Mis-identified open relays

Dave Dodd via amavis-users amavis-users at amavis.org
Mon May 12 07:47:01 CEST 2014 

I am seeing a mailserver that we routinely are receiving email from which
is being identified as an open relay.  The IP address is 216.82.255.51 .

I have run a couple of open relay tests and it is not an open relay.

How can I convince amavisd to let it through without marking it with a spam
score of 100 and quarantining it ?

The email is a response to a message sent to an invalid email address by our
system.

Log says...

May 12 13:47:51 <local1.info> mippet amavis[76916]: (76916) Checking: mKHVdtd3xZhd AM.PDP-SOCK [216.82.255.51] <> -> <service-notifications at bingmail.com.au>
May 12 13:47:51 <local1.debug> mippet amavis[76916]: (76916) 2822.From: <Postmaster at westpac.com.au>, 2821.Mail_From: <>
May 12 13:47:51 <local1.info> mippet amavis[76916]: (76916) Open relay? Nonlocal ry 12 13:47:51 <local1.info> mippet amavis[76916]: (76916) p004 1 Content-Type: multipart/report
May 12 13:47:51 <local1.info> mippet amavis[76916]: (76916) p001 1/1 Content-Type: text/plain, size: 715 B, name: 
May 12 13:47:51 <local1.info> mippet amavis[76916]: (76916) p002 1/2 Content-Type: message/delivery-status, size: 215 B, name: 
May 12 13:47:51 <local1.info> mippet amavis[76916]: (76916) p003 1/3 Content-Type: message/rfc822, size: 2784 B, name: 
May 12 13:47:51 <local1.debug> mippet amavis[76916]: (76916) inspect_dsn: is a DSN, struct: "standard DSN", part(3/4), <>
May 12 13:47:51 <local1.debug> mippet amavis[76916]: (76916) Checking for banned types and filenames
May 12 13:47:51 <local1.debug> mippet amavis[76916]: (76916) collect banned table[0]: service-notifications at bingmail.com.au, tables: DEFAULT=>Amavis::Lookup::
RE=ARRAY(0x80533d018)
May 12 13:47:51 <local1.debug> mippet amavis[76916]: (76916) p.path service-notifications at bingmail.com.au: "P=p004,L=1,M=multipart/report | P=p001,L=1/1,M=tex
t/plain,T=asc"
May 12 13:47:51 <local1.debug> mippet amavis[76916]: (76916) p.path service-notifications at bingmail.com.au: "P=p004,L=1,M=multipart/report | P=p002,L=1/2,M=message/delivery-status,T=asc"
May 12 13:47:51 <local1.debug> mippet amavis[76916]: (76916) p.path service-notifications at bingmail.com.au: "P=p004,L=1,M=multipart/report | P=p003,L=1/3,M=message/rfc822,T=asc"
May 12 13:47:51 <local1.debug> mippet amavis[76916]: (76916) presenting full original message to scanners as /var/amavis/tmp/afs4C3lmmr081200/parts/p005
May 12 13:47:51 <local1.debug> mippet amavis[76916]: (76916) run_av Using (ClamAV-clamd): (code) CONTSCAN /var/amavis/tmp/afs4C3lmmr081200/parts\n
May 12 13:47:51 <local1.debug> mippet amavis[76916]: (76916) ClamAV-clamd: Connecting to socket  /var/run/clamav/clamd.sock
May 12 13:47:51 <local1.debug> mippet amavis[76916]: (76916) new socket by IO::Socket::UNIX to /var/run/clamav/clamd.sock, timeout 10
May 12 13:47:51 <local1.debug> mippet amavis[76916]: (76916) ClamAV-clamd: Sending CONTSCAN /var/amavis/tmp/afs4C3lmmr081200/parts\n to socket /var/run/clamav/clamd.sock
May 12 13:47:51 <local1.debug> mippet amavis[76916]: (76916) rw_loop read: got eof
May 12 13:47:51 <local1.debug> mippet amavis[76916]: (76916) run_av (ClamAV-clamd): CLEAN
May 12 13:47:51 <local1.debug> mippet amavis[76916]: (76916) run_av (ClamAV-clamd) result: clean
May 12 13:47:51 <local1.info> mippet amavis[76916]: (76916) bounce killed (DSN), <> -> <service-notifications at bingmail.com.au>, date: Mon, 12 May 2014 13:47:14 +1000 (EST), from: service-notifications at bingmail.com.au, message-id: <OF49DB5C94.A5B694A4-ONCA257CD6.0014D1D0-CA257CD6.0014D204 at westpac.com.au>
May 12 13:47:51 <local1.debug> mippet amavis[76916]: (76916) blocking contents category is (6) for service-notifications at bingmail.com.au
May 12 13:47:51 <local1.debug> mippet amavis[76916]: (76916) do_notify_and_quar: ccat=Spam (6,0) ("6":Spam, "5":Spammy, "1,1":CleanTag, "1":Clean, "0":CatchAll) ccat_block=(6), qar_mth=
May 12 13:47:51 <local1.info> mippet amavis[76916]: (76916) header_edits_for_quar: <> -> <service-notifications at bingmail.com.au>, Yes, score=100 tag=2 tag2=6.2 kill=6.9 tests=[AM.BOUNCE=100] autolearn=unavailable
May 12 13:47:51 <local1.info> mippet amavis[76916]: (76916) local delivery: <> -> spam-quarantine, mbx=/var/amavis/quarantine/spam-mKHVdtd3xZhd
ecips but not originating: service-notifications at bingmail.com.au


-- 
David Dodd
Bing Technologies Pty Ltd
Suite 54, Jones Bay Wharf
26-32 Pirrama Road
Pyrmont NSW 2009 Australia
Telephone +612 9552 5500 Fax +612 9552 5549

More information about the amavis-users mailing list