[Mimedefang] Weird issue

Wed Jun 23 10:25:20 EDT 2010

On Jun 23, 2010, at 8:55 AM, George Roberts wrote:

> ...
> In filter_end, I do this:
> 
> if ($Header{'x-purity-verdict'} =~ /spam/) {
>        md_syslog('warning', 'Redirecting to quarantine - Engine verdict: ' . $Header{'x-purity-verdict'});
> 
>        foreach my $rec (@Recipients) {
>                delete_recipient($rec);
>        }
>        add_recipient("quarantine\@cleveland.ijnet.net");
> }
> ...
> Jun 23 04:27:10 death purity[662]: MDLOG,o5N9R9GR005379,mail_in,,,<emailreceipts at authorize.net>,<groberts at interjuncture.com>,Merchant Email Receipt 
> Jun 23 04:27:10 death sendmail[5379]: o5N9R9GR005379: Milter delete: rcpt <groberts at interjuncture.com>
> Jun 23 04:27:10 death sendmail[5379]: o5N9R9GR005379: Milter add: rcpt: quarantine at cleveland.ijnet.net
> Jun 23 04:27:10 death sendmail[5379]: o5N9R9GR005379: Milter accept: message
> 
> I'm just confused how it could even get to that code without putting in the log line and what I need to do to fix this.  Our engine is properly diagnosing when something is spam, but our mimedefang filter is sending it to quarantine anyway even when it's not. :)   Any thoughts?

Here's a thought: check syslog configuration.  You can choose to filter which syslog messages will make it to the logs -- perhaps you have your syslog configured to eliminate the warning message...

Scott