[Mimedefang] same message different results depending on sending mechanism.
Bill Friedman
lfnetworking at sbcglobal.net
Thu May 6 14:48:22 EDT 2004
Sent spam filled message via sendmail CL from an external machine and it
got filtered and discarded as expected.
# sent via telnet + CL sendmail to local machine
May 4 14:01:40 whiskey sendmail[18754]: i44L0l8T018754:
from=billf at lfnetworking.com, size=101, class=0, nrcpts=1,
>msgid=<200405042101.i44L0l8T018754 at whiskey.ourdomain.com>, proto=SMTP,
daemon=MTA, relay=wasabi.lmi.net [66.117.155.2]
May 4 14:01:40 whiskey mimedefang.pl[865]:
MDLOG,i44L0l8T018754,spam,7.066,66.117.155.2,billf at lfnetworking.com,bfriedman,
May 4 14:01:40 whiskey mimedefang.pl[865]: filter: i44L0l8T018754:
discard=1 quarantine_entire_message=1
May 4 14:01:40 whiskey mimedefang[18755]: i44L0l8T018754: Discarding
because filter instructed us to
May 4 14:01:40 whiskey sendmail[18754]: i44L0l8T018754: Milter: data,
discard
May 4 14:01:40 whiskey sendmail[18754]: i44L0l8T018754: discarded
...........
Sent same message via yahoo pop account to same sendmail machine and it
got filtered but not discarded. I replicated this several times. The
message is always filtered and discarded if I send via telnet CL either
locally or remotely. I noticed that in the first "CL" instance the the
msgid included my gateway while in the second "POP" instance" it
included the initial mail gateway. But, in either case it's forwarding
this message to an external user aliased from a local user.
...................
# sent via POP to same machine
May 4 15:25:01 whiskey sendmail[18935]: i44MP1W0018935:
from=<linguafr at sbcglobal.net>, size=811, class=0, nrcpts=1,
>msgid=<20040504212325.13732.qmail at web80501.mail.yahoo.com>,
proto=SMTP, daemon=MTA, relay=web80501.mail.yahoo.com [66.218.79.71]
May 4 15:25:01 whiskey sendmail[18935]: i44MP1W0018935: Milter add:
header: X-Scanned-By: MIMEDefang 2.42
May 4 15:25:08 whiskey sendmail[18937]: i44MP1W0018935:
to=billf at lfnetworking.com, delay=00:00:07, xdelay=00:00:07,
mailer=esmtp, pri=31065, relay=lanfill.lmi.net. [66.117.140.10],
dsn=2.0.0, stat=Sent (i44LNaYj046002 Message accepted for
delivery)
.................
Sendmail is setup to only forward for "ourdomain" (not actual name) but
that doesn't seem to be the issue here as that's all that's being requested.
mimedefang-filter is setup to not filter messages from local private subnet
machines, but, that doesn't seem to be the issue either, as in neither case
is their the ...no further action necessary... in the log entries. Any ideas?
--
Thank You
Bill F.
More information about the MIMEDefang
mailing list