web analytics

X-Ham-Report in Cpanel

Cpanel now adds a spam/ham report to the email headers. If the message is not spam, it adds a ham report as follows.

X-Ham-Report: Spam detection software, running on the system “server.def.com”, has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn’t spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.

Content preview: testing […]

Content analysis details: (-1.9 points, 5.0 required)

pts rule name description
—- ———————- ————————————————–
-0.0 SPF_PASS SPF: sender matches SPF record
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]

While many email clients have options to hide such headers, a few customers are irritated with such headers when displayed in their email. If you want to disable the reports, do the following in exim.conf

Comment out the following line in /etc/exim.conf and restart exim.

add_header = X-Ham-Report: $spam_report

Such changes are temporary and will be reverted when upcp or eximup runs. In order to make the changes permanent, do the following through WHM.

In the new Advanced Exim configuration editor you can uncheck the box with “default_spam_scan” and then copy this section of the config and paste it into the box after “custom_begin_spam_scan” with your desired modifications. Then scroll down and click save. In short, you need to remove that line and save the rest. Try sending a mail now and you will no longer see the report.

7 comments to X-Ham-Report in Cpanel

  • Brett Wilkinson  says:

    Excellent post – customer complaining about just this issue. Thanks!

    • Brett Wilkinson  says:

      One note – a standard copy/paste will fail – the code tucked between the add_header lists needs to be pasted in as a single line or it will break.

  • a2618744  says:

    That fixed my issue.
    Thanks Brett. I was stuck in line break

  • a2618744  says:

    That fixed my issue.
    Thanks Brett
    I was stuck in line break:)

  • jonathan  says:

    thanks so much!

  • Bernie  says:

    Re standard copy and post won’t work: I found if the input box is made very wide by dragging it larger a few times, then paste, it works. Else you get an error message stating an error in the (long) condition.

  • Charles Lindsey  says:

    Those blank lines in the X-Ham-Report before the Content preview: etc. actually consist of a single space. But these are in violation of RFC 5322 section 3.2.2 which make it a MUST NOT, presumably because there is buggy software out there that erroneously treats it as the division between between the Headers and Body of the email (and yes, I have seen such software).

    My mailbox provider uses cpanel, but I suspect the bug is really in Spamassassin. But where should I report it? Just starting at my provider will just start a train of events that will last forever.

Leave a reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>