Delivery Reports go to quarantine!!!

Mike C. miguelmclara at gmail.com
Mon Jul 2 22:04:29 CEST 2012


On 02-07-2012 19:16, Jari Fredriksson wrote:
> On 2.7.2012 16:55, Mike C. wrote:
>> Users started complaining about this, I'm using mailzu to manage users
>> quarantine and I can't even release them!
>>
>> All this messages get 100 points and I can't really figure out why!
>>
>> I'm using centos amavisd-new 2.6, has anyone else had this problem??
>>
> Sounds like a custom problem to me, 100 points is nothing a stock
> SpamAssassin will generate. Any blacklist_* rules home cooked?
>
Oops very sorry guys this was a draft that I accidentally sent, has you
can see there0s not even and "hello" :X

Hello all,

I'm having a problem with "Delivery Reports".
Users started complaining about this, I'm using mailzu to manage users
quarantine and I can't even release them!

All this messages get 100 points and I can't really figure out why!


I'm using centos amavisd-new 2.6, has anyone else had this problem??


More details:
Centos 5.8
Postfix mail_version = 2.9.1

smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender,
reject_unknown_sender_domain, permit

smtpd_client_restrictions = permit_mynetworks reject_rbl_client
bl.spamcop.net reject_rbl_client zen.spamhaus.org

smtpd_recipient_restrictions = permit_mynetworks
permit_sasl_authenticated reject_unauth_destination
reject_non_fqdn_recipient reject_unknown_recipient_domain
reject_rbl_client bl.spamcop.net reject_rbl_client zen.spamhaus.org
reject_rbl_client multi.surbl.org  permit

I have no custom blacklist, I fact the amvis.conf file is pretty much
the default:


$sa_tag_level_deflt  = 2.0;  # add spam info headers if at, or above
that level
$sa_tag2_level_deflt = 6.2;  # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.9;  # triggers spam evasive actions (e.g.
blocks mail)
$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent
$sa_crediblefrom_dsn_cutoff_level = 18; # likewise, but for a likely
valid From
$sa_quarantine_cutoff_level = 25; # spam level beyond which quarantine
is off
$penpals_bonus_score = 8;    # (no effect without a @storage_sql_dsn
database)
$penpals_threshold_high = $sa_kill_level_deflt;  # don't waste time on
hi spam
$bounce_killer_score = 100;  # spam score points to add for joe-jobbed
bounces

$sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is
larger
$sa_local_tests_only = 0;    # only tests which do not require internet
access?



@score_sender_maps = ({ # a by-recipient hash lookup table,
                        # results from all matching recipient tables are
summed
  ## site-wide opinions about senders (the '.' matches any recipient)
  '.' => [  # the _first_ matching sender determines the score boost
   new_RE(  # regexp-type lookup table, just happens to be all
soft-blacklist
    [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i         =>
5.0],
    [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=>
5.0],
    [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=>
5.0],
    [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i   =>
5.0],
    [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i  =>
5.0],
    [qr'^(your_friend|greatoffers)@'i                                =>
5.0],
    [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i                    =>
5.0],
   ),
   { # a hash-type lookup table (associative array)
     'nobody at cert.org'                        => -3.0,
     'cert-advisory at us-cert.gov'              => -3.0,
     'owner-alert at iss.net'                    => -3.0,
     'slashdot at slashdot.org'                  => -3.0,
     'securityfocus.com'                      => -3.0,
     'ntbugtraq at listserv.ntbugtraq.com'       => -3.0,
     'security-alerts at linuxsecurity.com'      => -3.0,
     'mailman-announce-admin at python.org'      => -3.0,
     'amavis-user-admin at lists.sourceforge.net'=> -3.0,
     'amavis-user-bounces at lists.sourceforge.net' => -3.0,
     'spamassassin.apache.org'                => -3.0,
     'notification-return at lists.sophos.com'   => -3.0,
     'owner-postfix-users at postfix.org'        => -3.0,
     'owner-postfix-announce at postfix.org'     => -3.0,
     'owner-sendmail-announce at lists.sendmail.org'   => -3.0,
     'sendmail-announce-request at lists.sendmail.org' => -3.0,
     'donotreply at sendmail.org'                => -3.0,
     'ca+envelope at sendmail.org'               => -3.0,
     'noreply at freshmeat.net'                  => -3.0,
     'owner-technews at postel.acm.org'          => -3.0,
     'ietf-123-owner at loki.ietf.org'           => -3.0,
     'cvs-commits-list-admin at gnome.org'       => -3.0,
     'rt-users-admin at lists.fsck.com'          => -3.0,
     'clp-request at comp.nus.edu.sg'            => -3.0,
     'surveys-errors at lists.nua.ie'            => -3.0,
     'emailnews at genomeweb.com'                => -5.0,
     'yahoo-dev-null at yahoo-inc.com'           => -3.0,
     'returns.groups.yahoo.com'               => -3.0,
     'clusternews at linuxnetworx.com'           => -3.0,
     lc('lvs-users-admin at LinuxVirtualServer.org')    => -3.0,
     lc('owner-textbreakingnews at CNNIMAIL12.CNN.COM') => -5.0,
     # soft-blacklisting (positive score)
     'MAILER-DAEMON at relay.net.vodafone.pt'    =>  90,
     'sender at example.net'                     =>  3.0,
     '.example.net'                           =>  1.0,
   },
  ],  # end of site-wide tables
});


Is there any other relevant config I should post?




More information about the amavis-users mailing list