Spamassassin character scan limit?

jayharland

• March 18, 2016 11:00

Hey everyone, When creating account level filters via cpanel, I'm trying to allow emails that are calendar invites but would otherwise be blocked. So I have a regex that checks Any Header or the Body for: (?si)^(?!.*Content\-Type\:\stext\/calendar) The filter uses a negative look ahead because I only want a match if Content-Type: text/calendar doesn't exist. Anyway, this works as long as the "Content-Type: text/calendar" is towards the top of the email. But with something like a calendar invite forward with a bunch of HTML in the email, it fails. Even though in separate regex testing environment it sees that there is still a "Content-Type: text/calendar" further down. I read somewhere before that spamassassin has a character limit, where it won't scan past 5000 or 7000 characters or something? If that's true, I haven't been able to find where to adjust that setting, though I have looked. I can confirm that when I remove some of the text and make the message smaller, it works as expected. Thanks for any help!

• 

  cPanelMichael

  • March 21, 2016 01:47

  Hello :) This is configurable with the following option under the "Apache SpamAssassin Options" tab in "WHM >> Service Configuration >> Exim Configuration Manager >> Basic Editor": "Apache SpamAssassin": message size threshold to scan" Per it's description: Maximum size (in kilobytes) of a message that Apache SpamAssassin" will scan. Spam emails are usually about 1-4 kB in size; therefore, it is generally wasteful to scan larger emails.
  I suggest trying to keep this as close to the default value as possible, as scanning large messages can lead to increased CPU or memory usage. Thank you.

  0

Please sign in to leave a comment.