I have a bunch of client machines that do their daily/weekly/monthly reports to a dedicated mailbox here.
I notice things like a missing host or a low uptime figure etc and can talk to their owners about what problems may be. Works fine and did today but there is something spooky happening: The 0130 daily messages came through on time. The 0330 weekly messages were all there. My next task= inspect the spamdb and /var/log/spamd to find if false positives or other anomalies happening. This is where I spotted the following entries. At 015528 spamd said " queueing deletion of a.b.c.d " and that is weird because that IP was happily delivering mail to us at 0130 without going through greylisting. So at 033030 spamd showed a.b.c.d attempting to deliver and greylisted it. At 035606 a.b.c.d called again and just afterwards spamd showed it being whitelisted. The mail arrived in the inbound mailbox at 0425 so that looks pretty normal. But at 073041 spamd shows "queueing deletion of a.b.c.d ....." and yet here I am at 1220 and in spamdb output I see that a.b.c.d is whitelisted. "WHITE|a.b.c.d|||1261153830|1261155366|1264265792|2|0 So, whitelisted at Sat Dec 19 03:56:06 EST 2009 agrees with log above. and expires Sun Jan 24 03:56:32 EST 2010. So no other host suffered this treatment and this one got through at 0130 so the expiry should have been updated so it didn't get greylisted later. Add that the deletion obviously has not happened in the last 4 hours as would be expected from the log note. The box has been running 4.5 release faultlessly since Mar 4. Update due in new year quiet time. Any clues? *** NOTE *** Please DO NOT CC me. I <am> subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ --- This life is not the real thing. It is not even in Beta. If it was, then OpenBSD would already have a man page for it.
