Proxmox Mail Gateway (PMG) is a great solution for filtering incoming and outgoing mail for spam. By default SpamAssassin in is not trained with what emails should be considered spam and what emails should be allowed to be passed through PMG. As such we need to provide PMG with what is SPAM and what is HAM (not spam). Strangely enough PMG doesn't provide a very intuitive way to achieve this, so we wrote a script which will feed all junk mail from cPanel accounts to PMG to train SpamAssassin.
Of course tweaking in PMG is also required to make sure you don't block legitimate mail, but this method certainly gets one started and provides a good base for filtering spam mail.
Step 1 - Create script on PMG to accept data from cPanel server
#!/bin/sh case "$SSH_ORIGINAL_COMMAND" in report) sa-learn --spam ;; revoke) sa-learn --ham ;; *) echo "Invalid command?" ;; esac
chmod +x /bin/remote-commands
Step 2 - Generate SSH key on cPanel
ssh –keygen –t rsa 4096
Authorize the generated key on PMG with the following command:
ssh-copy-id -i ~/.ssh/id_rsa.pub root@pmg-ip
Step 3 - Create the spam reporter script on cPanel
Step 4 - Create timer specs and timer on the cPanel server to invoke the feeder
[Unit] Description=This service automatically reports spam. [Service] Type=oneshot ExecStart=/bin/spam-reporter
[Unit] Description=This is the timer to check for spam and report it. [Timer] OnCalendar=*:0/5 Persistent=true [Install] WantedBy=timers.target
Step 5 - Enable the timer
systemctl daemon-reload && systemctl enable spam-reporter.timer --now
Each time junk mail is then received on your cPanel server, this will then be fed back to PMG.
Credit for the scripts goes to CRCinAU