So, to reply to my own question: CPanel <http://cpanel.com/products/> is well documented <https://documentation.cpanel.net/display/CKB/cPanel+Knowledge+Base> and is supported only via forum <https://forums.cpanel.net/threads/why-didnt-my-email-get-delivered-or-where-did-my-email-go.387312/>.
I’m using CPanel version 11.50. With phone support from GoDaddy, I was able to SSH into the shared linux CPanel host. Then, I was able to find the SpamAssassin binary <http://spamassassin.apache.org/full/3.4.x/doc/spamassassin-run.html> (/usr/local/cpanel/3rdparty/perl/514/bin/spamassassin -V) to determine I’m running SA 3.4.0. This version does not have the new TLDs features. CPanel 11.52 <http://news.cpanel.com/11-52-now-in-release-tier/>, due for release next month, will incorporate SA 3.4.1 and the advanced technology. It is not apparent when GoDaddy will upgrade to this new version of CPanel. As of yet, the best information I’ve found on the new TLDs features is here <http://uribl.com/>. Here <http://wiki.apache.org/spamassassin/Rules/> is a list of SA rules, but it is out of date as they are updated nightly in an effort to keep up with spammers. How to test for reverse DNS? See RDNS_NONE <http://wiki.apache.org/spamassassin/Rules/RDNS_NONE> . How to stop spam from top level domains? Well, the domains pop up faster than an administrator can keep track of them Also, I don’t want to brute-force block an entire domain because someday, it might be used for legitimate mail. The solution, as a Mail Administrator, is to tweak SA’s rules to catch the strains of SPAM you actually are receiving. To do this in Mac OS X Mail.app: 1) Select a SPAM item that was missed by SA. 2) Select View menu -> Message -> Raw Source. 3) Examine the “Content analysis details” section of the header that SA inserts. Note the points scored versus the points required. Note each rule SA attempted and the score it assigned to the test. It is the sum of the scores which is used to test against the required score. Thus, you can assign your own importance to each test. Different SPAM items trigger different tests. 4) If a particular test needs adjustment, go to CPanel home -> Email -> SpamAssassin -> Configure SpamAssassin. The number at the top is the required score (default value of 5). Then, there are several “score” boxes. Enter a test and the score for it, e.g. “RDNS_NONE 3”. 5) Rinse and repeat as necessary. I found that much of the SPAM had a BAYES_00 score of -1.9, which was defeating the contribution of the other tests. A closer inspection of the raw source revealed invisible gibberish text which, I assume, is designed to thwart the default BAYES_00 test — very cleaver. I have since changed the score of that test to 0. This iterative approach seems to be working: my inbox is “HAM” again. In Summary: CPanel appears to be a solid product. It provides much of the same functionality as OS X Server. Both provide a UI that attempts to simplify administration, but both also provide SSH access for those who need/want to get “down and dirty.” The advantage of using GoDaddy to host CPanel is that I don’t have to deal with reverse DNS, static IP, data center security, power supply and backup, Internet connectivity issues, firewall ports, etc. Also, I don’t have to dedicate $500-1K to hardware to run the thing. Downside: I don’t have control over which version of SA I get to use. In either case, it takes someone who can examine received SPAM to adjust the SA rules to react to changing conditions. That job is the same regardless of how the email service is provided. Hope that helps, Larry Goldman > On Oct 1, 2015, at 6:53 PM, Larry Goldman > <lgold...@allstarcomputerservices.com > <mailto:lgold...@allstarcomputerservices.com>> wrote: > > From http://spamassassin.apache.org: <http://spamassassin.apache.org/> > >> Latest News >> >> 2015-04-30: SpamAssassin 3.4.1 has been released! Highlights include: >> >> improved automation to help combat spammers that are abusing new top level >> domains; >> > I’m running SpamAssassin on CPanel shared hosting (GoDaddy). For several > weeks, I’ve been inundated with spam from various new top-level domains: > .date, .win,, .faith, .racing. CPanel has options for specifiying > SpamAssassin rules, but no other configuration files are readily available > for modification. > > Where is this improved automation documented? > > How can I stop the spam from new top level domains? > What (new) rules apply to unknown new top level domains? > > How can I test reverse DNS for the sender? > > Where is the best documentation for the entire current set of SpamAssassin > rules?