SpamAssassin Configuration in the Nexcess Cloud

An Introduction to Apache SpamAssassin

If you have a website and host email, you are likely to receive spam email messages. Several tools are available on the market that can help prevent spam from reaching your inbox.

For example, Nexcess customers with Magento Hosting or Flexible Cloud Hosting plans can manage the Apache SpamAssassin configuration using the Nexcess Cloud SiteWorx control panel at no additional charge.

Prerequisites

Your my.nexcess.net login credentials. Click the Forgot Password? link on the login page if you cannot locate them.
An existing Nexcess Cloud Account using a Magento Hosting Plan or a Flexible Cloud Hosting Plan. See How to create Nexcess Cloud accounts for more information.
Your email account must already have the local mail delivery option enabled. If you need to enable local mail delivery for your domain’s email account, refer to How to configure a remote mail server.

Getting Started with Apache SpamAssassin Configuration

If you are experiencing issues with spam, a good first step to getting your spam issue under control would be to adjust your SpamAssassin configuration settings to be more aggressive when applying the spam filters.

With regard to the overall process of configuring SpamAssassin, you must first log into my.nexcess.net.
The next step is to navigate to the Control Panel page.
Click on the Plans option from the menu.
Either click the name of your Magento or Flex Cloud Plan service or select the Plan Dashboard option from the menu.
From the dashboard, select Menu > Control Panel.
Click on the Launch Control Panel button. And your browser will redirect you to the Cloud SiteWorx Control Panel page.

Navigate to the Spam Settings

Next you will need to review and confirm the SpamAssassin Configuration settings after navigating to the page showing them.

1. From the SiteWorx main menu, navigate to Administration Options > Mail Options > Spam Filter.

2. Choose the domain name from the Managing Domain list that needs SpamAssassin configuration.

Spam Setting: SpamAssassin Status

This option allows you to enable or disable SpamAssassin. Once SpamAssassin is enabled, the configuration options become available for use.

Spam Setting: Spam Delivery

This option allows you to choose how a spam message should be delivered to you that SpamAssassin has filtered:

Deliver to IMAP Spam Folder (if one exists) or Inbox: By choosing this option, the messages that exceed the threshold score are filtered out into a dedicated Spam Folder (for you to further review or not) rather than automatically deleting them. If you do not have a Spam folder, the messages are delivered to your inbox.
Delete Spam scored higher than this value: By choosing this option, messages with a spam score higher than the configured threshold value are deleted and are not delivered, even to your Spam Folder.

Spam Setting: Spam Score Threshold

This Spam Score Threshold is a user-configured value. The system admin can decide what total spam score should be considered spam. If SpamAssassin scores an email above the threshold value, it will modify the email header identifying the email message as spam. Email messages with scores below this value will not be identified as spam.

Spam Score Threshold = 5 (Aggressive) — More restrictive the spam filter
Spam Score Threshold = 7 (Less Aggressive) —Default level spam filter
Spam Score Threshold = 10 (Conservative) — Lenient level the spam filter
Spam Score Threshold = 0-10 (Custom) — A custom level spam filter

The lower the Spam Threshold Score, the more restrictive the spam filter will be, resulting in less spam arriving in your inbox. However, this could also cause more legitimate emails to be identified as spam (and these might not reach the expected recipients).

In contrast, the higher the Spam Score Threshold you set, the weaker the filter, resulting in fewer false positives but more spam in your inbox.

Spam Setting: Rewrite Message Subject

Do not change the message subject —This option will not alter the message’s subject line, if spam was detected by SpamAssassin.
By choosing the second option, SpamAssassin alters the subject line of the Email Header by adding the word “[SPAM]” in it. The result will make spam email messages easier to spot when viewing a list of email messages and some email clients allow filtering based on subject lines.

Example subject line: “[SPAM] INSTANT ACCESS, NO DEPOSIT NECESSARY”

Spam Setting: Message Attachment Policy

Make no changes to the body of the email message: This option does not add the SpamAssassin header to the body of the email. Nevertheless, you can see the spam report by viewing the email header.
Create a new report message and attach the original spam message as an attachment (default): If spam is detected, the SpamAssassin Header is added to the body of the email. In addition, the original content of the message will be added as an attachment.
Create a new report and attach the original spam message in text only. This may make it more difficult to extract or view the original spam message: Similar to the second option, a SpamAssassin Header is added to the body of the email message with the original message as an attachment, preventing a warning to the user when opening the message.

Advanced SpamAssassin Custom Options

Within the Advanced Spam Custom options area, you can add blacklist or whitelist or more preferences to your email address or for your domain. For example, as a result, if you are receiving spam from a specific domain, you can add a preference to have SpamAssassin automatically mark messages from this domain as spam. Alternatively, if SpamAssassin flags an email message from a known good sender as spam, you can add a preference to whitelist the sender.

This feature not only allows you to blacklist and whitelist emails and domains but also lets you do more to fine-tune your filters. The Preference dropdown menu gives you various options to choose from.

View the Apache SpamAssassin documentation for syntax and options specific to each preference.

Creating a Spam Preference

To create a new Spam Preference in the system, following these steps:

1. Click on the Add Spam Preference, so that the user interface takes you to another window with options.

2. Type: Specifies whether the custom rule applies to the entire domain or just a particular email address.

3. Add Preference For: A domain or email address that should be covered by rule.

4. Preference: The type of SpamAssassin custom rule. Refer to the Apache SpamAssassin documentation for syntax.

5. Value: The value can be an email address, domain name, or ISP. If you are adding a domain name, it is recommended you add it as wildcard *.domain.net.

Global Default Spam Preferences: SpamAssassin settings can be set by your server administrator. These preferences will override any global settings.

What is a SpamAssassin Header?

In scanning an email message, SpamAssassin applies a series of tests to it. Each test carries a score. If the cumulative score for an email message crosses a specified threshold (7 is the default), it is classified as spam. If a message is identified as spam, SpamAssassin adds the header to the message, which lists all of the tests that matched, along with their corresponding scores.

Example of a SpamAssassin Header

Here is an example of a SpamAssassin Header. Taking a look at SpamAssassin’s X-Spam-Status report, the Spam Score in this example is 8.4, and the Spam Threshold Score is set at 7.0. SpamAssassin then generates a header based on the email filtering performed.

X-Spam-Status: Yes, score=8.4 required=7.0 tests=DKIM_SIGNED,DKIM_VALID,
DKIM_VALID_AU,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_MSPIKE_H2,RDNS_NONE,
SPF_HELO_NONE,URIBL_BLOCKED autolearn=no autolearn_force=no
version=3.4.2
X-Spam-Report:
* 3.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was
* blocked. See
* http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
* for more information.
* [URIs: nxcli.net]
* -0.5 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
* [1.1.1.1 listed in wl.mailspike.net]
* 2.5 FREEMAIL_FROM Sender email is commonly abused enduser mail
* provider (example[at]gmail.com)
* 3.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
* 0.0 HTML_MESSAGE BODY: HTML included in message
* -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
* author’s domain
* 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
* valid
* -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
* 1.5 RDNS_NONE Delivered to internal network by a host with no rDNS

Headers Set on All Email Messages Scanned

SpamAssassin sets these headers on all email messages it scans.

The X-Spam Score report in an email header may appear confusing at first glance. However, once you become familiar with the components, it becomes much easier to identify the SpamAssassin sections.

Listed below are some of the headers that will supply you with information about how SpamAssassin viewed the email:

X-Spam-Score	SpamAssassin assigns a numerical value to the email based on how spammy it is rated and whether legitimate content is within it. Generally, a higher number means spammy. A lower number means legitimate.
X-Spam-Flag	This is either YES or NO; generally, a YES indicates a spam message, while a NO indicates a non-spam message.
X-Spam-Report	A spam report typically covers either an explanation for why the message was identified as spam or a summary of the flags that were raised that marked the message as spam.
X-Spam-Bar	An *“-”* represents a non-spam email, while an accumulation of “+” marks the degree to which the SpamAssassin test has deemed the email as spam.
X-Spam-Status	It is visible when a mail client is set to show full headers. You can also find a YES or NO value indicating if it is spam, the total score for the email message, the minimum score that must be met for the message to be classified as spam, and the version of SpamAssassin used.

Instructing SpamAssassin

Once SpamAssassin is enabled, it will automatically create two IMAP folders in your mailbox:

“Learn Ham”
“Learn Spam”

You can use these folders to instruct SpamAssassin on how to distinguish valuable emails from spam.

If you are using something other than our web-based mail clients like Horde or Roundcube that we provide, you would need to create two folders in your email account and call them “Spam” and “Ham” (non-spam) or subscribe to their IMAP folders. Refer to your email client program’s documentation for instructions on subscribing to IMAP folders.

Training SpamAssassin to Identify Spam Takes Focus & Perseverance

It would be best if you established a new way of checking email regularly. You should begin moving new emails to one of these folders as soon as you receive them (and read them). Move good mail to the “Ham” folder. Put anything bad/spam that SpamAssassin check did not already catch in the “Spam” folder.

While this is the most challenging part of training correctly, it will yield the most effective results. The SpamAssassin test will take a while to collect tokens, but the more SpamAssassin checks, the more it will improve in accuracy.

Frequently asked questions

You can adjust the Spam Score Threshold value to a lower value for it to be more aggressive and to filter out more email messages from your inbox.

If you are receiving spam emails from a particular email account, you can block the email address using the Advanced SpamAssassin Custom Options. As well, you can filter out email subjects and set the corresponding emails to be marked as spam automatically before they are delivered to your inbox.

The rewrite_header process will not alter the Email Header unless the email’s score is above the required_score. The best way to investigate this kind of scenario is to fetch the email header of the corresponding spam message, and then to review what the SpamAssassin Spam Score is. With this information, you may want to adjust the Spam Threshold Score value lower. The lower the Spam Threshold Score setting, the more aggressive the filtering is.

Was this article helpful?

Thank you for your input.

Thank you for your feedback.