Hints for getting spamtrap/hamtrap to function correctly (spamassassin)

I had significant trouble getting hamtrap/spamtrap to function in my environment. I’ve solved the various issuesI and am posting this in hopes it will help others (and possibly lead to the necessary bug fixes and/or official documentation changes. I’m happy to help as I’m able.)

For spamtrap/hamtrap to function properly:

  • Change this default: (Webmin)->Servers->Spamassassin->Message Modification change "Put original message into attachment?" to NO. The default of YES breaks spam/ham trap.
  • Modify your outgoing email address setup as needed, at least for forwarding to spam/ham trap:
    • Although email addresses are not case sensitive, when forwarding to spam/ham trap you must forward using a lower case mail name, and it must be a mailbox address, not an alias. (For security, I never expose my mailbox address to the outside world. Others only see aliases. This is my first exception in decades.)
    • Whatever domain you use to forward email to spam/ham trap must be set up as a virtual server (alias is fine) with email enabled. (See below for some details on this.)

Still having trouble? Here’s how to diagnose additional issues:

  • Add these lines near the top of /usr/share/webmin/virtual-server/spamtrap.pl
    $debug = 1;
    (I placed them after the line starting with $salearn.
  • Forward a message to spamtrap or hamtrap
  • Go to (webmin)->Webmin Configuration->Webmin Scheduled Functions
    • Check the box next to the spamtrap.pl line
    • Click on Run Selected Functions Now
  • You should get (immediately) a set of debug output lines

Issues I faced:
(NOTE: The first two bullets were accepted as bugs, and are patched in the next Webmin release!)

  • Invalid Received line, in this form: `Received: by my.dom.ain (Postfix, from userid 1022) …

    • This is a bug, as that’s a perfectly valid line, seen when Postfix receives “local submissions” either from an on-server process, or email via an SSH tunnel. Temporary workaround:
    • Edit /usr/share/webmin/virtual-server/spamtrap.pl
    • Near the end, find the line containing `Authenticated, and insert the following before:
    elsif ($str =~ /by\s+(\S+)\s+\(Postfix, from userid (\S+)\)/i) {
            # by my.dom.ain (Postfix, from userid 1022)
            $uname = getpwuid($2);
  • No recognized user in the email. I consider this a bug. Webmin only checks the from, to and cc headers, and compares (mailboxes) x (domains and alias domains). Email to or forwarded by an alias is ignored. Workaround for now:

    • Edit /usr/share/webmin/virtual-server/spamtrap.pl
    • Find this line:
      foreach $h ('from', 'to', 'cc') {
    • Change it to:
      foreach $h ('from', 'to', 'cc','resent-from','delivered-to') {
  • Invalid Local Received header: the IP address made no sense. This check is not adjustable in Webmin. (In my case, it was an APIPA (169.254.x.x) address?! Turns out there’s a longstanding Windows bug that often returns the wrong answer when software asks for the host ip. On my laptop, running ipconfig shows a TAP-Win virtual adapter as the source of that address. Nothing I do fixes this… other than finding a detail setting in my email client for forcing the SMTP HELO/EHLO client domain name. That worked!)
    I think this covers everything. I may have missed something, so feel free to ask.


  • Debug output doesn’t handle anything that smells like HTML (web codes) at all…which means email addresses too. They show up as invisible in debug displays. Workarounds:
    • Quick and dirty: Enable (more tools)->developer tools in your browser, and Inspect the html of interest. You’ll likely find hidden data.
    • Much nicer in the long run: Install Data::Dumper::HTML and use that to create debug output
      • From elevated shell, run cpan – it may want to update. That’s fine. ‘q’ quits
      • cpan -i Data-Dumper-HTML (say yes as needed :wink:)
      • Near the top of the *.pl file, insert:
        use Data::Dumper::HTML qw(dumper_html);
      • Adjust debug output as needed. One of my lines:
        print STDERR "$d->{'dom'}: headers=", dumper_html($m->{'header'}) if ($debug);
  • If you must add debug code to a library function that’s part of WebminCore, your changes will not be seen until you do:
    service webmin restart
  • Virtual Alias Server “email support” makes these changes:
    • Adds/removes the alias domain to MyNetworks in /etc/postfix/main.cf
    • Adds/removes aliases for the domain and every mailbox to /etc/postfix/virtual
Operating system Debian Linux 10
Webmin version 1.981
Usermin version 1.823
Virtualmin version 6.17-3
Authentic theme version 19.83-2


I’m trying to get spamtrap working on my Virtualmin GPL. The path /usr/share/webmin/virtual-server/ doesn’t exist on my system, and a search for “spamtrap” on my entire system yields nothing. Got any resources to help get this set up from scratch? Thanks for the info.

Are you running a reasonably current version of webmin?
I am guessing you’re running a different Linux OS… do you have /usr/share/webmin?

Honestly I consider myself a newbie on webmin/vmin. To me the real question for your situation is: how do I learn where /usr/share/webmin/virtual-server is on my system? It is not at that address.

(One way to search: find / -name virtual-server
you should see /etc/virtual-server and a LOT more…)

Please post new thread with OS, system version and details.

I thought I had replied here with an update. I never set up the spam trap emails. Did that and got it working, sort of. There were other steps, complicated ones, to actually get everything working, but I can’t recall at the moment.

I think you are on wrong forum @MrPete this is not virtualmin issue…

My OP was absolutely a VirtualMin/WebMin issue. Unless VIrtualMin->Email Settings->Spam and VIrus Scanning is not really VirtualMin. :slight_smile:

(One COULD make that argument, as all of the detail settings necessary are found in WebMin.)

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.