[Mimedefang] same message different results depending on sending mechanism

Bill Friedman lfnetworking at sbcglobal.net
Thu May 6 16:44:53 EDT 2004 

  sending again in case I forgot to send text-only first time.  I've 
done that many times..

Sent spam filled message via sendmail CL from an external machine and it 
got filtered and discarded as expected. 

# sent via telnet + CL sendmail to local machine
May  4 14:01:40 whiskey sendmail[18754]: i44L0l8T018754: 
from=billf at lfnetworking.com, size=101, class=0, nrcpts=1, 
 >msgid=<200405042101.i44L0l8T018754 at whiskey.ourdomain.com>, proto=SMTP, 
daemon=MTA, relay=wasabi.lmi.net [66.117.155.2]
May  4 14:01:40 whiskey mimedefang.pl[865]: 
MDLOG,i44L0l8T018754,spam,7.066,66.117.155.2,billf at lfnetworking.com,bfriedman,
May  4 14:01:40 whiskey mimedefang.pl[865]: filter: i44L0l8T018754:  
discard=1 quarantine_entire_message=1
May  4 14:01:40 whiskey mimedefang[18755]: i44L0l8T018754: Discarding 
because filter instructed us to
May  4 14:01:40 whiskey sendmail[18754]: i44L0l8T018754: Milter: data, 
discard
May  4 14:01:40 whiskey sendmail[18754]: i44L0l8T018754: discarded
...........
Sent same message via yahoo pop account to same sendmail machine and it 
got filtered but not discarded.  I replicated this several times.  The 
message is always filtered and discarded if I send via telnet CL either 
locally or remotely.  I noticed that in the first "CL" instance the the 
msgid included my gateway while in the second "POP" instance" it 
included the initial mail gateway.  But, in either case it's forwarding 
this message to an external user aliased from a local user.
...................
# sent via POP to same machine
May  4 15:25:01 whiskey sendmail[18935]: i44MP1W0018935: 
from=, size=811, class=0, nrcpts=1, 
 >msgid=<20040504212325.13732.qmail at web80501.mail.yahoo.com>, 
proto=SMTP, daemon=MTA, relay=web80501.mail.yahoo.com [66.218.79.71]
May  4 15:25:01 whiskey sendmail[18935]: i44MP1W0018935: Milter add: 
header: X-Scanned-By: MIMEDefang 2.42
May  4 15:25:08 whiskey sendmail[18937]: i44MP1W0018935: 
to=billf at lfnetworking.com, delay=00:00:07, xdelay=00:00:07, 
mailer=esmtp, pri=31065, relay=lanfill.lmi.net. [66.117.140.10], 
dsn=2.0.0, stat=Sent (i44LNaYj046002 Message accepted for
delivery)

.................
Sendmail is setup to only forward for "ourdomain" (not actual name) but
that doesn't seem to be the issue here as that's all that's being requested.
 mimedefang-filter is setup to not filter messages from local private subnet
machines, but, that doesn't seem to be the issue either, as in neither case
is their the ...no further action necessary... in the log entries.  Any ideas?

-- 
Thank You

Bill F.

More information about the MIMEDefang mailing list