Considered UNSOLICITED BULK EMAIL, apparently from you
Armando Soto Baeza via amavis-users
amavis-users at amavis.org
Sat Oct 12 19:49:46 CEST 2013
Hello.
I have a Debian+postfix+dovecot+amavisd-new+spamassassin+clamav mail
server in a dedicated link. In other link, I have a proxy server and
behind it a LAN.
I sole to receive some error messages sometimes while sending mail from
the LAN (and sometimes when sending from other places). I made a change
in the DNS at mail server in order to use SPF records and the problem
has reduced, but still appears sometimes.
I put here two examples:
1 ----------------------
A message from <aurelioa at raconsultores.com.mx> to:
-> anasus038 at hotmail.com
-> baldomeroj at raconsultores.com.mx
-> fmolina at raconsultores.com.mx
-> leonardo at raconsultores.com.mx
-> luis.alberto at raconsultores.com.mx
-> rgarcia at raconsultores.com.mx
-> vicente.chavez at raconsultores.com.mx
was considered unsolicited bulk e-mail (UBE).
Our internal reference code for your message is 17795-05/nIvSxFnP6GC2
The message carried your return address, so it was either a genuine mail
from you, or a sender address was faked and your e-mail address abused
by
third party, in which case we apologize for undesired notification.
We do try to minimize backscatter for more prominent cases of UBE and
for
infected mail, but for less obvious cases of UBE some balance between
losing
genuine mail and sending undesired backscatter is sought, and there can
be
some collateral damage on both sides.
First upstream SMTP client IP address: [189.205.113.34]
proxy.raconsultores.com.mx
According to a 'Received:' trace, the message originated at:
[189.205.113.34],
AUDITORIA proxy.raconsultores.com.mx [189.205.113.34]
Return-Path: <aurelioa at raconsultores.com.mx>
From: "Aurelio Arrocena" <aurelioa at raconsultores.com.mx>
Message-ID:
<!&!
AAAAAAAAAAAYAAAAAAAAAJEJ4TNAvRNKtu96CAKdDE7CgAAAEAAAAL07uVnfpw5EqRSGhtSQ
u7kBAAAAAA==@raconsultores.com.mx>
Subject: =?iso-8859-1?Q?REVISI=D3N_SERVICIO_CAPUCHINAS=2C_S.A._DE_C.V.?=
Delivery of the email was stopped!
end example 1 ---------------------------------
2 ---------------------------------
A message from <gabrielap at joinbusiness.com.mx> to:
-> martinr at raconsultores.com.mx
was considered unsolicited bulk e-mail (UBE).
Our internal reference code for your message is 09407-07/6I0mqlkezAyZ
The message carried your return address, so it was either a genuine mail
from you, or a sender address was faked and your e-mail address abused
by
third party, in which case we apologize for undesired notification.
We do try to minimize backscatter for more prominent cases of UBE and
for
infected mail, but for less obvious cases of UBE some balance between
losing
genuine mail and sending undesired backscatter is sought, and there can
be
some collateral damage on both sides.
First upstream SMTP client IP address: [189.205.113.34]
proxy.raconsultores.com.mx
According to a 'Received:' trace, the message originated at:
[189.205.113.34],
ZCMODELOSPC proxy.raconsultores.com.mx [189.205.113.34]
Return-Path: <gabrielap at joinbusiness.com.mx>
From: "Gabriela Perez " <gabrielap at joinbusiness.com.mx>
Message-ID: <001d01cebfc1$e843e4c0$b8cbae40$@joinbusiness.com.mx>
Subject: VIAJE CANCUN
Delivery of the email was stopped!
end example 2 ---------------------------
Yesterday, a new case appeared when a similar message included a legend
about a missing header field (Date).
Any idea?
Thanks in advice.
Armando Soto
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20131012/6523f978/attachment.sig>
More information about the amavis-users
mailing list