Re: [qmailtoaster] TLS issue with Spamdyke v5.0.1
This particular log was when I was testing idle timeout of 300 seconds in Spamdyke, thus the longer delay. Overall, the server is not that busy (avg 1-1.5), but will keep an eye out for peak loads that may coincide with timeouts. On 12/27/22 18:29, Eric Broch wrote: It looks like the start of the connection at 18:37:41 and when the timeout occurs at 18:42:03 is a pretty big chunk of time. The idle timeout in you spamdyke file is 60 seconds. This doesn't sound like a problem with TLS. It seems like a problem with the time of negotiation. How busy is your server? - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] TLS issue with Spamdyke v5.0.1
It looks like the start of the connection at 18:37:41 and when the timeout occurs at 18:42:03 is a pretty big chunk of time. The idle timeout in you spamdyke file is 60 seconds. This doesn't sound like a problem with TLS. It seems like a problem with the time of negotiation. How busy is your server? On 12/27/2022 12:13 PM, nowuk...@gmail.com wrote: Mistakenly, I ended up taking this conversation off the list. Here is the summary conclusion for anyone that may encounter a similar situation. It appears to be mostly network issue. At Eric's advice, I downgraded Spamdyke and the delivery seemed to improve. I still see timeouts, as shown below, but in the end, Yahoo delivered the message below several minutes later. Notably, messages from Gmail sometimes show timeouts, but typically get delivered within minutes. I am still investigating potential networking issues causing the MX lookup to fail. Thanks, again, to everyone who offered assistance. Regards, Ed 12/27/2022 18:37:41 - Remote rDNS = sonic315-13.consmr.mail.bf2.yahoo.com 12/27/2022 18:37:41 LOG OUTPUT DEBUG(filter_rdns_missing()@filter.c:947): checking for missing rDNS; rdns: sonic315-13.consmr.mail.bf2.yahoo.com DEBUG(filter_ip_in_rdns_cc()@filter.c:978): checking for IP in rDNS +country code; rdns: sonic315-13.consmr.mail.bf2.yahoo.com DEBUG(filter_rdns_whitelist_file()@filter.c:1055): searching rDNS whitelist file(s); rdns: sonic315-13.consmr.mail.bf2.yahoo.com DEBUG(filter_rdns_blacklist_file()@filter.c:1159): searching rDNS blacklist file(s); rdns: sonic315-13.consmr.mail.bf2.yahoo.com DEBUG(filter_ip_whitelist()@filter.c:1228): searching IP whitelist file(s); ip: 74.6.134.123 DEBUG(filter_ip_blacklist()@filter.c:1279): searching IP blacklist file(s); ip: 74.6.134.123 DEBUG(filter_ip_in_rdns_whitelist()@filter.c:1380): checking for IP in rDNS +keyword(s) in whitelist file; ip: 74.6.134.123 rdns: sonic315-13.consmr.mail.bf2.yahoo.com DEBUG(filter_ip_in_rdns_blacklist()@filter.c:1333): checking for IP in rDNS +keyword(s) in blacklist file; ip: 74.6.134.123 rdns: sonic315-13.consmr.mail.bf2.yahoo.com DEBUG(filter_rdns_resolve()@filter.c:1426): checking rDNS resolution; rdns: sonic315-13.consmr.mail.bf2.yahoo.com DEBUG(filter_dns_rbl()@filter.c:1645): checking DNS RBL(s); ip: 74.6.134.123 DEBUG(filter_earlytalker()@filter.c:1817): checking for earlytalker; delay: 6 DEBUG(undo_softlimit()@spamdyke.c:3203): reset address space soft limit to infinity: please stop using the softlimit program DEBUG(undo_softlimit()@spamdyke.c:3223): reset data segment soft limit to infinity: please stop using the softlimit program DEBUG(undo_softlimit()@spamdyke.c:3241): reset stack size soft limit to infinity: please stop using the softlimit program 12/27/2022 18:37:47 FROM CHILD TO REMOTE: 60 bytes 220 --removed-- - No spam or viruses accepted ESMTP 12/27/2022 18:37:47 FROM REMOTE TO CHILD: 44 bytes EHLO sonic315-13.consmr.mail.bf2.yahoo.com 12/27/2022 18:37:47 FROM CHILD TO REMOTE: 54 bytes 250---removed-- - No spam or viruses accepted 12/27/2022 18:37:47 FROM CHILD TO REMOTE: 14 bytes 250-STARTTLS 12/27/2022 18:37:47 FROM CHILD TO REMOTE: 16 bytes 250-PIPELINING 12/27/2022 18:37:47 FROM CHILD TO REMOTE: 14 bytes 250-8BITMIME 12/27/2022 18:37:47 FROM CHILD TO REMOTE: 19 bytes 250-SIZE 20971520 12/27/2022 18:37:47 FROM CHILD TO REMOTE: 31 bytes 250 AUTH LOGIN PLAIN CRAM-MD5 12/27/2022 18:37:47 FROM REMOTE TO CHILD: 10 bytes STARTTLS 12/27/2022 18:37:47 FROM SPAMDYKE TO REMOTE: 14 bytes 220 Proceed. 12/27/2022 18:37:48 LOG OUTPUT TLS DEBUG(tls_start()@tls.c:417): TLS/SSL connection established, using cipher AES128-GCM-SHA256, 128 bits 12/27/2022 18:37:48 - TLS negotiated and started 12/27/2022 18:37:48 FROM REMOTE TO CHILD: 44 bytes TLS EHLO sonic315-13.consmr.mail.bf2.yahoo.com 12/27/2022 18:37:48 FROM CHILD TO REMOTE: 54 bytes TLS 250---removed-- - No spam or viruses accepted 12/27/2022 18:37:48 FROM CHILD, FILTERED: 14 bytes TLS 250-STARTTLS 12/27/2022 18:37:48 FROM CHILD TO REMOTE: 16 bytes TLS 250-PIPELINING 12/27/2022 18:37:48 FROM CHILD TO REMOTE: 14 bytes TLS 250-8BITMIME 12/27/2022 18:37:48 FROM CHILD TO REMOTE: 19 bytes TLS 250-SIZE 20971520 12/27/2022 18:37:48 FROM CHILD TO REMOTE: 31 bytes TLS 250 AUTH LOGIN PLAIN CRAM-MD5 12/27/2022 18:37:49 FROM REMOTE TO CHILD: 33 bytes TLS MAIL FROM:<--removed--> 12/27/2022 18:37:49 LOG OUTPUT TLS DEBUG(find_username()@spamdyke.c:127): searching for username between positions 11 and 29: MAIL FROM:<--removed--> DEBUG(find_domain()@spamdyke.c:361): searching for domain between positions 20 and 29: MAIL FROM:<--removed--> DEBUG(find_address()@spamdyke.c:726): found username: --removed-- DEBUG(find_address()@spamdyke.c:743): found domain: yahoo.com DEBUG(filter_sender_whitelist()@filter.c:1871): searching sender whitelist(s); sender: --removed-- DEBUG(filter_sender_blacklist()@filter.c:2011): searching sender blacklist(s); sender: --removed--
Re: [qmailtoaster] TLS issue with Spamdyke v5.0.1
Hi I had something similar but my qmail pem was empty and that created a few issues once fixed that all good. -- Mandato da iPhone > On domenica, dic 25, 2022 at 21:45, Eric Broch (mailto:ebr...@whitehorsetc.com)> wrote: > Do you have openssl-* installed? > On Dec 25, 2022, at 9:57 PM, nowuk...@gmail.com (mailto:nowuk...@gmail.com) > wrote: > > Hi, > > > > It seems like suddenly my QMT installation started acting up and reject > > mail (several days now). It does not deliver bounces but reports that > > the sending server, e.g., Yahoo, etc, could not connect to send mail. > > There is no MTA code in returned mail, at all. Initially, Gmail was > > having an issue, as well, but now seems to be able to send mail. > > > > I am convinced it was due to some package upgrade, but I am at my wits > > end to figure out how to fix this. Any hints would be appreciated. The > > certificate file is Let's Encrypt certificate I have used for some time > > now and key packaged into PEM file. > > > > Current package versions are (some upgraded recently, as I was trying to > > fix it with no success): > > > > autorespond-2.0.5-1.qt.el7.x86_64 > > control-panel-0.5.1-1.qt.el7.x86_64 > > daemontools-0.76-0.qt.el7.x86_64 > > dovecot-2.3.11.3 (http://2.3.11.3)-13.qt.el7.x86_64 > > dspam-3.10.2-15.qt.el7.x86_64 > > dspam-client-3.10.2-15.qt.el7.x86_64 > > dspam-hash-3.10.2-15.qt.el7.x86_64 > > dspam-libs-3.10.2-15.qt.el7.x86_64 > > dspam-mysql-3.10.2-15.qt.el7.x86_64 > > ezmlm-0.53.324-0.qt.el7.x86_64 > > ezmlm-cgi-0.53.324-0.qt.el7.x86_64 > > isoqlog-2.2.1-2.qt.el7.x86_64 > > libdomainkeys-devel-0.69-1.qt.el7.x86_64 > > libsrs2-1.0.18-0.qt.el7.x86_64 > > libsrs2-devel-1.0.18-0.qt.el7.x86_64 > > maildrop-2.9.1-2.qt.el7.x86_64 > > maildrop-devel-2.9.1-2.qt.el7.x86_64 > > mailman-debuginfo-2.1.12-20.qt.el7.x86_64 > > openssl11-1.1.1k-6.qt.el7.x86_64 > > openssl11-libs-1.1.1k-6.qt.el7.x86_64 > > qmail-1.03-2.2.1.qt.el7.x86_64 > > qmailadmin-1.2.16-3.2.qt.el7.x86_64 > > qmailmrtg-4.2-3.qt.el7.x86_64 > > qmt-plus-1-0.qt.el7.noarch > > qmt-release-1-7.qt.el7.noarch > > spamdyke-5.0.1-3.qt.el7.x86_64 > > ucspi-tcp-0.88-0.qt.el7.x86_64 > > vpopmail-5.4.33-2.qt.el7.x86_64 > > vqadmin-2.3.7-1.qt.el7.x86_64 > > > > Thanks, > > > > Ed > > > > > > P.S. In the Spamdyke logs, I see that the TLS connection has been > > established but it times out: > > > > Dec 25 18:32:27 mx2 spamdyke[17819]: > > DEBUG(filter_ip_in_rdns_cc()@filter.c:978): checking for IP in rDNS > > +country code; rdns: mta5.ealerts.bankofamerica.com > > (http://mta5.ealerts.bankofamerica.com) > > Dec 25 18:32:27 mx2 spamdyke[17819]: > > DEBUG(filter_rdns_whitelist_file()@filter.c:1055): searching rDNS > > whitelist file(s); rdns: mta5.ealerts.bankofamerica.com > > (http://mta5.ealerts.bankofamerica.com) > > Dec 25 18:32:27 mx2 spamdyke[17819]: > > DEBUG(filter_rdns_blacklist_file()@filter.c:1159): searching rDNS > > blacklist file(s); rdns: mta5.ealerts.bankofamerica.com > > (http://mta5.ealerts.bankofamerica.com) > > Dec 25 18:32:27 mx2 spamdyke[17819]: > > DEBUG(filter_ip_whitelist()@filter.c:1228): searching IP whitelist > > file(s); ip: 68.232.194.2 (http://68.232.194.2) > > Dec 25 18:32:27 mx2 spamdyke[17819]: > > DEBUG(filter_ip_blacklist()@filter.c:1279): searching IP blacklist > > file(s); ip: 68.232.194.2 (http://68.232.194.2) > > Dec 25 18:32:27 mx2 spamdyke[17819]: > > DEBUG(filter_ip_in_rdns_whitelist()@filter.c:1380): checking for IP in > > rDNS +keyword(s) in whitelist file; ip: 68.232.194.2 (http://68.232.194.2) > > rdns: > > mta5.ealerts.bankofamerica.com (http://mta5.ealerts.bankofamerica.com) > > Dec 25 18:32:27 mx2 spamdyke[17819]: > > DEBUG(filter_ip_in_rdns_blacklist()@filter.c:1333): checking for IP in > > rDNS +keyword(s) in blacklist file; ip: 68.232.194.2 (http://68.232.194.2) > > rdns: > > mta5.ealerts.bankofamerica.com (http://mta5.ealerts.bankofamerica.com) > > Dec 25 18:32:27 mx2 spamdyke[17819]: > > DEBUG(filter_rdns_resolve()@filter.c:1426): checking rDNS resolution; > > rdns: mta5.ealerts.bankofamerica.com (http://mta5.ealerts.bankofamerica.com) > > Dec 25 18:32:27 mx2 spamdyke[17819]: > > DEBUG(filter_dns_rbl()@filter.c:1645): checking DNS RBL(s); ip: > > 68.232.194.2 (http://68.232.194.2) > > Dec 25 18:32:27 mx2 spamdyke[17819]: > > DEBUG(filter_earlytalker()@filter.c:1817): checking for earlytalker; > > delay: 2 > > Dec 25 18:32:30 mx2 spamdyke[17819]: DEBUG(tls_start()@tls.c:439): > > TLS/SSL connection established, using cipher AES256-GCM-SHA384, 256 bits > > Dec 25 18:32:31 mx2 spamdyke[17819]: > > DEBUG(find_username()@spamdyke.c:127): searching for username between > > positions 11 and 93: MAIL > > FROM: > > BODY=8BITMIME > > Dec 25 18:32:31 mx2 spamdyke[17819]: > > DEBUG(find_domain()@spamdyke.c:361): searching for domain between > > positions 61 and 93: MAIL > > FROM: > > BODY=8BITMIME > > Dec 25 18:32:31 mx2 spamdyke[17819]: > > DEBUG(find_address()@spamdyke.c:726): found username: > >
Re: [qmailtoaster] TLS issue with Spamdyke v5.0.1
Do you have openssl-* installed? On Dec 25, 2022, 9:57 PM, at 9:57 PM, nowuk...@gmail.com wrote: >Hi, > >It seems like suddenly my QMT installation started acting up and reject > >mail (several days now). It does not deliver bounces but reports that >the sending server, e.g., Yahoo, etc, could not connect to send mail. >There is no MTA code in returned mail, at all. Initially, Gmail was >having an issue, as well, but now seems to be able to send mail. > >I am convinced it was due to some package upgrade, but I am at my wits >end to figure out how to fix this. Any hints would be appreciated. The >certificate file is Let's Encrypt certificate I have used for some time > >now and key packaged into PEM file. > >Current package versions are (some upgraded recently, as I was trying >to >fix it with no success): > >autorespond-2.0.5-1.qt.el7.x86_64 >control-panel-0.5.1-1.qt.el7.x86_64 >daemontools-0.76-0.qt.el7.x86_64 >dovecot-2.3.11.3-13.qt.el7.x86_64 >dspam-3.10.2-15.qt.el7.x86_64 >dspam-client-3.10.2-15.qt.el7.x86_64 >dspam-hash-3.10.2-15.qt.el7.x86_64 >dspam-libs-3.10.2-15.qt.el7.x86_64 >dspam-mysql-3.10.2-15.qt.el7.x86_64 >ezmlm-0.53.324-0.qt.el7.x86_64 >ezmlm-cgi-0.53.324-0.qt.el7.x86_64 >isoqlog-2.2.1-2.qt.el7.x86_64 >libdomainkeys-devel-0.69-1.qt.el7.x86_64 >libsrs2-1.0.18-0.qt.el7.x86_64 >libsrs2-devel-1.0.18-0.qt.el7.x86_64 >maildrop-2.9.1-2.qt.el7.x86_64 >maildrop-devel-2.9.1-2.qt.el7.x86_64 >mailman-debuginfo-2.1.12-20.qt.el7.x86_64 >openssl11-1.1.1k-6.qt.el7.x86_64 >openssl11-libs-1.1.1k-6.qt.el7.x86_64 >qmail-1.03-2.2.1.qt.el7.x86_64 >qmailadmin-1.2.16-3.2.qt.el7.x86_64 >qmailmrtg-4.2-3.qt.el7.x86_64 >qmt-plus-1-0.qt.el7.noarch >qmt-release-1-7.qt.el7.noarch >spamdyke-5.0.1-3.qt.el7.x86_64 >ucspi-tcp-0.88-0.qt.el7.x86_64 >vpopmail-5.4.33-2.qt.el7.x86_64 >vqadmin-2.3.7-1.qt.el7.x86_64 > >Thanks, > >Ed > > >P.S. In the Spamdyke logs, I see that the TLS connection has been >established but it times out: > >Dec 25 18:32:27 mx2 spamdyke[17819]: >DEBUG(filter_ip_in_rdns_cc()@filter.c:978): checking for IP in rDNS >+country code; rdns: mta5.ealerts.bankofamerica.com >Dec 25 18:32:27 mx2 spamdyke[17819]: >DEBUG(filter_rdns_whitelist_file()@filter.c:1055): searching rDNS >whitelist file(s); rdns: mta5.ealerts.bankofamerica.com >Dec 25 18:32:27 mx2 spamdyke[17819]: >DEBUG(filter_rdns_blacklist_file()@filter.c:1159): searching rDNS >blacklist file(s); rdns: mta5.ealerts.bankofamerica.com >Dec 25 18:32:27 mx2 spamdyke[17819]: >DEBUG(filter_ip_whitelist()@filter.c:1228): searching IP whitelist >file(s); ip: 68.232.194.2 >Dec 25 18:32:27 mx2 spamdyke[17819]: >DEBUG(filter_ip_blacklist()@filter.c:1279): searching IP blacklist >file(s); ip: 68.232.194.2 >Dec 25 18:32:27 mx2 spamdyke[17819]: >DEBUG(filter_ip_in_rdns_whitelist()@filter.c:1380): checking for IP in >rDNS +keyword(s) in whitelist file; ip: 68.232.194.2 rdns: >mta5.ealerts.bankofamerica.com >Dec 25 18:32:27 mx2 spamdyke[17819]: >DEBUG(filter_ip_in_rdns_blacklist()@filter.c:1333): checking for IP in >rDNS +keyword(s) in blacklist file; ip: 68.232.194.2 rdns: >mta5.ealerts.bankofamerica.com >Dec 25 18:32:27 mx2 spamdyke[17819]: >DEBUG(filter_rdns_resolve()@filter.c:1426): checking rDNS resolution; >rdns: mta5.ealerts.bankofamerica.com >Dec 25 18:32:27 mx2 spamdyke[17819]: >DEBUG(filter_dns_rbl()@filter.c:1645): checking DNS RBL(s); ip: >68.232.194.2 >Dec 25 18:32:27 mx2 spamdyke[17819]: >DEBUG(filter_earlytalker()@filter.c:1817): checking for earlytalker; >delay: 2 >Dec 25 18:32:30 mx2 spamdyke[17819]: DEBUG(tls_start()@tls.c:439): >TLS/SSL connection established, using cipher AES256-GCM-SHA384, 256 >bits >Dec 25 18:32:31 mx2 spamdyke[17819]: >DEBUG(find_username()@spamdyke.c:127): searching for username between >positions 11 and 93: MAIL >FROM: > >BODY=8BITMIME >Dec 25 18:32:31 mx2 spamdyke[17819]: >DEBUG(find_domain()@spamdyke.c:361): searching for domain between >positions 61 and 93: MAIL >FROM: > >BODY=8BITMIME >Dec 25 18:32:31 mx2 spamdyke[17819]: >DEBUG(find_address()@spamdyke.c:726): found username: >bounce-145816_HTML-1692157747-5010266-522000109-17 >Dec 25 18:32:31 mx2 spamdyke[17819]: >DEBUG(find_address()@spamdyke.c:743): found domain: >bounce.ealerts.bankofamerica.com >Dec 25 18:32:31 mx2 spamdyke[17819]: >DEBUG(filter_sender_whitelist()@filter.c:1871): searching sender >whitelist(s); sender: >bounce-145816_html-1692157747-5010266-522000109...@bounce.ealerts.bankofamerica.com >Dec 25 18:32:31 mx2 spamdyke[17819]: >DEBUG(filter_sender_blacklist()@filter.c:2011): searching sender >blacklist(s); sender: >bounce-145816_html-1692157747-5010266-522000109...@bounce.ealerts.bankofamerica.com >Dec 25 18:32:31 mx2 spamdyke[17819]: >DEBUG(filter_sender()@filter.c:2296): checking for sender domain MX >record; domain: bounce.ealerts.bankofamerica.com >Dec 25 18:33:32 mx2 spamdyke[17819]: TIMEOUT from: >bounce-145816_html-1692157747-5010266-522000109...@bounce.ealerts.bankofamerica.com > >to: (unknown) origin_ip: 68.232.194.2 origin_rdns:
[qmailtoaster] TLS issue with Spamdyke v5.0.1
Hi, It seems like suddenly my QMT installation started acting up and reject mail (several days now). It does not deliver bounces but reports that the sending server, e.g., Yahoo, etc, could not connect to send mail. There is no MTA code in returned mail, at all. Initially, Gmail was having an issue, as well, but now seems to be able to send mail. I am convinced it was due to some package upgrade, but I am at my wits end to figure out how to fix this. Any hints would be appreciated. The certificate file is Let's Encrypt certificate I have used for some time now and key packaged into PEM file. Current package versions are (some upgraded recently, as I was trying to fix it with no success): autorespond-2.0.5-1.qt.el7.x86_64 control-panel-0.5.1-1.qt.el7.x86_64 daemontools-0.76-0.qt.el7.x86_64 dovecot-2.3.11.3-13.qt.el7.x86_64 dspam-3.10.2-15.qt.el7.x86_64 dspam-client-3.10.2-15.qt.el7.x86_64 dspam-hash-3.10.2-15.qt.el7.x86_64 dspam-libs-3.10.2-15.qt.el7.x86_64 dspam-mysql-3.10.2-15.qt.el7.x86_64 ezmlm-0.53.324-0.qt.el7.x86_64 ezmlm-cgi-0.53.324-0.qt.el7.x86_64 isoqlog-2.2.1-2.qt.el7.x86_64 libdomainkeys-devel-0.69-1.qt.el7.x86_64 libsrs2-1.0.18-0.qt.el7.x86_64 libsrs2-devel-1.0.18-0.qt.el7.x86_64 maildrop-2.9.1-2.qt.el7.x86_64 maildrop-devel-2.9.1-2.qt.el7.x86_64 mailman-debuginfo-2.1.12-20.qt.el7.x86_64 openssl11-1.1.1k-6.qt.el7.x86_64 openssl11-libs-1.1.1k-6.qt.el7.x86_64 qmail-1.03-2.2.1.qt.el7.x86_64 qmailadmin-1.2.16-3.2.qt.el7.x86_64 qmailmrtg-4.2-3.qt.el7.x86_64 qmt-plus-1-0.qt.el7.noarch qmt-release-1-7.qt.el7.noarch spamdyke-5.0.1-3.qt.el7.x86_64 ucspi-tcp-0.88-0.qt.el7.x86_64 vpopmail-5.4.33-2.qt.el7.x86_64 vqadmin-2.3.7-1.qt.el7.x86_64 Thanks, Ed P.S. In the Spamdyke logs, I see that the TLS connection has been established but it times out: Dec 25 18:32:27 mx2 spamdyke[17819]: DEBUG(filter_ip_in_rdns_cc()@filter.c:978): checking for IP in rDNS +country code; rdns: mta5.ealerts.bankofamerica.com Dec 25 18:32:27 mx2 spamdyke[17819]: DEBUG(filter_rdns_whitelist_file()@filter.c:1055): searching rDNS whitelist file(s); rdns: mta5.ealerts.bankofamerica.com Dec 25 18:32:27 mx2 spamdyke[17819]: DEBUG(filter_rdns_blacklist_file()@filter.c:1159): searching rDNS blacklist file(s); rdns: mta5.ealerts.bankofamerica.com Dec 25 18:32:27 mx2 spamdyke[17819]: DEBUG(filter_ip_whitelist()@filter.c:1228): searching IP whitelist file(s); ip: 68.232.194.2 Dec 25 18:32:27 mx2 spamdyke[17819]: DEBUG(filter_ip_blacklist()@filter.c:1279): searching IP blacklist file(s); ip: 68.232.194.2 Dec 25 18:32:27 mx2 spamdyke[17819]: DEBUG(filter_ip_in_rdns_whitelist()@filter.c:1380): checking for IP in rDNS +keyword(s) in whitelist file; ip: 68.232.194.2 rdns: mta5.ealerts.bankofamerica.com Dec 25 18:32:27 mx2 spamdyke[17819]: DEBUG(filter_ip_in_rdns_blacklist()@filter.c:1333): checking for IP in rDNS +keyword(s) in blacklist file; ip: 68.232.194.2 rdns: mta5.ealerts.bankofamerica.com Dec 25 18:32:27 mx2 spamdyke[17819]: DEBUG(filter_rdns_resolve()@filter.c:1426): checking rDNS resolution; rdns: mta5.ealerts.bankofamerica.com Dec 25 18:32:27 mx2 spamdyke[17819]: DEBUG(filter_dns_rbl()@filter.c:1645): checking DNS RBL(s); ip: 68.232.194.2 Dec 25 18:32:27 mx2 spamdyke[17819]: DEBUG(filter_earlytalker()@filter.c:1817): checking for earlytalker; delay: 2 Dec 25 18:32:30 mx2 spamdyke[17819]: DEBUG(tls_start()@tls.c:439): TLS/SSL connection established, using cipher AES256-GCM-SHA384, 256 bits Dec 25 18:32:31 mx2 spamdyke[17819]: DEBUG(find_username()@spamdyke.c:127): searching for username between positions 11 and 93: MAIL FROM: BODY=8BITMIME Dec 25 18:32:31 mx2 spamdyke[17819]: DEBUG(find_domain()@spamdyke.c:361): searching for domain between positions 61 and 93: MAIL FROM: BODY=8BITMIME Dec 25 18:32:31 mx2 spamdyke[17819]: DEBUG(find_address()@spamdyke.c:726): found username: bounce-145816_HTML-1692157747-5010266-522000109-17 Dec 25 18:32:31 mx2 spamdyke[17819]: DEBUG(find_address()@spamdyke.c:743): found domain: bounce.ealerts.bankofamerica.com Dec 25 18:32:31 mx2 spamdyke[17819]: DEBUG(filter_sender_whitelist()@filter.c:1871): searching sender whitelist(s); sender: bounce-145816_html-1692157747-5010266-522000109...@bounce.ealerts.bankofamerica.com Dec 25 18:32:31 mx2 spamdyke[17819]: DEBUG(filter_sender_blacklist()@filter.c:2011): searching sender blacklist(s); sender: bounce-145816_html-1692157747-5010266-522000109...@bounce.ealerts.bankofamerica.com Dec 25 18:32:31 mx2 spamdyke[17819]: DEBUG(filter_sender()@filter.c:2296): checking for sender domain MX record; domain: bounce.ealerts.bankofamerica.com Dec 25 18:33:32 mx2 spamdyke[17819]: TIMEOUT from: bounce-145816_html-1692157747-5010266-522000109...@bounce.ealerts.bankofamerica.com to: (unknown) origin_ip: 68.232.194.2 origin_rdns: mta5.ealerts.bankofamerica.com auth: (unknown) encryption: TLS reason: TIMEOUT - To unsubscribe, e-mail: