Question Plesk Email Security Pro and yet getting spam

[Denis Gomes Franco]

I found out about the Plesk Email Security extension a while ago and decided to give it a try. It's a nice way to configure server-wide spam settings, I was getting tired of setting it up on a per-mailbox basis. Then I saw that some features like Bayes training and "Daily updates of the anti-spam database" (not sure what that is, though) were available only on the Pro version, so I purchased the subscription.
Yet after a few days there are lots of spam coming through, even though I set a very low threshold (1) and I'm marking everything as spam as it comes. I noticed that the training is scheduled to run every day but sometimes I even run it manually, yet there is spam coming through.
Here is one that showed up in my inbox a few minutes ago:

Notice that the spam score is negative - how is that even possible?
I'm no spam expert but I suppose Bayes training is how SpamAssassin learns to differentiate between legitimate emails and junk like this, but it doesn't seem to be working. Also, I was under the impression that the "Daily updates of the anti-spam database " feature was something akin like what is offered on Cpanel for free, and that it would be like some kind of "crowdsourced training". When I was using Cpanel, I got way less spam than now.
If someone has any tips on how to deal with this, me and my customers would appreciate it.
PS. I already read about the MagicSpam extension...

 

[WWS]

We are having the same issue. Before we started using the Email Security Extension we got less Spam than now.

@Denis Gomes Franco
In the Overview Graph is there a Graph for Outgoing Spam showing for you?

 

[WWS]

The funny thing is in the Mail Header it shows that the required Spam Score is 7 even when it is 3 set in the Extension?

 

[WWS]

X-Virus-Scanned: Debian amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: 2.802
X-Spam-Level: **
X-Spam-Status: No, score=2.802 tagged_above=-9999 required=6
tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLYTO=1,
FROM_NOT_REPLYTO=2, LOTS_OF_MONEY=0.001, RCVD_IN_DNSWL_NONE=-0.0001]
autolearn=no autolearn_force=no

 

[Denis Gomes Franco]

In the Overview Graph is there a Graph for Outgoing Spam showing for you?

Interesting... going to PLESK EMAIL SECURITY > DASHBOARD and clicking on SENT shows some outgoing spam... What gives? I don't have any customers running email marketing or anything. Or is that regular outgoing emails but the server runs a spam check anyway and declares it to be spam?

 

[WWS]

Can you show me a Screen of your outgoing emails graph ?

 

[Denis Gomes Franco]

 

[Denis Gomes Franco]

I am not getting any complaints from my customers so I assume everything is well with outgoing messages. My concern is only about SpamAssassin that seems to be dumber than before. Or we are missing something here and the filter is crazy (how come a message can have a negative spam score?)

 

[Josch]

A negative SPAM score depends on the default values from the numerous tests spamassassin does. A list of the older spamassassin 3.3.x can be found here: spamassassin tests

Search for „whitelist“ - there you can see, that messages with the responding header test get high negative SPAM scores. Spamassassin does not only check the bad but also the good components of an email.