RBL/PBL checking although in MYNETS

Robert Dahlem Robert.Dahlem at gmx.net
Thu Aug 6 09:40:51 CEST 2015


this morning a mail has been blocked that came from an internal address
because of RCVD_IN_BRBL_LASTEXT, RCVD_IN_PBL and others. The mail is
from one domain local to my Postfix to another domain local to my postfix.

IP address of the SMTP sender is in @mynetworks in amavisd.conf as well
as in trusted_networks in spamassassin/local.cf.

This is the Amavis log:

loaded policy bank "MYNETS"

<some.guy at local.domain> -> <receiving.guy at remote.domain> SIZE=2874
BODY=7BIT Received: from mx2.local.domain ([]) by
amavisd.local.domain (mx2.local.domain []) (amavisd-new, port
10024) with ESMTP for <receiving.guy at remote.domain>; Thu,  6 Aug 2015
08:32:11 +0200 (CEST)

Checking: 6EBXfVXE3k9f MYNETS [] <some.guy at local.domain> ->
<receiving.guy at remote.domain>

p001 1 Content-Type: text/plain, size: 1227 B, name:

header_edits_for_quar: <some.guy at local.domain> ->
<receiving.guy at remote.domain>, Yes, score=7.815 tag=-999 tag2=6.2
kill=6.9 tests=[RCVD_IN_BRBL_LASTEXT=1.644, RCVD_IN_PBL=3.558,
RDNS_NONE=1.274] autolearn=no

SEND from <> ->
<spam-quarantaene at local.domain>,ENVID=AM.6EBXfVXE3k9f.20150806T063211Z at mx2.local.domain
BODY=7BIT 250 2.0.0 from MTA(smtp:[]:10025): 250 2.0.0 Ok:
queued as 63E3FCC5D6

Blocked SPAM {DiscardedOutbound,Quarantined}, MYNETS LOCAL
[]:46212 [] <some.guy at local.domain> ->
<receiving.guy at remote.domain>, quarantine:
spam-quarantaene at local.domain, Queue-ID: 699BECC5D5, Message-ID:
<DD94455446D87742975DFEDCD74E4044534A5EDF at MSEX1.FISDEV.local>, mail_id:
6EBXfVXE3k9f, Hits: 7.815, size: 2874, 461 ms

The Received headers look like this:
Received: from mx2.local.domain ([])	by amavisd.local.domain
 (mx2.local.domain []) (amavisd-new, port 10024)	with
 ESMTP id 6EBXfVXE3k9f for <receiving.guy at remote.domain>;
 Thu,  6 Aug 2015 08:32:11  +0200 (CEST)
Received: from mail.local.domain (fis-d-exchange [])
 (using TLSv1 with cipher AES128-SHA (128/128 bits))	(Client did not
 present a certificate)	by mx2.local.domain (Postfix) with ESMTPS id
 699BECC5D5	for <receiving.guy at remote.domain>;
 Thu,  6 Aug 2015 08:32:10 +0200 (CEST)
Received: from MSEX1.local.domain ([fe80::f93c:3c98:7c66:3b33]) by
 MSEX1.local.domain ([fe80::f93c:3c98:7c66:3b33%11]) with mapi id
 14.03.0248.002; Thu, 6 Aug 2015 08:32:08 +0200

What I don't understand: shouldn't Amavis skip RBL/PBL checks when the
SMTP sender is in @mynetworks? Could it be that amavis is confused by
the IPv6 address in the headers? Or do I need to add something to my

Current setup is:
@mynetworks = qw(
	# others
	# others

$policy_bank{'MYNETS'} = {
  originating => 1,
  os_fingerprint_method => undef,

$policy_bank{'ORIGINATING'} = {
  originating => 1,
  allow_disclaimers => 1,
  virus_admin_maps => ["$MY_alerts"],
  spam_admin_maps  => ["$MY_alerts"],
  warnbadhsender   => 1,
  forward_method => 'smtp:[]:10027',
  smtpd_discard_ehlo_keywords => ['8BITMIME'],
  bypass_banned_checks_maps => [1],
  terminate_dsn_on_notify_success => 0,

Versions are:


More information about the amavis-users mailing list