address.
    
    
    # This transport is used for delivering messages over SMTP connections.
    
    begin transports
    
    
    
    remote_smtp:
      driver = smtp
      interface = ${if exists {/etc/mailips}{${lookup{$sender_address_domain}lsearch*{/etc/mailips}{$value}{}}}{}}
      helo_data = ${if exists {/etc/mailhelo}{${lookup{$sender_address_domain}lsearch*{/etc/mailhelo}{$value}{$primary_hostn
    ame}}}{$primary_hostname}}
    
    
    dk_remote_smtp:
      driver = smtp
      interface = ${if exists {/etc/mailips}{${lookup{$sender_address_domain}lsearch*{/etc/mailips}{$value}{}}}{}}
      helo_data = ${if exists {/etc/mailhelo}{${lookup{$sender_address_domain}lsearch*{/etc/mailhelo}{$value}{$primary_hostn
    ame}}}{$primary_hostname}}
      dk_private_key = "/var/cpanel/domain_keys/private/${dk_domain}"
      dk_canon = nofws
      dk_selector = default
    
    
    # This transport is used for local delivery to user mailboxes. By default
    # it will be run under the uid and gid of the local user, and requires
    # the sticky bit to be set on the /var/mail directory. Some systems use
    # the alternative approach of running mail deliveries under a particular
    # group instead of using the sticky bit. The commented options below show
    # how this can be done.
    
    
    local_delivery:
        driver = appendfile
        delivery_date_add
        envelope_to_add
        directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}}/mail"
        maildir_use_size_file
        maildir_quota_directory_regex = ^(?:cur|new|\.(?!Trash$)[^\@]+)$
        maildir_format
        maildir_tag = ,S=$message_size
        quota_size_regex = ,S=(\d+)
        mode = 0660
        return_path_add
        group = ${extract{3}{:}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}}
        user = $local_part
        shadow_condition = ${if exists {${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearc
    h{/etc/passwd}{$value}}}}/.cpanel/rim/bis/$local_part}{1}{0}}
        shadow_transport = rim_bis_notifier_local_user
    
    rim_bis_notifier_local_user:
        driver = pipe
        headers_only
        command = /usr/local/cpanel/bin/rim_bis_notifier "${local_part}" ${extract{5}{:}{${lookup{$local_part}lsearch{/etc/p
    asswd}{$value}}}}
        group = ${extract{3}{:}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}}
        user = $local_part
        log_output = true
        current_directory = "/tmp"
        return_fail_output = true
        return_path_add = false
    
    local_delivery_spam:
      driver = appendfile
      delivery_date_add
      envelope_to_add
      directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}}/mail/.spam"
      maildir_use_size_file
      maildir_quota_directory_regex = ^(?:cur|new|\.(?!Trash$)[^\@]+)$
      maildir_format
      maildir_tag = ,S=$message_size
      quota_size_regex = ,S=(\d+)
      group = ${extract{3}{:}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}}
      mode = 0660
      return_path_add
      user = $local_part
    
    
            
    
    
    
    
    # This transport is used for handling pipe deliveries generated by alias
    # or .forward files. If the pipe generates any standard output, it is returned
    # to the sender of the message as a delivery error. Set return_fail_output
    # instead of return_output if you want this to happen only when the pipe fails
    # to complete normally. You can set different transports for aliases and
    # forwards if you want to - see the references to address_pipe below.
    
    address_directory:
        driver        = appendfile
        maildir_tag = ,S=$message_size
        quota_size_regex = ,S=(\d+)
        maildir_format
        maildir_use_size_file
        maildir_quota_directory_regex = ^(?:cur|new|\.(?!Trash$)[^\@]+)$
        mode = 0660
        delivery_date_add
        envelope_to_add
        return_path_add
    address_pipe:
      driver = pipe
      return_output
    
    virtual_address_pipe:
      driver = pipe
      group = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
      return_output
      user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
    
    # This transport is used for handling deliveries directly to files that are
    # generated by aliassing or forwarding.
    
    address_file:
      driver = appendfile
      delivery_date_add
      envelope_to_add
      return_path_add
    
    
    # This transport is used for handling autoreplies generated by the filtering
    # option of the forwardfile director.
    
    
            
    
    
    virtual_userdelivery_spam:
      driver = appendfile
      delivery_date_add
      envelope_to_add
      directory = "${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value
    }}}}/mail/${domain}/${local_part}/.spam"
      maildir_use_size_file
      maildir_quota_directory_regex = ^(?:cur|new|\.(?!Trash$)[^\@]+)$
      maildir_format
      maildir_tag = ,S=$message_size
      quota_size_regex = ,S=(\d+)
      mode = 0660
      quota = "${if exists{${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd
    }{$value}}}}/etc/${domain}/quota} {${lookup{$local_part}lsearch*{${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc
    /userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/${domain}/quota}{$value}}} {}}"
      quota_is_inclusive = false
      quota_directory = "${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{
    $value}}}}/mail/${domain}/${local_part}"
      return_path_add
      user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
      group = ${extract{3}{:}{${lookup{${lookup{$domain}lsearch* {/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}
    
    boxtrapper_autowhitelist:
      driver = pipe
      headers_only
      command = /usr/local/cpanel/bin/boxtrapper --autowhitelist "${authenticated_id}"
      user = ${perl{getemailuser}{$authenticated_id}}
      group = ${extract{3}{:}{${lookup{${perl{getemailuser}{$authenticated_id}}}lsearch{/etc/passwd}{$value}}}}
      log_output = true
      current_directory = "/tmp"
      return_fail_output = true
      return_path_add = false
    
    local_boxtrapper_delivery:
      driver = pipe
      command = /usr/local/cpanel/bin/boxtrapper "${local_part}" $home
      user = $local_part
      group = ${extract{3}{:}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}}
      log_output = true
      current_directory = "/tmp"
      return_fail_output = true
      return_path_add = false
    
    virtual_boxtrapper_userdelivery:
      driver = pipe
      command = /usr/local/cpanel/bin/boxtrapper "${local_part}@${domain}" $home 
      user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
      group = ${extract{3}{:}{${lookup{${lookup{$domain}lsearch* {/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}
      log_output = true
      current_directory = "/tmp"
      return_fail_output = true
      return_path_add = false
    
    
    virtual_userdelivery:
      driver = appendfile
      delivery_date_add
      envelope_to_add
      directory = "${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value
    }}}}/mail/${domain}/${local_part}"
      maildir_use_size_file
      maildir_quota_directory_regex = ^(?:cur|new|\.(?!Trash$)[^\@]+)$
      maildir_format
      maildir_tag = ,S=$message_size
      quota_size_regex = ,S=(\d+)
      mode = 0660
      quota = "${if exists{${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd
    }{$value}}}}/etc/${domain}/quota} {${lookup{$local_part}lsearch*{${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc
    /userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/${domain}/quota}{$value}}} {}}"
      quota_is_inclusive = false
      quota_directory = "${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{
    $value}}}}/mail/${domain}/${local_part}"
      return_path_add
      user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
      group = ${extract{3}{:}{${lookup{${lookup{$domain}lsearch* {/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}
      shadow_condition = ${if exists {${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{
    /etc/passwd}{$value}}}}/.cpanel/rim/bis/$local_part@$domain}{1}{0}}
      shadow_transport = rim_bis_notifier_virtual_user
    
    rim_bis_notifier_virtual_user:
      driver = pipe
      headers_only
      command = /usr/local/cpanel/bin/rim_bis_notifier "${local_part}@${domain}" ${extract{5}{:}{${lookup{${lookup{$domain}l
    search*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}
      user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
      group = ${extract{3}{:}{${lookup{${lookup{$domain}lsearch* {/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}
      log_output = true
      current_directory = "/tmp"
      return_fail_output = true
      return_path_add = false
    
    
    address_reply:
      driver = autoreply
    
    
    mailman_virtual_transport:
        driver = pipe
        command = /usr/local/cpanel/3rdparty/mailman/mail/mailman \
                  '${if def:local_part_suffix \
                        {${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}} \
                        {post}}' \
                  ${lc:$local_part}_${lc:$domain}
        current_directory = /usr/local/cpanel/3rdparty/mailman
        home_directory = /usr/local/cpanel/3rdparty/mailman
        user = mailman
        group = mailman
    
    
    mailman_virtual_transport_nodns:
        driver = pipe
        command = /usr/local/cpanel/3rdparty/mailman/mail/mailman \
                  '${if def:local_part_suffix \
                        {${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}} \
                        {post}}' \
                  ${lc:$local_part}
        current_directory = /usr/local/cpanel/3rdparty/mailman
        home_directory = /usr/local/cpanel/3rdparty/mailman
        user = mailman
        group = mailman
    
    
    
    
    
    
    
    ######################################################################
    #                      RETRY CONFIGURATION                           #
    ######################################################################
    
    # This single retry rule applies to all domains and all errors. It specifies
    # retries every 15 minutes for 2 hours, then increasing retry intervals,
    # starting at 1 hour and increasing each time by a factor of 1.5, up to 16
    # hours, then retries every 8 hours until 4 days have passed since the first
    # failed delivery.
    
    # Domain               Error       Retries
    # ------               -----       -------
    
    
    begin retry
    
    
    *                      *           F,2h,15m; G,16h,1h,1.5; F,4d,8h
    
    
    # End of Exim 4 configuration
     
  3. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Can you tail your /var/log/maillog after restarting SpamAssassin and provide the results?

    So in one root SSH session:

    Code:
    /scripts/restartsrv_spamd
    In another screen:

    Code:
    tail -f /var/log/maillog
    Then let us know the return when SpamAssassin starts up.
     
  4. triwav

    triwav Member

    Joined:
    Dec 17, 2009
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Sure. Here's the result:
    Oct 14 08:11:51 host spamd[21103]: spamd: handled cleanup of child pid 12343 due to SIGCHLD
    Oct 14 08:11:51 host spamd[21103]: prefork: child states: I
    Oct 14 08:11:51 host spamd[21103]: spamd: server killed by SIGTERM, shutting down
    Oct 14 08:11:51 host spamd[14862]: logger: removing stderr method
    Oct 14 08:11:52 host spamd[14864]: Argument "2.007_001" isn't numeric in numeric lt (<) at /usr/lib/perl5/site_perl/5.8.8/Mail/SpamAssassin/Plugin/SPF.pm line 391.
    Oct 14 08:11:52 host spamd[14864]: spamd: server started on port 783/tcp (running version 3.2.4)
    Oct 14 08:11:52 host spamd[14864]: spamd: server pid: 14864
    Oct 14 08:11:52 host spamd[14864]: spamd: server successfully spawned child process, pid 14865
    Oct 14 08:11:52 host spamd[14864]: spamd: server successfully spawned child process, pid 14866
    Oct 14 08:11:52 host spamd[14864]: prefork: child states: IS
    Oct 14 08:11:52 host spamd[14864]: prefork: child states: II
     
  5. triwav

    triwav Member

    Joined:
    Dec 17, 2009
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    So I'm not sure what happend, but it seems to be scanning messages now. It's still letting the spam through 'cause the level is too low but it's at least checking it. Thanks for the help. I'll let you know if more is needed.
     
Loading...

Share This Page