There’s no “Module Config” section in System Settings (or anywhere)
There’s no Spam Filtering Options form, nor anywhere I see a way to “Add senders of (non-)spam sent to spam/hamtrap to whitelist”
Was this feature perhaps partially removed at some point?
(BTW, I appreciate the concern for outsiders using the hamtrap/spamtrap addresses to mangle our black/white lists. Should not be to hard to add a system filter that blocks this for all outsiders )
I appreciate the concern for outsiders using the hamtrap/spamtrap addresses to mangle our black/white lists. Should not be to hard to add a system filter that blocks this for all outsiders
If I attempt to send spamtrap/hamtrap a message to “spamtrap@yourdomain.com / hamtrap@yourdomain.com” the message will NOT be processed. The message needs to originate from an email address @yourdomain.com. So outsiders cannot “mangle” your whitelist/blacklist.
When you send a message to “hamtrap” or “spamtrap” respectively, it teaches SpamAssassin about what you consider “ham” or “spam”. This does not mean that any action is taken immediately, but rather progressively as SpamAssassin starts to learn patterns based on your reportings.
Webmin Configuration -> Webmin Scheduled Functions includes running spamtrap.pl at *:30 (None of this is particularly documented. You can find it if you already know the phrase “scheduled functions” … you will NOT find it with “spamtrap” )
The spamtrap.pl script has debug logging… but it is never produced because debug switch isn’t passed to scripts in webmin scheduled functions. Editing webmin.pl ( /usr/share/webmin/virtual-server/spamtrap.pl) to add the following near the top is effective to enable debug output (and I use nodelete so I can re-run while debugging):
$debug = 1;
$nodelete=1;
Now I can see what is / is not happening. Time to go into debug mode for a while…
It was documented in a release note some time ago about the transition to Webmin’s own task scheduling routine. I am guessing doing so made it a bit easier to keep all the Webmin tasks running a bit more smoothly and under control by not having to manage crontab for each.
That’s not what I meant. I was referring to the fact that it had been announced in release notes when the transition happened a while back. Generally speaking you don’t really mess with the Webmin code unless you know what you’re doing as changes will be overwritten next time you upgrade.
Anyways, I’m glad you were able to sort things out for your needs.
@JoeUser Progress: Either I misconfigured something, or don’t understand something, or there is some bad code. At this point it looks like a bug.
I created primary virtual servers Pcore, Pother and alias server Avisible as an alias of Pcore. (see Note below)
VirtualMin sees this.
/etc/webmin/virtual-server/map.alias contains:
=<Pcore id> <Pother id>
<Pcore id>=<Avisible id>
However, in /usr/share/webmin/virtual-server/spamtrap.pl when obtaining the alias id’s for Pcore, nothing is retrieved. Here’s the code: @aliasdoms = &get_domain_by("alias", $d->{'id'});
Is this a bug or am I doing something wrong?
NOTE:
Pcore is our infrastructure domain. Has some visible servers for various purposes… but key to our config is that domain never directly sends email. Any email from that domain is known to be spam / fraud
Avisible is a visible domain name. All outgoing email that might be labeled as coming from Pcore, is converted to be from Avisible (A simple conversion in postfix canonical: add a map from @Pcore to @Avisible in Canonical Mapping->Sender Canonical Map )
FWIW, running this way provides very good protection from those who would spoof us. Our actual outgoing email domain name is never used in an email server, and our email server domain name is never used to send email! Thus, when we turned on DMARC+SPF several years ago, suddenly several rogue servers in Asia were exposed as trying to spoof us.