• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Question Custom spamassassin rules

QWeb Ric

Basic Pleskian
We've created /usr/share/spamassassin/99_custrules.cf and added a bunch of custom rules. As far as I can tell from the documentation the rules within this file are valid, and spamassassin --lint throws no issues, but even after a /usr/local/psa/admin/bin/spammng --restart it doesn't look like these rules are having any affect.

For example, these two rules are supposed to kill anything with park2travel web or email links:

uri CUST_L03 /www\.park2travel\.com/i
score CUST_L03 3
description CUST_L03 contains park2travel links

uri CUST_L04 /\@park2travel\.com/i
score CUST_L04 5
description CUST_L04 contains park2travel email links


But still a tonne of park2travel emails pass through just fine, with scores of around -2.9. Additionally the x-spam-status flag doesn't ever reference these custom rules. For example the latest park2travel email has this flag:

X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00,
DKIM_SIGNED,DKIM_VALID,HTML_MESSAGE,SPF_PASS,URIBL_BLOCKED autolearn=ham
version=3.3.2


Any ideas what could be going wrong? I'm wondering if the autolearn=ham flag means that before adding these rules, the server already decided these emails were acceptable?

Server is CentOS 6.9 and Plesk is Onyx 17.0.17.
 
Hi Danami,

We run /usr/local/psa/admin/bin/spammng --restart after every edit, and there's been occasional full server restarts too.
 
I always restart mine using:
service spamassassin restart

I also had to put my global rules directly in this file, to get it working:
/etc/mail/spamassassin/local.cf

Even when you change Spamassassin settings in the UI, the local.cf file modifications you do don't seem to get erased.
 
Hmm, that's interesting. I did a little digging around your find and came across this thread: spamassassin - and my own rules

Moving the custom rules in to a new file within /etc/mail/spamassassin (rather than editing that local.cf), adding a purposeful error and then doing a --lint, I now see reference to the erroneous line which confirms the custom rules are now read. This doesn't happen when the file sits in /usr/share/spamassassin.

Does this then mean that all of the other rule files in /usr/share/spamassassin are ignored the same as our custom files? There are so many files in here that I'm now thinking Spamassassin on CentOS/Plesk probably isn't as effective as it should be!?
 
In the /etc/mail/spamassassin/init.pre file you can find this comment as well:

# There are now multiple files read to enable plugins in the
# /etc/mail/spamassassin directory; previously only one, "init.pre" was
# read. Now both "init.pre", "v310.pre", and any other files ending in
# ".pre" will be read. As future releases are made, new plugins will be
# added to new files, named according to the release they're added in.


Based on this comment I have a custom.pre file in there that successfully loads a secondary plugin, but I haven't tried putting my custom scores in it too.
 
Back
Top