R: Message quarantined as SPAM
Scappatura Rocco
Rocco.Scappatura at infracom.it
Fri Jun 23 09:40:13 CEST 2017
Hello.
Here the headers:
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on av8.mydomain
X-Spam-Level: ****
X-Spam-Status: No, score=4.1 required=5.0 tests=BAYES_00,HTML_IMAGE_ONLY_08,
HTML_MESSAGE,IMG_DIRECT_TO_MX,MIME_HTML_MOSTLY,MPART_ALT_DIFF,
SHORT_HELO_AND_INLINE_IMAGE,TVD_SPACE_RATIO autolearn=no autolearn_force=no
version=3.4.0
Delivered-To: spam-quarantine
X-Envelope-To: <bbb at mydomain>
X-Envelope-To-Blocked: <bbb at mydomain>
X-Quarantine-ID: <zRJd9Wo5250M>
Received: from av8.mydomain ([127.0.0.1])
by localhost (av8.mydomain [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id zRJd9Wo5250M for <bbb at mydomain>;
Thu, 22 Jun 2017 11:45:47 +0200 (CEST)
Received: from aaa (unknown [xxx.yyy.zzz.uuu])
by av8.mydomain (Postfix) with SMTP id 8647AD5DBA
for <bbb at mydomain>; Thu, 22 Jun 2017 11:45:43 +0200 (CEST)
Message-ID: <776AB7C587CC457C95FF35582FC9F0E1 at AutoRPZ.local>
From: "aaa" <aaa at example.com>
To: <bbb at mydomain>
Subject: prova
Date: Thu, 22 Jun 2017 11:30:23 +0200
MIME-Version: 1.0
Content-Type: multipart/related;
type="multipart/alternative";
boundary="----=_NextPart_000_0084_01D2EB4A.F00878C0"
X-Priority: 3
X-MSMail-Priority: Normal
Importance: Normal
X-Mailer: Microsoft Windows Live Mail 16.4.3528.331
X-MimeOLE: Produced By Microsoft MimeOLE V16.4.3528.331
But they don’t clarify why the messafe is blocked as SPAM and quarantined at all.
Anyone could please giustify what has happened?
Regards,
RS
Da: amavis-users [mailto:amavis-users-bounces+rocco.scappatura=infracom.it at amavis.org] Per conto di Dominic Raferd
Inviato: venerdì 23 giugno 2017 08:08
A: amavis-users at amavis.org
Oggetto: Re: Message quarantined as SPAM
On 22 June 2017 at 13:13, Scappatura Rocco <Rocco.Scappatura at infracom.it<mailto:Rocco.Scappatura at infracom.it>> wrote:
Hi,
I have Debian Lenny with postfix+amavisd-new+spamassassin+clamav.
I have detected that a message has been quarantined:
Jun 22 11:45:48 av8 amavis[22610]: (22610-11) Blocked SPAM {DiscardedOpenRelay,Quarantined}, [xxx.yyy.zzz.uuu]:50412 [xxx.yyy.zzz.uuu] <aaa at example.com<mailto:aaa at example.com>> -> <bbb at mydomain>, quarantine: z/spam-zRJd9Wo5250M.gz, Queue-ID: 8647AD5DBA, Message-ID: <776AB7C587CC457C95FF35582FC9F0E1 at AutoRPZ.local<mailto:776AB7C587CC457C95FF35582FC9F0E1 at AutoRPZ.local>>, mail_id: zRJd9Wo5250M, Hits: 6.793, size: 77514, 364 ms
But I have checked it against spamassassin:
gunzip -c z/spam-zRJd9Wo5250M.gz | spamassassin -t
and I get:
.
.
.
Content analysis details: (4.1 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 HTML_MESSAGE BODY: HTML included in message
0.4 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]
0.8 MPART_ALT_DIFF BODY: HTML and text parts are different
1.7 HTML_IMAGE_ONLY_08 BODY: HTML: images with 400-800 bytes of words
0.0 TVD_SPACE_RATIO No description available.
1.4 SHORT_HELO_AND_INLINE_IMAGE Short HELO string, with inline image
1.8 IMG_DIRECT_TO_MX No description available.
So the total score is 4,2.
In amavisd configuraton file I have set:
$sa_spam_subject_tag = '[Spam] ';
$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.31; # triggers spam evasive actions
$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent
How the the score 6.793 of amavis is obtained?
If you look at this mail in your quarantine it should have 'X-Spam-Status' header added by amavis showing how the score was calculated. Amavis doesn't only use spamassassin for the calculation.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20170623/d1d5ae78/attachment.html>
More information about the amavis-users
mailing list