Hints for getting spamtrap/hamtrap to function correctly (spamassassin)

I had significant trouble getting hamtrap/spamtrap to function in my environment. I’ve solved the various issuesI and am posting this in hopes it will help others (and possibly lead to the necessary bug fixes and/or official documentation changes. I’m happy to help as I’m able.)

For spamtrap/hamtrap to function properly:

  • Change this default: (Webmin)->Servers->Spamassassin->Message Modification change "Put original message into attachment?" to NO. The default of YES breaks spam/ham trap.
  • Modify your outgoing email address setup as needed, at least for forwarding to spam/ham trap:
    • Although email addresses are not case sensitive, when forwarding to spam/ham trap you must forward using a lower case mail name, and it must be a mailbox address, not an alias. (For security, I never expose my mailbox address to the outside world. Others only see aliases. This is my first exception in decades.)
    • Whatever domain you use to forward email to spam/ham trap must be set up as a virtual server (alias is fine) with email enabled. (See below for some details on this.)

Still having trouble? Here’s how to diagnose additional issues:

  • Add these lines near the top of /usr/share/webmin/virtual-server/spamtrap.pl
    $debug = 1;
    (I placed them after the line starting with $salearn.
  • Forward a message to spamtrap or hamtrap
  • Go to (webmin)->Webmin Configuration->Webmin Scheduled Functions
    • Check the box next to the spamtrap.pl line
    • Click on Run Selected Functions Now
  • You should get (immediately) a set of debug output lines

Issues I faced:
(NOTE: The first two bullets were accepted as bugs, and are patched in the next Webmin release!)

  • Invalid Received line, in this form: `Received: by my.dom.ain (Postfix, from userid 1022) …

    • This is a bug, as that’s a perfectly valid line, seen when Postfix receives “local submissions” either from an on-server process, or email via an SSH tunnel. Temporary workaround:
    • Edit /usr/share/webmin/virtual-server/spamtrap.pl
    • Near the end, find the line containing `Authenticated, and insert the following before:
    elsif ($str =~ /by\s+(\S+)\s+\(Postfix, from userid (\S+)\)/i) {
            # by my.dom.ain (Postfix, from userid 1022)
            $uname = getpwuid($2);
  • No recognized user in the email. I consider this a bug. Webmin only checks the from, to and cc headers, and compares (mailboxes) x (domains and alias domains). Email to or forwarded by an alias is ignored. Workaround for now:

    • Edit /usr/share/webmin/virtual-server/spamtrap.pl
    • Find this line:
      foreach $h ('from', 'to', 'cc') {
    • Change it to:
      foreach $h ('from', 'to', 'cc','resent-from','delivered-to') {
  • Invalid Local Received header: the IP address made no sense. This check is not adjustable in Webmin. (In my case, it was an APIPA (169.254.x.x) address?! Turns out there’s a longstanding Windows bug that often returns the wrong answer when software asks for the host ip. On my laptop, running ipconfig shows a TAP-Win virtual adapter as the source of that address. Nothing I do fixes this… other than finding a detail setting in my email client for forcing the SMTP HELO/EHLO client domain name. That worked!)
    I think this covers everything. I may have missed something, so feel free to ask.


  • Debug output doesn’t handle anything that smells like HTML (web codes) at all…which means email addresses too. They show up as invisible in debug displays. Workarounds:
    • Quick and dirty: Enable (more tools)->developer tools in your browser, and Inspect the html of interest. You’ll likely find hidden data.
    • Much nicer in the long run: Install Data::Dumper::HTML and use that to create debug output
      • From elevated shell, run cpan – it may want to update. That’s fine. ‘q’ quits
      • cpan -i Data-Dumper-HTML (say yes as needed :wink:)
      • Near the top of the *.pl file, insert:
        use Data::Dumper::HTML qw(dumper_html);
      • Adjust debug output as needed. One of my lines:
        print STDERR "$d->{'dom'}: headers=", dumper_html($m->{'header'}) if ($debug);
  • If you must add debug code to a library function that’s part of WebminCore, your changes will not be seen until you do:
    service webmin restart
  • Virtual Alias Server “email support” makes these changes:
    • Adds/removes the alias domain to MyNetworks in /etc/postfix/main.cf
    • Adds/removes aliases for the domain and every mailbox to /etc/postfix/virtual
Operating system Debian Linux 10
Webmin version 1.981
Usermin version 1.823
Virtualmin version 6.17-3
Authentic theme version 19.83-2


I’m trying to get spamtrap working on my Virtualmin GPL. The path /usr/share/webmin/virtual-server/ doesn’t exist on my system, and a search for “spamtrap” on my entire system yields nothing. Got any resources to help get this set up from scratch? Thanks for the info.

Are you running a reasonably current version of webmin?
I am guessing you’re running a different Linux OS… do you have /usr/share/webmin?

Honestly I consider myself a newbie on webmin/vmin. To me the real question for your situation is: how do I learn where /usr/share/webmin/virtual-server is on my system? It is not at that address.

(One way to search: find / -name virtual-server
you should see /etc/virtual-server and a LOT more…)

Please post new thread with OS, system version and details.

I thought I had replied here with an update. I never set up the spam trap emails. Did that and got it working, sort of. There were other steps, complicated ones, to actually get everything working, but I can’t recall at the moment.