cPanel & WHM Version 92 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!
This object is in archive! 

SpamAssassin Scan Email Forwarders

alinford shared this idea 7 years ago
Completed

Now that cPanel has added scanning to outgoing email, it would be great to add it for forwarders as well. Make it optional similar to how it is setup with outgoing email.

Best Answer
photo

This is now available in 11.48+

We plan on adding the following new options to the Exim Configuration Manager in 11.48.


Please note, the wording is likely to change as this is just from a test build of 11.48.


Development and QA testing has completed on this feature and it is now scheduled for merge to 11.48

Comments (19)

photo
2

Spamassassin should be filtering the incoming email that is then forwarded, so no spam is forwarded.

photo
3

stormy wrote:

Spamassassin should be filtering the incoming email that is then forwarded, so no spam is forwarded.
SA does not filter email forwarders unless you also create a POP email account to match. This forces the user to monitor an unused email account, and manually delete the email. The reason this is needed is that Gmail is catching this spam, and then is blaming in our my servers instead of the original server.

photo
1

Can this be this hard to implement?

photo
2

Blocked at gmail for forwarded spam. This feature is needed.

photo
2

It's really absurd this can't be simply enabled with a few clicks in the GUI...

photo
2

BTW look how many posts and requests for this there are already in the forum!!

photo
1

We got around this by using exim's smarthost feature to forward all outgoing email to an external server that scans email and sends it. However more information is supplied during the initial incomming process and spam assassin should scan all incomming email

photo
1

Not even one comment from cPanel?


If you search the forums, there are a lot of requests for this.

photo
1

Outgoing scanning doesn't work with users who log in externally and it makes sending email with php scripts very slow.


Outgoing scanning needs to be move to a different level. All outgoing e-mail from smtp, forwarders, php mail, needs to be queued and then scanned from the queue before being sent. This needs to be a multi threaded or multi process scan and have settings so we can specifiy how many workers can be scanning outgoing e-mail at the same time.


Sadly your initial implementation for outgoing email scanning was all wrong, you didn't look into things like not applying the same rules as incomming email, scanning fowarders, and speed issues.


Moving the scan process to after the queue should enable you to scan all outgoing e-mail and ignoring checks for authenticated users.


Suppliers like gmail say you must scan any email you forward to them. They cannot differenciate between the server forwarding e-mail and the original sender.


We had to invest in an external outgoing spam gateway to get around all of these limitations. We use the smarthost feature to do this, cpanel's spam filtering should be just before the smarthost process as the smarthost queues all e-mail before forwarding it.

photo
1

Status changed to IN PROGRESS!!! :D

photo
1

This is now available in 11.48+

We plan on adding the following new options to the Exim Configuration Manager in 11.48.


Please note, the wording is likely to change as this is just from a test build of 11.48.


Development and QA testing has completed on this feature and it is now scheduled for merge to 11.48

photo
2

Glad to see it in progress. I have dozens of customers using email forwarding to Gmail and it is forwarding lots of spam too. It was mading me feel ashamed...

photo
1

Here's a solution I found. I discovered that SpamAssassin marks the header of even forwarders. Since it whitelists an email coming from the same domain, I used this workaround rule.


Make the following filter/rule per account, or Global if you want all spam going to just one single Junk folder.


Rules

Any Header

contains

X-Spam-Status: Yes


Headers of even forwarders contain the words "X-Spam-Status: Yes" so they will get marked, even if an actual email account for the forwarder doesn't exist!I hope it works for you like it did for me!

photo
1

cPanelNick, I'm thrilled to see that this is being implemented. Thank you!!!


- Scott

photo
2

How will this new feature handle detected spam messages? Will it automatically discard them, or store them somewhere?

photo
1

I second Valetia question... the catched spam will be bounced back or "blackholed"?

photo
2

Apparently a bounce is generated: https://forums.cpanel.net/threads/do-not-forward-email-to-external-recipients-for-spamassassin-score-over-x.452042/


As far as I can tell, enabling this feature as it stands would generate significant backscatter, so it could easily just make matters worse. There also appears to be a privacy issue since the forward destination email is being revealed to the sender.


Disappointing.

photo
1

oh dear.. thats not very helpful then is it.

photo
3

case 167765 will implement the check at smtp time as well. It has already been merged into 11.52 and will be in the first EDGE build of 11.51.x when it becomes available.

Replies have been locked on this page!