In default instalation of virtualmin is not used deamonized clamav and spamassassin. Its dangerous, local user can do local DoS with sending only one email but with few or many (depended on size of RAM) local recipients in cc or bcc headers.
Commands clamscan and spamassasin are slower than client`s commands for server and need much more memory. Behavior of this local DoS is OUT OF MEMORY in few seconds (concurrent running of many clamscan and spamassassin).
I have read bug 1632, but i think that default settings will be better without possibility of DoS. Please change default settings to use clamdscan and spamc.