LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 12-08-2008, 03:50 PM   #1
IMNOboist
Member
 
Registered: Nov 2003
Location: Northern Utah
Distribution: OpenBSD, Ubuntu, Linux Mint, Knoppix
Posts: 56

Rep: Reputation: 16
Amavis is blocking my own e-mails


My Amavis is blocking my outgoing mail:

Code:
Dec  8 10:50:22 mail amavis[8845]: (08845-01) Blocked SPAM, 
LOCAL [192.168.0.5] [192.168.0.5] 
<emailaddy@example.com> -> <emaildestination@gmail.com>, 
quarantine: b/spam-bpn+Pzr3WsMt.gz, 
Message-ID: <20081208104955.29781t2w3x4fjqzo@horde.example.com>,
mail_id: bpn+Pzr3WsMt, Hits: 9.254, size: 959, 3071 ms
Obviously, to prevent real spam I've obfuscated the real e-mail addresses.

Why is this happening? I'm guess it has something to do with the 192.168.0.5 address? How can I keep that from happening?

These are the only configuration lines I've changed:
Code:
$final_virus_destiny      = D_DISCARD;  # (data not lost, see virus quarantine)
$final_banned_destiny     = D_DISCARD;   # D_REJECT when front-end MTA
$final_spam_destiny       = D_DISCARD;
$final_bad_header_destiny = D_PASS;     # False-positive prone (for spam)
and in the 50-user file:
Code:
@local_domains_acl = qw(.); 
$log_level = 1; 
$syslog_priority = 'info'; 
$sa_kill_level_deflt = 8.0; 
@local_domains_maps = ( [".$mydomain", "example.com"] );
One more question: if I wanted spam to be sent to the user but just tagged as spam, would I just change $final_spam_destiny to D_PASS?

Thanks!
 
Old 12-08-2008, 05:01 PM   #2
billymayday
Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
To work out what is triggering amavis, you should post the headers from the email that will have the spamassassin tests that are being hit.

Easiest way to stop amavis from checking outgoing mail is to whitelist it, something like

read_hash(\%whitelist_sender, '/var/amavis/whitelist');

in amavisd.conf, then the file itself is just lines like

example.com
sender@example.com
[numeric.sender.IP.here]

HTH

Edit - you could PASS it, but I'd up the kill level.

Last edited by billymayday; 12-08-2008 at 05:03 PM.
 
Old 12-08-2008, 05:19 PM   #3
IMNOboist
Member
 
Registered: Nov 2003
Location: Northern Utah
Distribution: OpenBSD, Ubuntu, Linux Mint, Knoppix
Posts: 56

Original Poster
Rep: Reputation: 16
Thanks! That whitelist isn't a bad idea, but I'd like to see if there's another way.

Here's the headers:
Code:
Return-Path: <emailaddy@example.com>
Delivered-To: spam-quarantine
X-Envelope-From: <emailaddy@example.com>
X-Envelope-To: <destinationaddress@gmail.com>
X-Quarantine-ID: <bpn+Pzr3WsMt>
X-Spam-Flag: YES
X-Spam-Score: 9.254
X-Spam-Level: *********
X-Spam-Status: Yes, score=9.254 tag=2 tag2=6.31 kill=8
        tests=[ALL_TRUSTED=-1.44, PYZOR_CHECK=2.834, TVD_RCVD_IP=1.617,
        TVD_RCVD_IP4=3.344, TVD_SPACE_RATIO=2.899]
Received: from mail.domain.local ([127.0.0.1])
        by localhost (mail.domain.local [127.0.0.1]) (amavisd-new, port 10024)
        with ESMTP id bpn+Pzr3WsMt for <destinationaddress@gmail.com>;
        Mon,  8 Dec 2008 10:50:19 -0700 (MST)
Received: from 192.168.0.50 (horde.example.com [192.168.0.5])
        by mail.example.com (Postfix) with ESMTPA id 8560738372
        for <destinationaddress@gmail.com>; Mon,  8 Dec 2008 10:50:19 -0700 (MST)
Received: from ns1.example.com (ns1.example.com
        [192.168.0.4]) by horde.example.com (Horde Framework) with HTTP;
        Mon, 08 Dec 2008 10:49:55 -0700
Message-ID: <20081208104955.29781t2w3x4fjqzo@horde.example.com>
Date: Mon, 08 Dec 2008 10:49:55 -0700
From: Sean Phelps <emailaddy@example.com>
To: destination@gmail.com
Subject: asdf
MIME-Version: 1.0
Content-Type: text/plain;
        charset=ISO-8859-1;
        DelSp="Yes";
        format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
User-Agent: Dynamic Internet Messaging Program (DIMP) H3 (1.1)
 
  


Reply

Tags
spam


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
AMAVIS: filter mails with certain characters t0bias Linux - Server 2 10-27-2008 05:44 AM
Blocking mails from specific email addresses/domains in postfix jomy Linux - Networking 1 07-15-2008 08:32 PM
Banned mails by amavis because of decipherable content hypernetics Linux - Software 2 02-14-2008 01:35 PM
Amavis "makes SPAM" of my Mails liqui Linux - Software 1 12-02-2005 03:44 AM
Blocking JUnk Mails in postfix jomy Linux - Networking 1 12-29-2004 12:07 PM


All times are GMT -5. The time now is 11:36 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration