I’m migrating from cPanel/WHM, which I’ve been using to host since 1999. I’m trying to get my head around two points with VirtualMin:
1.) I’m trying to decide if it would be better to just install VirtualMin on bare metal or install CloudMin and then put VirtualMin inside CloudMin. Is one approach considered “ideal”?
2.) I’ve been using an amazing spam filter plugin for cPanel (ASSP Deluxe) that worked much better than SpamAssassin back when I last used SpamAssassin in 2013 or so. Is there a good guide to making SA work as efficiently as possible? Is there any way to allow users to access sa-learn in the GUI or by forwarding messages somewhere?
Thanks. I’m not entirely sure if I’m going to do any virtualization or not. I’d love to give some accounts their own VPS and others not, but I’m not sure if that’s an efficient route. The fact that Cloudmin would make this somewhat possible is awfully intriguing.
As to #2, thanks – I was thinking something along those lines. That second one looks intriguing – I wonder if it applies the spam and ham specifically to the user’s SA? I’ll have to give it a try. I am a tad worried about running SA over the spam it has already marked spam; it seems like that might clog it up. Hmm.
This DirectAdmin script looks like a promising model to build off of for a pretty sophisticated handling of this. I would just need to figure out the exact way to fork it to use virtualmin list-users as its source rather than looking for a DirectAdmin configuration file and adjust for how virtual users under the home directory exist in VirtualMin…
I would suggest starting with a bare Virtualmin installation without making any changes to see how it works out of the box. You may find you don’t need to do anything else in the end!
One thing that drives me crazy about SA is the amount of resources it can pull on a server with just over 100 Inboxes. There comes a time when you have to ask yourself, is it worth it to allow all this spam being filtered by just one application alone?
Postfix has this wonderful feature now since version 3.6 called Postscreen. Read thoroughly through there documentation it is quite easy to deploy even on a Virtualmin Server. https://www.postfix.org/POSTSCREEN_README.html
It has literally blocked 90% of spam at the front gate. You can start with the basic setup and work your way up to creating more checks and even whitelist.
This would allow you to hand the reigns of SA over to your customers/clients to deal with the legitimate spam such as list they sign up for and don’t get unsubscribed from.
I would say at least it’s worth a shot if you are dealing with that much spam.
If I recall, don’t they use exim?
By default, Virtualmin will install Postfix for your mail server that makes Postscreen setup flawless.
Thanks everyone. Illa, that sounds wise. I have a small VPS running Virtualmin to experiment until my upgraded server is installed in the data center next week. My big reason for researching those scripts is that users have enjoyed having an easy way to train even a good spam filter…
@stefan1959 Yes, that’s the open source project it is based on, with a lot of user reaching enhancements. The author did a great job of providing a GUI for end users in cPanel and then the e-mail interface for reporting.
@cyberndt thank you! That sounds like it could help. I suspect a layered approach would help a great deal. And yes, cPanel uses exim; this will be my first serious usage of Postfix instead. Thanks for the tip!
Somewhere along the lines in the last few weeks getting everything configured, I realized my question about having a forwarding address for spam that gets through seems to possibly be already a part of the system with spamtrap and hamtrap, but they seem rarely mentioned and not very clearly documented. I did find one ambitious user who dug into the code to understand them better a few years ago…
I guess my question is – before I go and start trying to implement my “report spam folder” approach is, do spamtrap/hamtrap work in 2024? I’ve tried forwarding some messages inline and some as attachments… I’m not really clear which, if any are being processed by that system.
Everyone here has been so wonderfully helpful – it makes jumping over to Virtualmin a pleasure! – and yet no one mentioned hamtrap/spamtrap’s existence, which makes me wonder if that subsystem exists but doesn’t really work or something like that.
(I have implemented a number of your suggestions including @cyberndt’s about Postscreen, which has been great so far.)