• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue SpamAssassin blacklists have no effect on incoming mail

Bitpalast

Bitpalast

Plesk addicted!
Plesk Guru
Server operating system version
Alma 8
Plesk version and microupdate number
18.0.66 #2, but previous versions, too
Spamassassin is turned on with individual settings per mailbox.
For the mailbox in question, Spamassassin is turned on.
The blacklist contains entries like *@somedomain.tld.
The incoming mail is small enough that is is being handled by Spamassassin.
The sender is not whitelisted, neither in the individual settings, nor server-wide.

But all mails are delivered, including mails from somedomain.tld which is on the blacklist.
I can see in the maillog, that Spamassassin is asked by the mail server to handle the mail, but it returns a "PASS", although the sender domain is in the blacklist.

What could be the problem?
 
Is the SpamAssassin blacklist rule listed in the header (USER_IN_BLACKLIST or USER_IN_BLOCKLIST) of the email?
 
Code: 
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on <hostname>
X-Spam-Level:  
X-Spam-Status: No, score=-0.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, 
    DKIM_VALID_AU,DKIM_VALID_EF,HTML_FONT_LOW_CONTRAST,HTML_MESSAGE, 
    RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, 
    RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, 
    SPF_HELO_PASS,SPF_PASS,T_KAM_HTML_FONT_INVALID,URIBL_BLOCKED 
    autolearn=ham autolearn_force=no version=3.4.6
 
Does the /var/qmail/mailnames/example.com/mailbox_name/.spamassassin/user_prefs file exists and does it contain the blacklisted entry?

If it does, does restarting SpamAssassin sudo /usr/local/psa/admin/bin/spammng --restart fixes the issue?
 
Also, there might be the slightest possibility that the option the "Apply individual settings to spam filtering" isn't actually enabled even when it's checked (enabled) on the T&S > Spam Filter settings page. But I can't for the life of me figure out where on the server that specific configuration is actually stored.
 
Kaspar said:
Does the /var/qmail/mailnames/example.com/mailbox_name/.spamassassin/user_prefs file exists and does it contain the blacklisted entry?
Click to expand...
Yes.
Kaspar said:
If it does, does restarting SpamAssassin sudo /usr/local/psa/admin/bin/spammng --restart fixes the issue?
Click to expand...
No.

Spamassassin becomes active, but it completely ignores the blacklist:
Code: 
Jan 21 23:27:21 lahn spamd[3673607]: spamd: connection from 127.0.0.1 [127.0.0.1]:34050 to port 783, fd 5
Jan 21 23:27:21 lahn spamd[3673607]: spamd: using default config for [email protected]: /var/qmail/mailnames/recipient.tld/d_s/.spamassassin/user_prefs
Jan 21 23:27:21 lahn spamd[3673607]: spamd: processing message <trinity-4b6b9485-90e6-4ec2-a859-6facf50f4d64-1737498441023@msvc-mesg-web007> for [email protected]:30
Jan 21 23:27:21 lahn spamd[3673607]: spamd: clean message (0.5/2.0) for [email protected]:30 in 0.3 seconds, 3417 bytes.
Jan 21 23:27:21 lahn spamd[3673607]: spamd: result: . 0 - DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,MIME_HTML_ONLY,RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H5,RCVD_IN_MSPIKE_WL,RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED,SPF_HELO_NONE,SPF_PASS scantime=0.3,size=3417,[email protected],uid=30,required_score=2.0,rhost=127.0.0.1,raddr=127.0.0.1,rport=34050,mid=<trinity-4b6b9485-90e6-4ec2-a859-6facf50f4d64-1737498441023@msvc-mesg-web007>,autolearn=no autolearn_force=no
Jan 21 23:27:21 lahn postfix-local[3675621]: 520D227C27FD: spam: stderr: PASS

The recipient's mail address is "d&s@...", so at first I thought this is a problem for Spamassassin, but Sebahat meant, the team could not reproduce it, so I guess we can rule that aspect out.
 
... ok ... I do see this though:

Code: 
... ient.tld,uid=30,required_score=2.0,rhost=127.0.0.1,raddr= ...

and that required score comes from the general server default value, not from the customer's mailbox setting. So there seems to be a chance that the individual setting is indeed not applied for that mailbox, but the server setting is. And in the server there is no blacklist.
 
You must log in or register to reply here.

Similar threads

propz
Resolved Email Domain Blacklisting not working 100%
Replies
7
Views
3K
Kaspar
K
Bitpalast
Forwarded to devs Spamassassin ignores mails to mailboxes that contain an ampersand, e.g. d&[email protected]
Replies
9
Views
2K
Bitpalast
Bitpalast
EnriqueR
Question Incoming mail is stored in Junk folder
Replies
6
Views
898
EnriqueR
EnriqueR
W
Issue Mail forwarded on the server in the target mailbox is delivered to the SPAM folder
Replies
0
Views
464
W4ru
W
CobraArbok
Issue Mailboxes no longer receive mail and GMail puts mail in Spam.
Replies
17
Views
3K
CobraArbok
CobraArbok
Back
Top