spamassassin no longer wrapping long lines in email headers
This is a relatively recent issue, starting on or about 25 Sep 2025.
"X-" headers in incoming email are no longer being wrapped to correspond to the 998 character limit, making it impossible to forward these emails as an attachment. Mostly this is a problem with X-Spam-Report or X-Ham-Report headers, which are normally long anyway.
I'm running AlmaLinux v8.10.0 STANDARD kvm with cPanel Version 130.0.15 which is using SpamAssassin 4.0.1 which was released in March of 2024. Because SpamAssassin seems to be handled internally in cPanel, I'm wondering if this issue is related to something that changed in cPanel 130 that broke the word-wrapping function of SpamAssassin when it adds its headers to an incoming email.
Adding "report_wrap_width 100" to local.cf in /etc/mail/spamassassin/ makes no difference. The X-Spam-Report line in a test email I sent from an outside server is still 4026 characters on a single line.
Any fix for this?
-
Hey there! I've been doing some homework on this and can't find similar reports on the Exim users list or really anywhere else, so we may be in uncharted territory. I'm *completely guessing* that it could be related to CPANEL-48405, but we'd really need access to the server to confirm what's happening here.
Could you create a ticket so this can be investigated directly?
0 -
There have been a few changes in this recently. A few weeks ago, the whole spam report was reduced to a single long line with lots of character encoding information like this:
X-Ham-Report: =?ISO-8859-1?Q?Spam_detection_software=2C_running_on_the_system_=22vsc002=2Eexample?= =?ISO-8859-1?Q?=2Ecom=22=2C=0A_has_NOT_identified_this_incoming_em?=
[the line above truncated but contained the complete SA report]
As of this morning, the line is wrapped, but the details of the report are truncated (see below). This is at least readable, but without the listing of the rules that were triggered, less useful than the long, unreadable line.
As a workaround I've been pasting the message into a local file, stripping out the existing spam report and running
/usr/local/cpanel/3rdparty/bin/spamassassin -t <local_file
which produces the full report in a readable form.
X-Ham-Report: =?ISO-8859-1?Q?Spam_detection_software=2C_running_on_the_system_=22xxxxxx=2Exxxxxxx?= =?ISO-8859-1?Q?xx=2Exx=22=2C=0A_has_NOT_identified_this_incoming_em?= =?ISO-8859-1?Q?ail_as_spam=2E__The_original=0A_message_has_been_atta?= =?ISO-8859-1?Q?ched_to_this_so_you_can_view_it_or_label=0A_similar_f?= =?ISO-8859-1?Q?uture_email=2E__If_you_have_any_questions=2C_see=0A_r?= =?ISO-8859-1?Q?oot=5C=40localhost_for_details=2E=0A_Content_preview=3A_?= =?ISO-8859-1?Q?_Sorry=2C_have_to_send_regrets_for_tonight_once_again?= =?ISO-8859-1?Q?=2E_Have_fun=2C=0A____and_play_safe!_Cheers=2E_=0A_Co?= =?ISO-8859-1?Q?ntent_analysis_details=3A___=280=2E0_points=2C_5=2E0_?= =?ISO-8859-1?Q?required=29=0A__pts_rule_name______________descriptio?= =?ISO-8859-1?Q?n=0A_----_----------------------_--------------------?= =?ISO-8859-1?Q?------------------------------=0A__0=2E0_URIBL=5FBLOC?= =?ISO-8859-1?Q?KED__________ADMINISTRATOR_NOTICE=3A_The_query_to_URI?= =?ISO-8859-1?Q?BL_was_blocked=
1 -
"X-" headers in incoming email cpanel are also set here:
/usr/local/cpanel/etc/exim/acls/ACL_SPAM_SCAN_BLOCK/default_spam_scan
but there are other issues, RFC 2047 and char length for Content analysis details:
In my case Content analysis details: was severely limited or reduced in cpanel update on 6th November 2025 with no additional settings added, so NEW settings are now hardcoded for all cpanel users
0 -
Update - we've opened case CPANEL-50170 open on this, and you can follow along using the link here: https://support.cpanel.net/hc/en-us/articles/36160643334807-Email-message-headers-X-Ham-Reports-and-X-Spam-Reports-output-is-not-readable
0
Please sign in to leave a comment.
Comments
4 comments