I am running a Linux based Collax Business Server where the last updated forced to do the spam checking through Amavisd. Before Postfix was calling Spamassassin direct and the problem I am currently seeing was not there.<br>
<br>In the currect configuration Postfix is filtering through Amavisd-new by sending the incoming email by SMTP to port 10033. Amavis is fetching the email, calling ClamAV for the virus scanning and after that is calling Spamc/Spamd to do the spam filtering.<br>
<br>In my syslog I noted some 10-25 of the below messages each day. <br><br>Message in the log:<br><br>2012 Jan 9 12:39:19 home spamd[29330]: spamd: bad protocol: header error: <br> (Content-Length mismatch: Expected 18668 bytes, got 18667 bytes) at /usr/bin/spamd line 2001, <GEN304> line 255.<br>
2012 Jan 9 14:48:27 home spamd[13554]: spamd: bad protocol: header error: <br> (Content-Length mismatch: Expected 14029 bytes, got 14028 bytes) at /usr/bin/spamd line 2001, <GEN15> line 201.<br>2012 Jan 9 14:56:10 home spamd[13554]: spamd: bad protocol: header error: <br>
(Content-Length mismatch: Expected 80004 bytes, got 80003 bytes) at /usr/bin/spamd line 2001, <GEN24> line 1064.<br>2012 Jan 9 16:41:18 home spamd[13554]: spamd: bad protocol: header error: <br> (Content-Length mismatch: Expected 34371 bytes, got 34369 bytes) at /usr/bin/spamd line 2001, <GEN51> line 659.<br>
2012 Jan 9 17:19:55 home spamd[13554]: spamd: bad protocol: header error: <br> (Content-Length mismatch: Expected 54037 bytes, got 54026 bytes) at /usr/bin/spamd line 2001, <GEN71> line 1447.<br><br>The work load for my domain is 150-200 emails a day.<br>
<br>Because of this protocol error, spamd is not having the message checked, but is returning the error after 30 seconds and amavisd is releasing the message to the destination, because it has no score. Several spams have slipped though my filter.<br>
<br>I have been searching for the cause for a long time now, but last weekend I finaly was able to pin point the source of the error:<br><br>Postfix is dot-stuffing the message it sents to amavis as requested by RFC. Amavis is de-stuffing these dots and is passing the message to spamd without the extra dots, but the Content-Length is not decreased by the number of removed dots. Because of that the above errors occur.<br>
<br>-> Is this a known issue?<br><br>If not, what do you need from me to help you fix it? I have separate tcpdump captures of the communication between Postfix and Amavis and Amavis and Spamd for several emails triggering this problem, as well as the excel sheet I used to determine what difference there was between the incoming and outgoing message from amavis. <br>