This object is in archive!
Modify Spamassassin to accept connections from external servers
Needs Feedback
Currently SPAMD is set to only listen on 127.0.0.1:783. I would like another option added into WHM > Email > Spamd Startup Configuration to allow SPAMD to listen on a custom IP or 0.0.0.0 for all. This would allow some offloading of spam checking from high load servers to other low usage cPanel servers.
I like this idea 
cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.
In addition to the outlined feature request, I assume that you would also like a configure field in WHM -> Exim Configuration to allow for the "spamd_address" value to be readily customized? While the "Advanced" Exim configuration would allow for this to be customized as it is, I gather that it would be beneficial to extend this specific configure option to the basic config interface to made it easier to identify.
Essentially, modifying the listening address of spamd is of little use without an equally easy method to modify the address Exim will attempt to connect to spamd on. Correct?
Further, I also imagine that this would be a major security and risk concern if you were not also able to customize the IPs allowed to connect to the spamd daemon (the --allowed-ips or "-A" startup flag for spamd)? Simply modifying the listening address alone would mean (baring your firewall rules) anyone could abuse your spamd for themselves.
To reiterate, please confirm whether you feel these are important additions to your feature request:
1) Exposing "spamd_address" exim.conf configure option within the WHM basic exim config page
2) Also allowing the configuration of the allowed IPs to connect to spamd
I would also like to see further input from other customers on this. In my experience, server operators generally want to move spamd traffic OFF of the cPanel & WHM server to lessen the server load. It seems very odd to me that you're looking to induce further load onto the cPanel & WHM server by having it handle multiple servers' worth of email while also doing its normal hosting duties. I'd like to hear if there is indeed demand for this.
In addition to the outlined feature request, I assume that you would also like a configure field in WHM -> Exim Configuration to allow for the "spamd_address" value to be readily customized? While the "Advanced" Exim configuration would allow for this to be customized as it is, I gather that it would be beneficial to extend this specific configure option to the basic config interface to made it easier to identify.
Essentially, modifying the listening address of spamd is of little use without an equally easy method to modify the address Exim will attempt to connect to spamd on. Correct?
Further, I also imagine that this would be a major security and risk concern if you were not also able to customize the IPs allowed to connect to the spamd daemon (the --allowed-ips or "-A" startup flag for spamd)? Simply modifying the listening address alone would mean (baring your firewall rules) anyone could abuse your spamd for themselves.
To reiterate, please confirm whether you feel these are important additions to your feature request:
1) Exposing "spamd_address" exim.conf configure option within the WHM basic exim config page
2) Also allowing the configuration of the allowed IPs to connect to spamd
I would also like to see further input from other customers on this. In my experience, server operators generally want to move spamd traffic OFF of the cPanel & WHM server to lessen the server load. It seems very odd to me that you're looking to induce further load onto the cPanel & WHM server by having it handle multiple servers' worth of email while also doing its normal hosting duties. I'd like to hear if there is indeed demand for this.
1) Yes this would be helpful to have this setting moved to the basic exim config under SpamAssassin Options tab.
2) This setting is already in WHM under WHM > Email > Spamd Startup Configuration. I found it rather strange that this setting is even available when Spamd only listens on 127.0.0.1. Makes it somewhat pointless.
Right now I just have 3 Cpanel servers. 1 is generally idle (for now), 1 is medium load during peak hours, and one is running pretty high most of the time. I want to offload the high load servers Spamd over to the idle one for the time being until I can move sites off. I figured it would be easier to use SpamAssassin on another Cpanel server which is auto updated. Makes life easier.
Now I do have this working and it has dropped the load on the high server by half. I also tested it with the medium however I ran into one MAJOR problem. If an account has set custom SpamAssassin options such as adjusting required score or adjusting SpamAssassin Test Score rules, the Spamd on the external server can't read these settings. They are stored in /home/<user>/.spamassassin/user_prefs so if localhost spamd checks the message it can read that file. Because of this I had to switch my medium load server back to using localhost spamd. I checked everyones user_prefs files on the other server and to my surprise no one made changes. It also looks like bayes filter won't work on a per-use basis either.
If that last hurdle can be worked out in some way, this would be a great feature as spamd uses a lot of system resources and CPU.
1) Yes this would be helpful to have this setting moved to the basic exim config under SpamAssassin Options tab.
2) This setting is already in WHM under WHM > Email > Spamd Startup Configuration. I found it rather strange that this setting is even available when Spamd only listens on 127.0.0.1. Makes it somewhat pointless.
Right now I just have 3 Cpanel servers. 1 is generally idle (for now), 1 is medium load during peak hours, and one is running pretty high most of the time. I want to offload the high load servers Spamd over to the idle one for the time being until I can move sites off. I figured it would be easier to use SpamAssassin on another Cpanel server which is auto updated. Makes life easier.
Now I do have this working and it has dropped the load on the high server by half. I also tested it with the medium however I ran into one MAJOR problem. If an account has set custom SpamAssassin options such as adjusting required score or adjusting SpamAssassin Test Score rules, the Spamd on the external server can't read these settings. They are stored in /home/<user>/.spamassassin/user_prefs so if localhost spamd checks the message it can read that file. Because of this I had to switch my medium load server back to using localhost spamd. I checked everyones user_prefs files on the other server and to my surprise no one made changes. It also looks like bayes filter won't work on a per-use basis either.
If that last hurdle can be worked out in some way, this would be a great feature as spamd uses a lot of system resources and CPU.
Replies have been locked on this page!