SpamAssassin stopped working

[setmajer]

Sorry if I've put this in the wrong forum, but as SpamAssassin is managed through Cpanel I figure this is as good a place as any....

Early yesterday afternoon EDT SpamAssassin just stopped filtering altogether. Cpanel says it is still running, but I'm being flooded with spam on that domain and the spam mailbox is empty. The only change I've made to that account in the past several months is to add a test@ email account for testing HTML emails (they're absolutely /not/ spam; it's for my day job at a marketing design firm and they insist on scrubbed, opt-in only lists). This was done yesterday at approximately 7 AM EDT.

If anyone has any ideas how I could go about debugging the problem, I would be most appreciative. I'm an absolute moron when it comes to SpamAssassin, and don't even know where to begin digging so I can go to support with a reasonable description of the problem. :-(

Thanks in advance.

[amartins]

Hi,

Ask support about this, I also had recurrent problems with Spam Assasin for a couple of months.. each time there was an upgrade SA would stop working.

Antonio.

[setmajer]

Will do, then. I just generally don't like running to support unless I have some idea what the problem is.

Thanks!

[amartins]

Interestingly after well over a month of working without problems Spam Assasin crapped out on my server too (porsche) all my domains are affected :-\

[Stef]

If this is not already solved can you both please contact support@hostgator.com to have them take a look at this problem.

setmajer can you also read this thread and provide the info please.

Thanks,
Stef.

[amartins]

Hi Stef,

Did that... we're at the "spam assassin is enabled" phase the fact that it reports enabled does not mean its working though.. anyway.. *greater* problems arise.

Coincidence or not last night I gave the tech my reseller domain's account login and password.

TO my dismay all of my POP accounts except for the default account and a new mailbox called "test" were DELETED!!!! cPanel reports last login from 61.11.112.67 (some IP in India)... I hope Hostgator can trust the folks they outsourced tech support to, I certainly don't and have changed my password!

This is a very serious incident, who do I contact about investigating the logs as to who deleted the pop accounts on my domain?

Thanks.

Antonio.

Quote:

Originally Posted by Stef

If this is not already solved can you both please contact support@hostgator.com to have them take a look at this problem.

setmajer can you also read this thread and provide the info please.

Thanks,
Stef.

[Stef]

Antonio,

Quote:

Did that... we're at the "spam assassin is enabled" phase the fact that it reports enabled does not mean its working though.. anyway..

Ah, no I see what your other post in Reseller Chat is about...

Quote:

This is a very serious incident, who do I contact about investigating the logs as to who deleted the pop accounts on my domain?

Please contact ben@hostgator.com or brent@hostgator.com to investigate this problem. Provide as much info a you can/remember: the request ticket number, who you mailed/chat with, some time indications, etc.
I'm sure Ben or Brent will want support to give a clear explanation about what happened or went wrong.

Stef.

[amartins]

Thanks Stef, I had also PM'd Justin and he gave me Brents addr so I have sent off the relevant info. Spam Assassin will have to stay be on the back burner for now :-).

Yeah my message in reseller chat was partly about that, little did I know what was gonna happen overnight :-\ needless to say I changed my domain password as soon as I grasped what had happened.

Antonio.

[amartins]

Okay guys just a quick update in case anyone experiences the same problem.

Shane has been looking into this and up until now it looks like this is gonna be put down to what I guess could be called a cPanel bug.

I'm told Cpanel stores the pop password in /home/user/etc/shadow If somehow this file gets handled by multiple processes and is unable to complete from any of them it becomes blank. This means the pop account will dissapear from cPanel even though the pop's folder still exists in the appropriate directory structure... I just dont get how multiple accounnts were messed up overnight when no one was supposed to be messing with them in the 1st place :-\

I'll edit this as I get more info.. I hope it gets figured out! By the way spam assassin is up and running again.

Antonio

[MaraBlue]

Same here...

[MaraBlue]

I had this happen with one of my POP accounts, where the main email to that account simply "disappeared." I recreated it, enabled SpamAssasin, and still getting spam into that account.

It helps to see it wasn't just me who had this problem. I wasn't going to go to support with this, as I have far bigger fish to fry with support...

[MaraBlue]

Quote:

Originally Posted by amartins

Hi Stef,

Did that... we're at the "spam assassin is enabled" phase the fact that it reports enabled does not mean its working though.. anyway.. *greater* problems arise.

Coincidence or not last night I gave the tech my reseller domain's account login and password.

TO my dismay all of my POP accounts except for the default account and a new mailbox called "test" were DELETED!!!! cPanel reports last login from 61.11.112.67 (some IP in India)... I hope Hostgator can trust the folks they outsourced tech support to, I certainly don't and have changed my password!

This is a very serious incident, who do I contact about investigating the logs as to who deleted the pop accounts on my domain?

Thanks.

Antonio.

Hi...I know this is an old thread (I only come into the forums when I have a problem with Hostgator I can't resolve), and I'm currently having an email issue. I was SHOCKED when the tech asked me, via email, for my password.

There is NO REASON for any tech to every need my email password for resolving ANY issue, much less THIS particular one.

I plan on starting a thread about this issue, the original issue as well as the tech requesting my email password.

[amartins]

I feel in much the same way. I am always reluctant in giving out my password its just against my nature.

With the two major webhosts I used before none ever asked me for my password, no matter what the issue.

Maybe thats because they used secure trouble ticketing sites instead of direct email, I think we all understand that mail is transmitted around the net in unencrypted form.

Since this happened I changed my passwords (billing as well) just to be safe.

Along with other "betterments" Brent has been looking into I think maybe support's working methodology should also be looked into. As well as flagging things for one another... like for example the issue with spam assassin going down frequently and what this and that tech diagnosed and decided to do. I sometimes notice I have to tell junior techs (if I may call them that) what the senior ones did on other occasions.

Antonio.