X-Spam-Report added for outgoing mail

Z

zmippie

Verified User
Joined
Apr 19, 2015
Messages
161
A local low-budget hosting company is using DirectAdmin and has configured their mailservers so all outgoing mail is scanned for spam. My guess is that they grew tired of getting their IP's removed from blacklists, because they were notorious for having blacklisted IP's.

Anyway, I have very little knowledge of the way this is set up, but they add this header to all outgoing (over SMTP) messages:

Code: 
X-Spam-Report: Spam detection software, running on the system "servername-here",
 has NOT identified this [B]incoming[/B] email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 
 Content preview:  Msg body here. [...] 
 
 Content analysis details:   (0.0 points, 5.0 required)
 
  pts rule name              description
 ---- ---------------------- --------------------------------------------------

Does look familiar to anyone using SpamAssassin, doesn't it? Note that the template for this message wasn't changed, and it even says "incoming" instead of outgoing.

Now for my question: besides adding a lot of extra headers, the "X-Spam-Report" header can cause problems on systems running a service called "AMaViS" (A Mail Virus Scanner). Probably because of the "Content Preview", some AMaViS installs bark at this header:

Code: 
INVALID HEADER

    Improper folded header field made up entirely of whitespace (char 20 hex):
      X-Spam-Report: ...that system for details.  Content previ[...]

From this conversation I gather that newer RFC's indeed prohibit whitespace (I assume empty lines), and thus a strictly configured AMaViS installation can bounce these messages. Users are seeing their messages being bounced and there's not a lot they can do. In your opinion, who's to blame here? Scanning outgoing mail for spam is obviously a good thing if you have a questionable client base, but adding lots of headers, and even a message preview (which can easily contain empty lines) cannot be right, or is it?
 
Hello,

If you don't have root access to the server and you can't change settings on the server you'd better open a ticket with a support department of the company or change the hosting company.

SpamAssassin can be configured not to add the X-Spam-Report into headers.

ps. And an email can be first incoming and then outgoing... depending on where you are looking at it from.
 
zEitEr said:
you'd better open a ticket with a support department of the company or change the hosting company.
Click to expand...

Yep, did that too. I was just wondering about this setup, because I don't think it's very common, especially since it's causing trouble at some receiving mailservers.


zEitEr said:
ps. And an email can be first incoming and then outgoing... depending on where you are looking at it from.
Click to expand...

Yes strictly speaking that's right of course. But the report ends up at the receiving end, and the scan is being carried out by the party handling the outgoing mail, so I think it doesn't make sense. I also find that the "content preview" that comes with that header has no place in an outgoing message. My gut feeling says "sloppy configuration", but I'm happy to be proven wrong (it wouldn't be the first time ;-)
 
The idea to scan outgoing emails is good, sometimes it is what we really need to do. But the X-Spam-Report should be disabled I'd rather say, I've seen some issues with it too.
 
zEitEr said:
The idea to scan outgoing emails is good, sometimes it is what we really need to do.
Click to expand...

Can you give some clues on how to set something like this up? Just to give me a general idea, not too detailed. A support person just replied to my ticket saying that the only option to avoid this is to turn off SpamAssassin for the entire domain in DA. Which seems very, very unlikely to me, because outgoing spam detection is not user configurable in DA, is it?

zEitEr said:
But the X-Spam-Report should be disabled I'd rather say, I've seen some issues with it too.
Click to expand...

Thanks for confirming that. I can't see the value of it: either it's spam, and it's blocked from getting out the door, or it is not. The header gets added to every message NOT flagged as spam, so...

I can imagine that it may be useful in a test phase, but not in production.
 
zEitEr said:
I don't know how did they enable SpamAssassin for outgoing emails.
Click to expand...

Well, I was just curious, but it doesn't really matter, it's clear that they messed up. I have a 100% bounce rate on a specific domain where they're running AMaViS. I'm seriously harassing their support staff from multiple angles, and they keep scrambling with daft excuses. Some, but not all of the bounces also have a "URIBL_BLOCKED ADMINISTRATOR NOTICE" in the "X-Spam-Report" header, and they're focusing on that, not on the reason for the bounce, which is clearly different. And besides that, I'm suspecting that the URIBL_BLOCKED notice is actually inserted at their end as well, because at the receiving end they don't use SpamAssassin.

zEitEr said:
As for disable the spam report check this:
Click to expand...

Thanks, I'll pass it along. I hope they know where to find the config, because this whole SpamAssassin-for-outoing-mail setup seems like a homebrewn solution to me.

Maybe it's about time they contact you ;-)
 
You must log in or register to reply here.
Back
Top