Completely disabling Spamassassin / Spamhaus

I run a number of web apps and because I’m a masochist I choose to have all exceptions and other important system events emailed to me rather than just using a tool like Bugsnag.

My approach has worked perfectly fine for years until recently when Google decided they would start marking system-generated emails as spam and, even worse, actually started dropping emails if the frequency was too high.

So I turned to mailinabox and all was good. I set up one obscure email address on one obscure domain and started happily receiving all of my exception emails. That was until one day when I stopped receiving emails because they were being marked as spam because of the Spamhaus SBLCSS.

Which brings me to my question: what do people think is the easiest way to completely whitelist a mail server in MiiB/Spamassassin? I realise this is 90% a spamassassin question, but I thought I would ask here for pointers anyway because you seem like quite a knowledgable bunch.

Here are the things I have tried so far:

1. Adding the mail server to /etc/postgrey/whitelist_clients. This is great because it stops the greylisting, but doesn’t seem to stop the mail being processed by spamassassin.

2. Adding trusted networks/servers/addresses to /etc/spamassassin/local.cf using one or all of the trusted_networks, whitelist_from and whitelist_revd_from options.

3. Changing the maxsize option in /etc/default/spampd to 0. (eg. ADDOPTS="--maxsize=0").

The third option seems to have done the trick, as there is no mention of spam scores in the incoming email headers any more and it appears from the mail logs as if spamassassin isn’t being called any more. This seems to have solved the problem, but of course it isn’t the ideal solution, because spammers will figure out my support email address eventually and will start spamming it.

The second option seems preferable because spam processing will still occur on all servers that aren’t in the white list. The problem is in the way that spamassassin actually deals with the white list. Rather than just skipping processing for all servers in the white list, it just seems to give them a -100 bonus, which means they’ll never be marked as spam by the internal filters.

HOWEVER: It looks like spamassassin will still send the email to spamhaus.org as part of its analysis and spamhaus seems to eventually decide that the email is spam, BLACK LISTS the IP address, tells spamassassin the IP address is on a black list and so spamassassin REJECTS the email! That is, it doesn’t just file it in the spam folder, it outright rejects it!

It seems highly counterintuitive that spamassassin could REJECT an email from a whitelisted mail server and the fact that it makes this decision based on a response from spamhaus that it caused by sending the emails from the whitelisted server to spamhaus in the first place is just crazy. And the upshot of all this is that now other email servers throughout the world will be rejecting emails from my web apps because MiiB/spamassassin essentially got my whitelisted email servers blacklisted for me. Awesome.

Anyway, rant over… if anybody has any suggestions as to the best way to whitelist a server and avoid the issues with spamhaus they would be very much appreciated.

Looking for an answer to this myself, having similar issues trying to send e-mails from local servers without domains, mainly for error notifications.

I have been using option 3 ever since I wrote this post and it has been working fine. No more spamassassin, no more problems with spamhaus and no more getting my IP blacklisted. The only catch is that the installer will overwrite the manual change to the /etc/default/spampd file every time you upgrade, so you’ll need to remember to go and change ADDOPTS="–maxsize=2000" back to ADDOPTS="–maxsize=0" every time you run the installer. I ended up creating a soft link from the root folder to that file so that it was easy to remember which file I needed to edit each time.

Did you have to reboot the server in order for this change to take effect? Changed the max size to 0 about an hour ago, and still seeing “blocked using spamhaus.org” show up in the logs every few mins. Example:

Dec 4 10:06:21 box postfix/smtpd[26159]: NOQUEUE: reject: RCPT from o4.pro.revue.email[168.245.104.220]: 554 5.7.1 Service unavailable; Client host [168.245.104.220] **blocked using zen.spamhaus.org** ; https://www.spamhaus.org/sbl/query/SBL423186; from=<bounces+7458214-3916-redacted=stoop.email@pro.revue.email> to=<redacted@stoop.email> proto=ESMTP helo=<o4.pro.revue.email>

My usual process is as follows:

1. Update mailinabox
2. Edit the spamd config file to set maxsize=0
3. Reboot the server

I figure a reboot is usually in order since many (if not all) of the services are probably updated with each upgrade anyway. Whilst you could probably be more selective about which services you restart, I would recommend simply rebooting instead, as it shouldn’t take more than a minute.

Yes, this is the only drawback of an anti-spam system such as spamassasin and spamhaus. However, if the anti-spam system is annoying you as it prevents you from receiving legit emails from your potential employer then you have to disable it

Tim, when I first bought my VPS server, the IP was in spamhaus blacklist but I managed to get spamhaus to remove my VPS IP from its blacklist. I advise you write to spamhaus and tell them you are new owner of the IP number and the past owner is no longer using it.

sorry if kicking an old thread,

I feel like I’ve run into this issue myself this week; maybe. I deployed a Mailinabox server this week, using with Python, and sending test emails to myself as I develop my application.

Things were working pretty well for a few days, but I now find myself now unable to send messages to even myself – I’m domain blocked on Spamhaus. I suppose the frequency of my emails to myself might have triggered it?

I’m not really sure why Spamassassin would be checking emails I send or receive from myself, or from even my own domain? If this is the reason I’ve ended up on Spamhaus, is my only option to disable Spamassassin completely? Seems odd that the MiaB wouldn’t already whitelist and bypass Spamassassin for inter-domain messaging by default.

Thank you for the excellent project btw.

update:

I’m going to disable Spamassassin, as mentioned.

I’m not sure if this would help prevent the issue with the config being reset every time MiaB is upgraded, but this command I think makes the file read-only.

sudo chattr -V +i /etc/default/spampd

Running into exactly issue like you.
This SpamAssassin thing seems to be marking all our domains as spam and getting them listed on spamhaus. It’s becoming a headache.

A sidenote to this discussion, spamassassin will not cause you to be listed on Spamhaus. It only uses Spamhaus as one of its sources to determine the spaminess of mails. If you’re on Spamhaus that’s for a different reason. Usually, you can find a category for the reason why your IP or domain is blocked.

I am unable to send any emails from my mailinabox now because my domain or ip has been blocked by Spamhaus.

Which is really weird because I have ONLY sent emails either in tests or to myself.

And there is no sign that my site has been hacked.

I’m going to post about this in the broader forum and see what others are saying.

Did you check here what reason spamhaus is giving for the block? It might indeed not be your fault, e.g. if others on your ISP are spamming a lot, or if you are hosting from a residential internet connection.