[Mimedefang] Strange issue with mimedefang/spamassassin reports. [LOGS]
Steffen Kaiser
skmimedefang at smail.inf.fh-bonn-rhein-sieg.de
Thu Jun 4 11:26:14 EDT 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 3 Jun 2009, Champ Clark III [Softwink] wrote:
> --[Snip]-----------------------------------
>
> Jun 2 23:54:40 lucas mimedefang.pl[3384]: MDLOG,n533rNV2029956,spam,31.759,118.88.38.123,<betsymullenwc at worldnet.att.net>,<denise@[REMOVED]>,Vgr And Cialis for low prices .And free gift for everyone 4qc
> Jun 2 23:54:42 lucas mimedefang.pl[3384]: MDLOG,n533rNV2029956,mail_in,,,<betsymullenwc at worldnet.att.net>,<denise@[REMOVED]>,Vgr And Cialis for low prices .And free gift for everyone 4qc
> Jun 2 23:54:42 lucas sm-mta[29956]: n533rNV2029956: Milter change (add): header: X-Spam-Score: 31.759 (*******************************) BAYES_50,DRUGS_ERECTILE,DRUG_ED_GENERIC,FB_CIALIS_LEO3,FH_RELAY_NODNS,LOCAL_DRUGS_MALEDYSFUNCTION,RATWARE_MS_HASH,RATWARE_OUTLOOK_NONAME,RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E4_51_100,RAZOR2_CF_RANGE_E8_51_100,RAZOR2_CHECK,RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_SORBS_WEB,RCVD_IN_XBL,RDNS_NONE,SARE_SUB_FREE,SARE_WEOFFER,SPF_HELO_NEUTRAL,SUBJECT_DRUG_GAP_C,TW_FY,TW_TF,URIBL_AB_SURBL,URIBL_BLACK,URIBL_JP_SURBL,URIBL_OB_SURBL,URIBL_WS_SURBL
> Jun 2 23:54:42 lucas sm-mta[29956]: n533rNV2029956: Milter add: header: X-Orig-Rcpts: <denise@[REMOVED]>
> Jun 2 23:54:42 lucas sm-mta[29956]: n533rNV2029956: Milter delete: rcpt <denise@[REMOVED]>
> Jun 2 23:54:42 lucas sm-mta[29956]: n533rNV2029956: Milter add: rcpt: spam at localhost
> Jun 2 23:54:42 lucas sm-mta[29956]: n533rNV2029956: Milter change: header Content-Type: from text/plain;\n\tcharset="iso-8859-2" to multipart/mixed; boundary="----------=_1244001265-3384-129"
> Jun 2 23:54:42 lucas sm-mta[29956]: n533rNV2029956: Milter change: header MIME-Version: from 1.0 to 1.0
> Jun 2 23:54:42 lucas sm-mta[29956]: n533rNV2029956: Milter delete: header Content-Transfer-Encoding: 8bit
> Jun 2 23:54:42 lucas sm-mta[29956]: n533rNV2029956: Milter message: body replaced
> Jun 2 23:54:42 lucas sm-mta[29956]: n533rNV2029956: Milter add: header: X-Scanned-By: MIMEDefang 2.64 on 24.240.168.169
> Jun 2 23:54:42 lucas sm-mta[29990]: n533rNV2029956: to=spam at localhost, delay=00:00:28, xdelay=00:00:00, mailer=local, pri=1411249, dsn=2.0.0, stat=Sent
> Jun 2 23:54:42 lucas sm-mta[29990]: n533rNV2029956: to=<ak_ns at vistech.net>, delay=00:00:28, xdelay=00:00:00, mailer=smtp, pri=1411249, relay=[12.145.241.50] [12.145.241.50], dsn=5.1.1, stat=User unknown
> Jun 2 23:54:42 lucas sm-mta[29990]: n533rNV2029956: to=<black at vistech.net>, delay=00:00:28, xdelay=00:00:00, mailer=smtp, pri=1411249, relay=[12.145.241.50] [12.145.241.50], dsn=5.1.1, stat=User unknown
>
> --[SNIP]-------------------------------------
>
> The "User unknowns" go on for quite a while.. About
> 30 or so "User unknowns"... hmmmm.
Where is the corresponding "from=" line? What is the number of
recipients? If <ak_ns at vistech.net> is an unknown recipient and sendmail
knows about it, the recipient is never passed to Milter and won't end up
in @Recipients.
Bye,
- --
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBSifnmdlJzF6z/k3SAQIwugf+L25qq4gdCANTLgq9tpgL7y/WxoG6CjGe
nJ03RX4pK7GARknXxgNTcv6h14wlKWS74jr3hs4+8L+Vdpg6f2fkJkDwis2ePvlr
szaroe6mEtKJMNWfpRzMswVzcIDpJ4h98ei+5grsgZUOYiV3nklZGosl7fj4Ex9G
8MZ8Pb2BQvvWhoOqxFu9XQoXiRiuhiViiNV+5q89BUBrkFLzCv27lbBykNL0yF4B
PaAcMSFJlt3vplA6asGIuj9t3s5PDHptxHKaee9HIZoedBBJky9r70mIZ69ZVAOq
fU7zB2vNkX5xt9G4rFP2ODlnYHPMvX3mxl4y5VI+UWxgbt2rBCbcpw==
=nBZt
-----END PGP SIGNATURE-----
More information about the MIMEDefang
mailing list