[Postfixbuch-users] double-bounce/reject von Postfix und Amavis

Michael Nausch michael at nausch.org
Do Jul 9 22:43:40 CEST 2009


Griasde Sascha!

Quoting Sascha Peters <postfix-list at novuage.de>:

> Das "Lesbarer" zu machen würde mich aber auch sehr interessieren.   
> Wobei ich die Erfahrung gemacht habe das die normalen E-Mail   
> Benutzer da eh nur anfangen zu schreien und jemanden Fragen.

Also ganz so "gach" find ich es gar nicht! Schau's Dir selber an:

============================ schnippldieschnapp =============================
This is the mail system at host mail-out.m-online.net.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

                    The mail system

<michael at nausch.org>: host mx1.nausch.org[88.217.187.21] said: 554 5.7.0
     Reject, id=02598-03 - SPAM (in reply to end of DATA command)
============================ schnippldieschnapp =============================

Findest also im maillog sofort über die id=02598-03 den workflow und  
man sieht darin sehr schön, warum die mail als spam erkannt wurde,  
nämlich "HEADER_CHECKS_NR1035":

============================ schnippldieschnapp =============================
# grep 02598-03 /var/log/maillog
Jul  9 22:38:21 nss amavis[2598]: (02598-03) ESMTP::10024  
/var/amavis/tmp/amavis-20090709T222345-02598: <django at mnet-mail.de> ->  
<michael at nausch.org> SIZE=1512 BODY=7BIT Received: from mx1.nausch.org  
([127.0.0.1]) by localhost (amavis.nausch.org [127.0.0.1])  
(amavisd-new, port 10024) with ESMTP for <michael at nausch.org>; Thu,  9  
Jul 2009 22:38:21 +0200 (CEST)
Jul  9 22:38:21 nss amavis[2598]: (02598-03) Actual message size 1746  
B greater than the declared 1512 B
Jul  9 22:38:21 nss amavis[2598]: (02598-03) body hash:  
9a17ac27d718fa0bb060753cdf394e85
Jul  9 22:38:21 nss amavis[2598]: (02598-03) Checking: 1SvYJzC5Z75c  
[212.18.0.9] <django at mnet-mail.de> -> <michael at nausch.org>
Jul  9 22:38:21 nss amavis[2598]: (02598-03) 2822.From: <django at mnet-mail.de>
Jul  9 22:38:21 nss amavis[2598]: (02598-03) p001 1 Content-Type:  
text/plain, size: 13 B, name:
Jul  9 22:38:21 nss amavis[2598]: (02598-03) Checking for banned types  
and filenames
Jul  9 22:38:21 nss amavis[2598]: (02598-03) collect banned table[0]:  
michael at nausch.org, tables: DEFAULT=>Amavis::Lookup::RE=ARRAY(0x9a1f5e8)
Jul  9 22:38:21 nss amavis[2598]: (02598-03) p.path  
michael at nausch.org: "P=p001,L=1,M=text/plain,T=asc"
Jul  9 22:38:21 nss amavis[2598]: (02598-03) Using ClamAV-clamd:  
(built-in interface)
Jul  9 22:38:21 nss amavis[2598]: (02598-03) Using (ClamAV-clamd) on  
dir: CONTSCAN /var/amavis/tmp/amavis-20090709T222345-02598/parts\n
Jul  9 22:38:21 nss amavis[2598]: (02598-03) ClamAV-clamd: Connecting  
to socket  /tmp/clamd.socket
Jul  9 22:38:21 nss amavis[2598]: (02598-03) ClamAV-clamd: Sending  
CONTSCAN /var/amavis/tmp/amavis-20090709T222345-02598/parts\n to UNIX  
socket /tmp/clamd.socket
Jul  9 22:38:21 nss amavis[2598]: (02598-03) ask_av (ClamAV-clamd):  
/var/amavis/tmp/amavis-20090709T222345-02598/parts CLEAN
Jul  9 22:38:21 nss amavis[2598]: (02598-03) ClamAV-clamd result: clean
Jul  9 22:38:25 nss amavis[2598]: (02598-03) spam_scan: score=12.229  
autolearn=spam  
tests=[AWL=-10.670,HEADER_CHECKS_NR1035=20,TVD_SPACE_RATIO=2.899]
Jul  9 22:38:25 nss amavis[2598]: (02598-03) blocking contents  
category is (6) for michael at nausch.org
Jul  9 22:38:25 nss amavis[2598]: (02598-03) do_notify_and_quar:  
ccat=Spam (6,0) ("6":Spam, "5":Spammy, "1,1":CleanTag, "1":Clean,  
"0":CatchAll) ccat_block=(6), q_mth=local:spam-%m.gz, qar_mth=
Jul  9 22:38:25 nss amavis[2598]: (02598-03) SPAM,  
<django at mnet-mail.de> -> <michael at nausch.org>, Yes, score=12.229 tag=2  
tag2=6.31 kill=6.31 tests=[AWL=-10.670, HEADER_CHECKS_NR1035=20,  
TVD_SPACE_RATIO=2.899], autolearn=spam
Jul  9 22:38:25 nss amavis[2598]: (02598-03) Blocked SPAM,  
[212.18.0.9] [88.217.187.21] <django at mnet-mail.de> ->  
<michael at nausch.org>, Message-ID:  
<20090709223819.j21vuc2psw4go04c at webmail.mnet-online.de>, mail_id:  
1SvYJzC5Z75c, Hits: 12.229, size: 1746, 4249 ms
Jul  9 22:38:25 nss amavis[2598]: (02598-03) TIMING [total 4252 ms] -  
SMTP greeting: 2 (0%)0, SMTP EHLO: 1 (0%)0, SMTP pre-MAIL: 0 (0%)0,  
SMTP pre-DATA-flush: 2 (0%)0, SMTP DATA: 13 (0%)0, check_init: 1  
(0%)0, digest_hdr: 0 (0%)0, digest_body: 0 (0%)0, gen_mail_id: 1  
(0%)0, mime_decode: 7 (0%)1, get-file-type1: 11 (0%)1, decompose_part:  
1 (0%)1, parts_decode: 0 (0%)1, check_header: 2 (0%)1, AV-scan-1: 3  
(0%)1, spam-wb-list: 1 (0%)1, SA parse: 3 (0%)1, SA check: 4187  
(98%)100, update_cache: 5 (0%)100, decide_mail_destiny: 1 (0%)100,  
prepare-dsn: 2 (0%)100, main_log_entry: 6 (0%)100, update_snmp: 2  
(0%)100, SMTP pre-response: 1 (0%)100, SMTP response: 0 (0%)100,  
unlink-1-files: 0 (0%)100, rundown: 0 (0%)100
Jul  9 22:38:25 nss amavis[2598]: (02598-03) load: 4 %, total idle  
848.312 s, busy 32.193 s
============================ schnippldieschnapp =============================

Was meinst Du, sollte doch praktikabel einsetzbar sein, oder was  
sagtst Du dazu?

Pfiade,
        Django
-- 
"Bonnie & Clyde der Postmaster-Szene!" approved by Postfix-God

http://wetterstation-pliening.info
http://dokuwiki.nausch.org





Mehr Informationen über die Mailingliste Postfixbuch-users