Anti Spam Strictness

Many spams are coming like crazy i am unsure what to do?

Where to check spams coming in all emails? And what shall we do? Any other software to control it?

You should first check the headers to be sure SpamAssassin is working.

That will also show you the score and what tests were triggered by the email.

You can configure SpamAssassin in any way you like, and to be as strict as you like, though it’s probably not a matter of “strictness”, because just lowering the score that causes mail to be marked as a spam very low is likely to cause a lot of false positives. You should instead enable and tune the tests you’re using to suit the kinds of spam you’re seeing get through. You can also train the Bayesian filter.

hi joe, thank for info can u share a link for this guide please including baysian filter and spamassassin and all you talking about?

Our documentation only covers our part of the equation; enabling it in Virtualmin and what happens when mail is detected as spam or mail, and making sure that’s working.

Our docs are here: Spam and Virus Scanning | Virtualmin — Open Source Web Hosting Control Panel

We also have some troubleshooting docs that cover what to look for when troubleshooting spam filtering: Troubleshooting Emails | Virtualmin — Open Source Web Hosting Control Panel

The SpamAssassin docs are here: SpamAssassin: Documentation

But, again, you need to look at the headers of a received mail to make sure SpamAssassin is working and what tests are being triggered and whether a simple tweak can help. Open a spam that made it into your inbox and look at the headers. If you don’t know what they mean, you can post them here and we’ll help interpret them. They’ll look something like this, assuming everything is working:

X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on n1.virtualmin.com
X-Spam-Level: 
X-Spam-Status: No, score=-2.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,HTML_MESSAGE,LOTS_OF_MONEY,MAILING_LIST_MULTI,
	MIME_HTML_ONLY,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,
	URIBL_CT_SURBL autolearn=ham autolearn_force=no version=3.4.6

i tried on some and here i get but its not spam..

Return-Path: noreply@myus.com
X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-13) on
server.workliflysolutions.com
X-Spam-Level:
X-Spam-Status: No, score=-0.1 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
DKIM_VALID_AU,DKIM_VALID_EF,DMARC_PASS,HTML_MESSAGE,MIME_HTML_ONLY,
MSGID_FROM_MTA_HEADER,RCVD_IN_DNSWL_BLOCKED,
RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED,
RCVD_IN_VALIDITY_SAFE_BLOCKED,RCVD_IN_ZEN_BLOCKED_OPENDNS,
SPF_HELO_NONE,SPF_PASS,URIBL_DBL_BLOCKED_OPENDNS autolearn=ham
autolearn_force=no version=4.0.0
X-Original-To: dj.s@workliflysolutions.com
Delivered-To: “dj.s@workliflysolutions.com”@server.workliflysolutions.com
Authentication-Results: server.workliflysolutions.com;
dkim=pass (2048-bit key; unprotected) header.d=myus.com header.i=@myus.com header.a=rsa-sha256 header.s=smtpcustomer header.b=qjCuRjg9;
dkim=pass (2048-bit key; unprotected) header.d=smtpsendmail.com header.i=@smtpsendmail.com header.a=rsa-sha256 header.s=smtpcustomer header.b=cEeIB7oP;
dkim-atps=neutral
Received: from mailer194.gate179.sl.smtp.com (mailer194.gate179.sl.smtp.com [192.40.179.194])
by server.workliflysolutions.com (Postfix) with ESMTPS id 68ED51C018C
for dj.s@workliflysolutions.com; Fri, 5 Sep 2025 11:05:37 +0000 (UTC)
X-Report-Abuse: SMTP.com is an email service provider. Our abuse team cares
about your feedback. Please contact abuse@smtp.com for further investigation.
Message-ID: 25b9deb2-a5bc-4b26-8177-5ba495f8f2a3@mtl-mta07-out2
Received: from [10.0.23.48] (unknown [10.138.12.10])
by mtl-mta07-out2 (Halon) with ESMTP
id 25b9deb2-a5bc-4b26-8177-5ba495f8f2a3;
Fri, 05 Sep 2025 11:05:21 +0000 (UTC)
Received: Received from 10.138.12.40 by Caffeine (s0-aws-app-swarm-manager-3)
with SMTP id 91ac2154-fe4b-459a-b652-3b08bee72339 for
dj.s@workliflysolutions.com; Fri, 05 Sep 2025 11:05:05 +0000 (UTC)
Feedback-ID: 9062077:SMTPCOM
Received: from prd-ctm01 (unknown [128.136.219.4])
by s0-aws-app-mta-in-1 (Halon) with ESMTPA
id 91ac2154-fe4b-459a-b652-3b08bee72339;
Fri, 05 Sep 2025 11:05:05 +0000 (UTC)
MIME-Version: 1.0
From: “MyUS.com” noreply@myus.com
To: dj.s@workliflysolutions.com
Reply-To: no-reply@myus.com
Date: 5 Sep 2025 07:05:05 -0400
Subject: Your MyUS account has been canceled (BW3333)
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: base64
X-SMTPCOM-Sender-ID: 9062077
X-SMTPCOM-Tracking-Number: 91ac2154-fe4b-459a-b652-3b08bee72339
X-SMTPCOM-Message-ID: 90ae1047-206b-4d01-8b8f-7dc9daac1c8f
X-SMTPCOM-Payload:
Gx-ciriE9XrOMu8ghADIKOVYeiuw8SG2efzd44Hk73TantXZypTnKbPh4v_1I5uMtjq3Y6OqU4IYEW7oVaUe43WXr8Zs3syDospN6bG5TuFpdI3BQG4toai4-CkchLzep011YQVfR9MEDCIkV-XgVsHRggS5RlXcCc5-YZTyAut_W83ac2qcnu9iMr8-JnYP
List-Unsubscribe:
mailto:abuse@abuse.smtp.com?subject=MailStop&body=90ae1047-206b-4d01-8b8f-7dc9daac1c8f_9062077,
https://api.smtp.com/v4/unsubscribe?mid=90ae1047-206b-4d01-8b8f-7dc9daac1c8f&sid=9062077
List-Unsubscribe-Post: List-Unsubscribe=One-Click
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=myus.com;
i=@myus.com; q=dns/txt; s=smtpcustomer; t=1757070312; h=feedback-id :
mime-version : from : to : reply-to : date : subject : content-type :
content-transfer-encoding : list-unsubscribe : list-unsubscribe-post :
from : to : date : subject;
bh=lV3FJtgRuFm3KXrEdqVy7NMExMjxcJXMFjdiL8kn15g=;
b=qjCuRjg9qsazBecQ0JEn5+ENFqb+jkQdbzQOvg/xuVlzuIhQ5QEMnk8IHzq/epR8wSgqe
yNoaR6WsJsHWMdpJ3JMq8N4RMK6BPHYN9AmCr9ahup6Ei/jwCDyDitw4+N6wRrkyZs5nJPC
oc97nbbkHXwYu+DXKTQJ03gKftn1f3hrT+U1db0UPEk0f2RQvF32kTF0HnwUir3dwlPBZ45
KqYS4ubCbCA+Zl47UyiaU7Igs5xZIF29ZD3uf8FqrvLfxVJ9RHdGmpYL9o1t/k9rnPtlD1s
CyP5evDK/NuaBaYp/9OWlYCUdk97Nsy90Xa+IDYOb8P77vu6YNY9QlIP+j7Q==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=smtpsendmail.com;
i=@smtpsendmail.com; q=dns/txt; s=smtpcustomer; t=1757070312;
h=feedback-id : mime-version : from : to : reply-to : date : subject :
content-type : content-transfer-encoding : list-unsubscribe :
list-unsubscribe-post : from : to : date : subject;
bh=lV3FJtgRuFm3KXrEdqVy7NMExMjxcJXMFjdiL8kn15g=;
b=cEeIB7oPk0pN8gYcOlJxsaKN12HbnbUG6qZax0+SppzQrpM4HAPvWLZ+TrQ/ctrJfiWl5
1o7It/rvCJfFwhIPfxiPnzPMTlltEJjCoFH5s/+WY6/Ebey4ATlexq1EFmtevGw69Omcswh
1O7WEgzznkytM7gVxIZWAaOGa71I1F/jOhc9vpE8/t6xG/FIkudFs2tuMDkKh24EVHAZrlu
Rdq9DQUJjAPTcdWBvuZcgSjGEEX8Ou5mGlXLT2QUHPPJQUTJNs5R+OC//1xwDQXsOuk3ldg
mmc3uc/d9GfsI8tkHSEqFJsgo0wFlpsyc8zqCCaJOVInY+2rX927ZCiUM+1w==
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (server.workliflysolutions.com [0.0.0.0]); Fri, 05 Sep 2025 11:05:42 +0000 (UTC)

You can create you own rule if they all have the same subject ie below.

image1678×421 43.9 KB

There is a lot of info out there. Chasing spam is tedious.
I find adding this header to be helpful

Screenshot 2025-09-06 at 7.52.43 AM2568×1514 442 KB

Here is a full list under TEMPLATE TAGS

Adds a header that shows what rules are triggered with their score.

Non spam example:

Screenshot 2025-09-06 at 8.16.56 AM1478×1572 484 KB

Spam caught showing weighted rules:

Screenshot 2025-09-06 at 8.20.39 AM1136×1296 222 KB

To weight existing rules first see what is being triggered in X-Spam-Status, copy the rule exactly and change its value in Header and Body tests.

Screenshot 2025-09-06 at 9.06.47 AM2432×646 107 KB

Screenshot 2025-09-06 at 9.06.11 AM1726×664 21.2 KB

I have better luck if I keep the triggers short. i in the next column makes the trigger not case sensitive

Screenshot 2025-09-06 at 8.56.39 AM1768×374 55.8 KB

thanks stefan for enlightening examples. i understand now

thanks popmay for valuable insight and detailed explaination. this is the explaination i wanted to know. let me go through it atgain, and assemble my own foo and do more.

how dows baysian filter work or spam training? automatically? as in i open mail via roundcube and mark an email as spam? thats all?

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.