Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Postfix/ Amavis/ Spamassassin

Status
Not open for further replies.
CraigBoyer

CraigBoyer

MIS
Aug 4, 2003
6
US
I am running a Postfix server with Amavis and Spamassassin 2.60. Everything has been running great, but I have started noticing strange incoming messages. It appears that a valid spam message will come into the system. The system will tag the message as spam and give it a score higher than my set threshold. Spamassassin does what it is supposed to with the spam message. Then I see in the maillog, the same message generate a new message id for the same message (it looks like amavis is doing this). And show the following below (message in maillog):

May 31 00:30:41 lfcmrl02 amavis[13011]: (13011-05) TIMING [total 917 ms] - SMTP EHLO: 1 (0%), SMTP pre-MAIL: 0 (0%), SMTP pre-DATA-flush: 1 (0%), SMTP DATA: 73 (8%), body hash: 0 (0%), mime_decode: 12 (1%), get-file-type: 9 (1%), get-file-type: 8 (1%), decompose_part: 1 (0%), decompose_part: 0 (0%), parts: 0 (0%), SA msg read: 2 (0%), SA parse: 1 (0%), SA check: 639 (70%), fwd-connect: 4 (0%), fwd-mail-from: 1 (0%), fwd-rcpt-to: 1 (0%), write-header: 2 (0%), fwd-data: 3 (0%), fwd-data-end: 44 (5%), fwd-rundown: 1 (0%), fwd-connect: 15 (2%), fwd-mail-from: 1 (0%), fwd-rcpt-to: 0 (0%), write-header: 2 (0%), fwd-data: 7 (1%), fwd-data-end: 33 (4%), fwd-rundown: 1 (0%), fwd-connect: 5 (1%), fwd-mail-from: 1 (0%), fwd-rcpt-to: 1 (0%), write-header: 2 (0%), fwd-data: 3 (0%), fwd-data-end: 38 (4%), fwd-rundown: 1 (0%), unlink-2-files: 3 (0%), rundown: 0 (0%)

And send the message again. This time it bypasses the spam system and forwards the message in to our Exchange server untagged??? How is this message doing this and how do I stop it??? thanks in advance for any input.
 
Sort by date Sort by votes
Update - I sent a test message to the Spam system the hosts services for another company (this single server hosts several domains to filter for Spam). I created a custom test rule. If the body of the message contains the words "test test", flag the message as spam (100 points assigned to the score). I sent a test message for one domain - i.e. acme.com. It flags the message as spam. If I send a message to acme2.com, it does not. I reviewed the logs and the maillog says that it tagged both messages to both domains, but the message deliver to acme2.com goes in untagged. The funny thing is I forward a copy of every tagged spam message into a admin spam mailbox for troubleshooting purposes and a message is received destined to acme2.com and it is tagged appropriately????
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

7xja
  • Locked
  • Question
Some problems on Postfix 3.6
Replies
0
Views
298
7xja
7xja
Martin Zahn
  • Locked
  • Question
postfix: fatal: could not find any active network interfaces
Replies
0
Views
311
Martin Zahn
Martin Zahn
alexk345
  • Locked
  • Question
I need a way to block outgoing recipients using Mysql - Postfix / Postmap
Replies
1
Views
301
alexk345
alexk345
BJZeak
  • Locked
  • Question
Looking to understand the feasibility of creating a SEND only POSTFIX solution for an IOT (pi) ctrlr
Replies
0
Views
273
BJZeak
BJZeak
mondji
  • Locked
  • Question
Postfix smarthost: limit the number of message to recipient by time interval
Replies
0
Views
262
mondji
mondji

Part and Inventory Search

Sponsor

Back
Top