ALL_TRUSTED=-1

Helmut Schneider jumper99 at gmx.de
Wed Apr 13 09:37:03 CEST 2016


Hi,

mail:~$ amavisd-new -V
amavisd-new-2.7.1 (20120429)
u1dd_hr at desogmail01:~$ spamassassin -V
SpamAssassin version 3.4.0
  running on Perl version 5.18.2
mail:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 14.04.4 LTS
Release:        14.04
Codename:       trusty
mail:~$

When I run SA from within amavisd-new, ALL_TRUSTED is always true. When
I check the same mail from command line with SA, ALL_TRUSTED is false.

Where can I start to search the issue? I already replaced 2.7.1 with
2.10.1 with the same result.

With amavisd-new:

Received: from XXX ([172.20.8.31])
          by XXX (IBM Domino Release 9.0.1FP4)
          with ESMTP id 2016041115014726-193867 ;
          Mon, 11 Apr 2016 15:01:47 +0200 
Received: from localhost (localhost [127.0.0.1])
		 by XXX (Postfix) with ESMTP id 3BD0618E
		 for <XXX>; Mon, 11 Apr 2016 15:01:43 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at XXX
X-Spam-Flag: NO
X-Spam-Score: 5.607
X-Spam-Level: *****
X-Spam-Status: No, score=5.607 tagged_above=-9999 required=6.3
		 tests=[ALL_TRUSTED=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
		 HTML_MESSAGE=0.001, HTML_MIME_NO_HTML_TAG=0.377, INTERNETX_UCE=5,
		 MIME_HTML_ONLY=0.723, MISSING_MID=0.497, SPF_HELO_PASS=-0.001,
		 T_HEADER_FROM_DIFFERENT_DOMAINS=0.01] autolearn=no autolearn_force=no
Authentication-Results: XXX (amavisd-new);
		 domainkeys=neutral (2048-bit key) reason="invalid (bad identity)"
		 header.sender=XXX at ncrprop.biz
		 header.d=ncrprop.biz; dkim=pass (2048-bit key) header.d=ncrprop.biz
Received: from XXX ([127.0.0.1])
		 by localhost (XXX [127.0.0.1]) (amavisd-new, port 10024)
		 with ESMTP id rzCBYBjiHHbC for <XXX>;
		 Mon, 11 Apr 2016 15:01:32 +0200 (CEST)
Received: from XXX (XXX [172.20.12.10])
		 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
		 (No client certificate requested)
		 by XXX (Postfix) with ESMTPS
		 for <XXX>; Mon, 11 Apr 2016 15:01:32 +0200 (CEST)
Received: from mail6.bemta5.messagelabs.com
(mail6.bemta5.messagelabs.com [195.245.231.135])
		 by XXX (Postfix) with ESMTP id 63B4C335
		 for <XXX>; Mon, 11 Apr 2016 15:01:32 +0200 (CEST)
Received: from [85.158.139.19] by server-11.bemta-5.messagelabs.com id
BD/80-27787-C20AB075; Mon, 11 Apr 2016 13:01:32 +0000
[...]
X-Env-Sender: XXX at ncrprop.biz
X-Msg-Ref: server-12.tower-178.messagelabs.com!1460379690!32840337!1
X-Originating-IP: [103.208.153.18]
X-SpamReason: No, hits=2.7 required=7.0 tests=msgid: No Message-ID,
  HTML_60_70,HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,MIME_HTML_ONLY,
  received_headers: No Received headers
X-StarScan-Received:
X-StarScan-Version: 8.28; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 4785 invoked from network); 11 Apr 2016 13:01:31 -0000
Received: from unknown (HELO ns2.Host1.yourdomainname.com)
(103.208.153.18)
  by server-12.tower-178.messagelabs.com with SMTP; 11 Apr 2016
13:01:31 -0000
X-Sender: "Sonam Singh"
 <s.sonam at lead2loan.win>
X-Receiver: XXX
DomainKey-Signature: a=rsa-sha1; c=simple; d=ncrprop.biz;
h=From:To:Subject; q=dns; s=jsmtp
          ;

b=j8TzR3hoYHUafVg9yI0iyVfuGnrFlWf3/D8TdvVWoHxShJW6kPhZkgAAPzynTB79KtzOJb
adDxZ437AC+/dePYCtQx5DLVSuPNGGP8l/B0HgkVZ7gs8Rlbv1SlbTEEDFPkIDhhBzBCgy2f
ORIToDXhJVd4fW+NeIeReZ2ZCHcjD6AxMcac/2uIniGz34CHWqkellaF+ckP3p/LrTt+R8Ua
bKqG/mqOq+Rbxea1Poam6ORIAYhAekOrhQchzsVXC7jvc0eSWJB6F2CLGoxQEEwzqbAcc1Fc
nzFPi2Ps6JW3hJ9vyMEtSK6j0wPkj/hsdR71NnBfDGfs4E9roRuYw0lQ==;
DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=ncrprop.biz;
h=From:To:Subject;
 q=dns/txt; s=jsmtp               ; t=1460379276;
 bh=A9wE/QPGFnmy8ntNIHK6uqqeU/Q=;

b=Rp+RKP73ntQxhIU0tNJyX4RW1N2yLciYAC9+rK+Be0UO1qHPBBl/W+6on/Xtz/cXlBYdyY
evEsLtIVz4vNkbsBlwGLDmk8YTuwMesYxbqSuJyWy0AyAZZJrRVt7W5RfCSk7Q4zKlLSyds/
JWXzJVHYzB4VFbDKaQz+IggX+HRl9pYjthdl8harDbdLndsdFcp2WH0WoA9jQi6J40R3xHyr
h/q97ra7RTxYGcN1LUCEweUqD4hJ13/SfKUeFJriL48gXL3c4Tjs4IhF/r+1G+b11Vduano1
LVjZzup5Bf7MtlcqL7kI1bKZykH41ANfQGivGalIr1ucSVG7qgquzopg==
MIME-Version: 1.0
Sender: XXX at ncrprop.biz
From: "Sonam Singh"
 <s.sonam at lead2loan.win>
To: XXX
Reply-To: "Sonam Singh"
 <monika.chopra at dhomez.win>
Date: 11 Apr 2016 18:24:36 +0530
Subject: Need approval to move forward
Priority: normal
Importance: High
X-MIMETrack: Itemize by SMTP Server on XXX(Release 9.0.1FP4|June  07,
2015) at
 11.04.2016 15:01:47,
		 Serialize by Notes Client on XXX(Release 9.0.1FP1
 SHF309|June 12, 2014) at 11.04.2016 16:42:03,
		 Serialize complete at 11.04.2016 16:42:03
X-TNEFEvaluated: 1
Message-ID: <OFFA77A0A6.52A9A4D2-ONC1257F92.00479326 at LocalDomain>
Content-Transfer-Encoding: 7bit
Content-Type: text/html; charset=Windows-1252

>From command line:

[...]
Apr 13 09:33:39.182 [5285] dbg: metadata: X-Spam-Relays-Untrusted: [
ip=193.109.254.103 rdns=mail6.bemta14.messagelabs.com
helo=mail6.bemta14.messagelabs.com by=mail2.hoerbiger.com ident=
envfrom= intl=0 id=0423F30E auth= msa=0 ] [ ip=85.158.140.195 rdns=
helo= by=server-10.bemta-14.messagelabs.com ident= envfrom= intl=0
id=04/85-02972-8943C075 auth= msa=0 ] [ ip=104.47.100.68
rdns=mail-ma1ind01on0068.outbound.protection.outlook.com
helo=IND01-MA1-obe.outbound.protection.outlook.com
by=server-9.tower-193.messagelabs.com ident= envfrom= intl=0 id= auth=
msa=0 ] [ ip=115.114.122.40 rdns=115.114.122.40 helo=115.114.122.40
by=BM1PR01MB0596.INDPRD01.PROD.OUTLOOK.COM ident= envfrom= intl=0
id=15.1.453.26 auth= msa=0 ] [ ip=115.114.122.40 rdns= helo= by= ident=
envfrom= intl=0 id= auth= msa=0 ]
[...]
Content analysis details:   (6.1 points, 5.0 required)

 pts rule name              description
---- ----------------------
--------------------------------------------------
-0.5 RCVD_IN_DNSWL_MED      RBL: Sender listed at
http://www.dnswl.org/, medium
                             trust
                            [193.109.254.103 listed in list.dnswl.org]
 0.9 DKIM_ADSP_NXDOMAIN     No valid author signature and domain not in
DNS
 1.2 RCVD_NUMERIC_HELO      Received: contains an IP address used for
HELO
-0.0 SPF_HELO_PASS          SPF: HELO matches SPF record
 0.0 HTML_MESSAGE           BODY: HTML included in message
 1.5 BAYES_50               BODY: Bayes spam probability is 40 to 60%
                            [score: 0.5000]
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature, not
necessarily valid
 1.4 PYZOR_CHECK            Listed in Pyzor (http://pyzor.sf.net/)
 0.0 T_DKIM_INVALID         DKIM-Signature header exists but is not
valid
 1.5 FSL_HELO_BARE_IP_2     No description available.



More information about the amavis-users mailing list