@shoulders - I have to admit, I didn’t realize who you were based on your username or your GitHub profile at first. But when I saw the link, I immediately recognized your work. I’ve read your notes in the past and I sincerely appreciated them. Great job!
PS - your link was in my browser bookmarks already 
Please report the issues. Always there is a way to improve.
@ADDISON74 I think you nailed it. I am not an “advanced administrator”, I am a chemical engineer who likes to dig around and make things work. (I also had an email server since the UUCP days: mas!koala!ccur~) My how things have changed since I was at the University.
Indeed, I chose webmin for my small company because it is a solid base. But I can see that it is time to have another deep dive, this time with procmail.
I already have. I have reported all of them.
In the past there were discussions with the Virtualmin team to replace procmail, mainly because it has not been maintained for a very long time, but the arguments brought up were to keep it. Many would have wanted something more modern like Amavis. Engineering speaking, don’t try to change something that works.
All those lines in a procmail config file may seem intimidating, but after reading a few tutorials and talking to an AI based on examples you will see that it is not so complicated anymore. When I created my configuration file for production I created in a test directory a procmail configuration file and an text file with spam content generated by ChatGPT, having lines like these:
X-Spam-Flag: YES
X-Spam-Level: *****
X-Spam-Status: Yes, score=5.2
This is the command I remember I used in CLI for testing:
procmail -m /home/[user_name]/procmail.conf VERBOSE=yes < spam.eml
I remember they were looking at overhauling the email stack, swapping out the grey list package for a proper filter and some other stuff.
I did mention rspamd and some other stuff.
The email stack does need some TLC, but if all of my bug report are implemented it would run a lot better.
Indeed. If it ain’t broken, don’t fix it.
I know I am dealing with an edge case, and I don’t want to create a whole new email stack just to get rid of the occasional high-scoring spam that gets through.
Is it actually scored? There is a setting to ignore mail over a certain size. I had to up this limit to catch some. In this case though, they are not scored, just ignored.
Currently this setting is set to 500kb. And the last spam that was scored over 100 that got delivered into my spam folder was smaller than this (~ 12kb)
SpamAssasin attached the following to the header:
X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-13) on mail.mschaffer.net
X-Spam-Flag: YES
X-Spam-Level: **************************************************
X-Spam-Status: Yes, score=113.3 required=5.0 tests=BAYES_99,BAYES_999,
DATE_IN_PAST_06_12,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,
DMARC_PASS,HTML_MESSAGE,LOTS_OF_MONEY,MPART_ALT_DIFF,RCVD_IN_MSPIKE_BL,
RCVD_IN_MSPIKE_L5,RCVD_IN_PSBL,RDNS_NONE,SPF_HELO_NONE,T_MONEY_PERCENT,
T_SPF_TEMPERROR,URIBL_ABUSE_SURBL,URIBL_BLACK,URI_NO_WWW_INFO_CGI,
USER_IN_BLOCKLIST autolearn=no autolearn_force=no version=4.0.0
I think I found the prob, anything above the score of 50 won’t work, mail will be sent to the spam folder. Looks like there is a ceiling to the setting.
Give it a try.
@Ilia can you check this, not sure if its bug or a limit. Found nothing in google.
I will try right away.
But, when I set the threshold to “100”, almost all of the USER_IN_BLOCKLIST for the domains had stopped being put into the junk mail. It just wasn’t delivered, as these scores were 100 or above.
But I will set the threshold to 49 and see what happens.
SpamAssassin caps X-Spam-Level at 50 stars to align with RFC-822’s message header line length limit. That said, even if the score is 113.3 or 200 or whatever.
The bug is that our spam level rule can never match those, and the message falls through to the “deliver to spam folder” rule.
@Jamie, see the following patch to address this issue:
Those having this issue, and willing to test, apply the patch, toggle the spam feature, and see if it starts working:
webmin patch https://github.com/virtualmin/virtualmin-gpl/commit/20c64de
Yep looks like it did the trick
Hopefully OP is fixed.
Thanks Ilia for the fix!
I set the spam cutoff at 49 and nobody here has reported any spam >= 50 in their spam folders so far. So that did the trick.
I will apply the patch after running a backup this weekend.
Backup doesn’t backup code only settings and sites data, you can reverse the change if you look at the code on the github.
But that’s up to you.
@stefan1959 I do a snapshot of the whole VM container that my server is running in every month. So, it should be the soup, nuts, and everything in between.
But since I think you were speaking of Virtualmin’s backup of the virtual servers, is there a way to run this on a schedule? (If you could point me to a link describing this, if it exists.)
Yep its all documented
I do full backups a night and four hour differential to a S3 compatible cloudflare service. Very cheap of around $1 a month (backups are around 10gig). I was using AWS and that was around $3 a month. So very little cost.
But you can use alot of different methods, a few free if you have a place to backup to.
How does spam affect you and why is your domain drawing it? Mine is very little and goes to a server where I have spam protection enabled, not all my servers get spam. It is like bees and a honey pot. The question should be why does my domain attract spam.
LG
A few decades ago I had to go to off mail server processing because of spam. I built two machines. One was the primary MX and the other was secondary.
Both machines actually started receiving traffic before they went live! The secondary even more. The secondary shouldn’t have seen any traffic once the primary went live but actually got more traffic. ALL SPAM. So, I set it stricter.
