SpamAssassin is an open source Apache Project and is located in cPanel under the Spam Filter settings. The source was first made widely available back in April 2001. If you are more technically-minded and want to see how it has evolved over the years, you can see a full change history here.
It works by using a variety of spam detection methods, including:
- DNS-based and fuzzy checksum based spam detection
- Bayesian Filtering
- Sender Reputation System
- Whitelists
- Blacklists
- Online Databases (DCC, Pyzor, Razor2)
- Body phrase tests
- Header tests
- Character sets and locales
These spam detection methods are applied to email headers (an excellent guide to finding email headers) and content to classify the email using various statistical methods. They are designed to block unwanted email messages before they reach your inbox and evolve to combat the changing ways spammers get to your inbox.
It is a far cry from the keyword based spam detection systems used prior.
I will first go through a short cPanel tutorial showing how to enable the Spam Filter and then go through the different SpamAssassin configuration options.
How to Enable the SpamAssassin Spam Filter in cPanel
-
In the cPanel Dashboard scroll down to the ‘Email’ Section.
- I am assuming you have already logged in to cPanel, but if you haven’t yet, please do so now.
- Scroll down to the “Email” section of the administrative dashboard.
-
Click the ‘Spam Filters’ link.As of version 70 of cPanel, Apache SpamAssassin was renamed to “Spam Filters” in the dashboard.
- Click on “Spam Filters”
- Click on “Spam Filters”
-
Enable the Spam Filters
- Turn on the Spam Filters by toggling the “Process New Emails and Mark them as Spam” option at the top of the page.
- Turn on the Spam Filters by toggling the “Process New Emails and Mark them as Spam” option at the top of the page.
-
SpamAssassin is now activeIf successful, you will see a green box appear confirming the following:
Success: Apache SpamAssassin has been enabled.
If the email is found to be spam, the word
***SPAM***
will appear at the start of the subject field, as shown in the screenshot:Unless you configure SpamAssassin to auto-delete or move the spam to the junk folder (I’ll cover how to do this shortly), No other actions will occur, and the message will remain in your inbox.
How to Configure the SpamAssassin Score Setting
An email message spam score is calculated on a scale of 1 to 10. The higher the SpamAssassin Score, the more likely it is to be spam. If a message’s calculated spam score meets or exceeds the Spam Threshold Score, the system will label that message as spam.The Spam Threshold Score and Auto-Delete Threshold Score (I’ll cover this shortly) are different, and as such do not affect each other.
-
Click the ‘Spam Filters’ link on the main cPanel dashboard
- Click on “Spam Filters”
- Click on “Spam Filters”
-
Click on the ‘Spam Threshold Score’ link
- To Adjust the Score, you will need to click on the “Spam Threshold” link as shown in the screenshot.
- To Adjust the Score, you will need to click on the “Spam Threshold” link as shown in the screenshot.
-
Adjust the Spam Threshold Score to your desired levelIn cPanel you can adjust the Spam Threshold Score to one of the following settings, or a custom number between 1 and 10:
- Score 1: Aggressive - This will mark many legitimate emails as spam. I.e., Many false positives.
- Score 4: Recommended for well-tested servers
- Score 5: Default
- Score 8: Recommended for Internet service providers
- Score 10: Passive. This will catch only the most obvious spam.
- Custom Score: Any score between 1 and 10, configurable to two decimal places. This enables you to fine-tune the SpamAssassin Score setting if you continue to receive Spam emails.
For example, using the custom score so you can increment it in small amounts:- Lower the score if you find Spam emails are still making it through the filter.
- Raise your score if you find that emails from your contacts are being filtered by mistake.
How to Configure SpamAssassin to Move Spam to Junk Folder (Spam Box)
When Apache SpamAssassin is enabled, you may want to move spam to a different folder. By enabling this option, any message above the Spam Threshold Score will be automatically moved into the “Spam” folder. You can then review the spam messages and adjust the Spam Threshold Score as necessary to fine tune it.-
Click the ‘Spam Filters’ link on the main cPanel dashboard
- Click on “Spam Filters”
- Click on “Spam Filters”
-
Toggle the ‘Move New Spam to a Separate Folder (Spam Box)’ option
- Toggle the “Move New Spam to a Separate Folder (Spam Box)” to “on.”
-
Configure Spam Box SettingsThis is an optional step that covers the additional options available for the Spam Box. I say optional because all it really does is allow you to easily empty the Spam box, either in its entirety or by deleting individual messages.
You have a couple of options here:- To delete all Junk Mail click “Empty all Spam Box folders.”
- To search for specific spam messages, or delete by certain characteristics, click on the “Manage Email Disk Usage” option. You will then be able to manage disk usage, including the Junk Folder.
How to Configure SpamAssassin Auto-delete
No email filtering system is 100 percent perfect (you can read an interesting discussion on the StackExchange about that here).While spam filters try to catch all email that is spam, Spammers are continually adapting to create emails that are trusted not to be spam both by automatic filters and by humans themselves. For spammers, they try to create emails that can bypass the filters, looks legitimate, so it is opened, and look attractive enough so that a user clicks a link in the mail. It is a continuous battle.
As a result of the imperfection of email filters, I recommend that you do not use the auto-delete option unless you have to.
If you are having a particular problem with email spam, you can set the auto-delete score to be higher than the spam score. This way, you can still set the spam filter to be quite strict, and only delete the very worst spam.
-
Click the ‘Spam Filters’ link on the main cPanel dashboard
- Click on “Spam Filters”
- Click on “Spam Filters”
-
Toggle the ‘Automatically Delete New Spam (Auto-Delete)’ option.
- To automatically delete spam messages above the Auto-Delete Threshold Score (this is different from the Spam Threshold Score) toggle the ‘Automatically Delete New Spam (Auto-Delete)’ setting.
- To automatically delete spam messages above the Auto-Delete Threshold Score (this is different from the Spam Threshold Score) toggle the ‘Automatically Delete New Spam (Auto-Delete)’ setting.
-
Click the ‘Auto-Delete Threshold Score’ Link.
- Click the link from the Main Spam Filters screen to go to the settings.
- Click the link from the Main Spam Filters screen to go to the settings.
-
Set Auto-Delete to 8As I mentioned earlier, it is not recommended to use the Auto-Delete functionality. However, if you do, then I highly recommend setting the score much higher than the Spam Threshold Score, so you only delete the very worst of the Spam Messages.
The Default Auto-Delete Score is set to 5. I recommend a setting of 8 if you use this functionality.- Click the “Auto-Delete”
- Click the “Update Auto-Delete Score” to save the setting.
Additional Configurations (For Advanced Users)
Here, you are able to configure the following settings:- Whitelist emails
- Blacklist Emails
- Calculated Spam Score settings
How to Configure the SpamAssassin Whitelist
If you have an important client, friend, or just want to ensure you will receive a specific sender’s email, you need to whitelist their domain.-
Click the ‘Spam Filters’ link on the main cPanel dashboard
- Click on “Spam Filters”
- Click on “Spam Filters”
-
Toggle the ‘Additional Configurations (for Advanced Users)’.
- To see the full list of Additional configurations, you need to expand the list by clicking the “Show Additional Configurations” link.
- To see the full list of Additional configurations, you need to expand the list by clicking the “Show Additional Configurations” link.
-
Click the ‘Edit Spam Whitelist Settings’ Link.
- Click the link to Edit the Spam Whitelist Settings.
- Click the link to Edit the Spam Whitelist Settings.
-
Add a New Whitelist From Item (whitelist_from)When configuring the whitelist_from setting, you are allowed to use wildcards such as “*” and “?”. For example:
- user@example.com — Whitelists a single specified email address
- *@example.com — Whitelists all of the email addresses at example.com
- ?ser@example.com — Whitelists a single character in the email address. So in this example, user@example.com would be allowed, but thisuser@example.com would not.
How to Configure the SpamAssassin Blacklist
If you get repeated spam from any particular email address, such as a mailing list you cannot unsubscribe from, you can blacklist that domain.-
Click the ‘Spam Filters’ link on the main cPanel dashboard
- Click on “Spam Filters”
- Click on “Spam Filters”
-
Toggle the ‘Additional Configurations (for Advanced Users)’.
- To see the full list of Additional configurations, you need to expand the list by clicking the “Show Additional Configurations” link.
- To see the full list of Additional configurations, you need to expand the list by clicking the “Show Additional Configurations” link.
-
Click the ‘Edit Spam Blacklist Settings’ Link.
- Click the link to Edit the Spam Blacklist Settings.
- Click the link to Edit the Spam Blacklist Settings.
-
Add a New Blacklist From Item (blacklist_from)When configuring the blacklist_from setting, you are allowed to use wildcards such as “*” and “?”. For example:
- user@example.com — Blacklists a single specified email address
- *@example.com — Blacklists all of the email addresses at example.com
- ?ser@example.com — Blacklists a single character in the email address. So in this example, user@example.com would be allowed, but thisuser@example.com would not.
How to customize the Calculated Spam Score settings (Advanced Users Only)
This is where you can configure different scores for the hundreds of different tests and assign a score to that test. For example, you can check popular spam email lists, and set “10” score to the Calculated Spam Score to ensure any email caught by that test is always caught by your Spam Filter.I do not recommend you change any of these settings, but I will walk you through a couple that you may wish to consider if you have a particularly bad problem with spam.
-
Click the ‘Spam Filters’ link on the main cPanel dashboard
- Click on “Spam Filters”
- Click on “Spam Filters”
-
Toggle the ‘Additional Configurations (for Advanced Users)’.
- To see the full list of Additional configurations, you need to expand the list by clicking the “Show Additional Configurations” link.
- To see the full list of Additional configurations, you need to expand the list by clicking the “Show Additional Configurations” link.
-
Click the ‘Configure Calculated Spam Score Settings’ Link.
- Click the ‘Configure Calculated Spam Score Settings’ Link.
- Click the ‘Configure Calculated Spam Score Settings’ Link.
-
Add a New ‘Scores’ ItemTo review the default scores, run the following command at the command line:
You can also see the default scores by adding any of the Scores Items, as the score when added will be the default one unless you change it.grep -R score /var/lib/spamassassin/* | less
If I were to alter any of the default scores, it would be the following:- URIBL_DBL_SPAM: Set Score to 10 - This checks whether there is a domain in the email body that matches an entry on the Spamhaus Domain Block List
- URIBL_WS_SURBL: Set Score to 10 - This checks whether there is a domain in the email body that matches an entry on the Bill Stearns URI Blacklist
- URIBL_BLACK: Set Score to 10 - This list contains domain names belonging to and used by spammers. This list has a goal of zero False Positives.
Add Comment