Update to SpamAssassin 3.4.0

Bob Snider shared this idea 2 years ago
Completed

SpamAssassin is no longer updating rules for the version of SA that cPanel is currently on,and I am seeing an increase in spam as a result.

Spamassassin 3.3.2 is no longer being maintained and there have been no rules updates since April 19.I was looking online to see if there is any progress on cPanel incorporating SpamAssassin 3.4.0 and found this:

http://forums.cpanel.net/f5/apache-spamassassin-not-updating-409282.html

"there are plans to update SpamAssassin to 3.4.0, but that's currently not scheduled until cPanel version 11.46."

From what I can tell, cPanel version 11.46 won't happen until the fall.

Please move SpamAssassin 3.4.0 up in the priority queue!

Best Answer
photo

SpamAssassin has been updated to 3.4.0 and has be released in cPanel & WHM 11.46.

Comments (17)

photo
1

SpamAssassin has been updated to 3.4.0 and has be released in cPanel & WHM 11.46.

photo
1

I'd very much like to see this too.

photo
2

Waiting 4 - 6 or months without rule updates seems pretty unwise. There are times when exceptions from a release plan make sense or does cPanel not care whether we have the latest spamassassin rules or not?

photo
2

This is such a joke. How is this not a priority for current cpanel versions. This should be a special case, rule updates are no longer provided. Expect more and more customers opening cases due to high amounts of spam because you guys choose not to provide the current supported version to you clients.

We are among others here that have noticed a considerable increase in the amount of spam received in the last few months. Its getting worse day by day.

photo
1

Please update SpamAssasin, thanks!

photo
1

We have SpamAssassin 3.4.0 running on our mail server and it has not made an impact on the recent surge of spam. If our experience is any indication, the newer version as-is doesn't help. We are currently forming a project team to tackle the recent spam problem.

photo
1

Kenneth,

Are you updating the rules daily with 3.4.0 ?

Incidently, we are now receiving hundreds of spam emails per day per account after they stopped updating the rules for 3.3.2, where we used to only receive a few when the rules were being updated daily.

photo
1

Bob Snider wrote:

Kenneth,

Are you updating the rules daily with 3.4.0 ?

Incidently, we are now receiving hundreds of spam emails per day per account after they stopped updating the rules for 3.3.2, where we used to only receive a few when the rules were being updated daily.

We use cPanel & WHM for our primary mail server. I believe the default setup we do in the product is to perform a nightly rules update. I'll confirm that is happening on our mail server.

I've not taken a count of the spam I receive. I do know that I personally receive ten's of spam messages a day. That doesn't sound like a lot (especially compared to some of my personal accounts), until compared with the fact ~four months ago I got zero. Then multiply that count across all our employees (some of whom get a lot more spam than I do) and the problem is very real.

photo
1

Kenneth, If you are using the default cPanel & WHM install then you are using SpamAssassin 3.3.2 because they are not updating to 3.4 until WHM 11.46.

If you are using 3.4 then please let us know how you installed it. I asked if there was any way to do that and was instructed to wait for 11.46

In the last two hours I received over 80 new spam messages. We are flooded here with spam!

photo
2

As has been mentioned on the forums, one of the first things you should do is remove the bayes data and the autowhitelist data and restart spamd. If you never bother to do that, they eventually become fairly polluted.

Also, I'd suggest DCC+Razor2+Pyzor+IxHash. Those along with sensible management of the Bayesian database and AWL (if you use it, and you probably shouldn't) keep things running best on 3.3.2.

I'm well aware of the recent increase in spam issues... and in fact I was complaining about the same thing not too long ago but has forgotten all about the fact that I let my Bayesian data go far too long before wiping it out and starting from scratch. Since I did that, 3.2 has really been doing a great job all things considered.

What makes this spam much more difficult is it comes in short bursts from different locations, so unless your machine is using things like Razor2, Pyzor and DCC, you aren't benefitting from the data being collected by those services to make decisions on the spamminess of a message. And that's what is really needed when the spam is otherwise not triggering the typical spam assassin rules and the spammers are following all of the best mail practices with rDNS, SPF, DKIM [and probably DMARC].

photo
1

Bob Snider wrote:

Kenneth, If you are using the default cPanel & WHM install then you are using SpamAssassin 3.3.2 because they are not updating to 3.4 until WHM 11.46.

If you are using 3.4 then please let us know how you installed it. I asked if there was any way to do that and was instructed to wait for 11.46

In the last two hours I received over 80 new spam messages. We are flooded here with spam!

Bob, we are running an 11.46 pre-release containing SpamAssassin 3.4.

photo
1

mtindor wrote:

Also, I'd suggest DCC+Razor2+Pyzor+IxHash Those along with sensible management of the Bayesian database and AWL (if you use it, and you probably shouldn't) keep things running best on 3.3.2.

Is it known why Cpanel isn't offering an easy way to manage the bayes databases? A gui to train / untrain per useraccount / per emailadress?

The fantastic four (DCC,Razor2,Pyzor,IxHash) could be offered via WHM istallation plugin too.

photo
2

First, the situation with SpamAssassin not updating its rules since April illustrates a problem that cPanel and the maintainer of SpamAssassin need to resolve. If nothing else, if it takes cPanel six months to incorporate a "current" version of SpamAssassin into cPanel, we should ask that SpamAssassin provide support for that older version during that window of time.

Second, I am not sure exactly why SA-Update refuses to continue to update the 3.3.1 version when it is expecting to find 3.4.0 but perhaps that is another design issue that should be addressed by SpamAssassin support. In summary, they need to provide support for multiple versions (like 3.3.1 and 3.4.0) at the same time. SA-Update needs to identify which version it is updating so it can provide an update stream that matches the features supported with the version that is actually running on the target machine. Or if that is to difficult, just provide separate update sites for cPanel to access for each version of SpamAssassin.

And I too am encountering a huge increase in SPAM, which I attribute to five month old unchanged rules (makes me wonder why cPanel could not be more responsive to this problem - like an emergency update if that is what it takes to keep SpamAssassin current). I will try to correct this by re-teaching the Bayesian filters with hand selected Spam and Ham, and then turning off the AWL (which I believe is a route for poisoning), and increasing the scores needed for Bayesian self-learning.

A new feature similar to the GUI interface requested above would be to allow email folders (for now call it Learn-Spam and Learn-Ham) that could be placed subordinate to the Inbox folder to receive copies of emails hand selected by the email users for nightly SA-Learn runs to "teach" the Bayesian database new tokens of recent Spam and Ham. These folder names should have a default as described above, but also allowed to be defined on a per-account basis. At the conclusion of the SA-Learn run, the folders should be emptied, and an email sent to an account-specified email address to report the number of emails processed and tokens in the Bayesian database (already in SA-Learn output, I believe).

photo
1

Stan Haimes wrote:

A new feature similar to the GUI interface requested above would be to allow email folders (for now call it Learn-Spam and Learn-Ham)
Please add your ideas here:

http://features.cpanel.net/responses/spamassassin-bayes-training-via-cpanel

Thanks.

photo
1

Did SA 3.4 improve the SPAM situation?

photo
1

lorio wrote:

Did SA 3.4 improve the SPAM situation?
It didn't for me. I don't have any learning going on at the moment however. Will have to do some additional configurations. But no, by default, didn't help much or any.

photo
1

lorio wrote:

Did SA 3.4 improve the SPAM situation?
From some of the research we've done, the problem with the spam increase is widespread, and not addressable by simply upgrading SpamAssassin.

We are investigating providing other tools, such as gray listing, to help everyone combat this increase in spam.

Just one example of other people noticing the increase in spam: http://arstechnica.com/civis/viewtopic.php?f=21&t=1253157