Re: [qmailtoaster] Re: Clam and Spam Issues
Il 11/10/2012 18:08, Mike Tirpak ha scritto: On 10/11/2012 11:30 AM, Eric Shubert wrote: On 10/11/2012 08:14 AM, Digital Instruments wrote: Does It really stayed without an answer? On 04/10/2012 14:19, Mike Tirpak wrote: I upgraded clamav a couple of days ago and everything went fine. Clamav would catch everything with a virus attached inside a zip file. Over the past two days, I've gotten two emails that have zip files with viruses inside them. Is there a tweek I should do with the new version of clam? Another strange issue is spamassassin is marking mail as spam when it should not be. An example is I have received emails from a person last week that was not spam and it went through just fine. Today, the same type of email from the same person got marked as spam. I know that there are a lot of ways to configure spamassassin. What can I do to prevent this from happening? Thanks, Mike Does it take half a year to follow up? ;) If this is (still) a problem, please start a new thread! Yes, this is still a problem. No one replied, so I'm hoping I stumble on the answer on some forums. - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com it looks like i was right ;) - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: DENIED_OTHER
OK, There is alot of stuff in here did not know if I should make attachment or not. [root@mx2 log]# cat 20121012_092636_29788_607907897 10/12/2012 09:26:36 STARTED: VERSION = 4.3.1+TLS+CONFIGTEST+DEBUG, PID = 29788 10/12/2012 09:26:36 CURRENT ENVIRONMENT PATH=/var/qmail/bin:/usr/local/bin:/usr/bin:/bin PWD=/var/qmail/supervise/smtp SHLVL=0 PROTO=TCP TCPLOCALIP=98.16.104.13 TCPLOCALPORT=25 TCPLOCALHOST=mx2 TCPREMOTEIP=208.78.196.7 TCPREMOTEPORT=59371 BADMIMETYPE= BADLOADERTYPE=M CHKUSER_RCPTLIMIT=50 CHKUSER_WRONGRCPTLIMIT=10 DKSIGN=/var/qmail/control/domainkeys/%/private NOP0FCHECK=1 10/12/2012 09:26:36 CURRENT CONFIG config-file=/etc/spamdyke/spamdyke.conf dns-blacklist-entry=zombie.dnsbl.sorbs.net dns-blacklist-entry=zen.spamhaus.org dns-blacklist-entry=combined.njabl.org full-log-dir=/etc/spamdyke/log graylist-dir=/var/spamdyke/graylist graylist-exception-rdns-file=/etc/spamdyke/greylist-exp graylist-max-secs=1209600 graylist-min-secs=180 greeting-delay-secs=5 idle-timeout-secs=60 ip-blacklist-file=/etc/spamdyke/blacklist_ip ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords ip-whitelist-file=/etc/spamdyke/whitelist_ip local-domains-file=/etc/spamdyke/localdomains local-domains-file=/var/qmail/control/rcpthosts log-level=info log-target=stderr max-recipients=50 rdns-blacklist-file=/etc/spamdyke/blacklist_rdns rdns-whitelist-file=/etc/spamdyke/whitelist_rdns recipient-blacklist-file=/etc/spamdyke/blacklist_recipients recipient-whitelist-file=/etc/spamdyke/whitelist_recipients reject-ip-in-cc-rdns=1 reject-missing-sender-mx=1 reject-unresolvable-rdns=1 sender-blacklist-file=/etc/spamdyke/blacklist_senders sender-whitelist-file=/etc/spamdyke/whitelist_senders tls-level=none 10/12/2012 09:26:36 - Remote IP = 208.78.196.7 10/12/2012 09:26:36 CURRENT CONFIG config-file=/etc/spamdyke/spamdyke.conf dns-blacklist-entry=zombie.dnsbl.sorbs.net dns-blacklist-entry=zen.spamhaus.org dns-blacklist-entry=combined.njabl.org dns-server-ip=98.16.104.22 dns-server-ip-primary=98.16.104.6 full-log-dir=/etc/spamdyke/log graylist-dir=/var/spamdyke/graylist graylist-exception-rdns-file=/etc/spamdyke/greylist-exp graylist-max-secs=1209600 graylist-min-secs=180 greeting-delay-secs=5 idle-timeout-secs=60 ip-blacklist-file=/etc/spamdyke/blacklist_ip ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords ip-whitelist-file=/etc/spamdyke/whitelist_ip local-domains-file=/etc/spamdyke/localdomains local-domains-file=/var/qmail/control/rcpthosts log-level=info log-target=stderr max-recipients=50 rdns-blacklist-file=/etc/spamdyke/blacklist_rdns rdns-whitelist-file=/etc/spamdyke/whitelist_rdns recipient-blacklist-file=/etc/spamdyke/blacklist_recipients recipient-whitelist-file=/etc/spamdyke/whitelist_recipients reject-ip-in-cc-rdns=1 reject-missing-sender-mx=1 reject-unresolvable-rdns=1 sender-blacklist-file=/etc/spamdyke/blacklist_senders sender-whitelist-file=/etc/spamdyke/whitelist_senders tls-level=none 10/12/2012 09:26:36 - Remote rDNS = inbound.invisionnetworks.net 10/12/2012 09:26:36 LOG OUTPUT DEBUG(filter_ip_in_rdns_cc()@filter.c:1017): checking for IP in rDNS +country code; rdns: inbound.invisionnetworks.net DEBUG(filter_rdns_whitelist_file()@filter.c:1094): searching rDNS whitelist file(s); rdns: inbound.invisionnetworks.net DEBUG(filter_rdns_blacklist_file()@filter.c:1198): searching rDNS blacklist file(s); rdns: inbound.invisionnetworks.net DEBUG(filter_ip_whitelist()@filter.c:1267): searching IP whitelist file(s); ip: 208.78.196.7 DEBUG(filter_ip_blacklist()@filter.c:1318): searching IP blacklist file(s); ip: 208.78.196.7 DEBUG(filter_ip_in_rdns_whitelist()@filter.c:1419): checking for IP in rDNS +keyword(s) in whitelist file; ip: 208.78.196.7 rdns: inbound.invisionnetworks.net DEBUG(filter_ip_in_rdns_blacklist()@filter.c:1372): checking for IP in rDNS +keyword(s) in blacklist file; ip: 208.78.196.7 rdns: inbound.invisionnetworks.net DEBUG(filter_rdns_resolve()@filter.c:1465): checking rDNS resolution; rdns: inbound.invisionnetworks.net DEBUG(filter_dns_rbl()@filter.c:1684): checking DNS RBL(s); ip: 208.78.196.7 DEBUG(filter_earlytalker()@filter.c:1856): checking for earlytalker; delay: 5 10/12/2012 09:26:41 FROM CHILD TO REMOTE: 64 bytes 220 mx2.wletc.com - Welcome to Qmail Toaster Plus Server ESMTP 10/12/2012 09:26:41 FROM REMOTE TO CHILD: 34 bytes EHLO barracuda.converge-tech.com 10/12/2012 09:26:41 FROM CHILD TO REMOTE: 58 bytes 250-mx2.wletc.com - Welcome to Qmail Toaster Plus Server 10/12/2012 09:26:41 FROM CHILD, FILTERED: 14 bytes 250-STARTTLS 10/12/2012 09:26:41 FROM CHILD TO REMOTE: 16 bytes 250-PIPELINING 10/12/2012 09:26:41 FROM CHILD TO REMOTE: 14 bytes 250-8BITMIME 10/12/2012 09:26:41 FROM CHILD TO REMOTE: 19 bytes 250-SIZE 5000 10/12/2012 09:26:41 FROM CHILD TO REMOTE: 31 bytes 250 AUTH LOGIN PLAIN CRAM-MD5
[qmailtoaster] Re: DENIED_OTHER
It's not all that much. I don't see anything glaring here. I think that qmail is complaining that it hasn't see a MAIL command yet, which spamdyke should have passed to it. Please post this on the spamdyke list and we'll see what Sam thinks of it. Thanks David. -- -Eric 'shubes' On 10/12/2012 07:59 AM, David wrote: OK, There is alot of stuff in here did not know if I should make attachment or not. [root@mx2 log]# cat 20121012_092636_29788_607907897 10/12/2012 09:26:36 STARTED: VERSION = 4.3.1+TLS+CONFIGTEST+DEBUG, PID = 29788 10/12/2012 09:26:36 CURRENT ENVIRONMENT PATH=/var/qmail/bin:/usr/local/bin:/usr/bin:/bin PWD=/var/qmail/supervise/smtp SHLVL=0 PROTO=TCP TCPLOCALIP=98.16.104.13 TCPLOCALPORT=25 TCPLOCALHOST=mx2 TCPREMOTEIP=208.78.196.7 TCPREMOTEPORT=59371 BADMIMETYPE= BADLOADERTYPE=M CHKUSER_RCPTLIMIT=50 CHKUSER_WRONGRCPTLIMIT=10 DKSIGN=/var/qmail/control/domainkeys/%/private NOP0FCHECK=1 10/12/2012 09:26:36 CURRENT CONFIG config-file=/etc/spamdyke/spamdyke.conf dns-blacklist-entry=zombie.dnsbl.sorbs.net dns-blacklist-entry=zen.spamhaus.org dns-blacklist-entry=combined.njabl.org full-log-dir=/etc/spamdyke/log graylist-dir=/var/spamdyke/graylist graylist-exception-rdns-file=/etc/spamdyke/greylist-exp graylist-max-secs=1209600 graylist-min-secs=180 greeting-delay-secs=5 idle-timeout-secs=60 ip-blacklist-file=/etc/spamdyke/blacklist_ip ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords ip-whitelist-file=/etc/spamdyke/whitelist_ip local-domains-file=/etc/spamdyke/localdomains local-domains-file=/var/qmail/control/rcpthosts log-level=info log-target=stderr max-recipients=50 rdns-blacklist-file=/etc/spamdyke/blacklist_rdns rdns-whitelist-file=/etc/spamdyke/whitelist_rdns recipient-blacklist-file=/etc/spamdyke/blacklist_recipients recipient-whitelist-file=/etc/spamdyke/whitelist_recipients reject-ip-in-cc-rdns=1 reject-missing-sender-mx=1 reject-unresolvable-rdns=1 sender-blacklist-file=/etc/spamdyke/blacklist_senders sender-whitelist-file=/etc/spamdyke/whitelist_senders tls-level=none 10/12/2012 09:26:36 - Remote IP = 208.78.196.7 10/12/2012 09:26:36 CURRENT CONFIG config-file=/etc/spamdyke/spamdyke.conf dns-blacklist-entry=zombie.dnsbl.sorbs.net dns-blacklist-entry=zen.spamhaus.org dns-blacklist-entry=combined.njabl.org dns-server-ip=98.16.104.22 dns-server-ip-primary=98.16.104.6 full-log-dir=/etc/spamdyke/log graylist-dir=/var/spamdyke/graylist graylist-exception-rdns-file=/etc/spamdyke/greylist-exp graylist-max-secs=1209600 graylist-min-secs=180 greeting-delay-secs=5 idle-timeout-secs=60 ip-blacklist-file=/etc/spamdyke/blacklist_ip ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords ip-whitelist-file=/etc/spamdyke/whitelist_ip local-domains-file=/etc/spamdyke/localdomains local-domains-file=/var/qmail/control/rcpthosts log-level=info log-target=stderr max-recipients=50 rdns-blacklist-file=/etc/spamdyke/blacklist_rdns rdns-whitelist-file=/etc/spamdyke/whitelist_rdns recipient-blacklist-file=/etc/spamdyke/blacklist_recipients recipient-whitelist-file=/etc/spamdyke/whitelist_recipients reject-ip-in-cc-rdns=1 reject-missing-sender-mx=1 reject-unresolvable-rdns=1 sender-blacklist-file=/etc/spamdyke/blacklist_senders sender-whitelist-file=/etc/spamdyke/whitelist_senders tls-level=none 10/12/2012 09:26:36 - Remote rDNS = inbound.invisionnetworks.net 10/12/2012 09:26:36 LOG OUTPUT DEBUG(filter_ip_in_rdns_cc()@filter.c:1017): checking for IP in rDNS +country code; rdns: inbound.invisionnetworks.net DEBUG(filter_rdns_whitelist_file()@filter.c:1094): searching rDNS whitelist file(s); rdns: inbound.invisionnetworks.net DEBUG(filter_rdns_blacklist_file()@filter.c:1198): searching rDNS blacklist file(s); rdns: inbound.invisionnetworks.net DEBUG(filter_ip_whitelist()@filter.c:1267): searching IP whitelist file(s); ip: 208.78.196.7 DEBUG(filter_ip_blacklist()@filter.c:1318): searching IP blacklist file(s); ip: 208.78.196.7 DEBUG(filter_ip_in_rdns_whitelist()@filter.c:1419): checking for IP in rDNS +keyword(s) in whitelist file; ip: 208.78.196.7 rdns: inbound.invisionnetworks.net DEBUG(filter_ip_in_rdns_blacklist()@filter.c:1372): checking for IP in rDNS +keyword(s) in blacklist file; ip: 208.78.196.7 rdns: inbound.invisionnetworks.net DEBUG(filter_rdns_resolve()@filter.c:1465): checking rDNS resolution; rdns: inbound.invisionnetworks.net DEBUG(filter_dns_rbl()@filter.c:1684): checking DNS RBL(s); ip: 208.78.196.7 DEBUG(filter_earlytalker()@filter.c:1856): checking for earlytalker; delay: 5 10/12/2012 09:26:41 FROM CHILD TO REMOTE: 64 bytes 220 mx2.wletc.com - Welcome to Qmail Toaster Plus Server ESMTP 10/12/2012 09:26:41 FROM REMOTE TO CHILD: 34 bytes EHLO barracuda.converge-tech.com 10/12/2012 09:26:41 FROM CHILD TO REMOTE: 58 bytes 250-mx2.wletc.com - Welcome to Qmail Toaster Plus Server 10/12/2012 09:26:41 FROM CHILD, FILTERED: 14