spam_quarantine_to problem

Wed Feb 29 21:03:05 CET 2012

On Wed, 29 Feb 2012, Nicolas wrote:

> Mark,
>  Version of Amavis: 2.6.4
> Here is an example mail (from mailbox spam user):
> 
> ///////////////////////////////////////////////////////////////////////////
> /////////////////////////////////
> From shylaangeles at input.com  Wed Feb 29 14:19:22 2012
> Return-Path: <shylaangeles at input.com>
> X-Original-To: spam at mtaXX
> Delivered-To: spam at mtaXX
> Received: from localhost (localhost [127.0.0.1])
>         by mtaXX (Postfix) with ESMTP id 08EAB80AI3
>         for <spam at mtaXX>; Wed, 29 Feb 2012
> X-Envelope-From: <shylaangeles at input.com>
> X-Envelope-To: <joe at XXXXX>
> X-Envelope-To-Blocked: <joe at XXX>
> X-Quarantine-ID: <BNXmyCre+d9B>
> X-Spam-Flag: YES
> X-Spam-Score: 19.461
> X-Spam-Level: *******************
> X-Spam-Status: Yes, score=19.461 tag=2 tag2=5.31 kill=6.31
>         tests=[ALL_TRUSTED=-1, DRUGS_ERECTILE=2.221, DRUG_ED_CAPS=1.023,
>         FB_CIALIS_LEO3=3.055, MISSING_SUBJECT=1.767, NO_PRESCRIPTION=1.102,
>         ONLINE_PHARMACY=2.371, TVD_VISIT_PHARMA=1.196, URIBL_BLACK=1.775,
>         URIBL_DBL_SPAM=1.7, URIBL_JP_SURBL=1.948, URIBL_SBL=0.644,
>         URIBL_WS_SURBL=1.659] autolearn=spam
> Received: from mtaXX ([127.0.0.1])
>         by localhost (mtaXX [127.0.0.1]) (amavisd-new, port 10024)
>         with ESMTP id BNXmyCre+d9B for <joe at XXX>;
>         Wed, 29 Feb 2012
> Received: from pp (localhost [127.0.0.1])
>         by mtaXX (Postfix) with SMTP id 6BF6480A48
>         for <joe at XXX>; Wed, 29 Feb 2012
> Message-Id: <20120229171911.6BF6480A48 at mtaXX>
> Date: Wed, 29 Feb 2012
> From: shylaangeles at input.com
> To: undisclosed-recipients:;.
> .
> .
> ///////////////////////////////////////////////////////////////////////////
> /////////////////////////////////
> 
> Note the content of  "To:"not match with X-Envelope-To: (original final
> recipient)

The "To:" header and the envelope reicipient (shown in that X-Envelope-To: 
header) are two different things. SMTP delivers mail to the envelope 
recipient. There is no requirement that the envelope recipient be in the 
To: header (it could be in the CC: header or could be a BCC: recipient). 
For the most part, the To: and CC: headers are just part of the message 
data as far as SMTP is concerned. SMTP does not make mail delivery 
decisions based on To: or CC: headers and only in very limited 
circumstances does an SMTP server add or change message headers.

Some mail software, when not finding a To: header, adds the To: 
undisclosed-recipients:; header you're seeing (one of the limited 
circumstances where an SMTP server might add a message header). It just 
means that there was no To: header or that it was blank. Mail without a 
To: header is almost always spam.

-- Larry Stone
    lstone19 at stonejongleux.com