Lots of spam getting through - How do you typically handle the problem in Virtualmin?

We are very happy with Virtualmin. Been running quite a few servers over a few years. We are having no problems with actual email delivery.

The only main issue we keep facing is the amount of spam that make it to users’ inboxes.

I’m using an older server as an example here (see specs below). Sure, lots of spam gets trapped in the spam folder - but about 30% (at a minimum) of messages that make it to inboxes are spam or phishing messages.

I have already (over the years) built up a plethora of custom header, subject and body checks for the server’s Spamassassin instance. I also have some entries for allowed and denied addresses, etc.

I just feel like I’m missing a “best-use-case” scenario - I can’t see how most sysadmins will be contempt with this amount of spam in their users’ inboxes. (We do receive quite a few complaints form users.)

So, I have a few questions, and I’d be very thankful if some of you could weigh in on this matter:

  1. Is the only viable solution, to successfully running your own mail servers, to make use of a paid SaaS or cloud email scanning service?

  2. What anti-spam route do you take for your typical Virtualmin (or Virtualmin Pro) server installations?

  3. Would you mind pointing me towards a resource or examples/use-cases of how our systems can be configured, adjusted or improved in this regard, based on your current anti-spam solution?

Thank you for your time and for reading this far!

OS type and version Ubuntu Linux 18.04.6
Webmin version 2.021
Virtualmin version 7.5
SpamAssassin version 3.4.2
Perl version 5.26.1
ClamAV version 0.103.8/25820

Usermin is at version 1.861. Virtualmin is at 7.5. Might want to edit your post and fix that to eliminate confusion for people reading this post.

There are a lot of people having a lot of problems with spam recently. There’s roughly 15 threads about it right now on the main page.

And if they miss one valid email the complaint becomes screaming. When I switched to Virtualmin my biggest problem with spam was emails that didn’t get scanned at all because they were over 500K. I upped the limit to 1M and that problem disappeared. I think I’ve had one get through since. It scored something like 4.6 out of 5.

Whoopsie, done.

1 Like

You could run a debug command (-D) and check for issues within spamassasin like this for a mailbox. This will show errors and other info. Are running sa-learn regularly to add to your database? Have you setup lists for items to block or always allow? Have you created spam and ham mailboxes?

I’ve been running SA and once it learns, I have only a few per week that get through. Those are new ones that are quickly detected and caught by learning and SA updates.

I also send spam IPs to fail2ban but that is not required until your system has learned what spam looks like.

Cron <admin@example.net@server> sa-learn u=admin@example.net -D --sync --spam /home/example/homes/admin/Maildir/.spam/new

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.