Fighting Spam with SpamAssassin

SpamAssassin is an automated email filtering system that attempts to identify spam messages based on the content of the email’s headers and body. In your cPanel webhosting account you can enable SpamAssassin and configure it for your needs.

We assume that you have already logged into cPanel. Click on SpamAssassin icon under Mail.

SpamAssassin in cPanel

When you login first time, you may find that SpamAssassin is not enabled and says so: SpamAssassin is currently Disabled.

SpamAssassin is Disabled

All you have to do is click on the button that says Enable SpamAssassin. In the next screen it will show you if SpamAssassin has been enabled.

SpamAssassin Enabled

Once it is enabled, all your incoming emails in your account will pass through SpamAssassin.

Filters (Automatic Spam Deletion)

Spam Automatic Deletion

You can automatically delete messages marked as spam. First set the number of hits required before mail is considered spam. 5 is the default setting but it can vary from person to person. SpamAssassin when processes the incoming email, it adds scores to the likelihood of it being spam. The higher the score, more chances that is Spam.

We recommend that you first test the accuracy of SpamAssassin and fine tune it before activating automatic deletion. Or you can use Spam Box as explained below.

Spam Box

Spam Box

SpamBox will deliver any emails identified as spam by SpamAssassin into a separate IMAP folder named “spam”. This “spam” folder will fill up and should be emptied regularly. You can subscribe to this IMAP folder using Webmail interface or through your desktop/mobile email client software. Keep in mind this mailbox will not clear automatically. You will have to clear it yourself. You can do it right on this interface by clicking on Clear Spam Box button.

SpamAssassin™ Configuration

Configure SpamAssassin

Click on Configure SpamAssassin to fine tune the default working of SpamAssassin. There are couple of things you can configure here and they are explained on that page but we add some more insight below.

blacklist_from: This is pretty obvious. You can enter emails or domains that you find are sending you spam regularly. They will be marked as Spam in future when you add them there. Once you have used the space provided for 5 entries and save it, more spaces will be provided when you come back to this page.

whitelist_from: This is similar to blacklist_from but here you can whitelist the domains and emails you do not want to be marked as spam.

required_score: This is explained well on the page.

Adding Tests and Scores


You can precisely tailor SpamAssassin for your server by assigning scores to individual tests. SpamAssassin uses hundreds of tests; please see the SpamAssassin documentation at for more information. SpamAssassin version 3.3.2 (or latest) is in use.

You can enter individual test scores in the following format:

“score” “TEST_NAME” “1 to 4 positive or negative numbers”

For example, you could enter:

score INVALID_DATE 3.2

This example sets the scores that SpamAssassin assigns to a message with an invalid date in its header.

If only one number is listed, that score is always used for the test. Setting a score to 0 will disable the test.

Once emails are processed by SpamAssassin, the scores are added up. With 3.2 assigned to INVALID_DATE, a few more hits on other tests will make the total score more than 5 and if that is the default setting then the email will be considered Spam.

You can add as many tests you want from the SpamAssassin built-in tests (link here). Even if that test is already used by default, you can override the score by adding it here.

You can add a negative score as well which will deduct it from overall score. You may like to do that if certain test makes that email legitimate.

Advanced Users with SSH/FTP Access

SpamAssassin keeps its configuration file under your home directory in a folder called “.spamassassin” (please note the name starts with a dot). Some FTP client do not show files and folders with names starting with dot because they are considered hidden files. If you have ssh access to your account, you can directly edit it using a linux editor such as nano or vi. The file is user_prefs under .spamassassin. This is the same file that you are managing via cPanel SpamAssassin interface when you make changes to configuration.

If you read more about SpamAssassin, you can configure it further using this file and create your own rules.

How to check SpamAssassin is Working?

When you receive an email, you can open it in webmail or your email client software. Please check the documentation of the email client on how to view email headers. When you view the email headers, you will see lines like these in them:

X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on SERVER-HOSTNAME
X-Spam-Level: ****
X-Spam-Status: No, score=4.7 required=5.0 tests=FH_FROMEML_NOTLD,MISSING_DATE, MISSING_HEADERS,MISSING_MID,MISSING_SUBJECT,NO_HEADERS_MESSAGE,NO_RECEIVED, NO_RELAYS shortcircuit=no autolearn=no version=3.3.2

If you read the above lines carefully, SpamAssassin records all tests that added to or subtracted from the score. The line above says this email had a Spam score of 4.7. That is why it was not considered Spam and says Spam-Status: No.

Let us know if you need any further help with using SpamAssassin on your web hosting account.

Leave a Comment

Your email address will not be published.

Back to Top

© 2022 Webx Networks.