Re: Spamassassin detect my mails as spam
Hello RW, Am 2012-02-24 14:00:11, hacktest Du folgendes herunter: As far as positive scoring rules are concerned, Spamassassin should only care about the reverse dns of the last external relay, and mail.tamay-dogan.net has impeccable dns. Right, and it was a problem with spamassassin on listz.debian.org and the listadmins had changed something and since arround 2 years it works again. You haven't quoted any rules that are firing inappropriately. Do you have any evidence that this is anything to do with Spamassassin or reverse dns? ...because it is NOT my spamassassin which reject MY mails. There is something in spamassassin which does recursive rDNS lookups on all Received: headers RDNS_NONE shouldn't fire on a private IP address unless you've done something a bit challenging. Right, but I use courier, fetchmail, procmail and spamassassin since more then 10 years and it works perfectly. Only some domains/MTAs sending mails are weird... Can it be, that there are MX records, which point sometimes to a private IP address which confuse spamassassin? Thanks, Greetings and nice Day/Evening Michelle Konzack -- # Debian GNU/Linux Consultant ## Development of Intranet and Embedded Systems with Debian GNU/Linux Internet Service Provider, Cloud Computing http://www.itsystems.tamay-dogan.net/ itsystems@tdnet Jabber linux4miche...@jabber.ccc.de Owner Michelle Konzack Gewerbe Strasse 3 Tel office: +49-176-86004575 77694 Kehl Tel mobil: +49-177-9351947 Germany Tel mobil: +33-6-61925193 (France) USt-ID: DE 278 049 239 Linux-User #280138 with the Linux Counter, http://counter.li.org/ signature.pgp Description: Digital signature
Re: Spamassassin detect my mails as spam
Hello Bowie Bailey, Am 2012-02-24 12:42:02, hacktest Du folgendes herunter: Why not? It doesn't have to be specific. public41.tamay-dogan.net would work fine. What is the downside of having a rDNS entry? ...because my ISP @office (Alice) offer only fixed IP (85.182.220.41) with only but no rDNS, exactly, I have only e182220041.adsl.alicedsl.de. which interferer with my network. Why are they rejected? Do you have any bounces with specific information? My mail server mail.tamay-dogan.net send me an error message back, that the receiving MTA can not resolv work1.intranet.tamay-dogan.net which is the first Received: header. Is there a was to solv this? That would depend entirely on what the actual problem is. The question is: WHY does the receiving MTA check the sending computer? Probably it will be in nearly all enterprises on a private IP range and not equiped with a public IP. Note: I see, not all spamassassin setups rejecting my mails including my own one if it receive mails from others and same setup. I'm not sure I understand this statement. Are you saying your SA server has the same behavior you are complaining about or not? Some years ago it had, but since the upgrade to Debian/Lenny, the problem was gone silently. It was only a dist-upgrade and nothing has changed in the configuration, exept a new version of spamassassin Most tests in SA should not look beyond the first untrusted server. That would be mail.tamay-dogan.net in the case of your outgoing mail. Anything prior to that should be irrelevant -- particularly if they have private IP addresses. This is, why I am puzzeling arround. I like to find out, which part of spamassassin trigger this error. I get the same error, if I send E-Mails using my freenet.de account, exactly, I add an esmtproute to copurier-mta which use mail.freenet.de as authenticated SMTP relay and use my email linux4michelleOfreenet.de and normaly it just work, but the MTAs rejecting my own mails, reject even the freenet mails. So, the error is not on my end, but on the receiving MTA which make it very hard to debug things. I have already send those enterprises mails from my squirrelmail interface and was nicely received by the offending MTA... unfortunately the admins of the Mailsystems have absolutely no clue! They are even to sick to check there mail logs (IF they exist) Bowie Thanks, Greetings and nice Day/Evening Michelle Konzack -- # Debian GNU/Linux Consultant ## Development of Intranet and Embedded Systems with Debian GNU/Linux Internet Service Provider, Cloud Computing http://www.itsystems.tamay-dogan.net/ itsystems@tdnet Jabber linux4miche...@jabber.ccc.de Owner Michelle Konzack Gewerbe Strasse 3 Tel office: +49-176-86004575 77694 Kehl Tel mobil: +49-177-9351947 Germany Tel mobil: +33-6-61925193 (France) USt-ID: DE 278 049 239 Linux-User #280138 with the Linux Counter, http://counter.li.org/ signature.pgp Description: Digital signature
Re: Spamassassin detect my mails as spam
Hello Joe Sniderman, Am 2012-02-24 18:45:52, hacktest Du folgendes herunter: c) Public mail server mail.tamay-dogan.net (78.47.247.21) d) Receiving mail server So far, so good. If now d) is runing spamassassin, thaen my messages are to 90% rejected. Strange. What tests are firing? I get only a MAILER-DAEMON message from mail.tamay-dogan.net that the receiving MTA say, it can not resolv work1.intranet1.tamay-dogan.net. Since samba.intranet.tamay-dogan.net is in the same time my MASTER DNS and even for my private network/ subdomain intranet1.tamay-dogan.net, I was first thinking, my three NS dns1.tamay-dogan.net dns2.tamay-dogan.net dns3.tamay-dogan.net are accidently serving my private IPs to the public, but this is not the case: [ command 'dig work1.intranet1.tamay-dogan.net' ]--- work1.intranet1.tamay-dogan.net. 3600 IN A 192.168.0.13 intranet1.tamay-dogan.net. 3600 IN NS dns1.tamay-dogan.net. intranet1.tamay-dogan.net. 3600 IN NS dns.intranet1.tamay-dogan.net. intranet1.tamay-dogan.net. 3600 IN NS dns2.tamay-dogan.net. intranet1.tamay-dogan.net. 3600 IN NS dns3.tamay-dogan.net. dns.intranet1.tamay-dogan.net. 3600 IN A 192.168.0.11 dns1.tamay-dogan.net. 3600IN A 78.47.104.44 dns2.tamay-dogan.net. 3600IN A 217.147.94.23 dns3.tamay-dogan.net. 3600IN A 78.47.247.21 [ command 'dig work1.intranet1.tamay-dogan.net @dns1.tamay-dogan.net' ]-- Which mean, the subdomain intranet1.tamay-dogan.net is NOT exposed to the world even my internet NS has pointers to dns1, dns2 and dns3. But this has something to do with the views, because I have more then one intranet and all are using my public NS to update there records. Is there a was to solv this? Probably. First step is to find out what is causing it. ... and my brain stay smoking! Note: I see, not all spamassassin setups rejecting my mails including my own one if it receive mails from others and same setup. I'm not following.. Are you saying your SA setup is one of the setups that does reject your mails, or are you saying your SA setup is one of the setups that does not reject your mails? It does not reject MY mails, but sometimes it reject incoming mails for the same reason, like my mails are rejected by some other MTAs. FWIW, it looks as though the SA instance that apache is using in front of the mailing list is *not* tagging your posts as spam: X-ASF-Spam-Status: No, hits=-0.7 required=10.0 tests=RCVD_IN_DNSWL_LOW,SPF_PASS Right. Unfortunately some bigger Enterprises are rejecting my mails. However, they have fortunately good admins which whitelisted my domain but where not able to find out, what the reject trigered. They only use like me spamassassin as filter. HTH Thanks, Greetings and nice Day/Evening Michelle Konzack -- # Debian GNU/Linux Consultant ## Development of Intranet and Embedded Systems with Debian GNU/Linux Internet Service Provider, Cloud Computing http://www.itsystems.tamay-dogan.net/ itsystems@tdnet Jabber linux4miche...@jabber.ccc.de Owner Michelle Konzack Gewerbe Strasse 3 Tel office: +49-176-86004575 77694 Kehl Tel mobil: +49-177-9351947 Germany Tel mobil: +33-6-61925193 (France) USt-ID: DE 278 049 239 Linux-User #280138 with the Linux Counter, http://counter.li.org/ signature.pgp Description: Digital signature
Re: spam skating through
This sagrey plugin sounds great, I'm giving it a try now. Thanks for the info. I'd be wary about that. Personally, the FPs I've had in the past have overwhelmingly first contact. I've been giving it a whirl and adjusted the score down a little bit.. So far, it's been doing great, and the level of spam slipping through untagged has dropped significantly. On the other hand, I have fewer users these days to advise to check their quarantine folder too. :-) Users can get a digest of emails in the quarantine folder, and nobody has reported any FPs yet. I'm a happy camper. Thanks everyone! -- j
Re: Spamassassin detect my mails as spam
On Sat, 25 Feb 2012 19:17:36 +0100 Michelle Konzack wrote: You haven't quoted any rules that are firing inappropriately. Do you have any evidence that this is anything to do with Spamassassin or reverse dns? ...because it is NOT my spamassassin which reject MY mails. So there's no reason to think this has anything to do with Spamassassin. On Sat, 25 Feb 2012 20:22:52 +0100 Michelle Konzack wrote: Hello Joe Sniderman, Am 2012-02-24 18:45:52, hacktest Du folgendes herunter: Strange. What tests are firing? I get only a MAILER-DAEMON message from mail.tamay-dogan.net that the receiving MTA say, it can not resolv work1.intranet1.tamay-dogan.net. I think that this is pretty conclusive that it's nothing to do with Spamassassin. It doesn't look anything like what I'd expect for a Spamassassin-based rejection. I looks like some basic MTA check. Another thing is that it's failing to find an A-record, so nothing to do with rDNS either. Have you checked to see if you are sending mail with an @work1.intranet1.tamay-dogan.net address in the smtp envelope.
