Your settings prevent assp from scanning the mail regulary (while
processed). Because this is (may be) wanted, assp scans the stored corpus
file to be sure, that there is no virus in the file.
You can see this - the file is scanned after disconnect.
Thomas
Von: "K Post" <nntp.p...@gmail.com>
An: "ASSP development mailing list" <assp-test@lists.sourceforge.net>
Datum: 12.07.2018 18:18
Betreff: Re: [Assp-test] Spam found using ClamAV still being
delivered?
and sorry, this one was Swedish, but still.
On Thu, Jul 12, 2018 at 12:15 PM K Post <nntp.p...@gmail.com> wrote:
I can't figure this one out.
French language message slips through bayesian and HMM because almost
everything is in English here. BUT, one of the SecureSite unofficial
clamav lists catches it. GREAT.
However, for some reason, this message was still delivered to our user.
In the log, it goes to OK mail and THEN gets scored by ClamAV. That's not
normal right?
What could I be missing on this one?
Jul-12-18 06:19:31 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org DKIM-Signature found
Jul-12-18 06:19:39 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org checking MX/A for apsis.com , chef.anpdm.com ,
chef.se
Jul-12-18 06:19:40 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org apsis.com - MX 'aspmx.l.google.com' - got IP
(209.85.201.27)
Jul-12-18 06:19:40 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org chef.anpdm.com - MX 'mx10.anpdm.com' - got IP
(91.213.250.35)
Jul-12-18 06:19:41 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org chef.se - MX '
chef-se.mail.protection.outlook.com' - got IP (213.199.154.106)
Jul-12-18 06:19:41 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org MX found: apsis.com (List-Unsubscribe) ->
aspmx.l.google.com
Jul-12-18 06:19:41 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org A record found for MX: apsis.com
(List-Unsubscribe) -> 209.85.201.27
Jul-12-18 06:19:41 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org MX found: chef.anpdm.com (Mail From:) ->
mx10.anpdm.com
Jul-12-18 06:19:41 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org A record found for MX: chef.anpdm.com (Mail
From:) -> 91.213.250.35
Jul-12-18 06:19:41 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org MX found: chef.se (Reply-To , From) ->
chef-se.mail.protection.outlook.com
Jul-12-18 06:19:41 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org A record found for MX: chef.se (Reply-To ,
From) -> 213.199.154.106
Jul-12-18 06:19:41 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org HMM-Check has given less than 6 results - using
monitoring mode only
Jul-12-18 06:19:41 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org Bayesian Check [scoring] - Prob: 1.00000 -
Confidence: 0.00004 => doubtful.spam - answer/query relation: 27% of 54
Jul-12-18 06:19:41 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org Message-Score: added 25 for Bayesian
Probability: 1.00000, total score for this message is now 25
Jul-12-18 06:19:41 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org info: found DKIM signature identity '@anpdm.com
'
Jul-12-18 06:19:41 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org [scoring] DKIM signature verified-OK - pass -
identity is: @anpdm.com - sender policy is: neutral - author policy is:
neutral
Jul-12-18 06:19:41 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org Message-Score: added -5 (dkimOkValencePB) for
DKIM pass, total score for this message is now 20
Jul-12-18 06:19:41 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org [Plugin] calling plugin ASSP_AFC
Jul-12-18 06:19:41 59810-00211 [MessageOK] x.x.208.208 <
senderstr...@chef.anpdm.com> to: ouru...@ourcharity.org message ok [Saknar
du din chef p semestern Nominera hen till Chefgalan] ->
messages/okmail/Saknar_du_din_chef_p_semestern_Nominera_hen_till_Chefgalan--2657839.txt
Jul-12-18 06:19:42 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org finished message - received DATA size: 21.73
kByte - sent DATA size: 22.85 kByte
Jul-12-18 06:19:42 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org disconnected: session:F51B9E10 x.x.208.208 -
processing time 13 seconds
Jul-12-18 06:19:42 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org ClamAV: scanned 22973 bytes in file
messages/okmail/Saknar_du_din_chef_p_semestern_Nominera_hen_till_Chefgalan--2657839.txt
- FOUND SecuriteInfo.com.Spam-718.UNOFFICIAL
Jul-12-18 06:19:42 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org deleting spamming safelisted tuplet:
(x.x.208.0,chef.anpdm.com) age: 11s
Jul-12-18 06:19:42 59810-00211 x.x.208.208 <senderstr...@chef.anpdm.com>
to: ouru...@ourcharity.org Message-Score: added 50 (vdValencePB) for virus
detected: 'SecuriteInfo.com.Spam-718.UNOFFICIAL', total score for this
message is now 70
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
