Configuring Spamassassin to show score for HAM on cPanel
Lately, I’ve been getting a storm of pesky junk mail on an account which is hosted on a dedicated WHM/cPanel server.
The WHM/cPanel server is a Centos 5 server with Exim mail server and Spamassassin anti-spam software installed and configured.
I went through the normal operation of staring at /var/log/maillog and /var/log/exim_rejectlog, as well as sending a test spam message to the server to make sure that the server was filtering spam properly and it seemed to be filtering messages ok.
So then I started looking around in Thunderbird, which is the client that happens to be configured to retrieve this mail.
I noticed that I could not see much Spamassassin information in the headers of messages that were not marked as spam by Spamassassin on the server, but were clearly spam messages. The only thing I could see were the following headers:
X-Spam-Status: No, score=0.4 X-Spam-Score: 4 X-Spam-Bar: / X-Spam-Flag: NO
So, I looked into the matter further and it appears that Exim on WHM/cPanel servers is configured such that there is no X-Spam-Report on messages that are not marked as Spam.
The result is that you can’t see why a message is not being flagged as spam because you have no test score information on the various tests that Spamassassin runs on each message.
To enable this for HAM as well as SPAM messages on WHM/cPanel servers with Exim, open a browser and go here:
WHM >> Service Configuration >> Exim Configuration Editor >> Advanced Editor
Now, find the section below and add the line add_header = X-Spam-Report: $spam_report in the bottom section as it appears below for messages that are not classified as SPAM.
warn
condition = ${if eq {${acl_m0}}{1}{1}{0}}
spam = ${acl_m1}/defer_ok
log_message = "SpamAssassin as ${acl_m1} detected message as spam ($spam_score)"
add_header = X-Spam-Subject: [% ACL_SPAM_HEADER %] $h_subject
add_header = X-Spam-Status: Yes, score=$spam_score
add_header = X-Spam-Score: $spam_score_int
add_header = X-Spam-Bar: $spam_bar
add_header = X-Spam-Report: $spam_report
add_header = X-Spam-Flag: YES
set acl_m2 = 1
warn
condition = ${if eq {$spam_score_int}{}{0}{${if <= {${spam_score_int}}{8000}{${if >= {${spam_score_int}}{50}{${perl{store_spam}{$sender_host_address}{$spam_score}}}{0}}}{0}}}}
warn
condition = ${if eq {${acl_m0}}{1}{${if eq {${acl_m2}}{1}{0}{1}}}{0}}
add_header = X-Spam-Status: No, score=$spam_score
add_header = X-Spam-Score: $spam_score_int
add_header = X-Spam-Bar: $spam_bar
add_header = X-Spam-Flag: NO
add_header = X-Spam-Report: $spam_report
log_message = "SpamAssassin as ${acl_m1} detected message as NOT spam ($spam_score)"
When you click Save configuration at the bottom of the advanced configuration editor, the configuration will be saved and warn you of any formatting or variable errors. If there are no errors, then Exim and Spamd servers will be restarted.
NOTE: You should edit this through WHM rather than manually editing the file at /etc/exim.conf.
WHM itself has an warning about this on the previous page. Note: Directly editing the Exim configuration file (usually located at /etc/exim.conf) will only work temporarily as an update to Exim will result in the changes being overwritten.
Now that you have HAM message headers supplying the X-Spam-Report: header, you want to configure what is in the report so that you don’t have too much superfluous information in each and every message.
You now need to edit /etc/mail/spamassassin/local.cf through an SSH shell session using your favorited editor such as nano.
Add these lines:
# custom X-Spam-Report header # report_safe 0 clear_report_template report_contact spamcontact@domain.tld report host: _HOSTNAME_ | contact: _CONTACTADDRESS_ | scores: _TESTSSCORES(,)_ | autolearn=_AUTOLEARN_, score=_AUTOLEARNSCORE_ # Set headers which may provide inappropriate cues to the Bayesian classifier # bayes_ignore_header X-Bogosity bayes_ignore_header X-Spam-Flag bayes_ignore_header X-Spam-Status bayes_ignore_header X-Spam-Report
Now you should restart exim at the command line with the following line:
$ service exim restart
Now new messages that pass through your server that are not flagged as spam by Spamassassin will have the following header instead of the one at the top of this post:
X-Spam-Status: No, score=0.4 X-Spam-Score: 4 X-Spam-Bar: / X-Spam-Flag: NO X-Spam-Report: host: host.yourdomain.com | contact: postmaster@host.yourdomain.com | scores: BAYES_00=-2.599,HTML_IMAGE_ONLY_20=1.546,HTML_IMAGE_RATIO_08=0.001,HTML_MESSAGE=0.001,HTML_SHORT_LINK_IMG_3=0.001,MIME_HTML_ONLY=1.457,SPF_HELO_PASS=-0.001,SPF_PASS=-0.001 | autolearn=no, score=4.038
One Response to “Configuring Spamassassin to show score for HAM on cPanel”
Leave a Reply
I'm currently
for Lotus Notes / Domino consulting engagements.
Connect with me:
I have tried this and for some reason my ham has no tags in it, I did get it implemented on one server but not another, any hints would be great.