Spamtrap/hamtrap not fully configured by virtualmin :(

I enabled spamtrap/hamtrap (in V’min->Server Config->Spam and Virus Delivery)

The good news:

  • The virtual aliases, and alias-to-files aliases are correctly created
  • Email to spamtrap does grow the appropriate file in /var/virtualmin-traps

The bad news:

  • There is no cron job to do anything with this
  • None of the instructions for enabling auto-white/blacklist are correct (Spam and Virus Scanning – Virtualmin)
    • There’s no “Module Config” section in System Settings (or anywhere)
    • There’s no Spam Filtering Options form, nor anywhere I see a way to “Add senders of (non-)spam sent to spam/hamtrap to whitelist”

Was this feature perhaps partially removed at some point?

(BTW, I appreciate the concern for outsiders using the hamtrap/spamtrap addresses to mangle our black/white lists. Should not be to hard to add a system filter that blocks this for all outsiders :wink: )

Operating system Debian Linux 10
Webmin version 1.981
Usermin version 1.823
Virtualmin version 6.17-3
Authentic theme version 19.83-2


All Virtulamin controlled “cron jobs” are handled by Virtualmin’s own built-in scheduler. So you won’t find crontab entries for them.


I appreciate the concern for outsiders using the hamtrap/spamtrap addresses to mangle our black/white lists. Should not be to hard to add a system filter that blocks this for all outsiders

If I attempt to send spamtrap/hamtrap a message to “ /” the message will NOT be processed. The message needs to originate from an email address So outsiders cannot “mangle” your whitelist/blacklist.

1 Like


When you send a message to “hamtrap” or “spamtrap” respectively, it teaches SpamAssassin about what you consider “ham” or “spam”. This does not mean that any action is taken immediately, but rather progressively as SpamAssassin starts to learn patterns based on your reportings.

You can manage SpamAssassin by visiting

Webmin > Servers > SpamAssassin Mail Filter

I understand that’s how it is supposed to work.

However, on my system, the messages were just sitting there and nothing was changed in SpamAssassin.

Now several hours later, the file is clear. I will look into what you said above about Virtualmin’s built-in scheduler.


  • Webmin Configuration -> Webmin Scheduled Functions includes running at *:30 (None of this is particularly documented. You can find it if you already know the phrase “scheduled functions” :wink: … you will NOT find it with “spamtrap” :wink: )
  • The script has debug logging… but it is never produced because debug switch isn’t passed to scripts in webmin scheduled functions. Editing ( /usr/share/webmin/virtual-server/ to add the following near the top is effective to enable debug output (and I use nodelete so I can re-run while debugging):
$debug = 1;

Now I can see what is / is not happening. Time to go into debug mode for a while… :wink:


It was documented in a release note some time ago about the transition to Webmin’s own task scheduling routine. I am guessing doing so made it a bit easier to keep all the Webmin tasks running a bit more smoothly and under control by not having to manage crontab for each.

Yep: “Webmin scheduled functions can now be viewed and run in the Webmin Configuration module.” ver 1.620

If you want to call that documented… ok.


That’s not what I meant. I was referring to the fact that it had been announced in release notes when the transition happened a while back. Generally speaking you don’t really mess with the Webmin code unless you know what you’re doing as changes will be overwritten next time you upgrade.

Anyways, I’m glad you were able to sort things out for your needs.

@JoeUser Progress: Either I misconfigured something, or don’t understand something, or there is some bad code. At this point it looks like a bug.

I created primary virtual servers Pcore, Pother and alias server Avisible as an alias of Pcore. (see Note below)

  • VirtualMin sees this.
  • /etc/webmin/virtual-server/map.alias contains:
=<Pcore id> <Pother id>
<Pcore id>=<Avisible id>

However, in /usr/share/webmin/virtual-server/ when obtaining the alias id’s for Pcore, nothing is retrieved. Here’s the code:
@aliasdoms = &get_domain_by("alias", $d->{'id'});
Is this a bug or am I doing something wrong?


  • Pcore is our infrastructure domain. Has some visible servers for various purposes… but key to our config is that domain never directly sends email. Any email from that domain is known to be spam / fraud :rofl:
  • Avisible is a visible domain name. All outgoing email that might be labeled as coming from Pcore, is converted to be from Avisible (A simple conversion in postfix canonical: add a map from @Pcore to @Avisible in Canonical Mapping->Sender Canonical Map :cowboy_hat_face: )
  • FWIW, running this way provides very good protection from those who would spoof us. Our actual outgoing email domain name is never used in an email server, and our email server domain name is never used to send email! Thus, when we turned on DMARC+SPF several years ago, suddenly several rogue servers in Asia were exposed as trying to spoof us.

Turns out something IS returned, but is invisible :slight_smile: (lack of escaping < and >

I have solved a variety of puzzles on this, and discovered a bug or two on the way. spamtrap/hamtrap is now working for me.

I’ll write up a separate post on lessons learned.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.