Understanding cPanel’s SpamAssassin

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

spamassassincpanel

How it scores

The SpamAssassin score can be an integer or real number
required_Score = 5
required_Score = 8.2

Emails are marked with a number starting at 0. This is, in-a-sense, how spammy your email is based on a huge number of factors such as content and origination. A higher number means your email is very spam-like while a lower number such as 0 or 1 is a relatively clean email. Take a look at how SpamAssassin marks emails here:  http://help.campaignmonitor.com/topic.aspx?t=104

There are some factors that subtract from the score such as verifying that your email is originating actual server. Your emails should ideally be under 5. You can find out how to increase your emails reputation here.

The number you should be setting for marking email as spam is set under “Configure SpamAssassin.” The lower the number, the more likely your email will be marked as spam. The higher, the more relaxed the filter is. Here’s an example:

email from: marcus@somedomain.com
Subject: Hey, read this when you get a chance
X-Spam-Status: No, score=-0.1
X-Spam-Score: 0
Body: …

Spam Assassin required_score = 5
Email is 0 which is less than the required_score of 5, so send email to the inbox

email from: russianladies@pornfactory.com
Subject: $$$ ladies cheap
X-Spam-Status: Yes, score=12.3
X-Spam-Score: 123
Body: …

Spam Assassin required_score = 5
Email is more than the required_score of 5. Mark as spam and go to the inbox. Notice how the email will still be sent to the inbox and not the Junk folder. To send the emails to the Junk or spam folder, you need to enable the SpamBox feature (discussed below).

How to set it up: Filters

The number you see under Filters is not setting the score for email coming in, it is for the auto-deletion emails.

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

(Note: 5 is the default setting. The higher the number, the more conservative the setting.)

A high setting means that spam emails are less likely to be auto-deleted.  Emails must be marked over the number specified to be automatically deleted. Take this example of a configuration:

default_score: 4
auto-delete score: 6

A spamassassin score of 4 means anything under 4 will pass to inbox. Anything higher will be marked as spam. Anything above 6 will be automatically deleted. However, take a look at the following configuration:

default_score: 5
auto-delete score: 2

Emails marked with a score of higher than 2 will end up being deleted before the software will have a chance to mark it as spam (which must be higher than 5).

How to set it up: SpamBox

If the SpamBox feature is disabled, emails will be marked as spam, but will still go to the inbox (assuming AutoDeletion is also off). With it enabled, all email marked as spam will go to a different folder. Webmail (and often other email clients) often use a folder called Junk to designate where spam is sent, however, SpamAssassin won’t send the email to the Junk folder but instead the ‘spam’ folder. Webmail and email clients would need to subscribe to the folders from within the respective programs. The folder won’t appear until it gets its first email marked as spam.

If you don’t see the SpamBox feature in SpamAssassin, this can be enabled under root WHM Tweak Settings > Mail.

A little behind the scenes

We’ll send an email with spam contents (according to http://help.campaignmonitor.com/topic.aspx?t=104) to an email address that has SpamAssassin configured to mark emails as spam at 4.

Now let’s analyze the headers marked by SpamAssassin

You’ll notice the score received by the email, which is 5.2, and how it got that score. It looks for specific strings in the body and if it exactly matches, it adds points. If we remove the ‘Risk free’ from the email and send a new one, the score becomes 2.5 and passes through since the required_score is 4.

SpamAssassin not only takes a look at the contents but where the email is originating from as well. Analyze the headers from an actual spam email:

You can read up for further advanced configuration in the newest article.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.