Hi!
This is version 2.4.5. I want to quarantine Spam above a score of (here)
19 in a remote mailbox. (Later I want it to be deleted.)
But amavis does not want me to. :(
$sa_quarantine_cutoff_level = 19;
$spam_quarantine_method ='smtp:[127.0.0.1]:10025';
$spam_quarantine_to = '[EMAIL PROTECTED]';
Please have a look at the log and the conf and give me a hint.
###################################################################
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
check_mail_begin_task: task_count=6
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(debug_sender) => undef, "[EMAIL PROTECTED]" does not match
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6) LMTP>
250 2.1.0 Sender [EMAIL PROTECTED] OK
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer smtp response sent: timer set to = 480 s
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
idle_proc, 6: was busy, 5.3 ms, total idle 0.069 s, busy 80.334 s
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
idle_proc, 5: was idle, 0.5 ms, total idle 0.070 s, busy 80.334 s
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6) LMTP<
RCPT TO:<[EMAIL PROTECTED]>
ORCPT=rfc822;[EMAIL PROTECTED]
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer SMTP RCPT received: timer set to = 480 s
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6) LMTP>
250 2.1.5 Recipient [EMAIL PROTECTED] OK
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer smtp response sent: timer set to = 480 s
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
idle_proc, 6: was busy, 3.4 ms, total idle 0.070 s, busy 80.337 s
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
idle_proc, 5: was idle, 0.4 ms, total idle 0.070 s, busy 80.337 s
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6) LMTP<
DATA\r\n
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer SMTP DATA received: timer set to = 480 s
Sep 25 15:16:58 exts098 mail:info amavis[893072]: (893072-01-6)
LMTP::10024 /opt/mail/var/amavis/tmp/amavis-20070925T151538-893072:
<[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]> SIZE=3044
Received: from exts098 ([127.0.0.1]) by localhost (exts098.ofd-h.de
[127.0.0.1]) (amavisd-new, port 10024) with LMTP for
<[EMAIL PROTECTED]>; Tue, 25 Sep 2007 15:16:58 +0000 (TZ )
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6) LMTP>
354 End data with <CR><LF>.<CR><LF>
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer smtp response sent: timer set to = 480 s
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer receiving data: timer set to = 480 s
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer data-end received: timer set to = 480 s
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6) LMTP<
.<CR><LF>
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6) Actual
message size 3041 B, declared 3044 B
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6) setting
body type: 7BIT (h=0, b=0)
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6) body
hash: e128d7b216c71b5646de4df3fad3d3f1
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
Original mail size: 3041; quota set to: 1520500 bytes
Sep 25 15:16:58 exts098 mail:info amavis[893072]: (893072-01-6)
Checking: IScLDQy8FmFx <[EMAIL PROTECTED]> ->
<[EMAIL PROTECTED]>
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
Extracting mime components
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6) Issued
a new file name: p001
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6) Issued
a new file name: p002
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6) Issued
a new file name: p003
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
mime_decode_preamble: 2 lines
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6) Issued
a new pseudo part: p004
Sep 25 15:16:58 exts098 mail:info amavis[893072]: (893072-01-6) p004 1
Content-Type: multipart/related
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
mime_decode_epilogue: 1 lines
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6) Issued
a new pseudo part: p005
Sep 25 15:16:58 exts098 mail:info amavis[893072]: (893072-01-6) p005 1/1
Content-Type: multipart/alternative
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
mime_decode_epilogue: 2 lines
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
Charging 48 bytes to remaining quota 1520500 (out of 1520500, (0%)) - by
mime_decode
Sep 25 15:16:58 exts098 mail:info amavis[893072]: (893072-01-6) p001
1/1/1 Content-Type: text/plain, size: 48 B, name:
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
reparenting p001 from p000 to p005
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
Charging 766 bytes to remaining quota 1520452 (out of 1520500, (0%)) -
by mime_decode
Sep 25 15:16:58 exts098 mail:info amavis[893072]: (893072-01-6) p002
1/1/2 Content-Type: text/html, size: 766 B, name:
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
reparenting p002 from p000 to p005
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
mime_traverse: file
/opt/mail/var/amavis/tmp/amavis-20070925T151538-893072/parts/p0
03 is empty
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
Charging 0 bytes to remaining quota 1519686 (out of 1520500, (0%)) - by
mime_decode
Sep 25 15:16:58 exts098 mail:info amavis[893072]: (893072-01-6) p003 1/2
Content-Type: image/gif, size: 0 B, name: clue.jpg
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
reparenting p003 from p000 to p004
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer mime_decode-1: remaining time = 480 s
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
decode_parts: level=1, #parts=5 : p001, p002, p003, p004, p005
Sep 25 15:16:58 exts098 mail:debug amavis[725078]: (893072-01-6)
open_on_specific_fd: target fd0 closing, to become < /dev/null
Sep 25 15:16:58 exts098 mail:debug amavis[725078]: (893072-01-6)
open_on_specific_fd: target fd2 closing, to become > &1
Sep 25 15:16:58 exts098 mail:debug amavis[725078]: (893072-01-6)
open_on_specific_fd: target fd2 dup2 from fd1 > &1
Sep 25 15:16:58 exts098 mail:debug amavis[893072]: (893072-01-6)
run_command: [725078] /usr/bin/file p001 p002 </dev/null 2>&1
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6) result
line from file(1): p001: ASCII-Text
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
lookup_re("ASCII-Text") matches key "(?i-xsm:^(ASCII|text)\b)", result="asc"
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(map_full_type_to_short_type) => true, "ASCII-Text" matches,
result="asc", matching_key="(?i-xsm:^(ASCII|text)\\b)"
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
File-type of p001: ASCII-Text; (asc)
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6) result
line from file(1): p002: ASCII-Text
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
lookup_re("ASCII-Text") matches key "(?i-xsm:^(ASCII|text)\b)", result="asc"
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(map_full_type_to_short_type) => true, "ASCII-Text" matches,
result="asc", matching_key="(?i-xsm:^(ASCII|text)\\b)"
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
File-type of p002: ASCII-Text; (asc)
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
do_ascii: Decoding part p001
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
do_ascii: Decoding part p001 (0 items), uulib V0.5pl20
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
decompose_part: p001 - atomic
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
do_ascii: Decoding part p002
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
do_ascii: Decoding part p002 (0 items), uulib V0.5pl20
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
decompose_part: p002 - atomic
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer parts_decode: remaining time = 480 s
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6) lookup:
(scalar) matches, result="1"
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(bypass_header_checks) => true, "[EMAIL PROTECTED]" matches,
result="1", matching_key="(constant:1)"
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
Checking for banned types and filenames
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6) lookup:
(scalar) matches, result="1"
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(bypass_banned_checks) => true, "[EMAIL PROTECTED]" matches,
result="1", matching_key="(constant:1)"
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
skipping banned check: all recipients bypass banned checks
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6) banned
check: any=0, all=N (1)
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6) no
anti-virus code loaded, skipping virus_scan
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
query_keys: [EMAIL PROTECTED], [EMAIL PROTECTED],
foo@, fa-shg.niedersachsen.de, .fa-shg.niedersachsen.de,
.niedersachsen.de, .de, .
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
lookup_hash([EMAIL PROTECTED]), no matches
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(bypass_spam_checks) => undef, "[EMAIL PROTECTED]" does not match
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6) wbl:
checking sender <[EMAIL PROTECTED]>
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(blacklist_recip<[EMAIL PROTECTED]>) => undef,
"[EMAIL PROTECTED]" does not match
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
query_keys: [EMAIL PROTECTED], 09eddie37uk@, yahoo.co.uk,
.yahoo.co.uk, .co.uk, .uk, .
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
lookup_hash([EMAIL PROTECTED]), no matches
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(blacklist_sender) => undef, "[EMAIL PROTECTED]" does not match
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(whitelist_recip<[EMAIL PROTECTED]>) => undef,
"[EMAIL PROTECTED]" does not match
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
query_keys: [EMAIL PROTECTED], 09eddie37uk@, yahoo.co.uk,
.yahoo.co.uk, .co.uk, .uk, .
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
lookup_hash([EMAIL PROTECTED]), no matches
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(whitelist_sender) => undef, "[EMAIL PROTECTED]" does not match
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
query_keys: [EMAIL PROTECTED], [EMAIL PROTECTED],
foo@, fa-shg.niedersachsen.de, .fa-shg.niedersachsen.de,
.niedersachsen.de, .de, .
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
lookup_hash([EMAIL PROTECTED]) matches keys:
"."=>ARRAY(0x304dd814)
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(score_sender), 1 matches for "[EMAIL PROTECTED]", results:
"."=>[Amavis::Lookup::RE=ARRAY(0x304dd61c),HASH(0x304dd688)]
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
lookup_re("[EMAIL PROTECTED]"), no matches
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
query_keys: [EMAIL PROTECTED], 09eddie37uk@, yahoo.co.uk,
.yahoo.co.uk, .co.uk, .uk, .
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
lookup_hash([EMAIL PROTECTED]), no matches
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(score_sender<[EMAIL PROTECTED]>) => undef,
"[EMAIL PROTECTED]" does not match
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
SpamControl: calling spam scanner
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6)
spam_scan: DSPAM not available, skipping it
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6) timer
set to 320 s for SA (was 480 s)
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6) calling
SA parse, SA version 3.1.1
Sep 25 15:16:59 exts098 mail:debug amavis[893072]: (893072-01-6) CALLING
SA check
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer spam_scan_sa_finish: timer set to = 453 s
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
spam_scan: score=21.553
tests=[BAYES_80=2,DOMAIN_RATIO=0.184,FORGED_MUA_OIMO=1.708,
HELO_DYNAMIC_IPADDR2=3.792,HELO_DYNAMIC_SPLIT_IP=3.33,HTML_90_100=0.567,HTML_IMAGE_ONLY_08=3.469,HTML_IMAGE_RATIO_02=1.8,HTML_LINK_IMAGE_BUG=0.11,HT
ML_MESSAGE=0.001,HTML_SHORT_LINK_IMG_1=2.743,MIME_BASE64_BLANKS=0.184,RCVD_NUMERIC_HELO=1.665]
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer spam_scan: remaining time = 453 s
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
enqueue: stat is not numeric: ""
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) lookup:
(scalar) matches, result="99996.31"
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(spam_kill_level) => true, "[EMAIL PROTECTED]" matches,
result="99996.31", matching_key="(constant:99996.31)"
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
final_destiny PASS, recip [EMAIL PROTECTED]
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
do_notify_and_quarantine: ccat=Clean, (1,0)
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) lookup:
(scalar) matches, result="clean-quarantine"
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(clean_quarantine_to) => true, "[EMAIL PROTECTED]" matches,
result="clean-quarantine", matching_key="(constant:clean-quarantine)"
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) Skip
admin notification, no administrators
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
=> undef, "[EMAIL PROTECTED]", no lookup tables
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
do_notify_and_quarantine - done
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) header:
Received: from exts098 ([127.0.0.1])\n\tby localhost (exts098.ofd-h.de
[127.0.0.1]) (amavisd-new, port 10024)\n\twith LMTP id
IScLDQy8FmFx\n\tfor <[EMAIL PROTECTED]>;\n\tTue, 25 Sep 2007
15:16:58 +0000 (TZ )\n
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
lookup_acl([EMAIL PROTECTED]), no match
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
query_keys: [EMAIL PROTECTED], [EMAIL PROTECTED],
foo@, fa-shg.niedersachsen.de, .fa-shg.niedersachsen.de,
.niedersachsen.de, .de, .
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
lookup_hash([EMAIL PROTECTED]) matches key
"fa-shg.niedersachsen.de", result=1
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(local_domains) => true, "[EMAIL PROTECTED]" matches,
result="1", matching_key="fa-shg.niedersachsen.de"
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
query_keys: [EMAIL PROTECTED], [EMAIL PROTECTED],
foo@, fa-shg.niedersachsen.de, .fa-shg.niedersachsen.de,
.niedersachsen.de, .de, .
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
lookup_hash([EMAIL PROTECTED]), no matches
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(bypass_spam_checks) => undef, "[EMAIL PROTECTED]" does not match
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) lookup:
(scalar) matches, result="-4"
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(spam_tag_level) => true, "[EMAIL PROTECTED]" matches,
result="-4", matching_key="(constant:-4)"
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) lookup:
(scalar) matches, result="3.5"
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(spam_tag2_level) => true, "[EMAIL PROTECTED]" matches,
result="3.5", matching_key="(constant:3.5)"
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) lookup:
(scalar) matches, result="***SPAM*** "
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(spam_subject_tag2) => true, "[EMAIL PROTECTED]" matches,
result="***SPAM*** ", matching_key="(constant:***SPAM*** )"
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(spam_subject_tag) => undef, "[EMAIL PROTECTED]" doesnot match
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) lookup:
(scalar) matches, result="1"
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(spam_modifies_subj) => true, "[EMAIL PROTECTED]" matches,
result="1", matching_key="(constant:1)"
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) headers
CLUSTERING: NEW CLUSTER <[EMAIL PROTECTED]>: score=21.553,
tag=1, tag2=1, subj=1, subj_u=0, local=1, bl=, s=***SPAM***
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) header:
X-Spam-Flag: YES\n
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) header:
X-Spam-Score: 21.553\n
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) header:
X-Spam-Level: *********************\n
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) header:
X-Spam-Status: Yes, score=21.553 tagged_above=-4
required=3.5\n\ttests=[BAYES_80=2, DOMAIN_RATIO=0.184,
FORGED_MUA_OIMO=1.708,\n\tHELO_DYNAMIC_IPADDR2=3.792,
HELO_DYNAMIC_SPLIT_IP=3.33,\n\tHTML_90_100=0.567, HTML_IMAGE_ONLY
_08=3.469, HTML_IMAGE_RATIO_02=1.8,\n\tHTML_LINK_IMAGE_BUG=0.11,
HTML_MESSAGE=0.001,\n\tHTML_SHORT_LINK_IMG_1=2.743,
MIME_BASE64_BLANKS=0.184,\n\tRCVD_NUMERIC_HELO=1.665]\n
Sep 25 15:17:26 exts098 mail:notice amavis[893072]: (893072-01-6) INFO:
truncating long header field (len=1523): X-Spam-Report:
=?iso-8859-1?Q?=0A=0A*__3=2E3_HELO=5FDYNAMIC=5FSPLIT=5FIP_HELO-Rechnernam?=
=?iso-885...
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) header:
X-Spam-Report:
=?iso-8859-1?Q?=0A=0A*__3=2E3_HELO=5FDYNAMIC=5FSPLIT=5FIP_HELO-Rechnernam?=
=?iso-8859-1?Q?e_verd=E4chtig_=28getrennte=0A*______IP-Adresse=29=0A*__3?=
=?iso-8859-1?Q?=2E8_HELO=5FDYNAMIC=5FIPADDR2_HELO-Rechnername_verd=E4chti?=
=?iso-8859-1?Q?g_=28IP-Adresse_2=29=0A*__1=2E7_RCVD=5FNUMERIC=5FHELO_=22R?=
=?iso-8859-1?Q?eceived=22-Kopfzeilen_enthalten_numerische=0A*______HELO-I?=
=?iso-8859-1?Q?dentifikation=0A*__0=2E2_DOMAIN=5FRATIO_BODY=3A_Nachrichte?=
=?iso-8859-1?Q?ntext_erw=E4hnt_viele_Internet-Dom=E4nen=0A*__2=2E0_BAYES?=
=?iso-8859-1?Q?=5F80_BODY=3A_Spamwahrscheinlichkeit_nach_Bayes-Test=3A_80?=
=?iso-8859-1?Q?-95=25=0A*______=5Bscore=3A_0=2E9178=5D=0A*__0=2E1_HTML=5F?=
=?iso-8859-1?Q?LINK=5FIMAGE=5FBUG_BODY=3A_HTML_link_plus_image_plus_web_b?=
=?iso-8859-1?Q?ug=0A*__1=2E8_HTML=5FIMAGE=5FRATIO=5F02_BODY=3A_Verh=E4ltn?=
=?iso-8859-1?Q?is_Bilderfl=E4che_zu_Text_ist_klein=0A*__0=2E6_HTML=5F90?=
=?iso-8859-1?Q?=5F100_BODY=3A_Na...
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
...chricht_besteht_zu_90-100=25_aus_HTML=0A...\n
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) headers
CLUSTERING: done all 1 recips in one go
Sep 25 15:17:26 exts098 mail:info amavis[893072]: (893072-01-6)
SPAM-TAG, <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>,
Yes, score=21.553 tagged_above=-4 required=3.5 tests=[BAYES_80=2,
DOMAIN_RATIO=0.184, FORGED_MUA_OIMO=1.708, HELO_DYNAMIC_IPADDR2=3.792,
HELO_DYNAMIC_
SPLIT_IP=3.33, HTML_90_100=0.567, HTML_IMAGE_ONLY_08=3.469,
HTML_IMAGE_RATIO_02=1.8, HTML_LINK_IMAGE_BUG=0.11, HTML_MESSAGE=0.001,
HTML_SHORT_LINK_IMG_1=2.743, MIME_BASE64_BLANKS=0.184,
RCVD_NUMERIC_HELO=1.665]
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) (about
to connect to [127.0.0.1]:10025) FWD via SMTP: <[EMAIL PROTECTED]> ->
<[EMAIL PROTECTED]>
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) Remote
host presents itself as: exts098, handles DSN, no ORCPT
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer fwd-connect: timer set to = 453 s
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) AUTH
not needed, user='', MTA offers 'LOGIN PLAIN DIGEST-MD5 CRAM-MD5'
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer fwd-mail-from: remaining time = 453 s
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) sending
RCPT TO:<[EMAIL PROTECTED]>
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
response to RCPT TO for <[EMAIL PROTECTED]>: "250 2.1.5 Ok"
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer fwd-rcpt-to: remaining time = 453 s
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer fwd-data-cmd: remaining time = 453 s
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
response to DATA: "354 End data with <CR><LF>.<CR><LF>"
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
write_header: 0, Amavis::Out::SMTP=HASH(0x332a7c38)
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) header:
Subject: ***SPAM*** RE: Chosen place n time\n
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer fwd-data-contents: remaining time = 453 s
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer fwd-data-end: remaining time = 453 s
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
response to data end: "250 2.0.0 Ok: queued as 29CA5DDD0"
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer fwd-rundown-1: remaining time = 453 s
Sep 25 15:17:26 exts098 mail:info amavis[893072]: (893072-01-6) FWD via
SMTP: <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>, 250
2.6.0 Ok, id=893072-01-6, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok:
queued as 29CA5DDD0
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer forwarding: remaining time = 453 s
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
one_response_for_all <[EMAIL PROTECTED]>: success, r=0,b=0,d=0,
ndn_needed=0, '250 2.6.0 Ok, id=893072-01-6, from
MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 29CA5DDD0'
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
ndn_needed=0, exit=0, 250 2.6.0 Ok, id=893072-01-6, from
MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 29CA5DDD0
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) dsn:
from MTA 250 Clean <[EMAIL PROTECTED]> ->
<[EMAIL PROTECTED]>: on_succ=0, on_dly=1, on_fail=1, never=0,
warn_sender=, DSN_passed_on=1
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) DSN:
SUCC from MTA 250 Clean, no DSN requested: <[EMAIL PROTECTED]> ->
<[EMAIL PROTECTED]>
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer delivery-notification: remaining time = 453 s
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
lookup_acl([EMAIL PROTECTED]), no match
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
query_keys: [EMAIL PROTECTED], [EMAIL PROTECTED],
foo@, fa-shg.niedersachsen.de, .fa-shg.niedersachsen.de,
.niedersachsen.de, .de, .
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
lookup_hash([EMAIL PROTECTED]) matches key
"fa-shg.niedersachsen.de", result=1
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(local_domains) => true, "[EMAIL PROTECTED]" matches,
result="1", matching_key="fa-shg.niedersachsen.de"
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) lookup:
(scalar) matches, result="3.5"
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(spam_tag2_level) => true, "[EMAIL PROTECTED]" matches,
result="3.5", matching_key="(constant:3.5)"
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
query_keys: [EMAIL PROTECTED], [EMAIL PROTECTED],
foo@, fa-shg.niedersachsen.de, .fa-shg.niedersachsen.de,
.niedersachsen.de, .de, .
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
lookup_hash([EMAIL PROTECTED]), no matches
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) lookup
(bypass_spam_checks) => undef, "[EMAIL PROTECTED]" does not match
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
parse_received: from = [77.235.98.80] /[77.235.98.80]//
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
parse_received: by = mx2.mail.ukl.yahoo.com/mx2.mail.ukl.yahoo.com//
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
parse_received: ; = Tue, 25 Sep 2007 15:00:04 +0200/Tue, 25 Sep 2007
15:00:04 +0200//
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
fish_out_ip_from_received: 77.235.98.80, [77.235.98.80]
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
lookup_ip_acl (publicnetworks): key="77.235.98.80" matches
"[::FFFF:0:0]/96", result=1
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
best_try_originator_ip: 77.235.98.80
Sep 25 15:17:26 exts098 mail:notice amavis[893072]: (893072-01-6) Passed
SPAM.TAG2, [77.235.98.80] <[EMAIL PROTECTED]> ->
<[EMAIL PROTECTED]>, Message-ID:
<[EMAIL PROTECTED]>, mail_id: IScLDQy8FmFx, Hits:
21.553, 27831 ms
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
updating snmp variables
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer check done: remaining time = 453 s
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) sending
LMTP response for <[EMAIL PROTECTED]>: "250 2.6.0 Ok,
id=893072-01-6, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as
29CA5DDD0"
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
TempDir::strip: /opt/mail/var/amavis/tmp/amavis-20070925T151538-893072
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
rmdir_recursively:
/opt/mail/var/amavis/tmp/amavis-20070925T151538-893072/parts, ex
cl=1
Sep 25 15:17:26 exts098 mail:info amavis[893072]: (893072-01-6) TIMING
[total 27845 ms] - SMTP pre-DATA-flush: 12 (0%)0, SMTP DATA: 103 (0%)0,
body digest: 5 (0%)0, gen_mail_id: 1 (0%)0, mime_decode: 155 (1%)1,
get-file-type2: 110 (0%)1, decompose_part: 2 (0%)1, decompose_part: 5
(0%)1, parts_decode: 0 (0%)1, spam-wb-list: 18 (0%)1, SA msg read: 3
(0%)1, SA parse: 9 (0%)2, SA check: 27032 (97%)99, SA finish: 13 (0%)99,
update_cache: 5 (0%)99, decide_mail_destiny: 2 (0%)99, fwd-connect: 45
(0%)99, fwd-mail-from: 4 (0%)99, fwd-rcpt-to: 31 (0%)99, fwd-data-cmd: 2
(0%)99, write-header: 5 (0%)99, fwd-data-contents: 2 (0%)99,
fwd-data-end: 233 (1%)100, fwd-rundown: 4 (0%)100, prepare-dsn: 3
(0%)100, main_log_entry: 31 (0%)100, update_snmp: 3 (0%)100,
unlink-2-files: 4 (0%)100, rundown: 1 (0%)100
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) LMTP>
250 2.6.0 Ok, id=893072-01-6, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok:
queued as 29CA5DDD0
Sep 25 15:17:26 exts098 mail:info postfix/lmtp[503958]: C37C4DC4B:
to=<[EMAIL PROTECTED]>, relay=127.0.0.1[127.0.0.1]:10024,
conn_use=6, delay=51, delays=0.08/23/0/28, dsn=2.6.0, status=sent (250
2.6.0 Ok, id=893072-01-6, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok:
queued as
29CA5DDD0)
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer smtp response sent: timer set to = 480 s
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
idle_proc, 6: was busy, 27839.7 ms, total idle 0.070 s, busy 108.177 s
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
idle_proc, 5: was idle, 9.7 ms, total idle 0.080 s, busy 108.177 s
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) LMTP<
RSET\r\n
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer SMTP RSET received: timer set to = 480 s
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) LMTP>
250 2.0.0 Ok RSET
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer smtp response sent: timer set to = 480 s
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
idle_proc, 6: was busy, 3.0 ms, total idle 0.080 s, busy 108.180 s
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
idle_proc, 5: was idle, 0.5 ms, total idle 0.080 s, busy 108.180 s
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6) LMTP<
MAIL FROM:<[EMAIL PROTECTED]> SIZE=1901\r\n
Sep 25 15:17:26 exts098 mail:debug amavis[893072]: (893072-01-6)
prolong_timer SMTP MAIL received: timer set to = 480 s
###################################################################
use strict;
$sa_debug = 1;
@bypass_virus_checks_maps = (1); # uncomment to DISABLE anti-virus code
$max_servers = 10; # number of pre-forked children (2..15 is
common)
$daemon_user = 'amavis'; # (no default; customary: vscan or amavis)
$daemon_group = 'amavis'; # (no default; customary: vscan or amavis)
$mydomain = 'ofd-sth.niedersachsen.de'; # a convenient default for
other settings
$MYHOME = '/opt/mail/var/amavis'; # a convenient default for other
settings
$TEMPBASE = "$MYHOME/tmp"; # working directory, needs to be created
manually
$ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR
$QUARANTINEDIR = '/opt/mail/var/virusmails';
@local_domains_maps = ( [".$mydomain"],
read_hash(\%local_domains,'/opt/mail/var/amavis/domain-lookup') );
$log_level = 1; # verbosity 0..5
$log_recip_templ = undef; # disable by-recipient level-0 log entries
$DO_SYSLOG = 1; # log via syslogd (preferred)
$syslog_facility = 'mail'; # Syslog facility as a string
# e.g.: mail, daemon, user, local0, ... local7
$syslog_priority = 'debug'; # Syslog base (minimal) priority as a string,
# choose from: emerg, alert, crit, err, warning, notice,
info, debug
$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and
nanny)
$enable_global_cache = 1; # enable use of libdb-based cache if
$enable_db=1
$inet_socket_port = 10024; # listen on this local TCP port(s) (see
$protocol)
$unix_socketname = "$MYHOME/amavisd.sock";
$interface_policy{'SOCK'}='AM.PDP-SOCK'; # only relevant with
$unix_socketname
$policy_bank{'AM.PDP-SOCK'} = { protocol=>'AM.PDP' };
$sa_tag_level_deflt = -4.0; # add spam info headers if at, or above
that level
$sa_tag2_level_deflt = 3.5; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 99996.31; # triggers spam evasive actions
$sa_dsn_cutoff_level = 999910; # spam level beyond which a DSN is not sent
$sa_quarantine_cutoff_level = 19;
$spam_quarantine_method ='smtp:[127.0.0.1]:10025';
$spam_quarantine_to = '[EMAIL PROTECTED]';
$sa_mail_body_size_limit = 512*1024; # don't waste time on SA if mail is
larger
$sa_local_tests_only = 1; # only tests which do not require internet
access?
$virus_admin = "[EMAIL PROTECTED]"; # notifications
recip.
$mailfrom_notify_admin = "[EMAIL PROTECTED]"; # notifications
sender
$mailfrom_notify_recip = "[EMAIL PROTECTED]"; # notifications
sender
$mailfrom_notify_spamadmin = "[EMAIL PROTECTED]"; # notifications
sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender
if undef
@addr_extension_virus_maps = ('virus');
@addr_extension_spam_maps = ('spam');
@addr_extension_banned_maps = ('banned');
@addr_extension_bad_header_maps = ('badh');
$path =
'/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin:/opt/mail/bin:/opt/mail/sbin:/opt/mail/lib/:/opt/mail/lib/site_perl/5.8.2';
$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not
enforced)
$sa_spam_subject_tag = '***SPAM*** ';
$sa_spam_level_char = '*';
$sa_spam_report_header = 1;
$defang_virus = 1; # MIME-wrap passed infected mail
$defang_banned = 1; # MIME-wrap passed mail containing banned name
$myhostname = 'exts098.ofd-h.de';
$final_spam_destiny = D_PASS;
@bypass_banned_checks_maps = (1);
@bypass_header_checks_maps = (1);
@keep_decoded_original_maps = (new_RE(
qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains
undecipherables
qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
));
$banned_filename_re = new_RE(
# block certain double extensions anywhere in the base name
qr'\.[^./]*[A-Za-z][^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
qr'^application/x-msdownload$'i, # block these MIME
types
qr'^application/x-msdos-program$'i,
qr'^application/hta$'i,
[ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives
qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
qr'^\.(exe-ms)$', # banned file(1) types
);
@score_sender_maps = ({ # a by-recipient hash lookup table,
# results from all matching recipient tables
are summed
## site-wide opinions about senders (the '.' matches any recipient)
'.' => [ # the _first_ matching sender determines the score boost
new_RE( # regexp-type lookup table, just happens to be all
soft-blacklist
[qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i =>
5.0],
[qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=>
5.0],
[qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=>
5.0],
[qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i =>
5.0],
[qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i =>
5.0],
[qr'^(your_friend|greatoffers)@'i =>
5.0],
[qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i =>
5.0],
),
{ # a hash-type lookup table (associative array)
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]'=> -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -5.0,
'[EMAIL PROTECTED]' => -3.0,
'returns.groups.yahoo.com' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
lc('[EMAIL PROTECTED]') => -3.0,
lc('[EMAIL PROTECTED]') => -5.0,
# soft-blacklisting (positive score)
'[EMAIL PROTECTED]' => 3.0,
'.example.net' => 1.0,
},
], # end of site-wide tables
});
#
# skipped decoders, scanners etc.
#
1; # insure a defined return
###################################################################
Thanks
Hans
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
