Stefan,
> I don't use pen pals, means sql lookups are not configured, but the bounce
> killer feature is enabled ($bounce_killer_score = 100).
> I received a misdirected bounce message and saw the following lines in my
> logfile (amavisd-new 2.6.4):
>
> amavis[23652]: (23652-01) bounce rescued by: pen pals disabled (DSN), <> ->
> <[email protected]>, date: Tue, 7 Sep 2010 12:35:30 +0200 (CEST), from:
> [email protected], message-id: <[email protected]>,
> return-path: <[email protected]>
> amavis[23652]: (23652-01) SPAM-TAG, <> -> <[email protected]>, No,
> score=x tagged_above=0 required=5 tests=[] autolearn=unavailable
> amavis[23652]: (23652-01) Passed CLEAN, [AAA.BBB.CCC.DDD] [AAA.BBB.CCC.DDD]
> <> -> <[email protected]>, Message-ID:
> <[email protected]>, mail_id: cU0RlDKJmh1U, Hits: -,
> size: 3425, queued_as: 15A694B70116, 497 ms
>
> Then I received a real bounce:
>
> amavis[23652]: (23652-02) bounce rescued by domain (DSN), <> ->
> <[email protected]>, date: Tue, 07 Sep 2010 12:41:14 +0200, from:
> "Stefan Jakobs" <[email protected]>, message-id:
> <[email protected]>, return-path: <[email protected]>
> amavis[23652]: (23652-02) Passed CLEAN, [AAA.BBB.CCC.DDD] [AAA.BBB.CCC.DDD]
> <> -> <[email protected]>, Message-ID:
> <[email protected]>, mail_id: kSxqYc-Mtpyq, Hits: -1.9,
> size: 4154, queued_as: 11B554B70116, 11516 ms
> Now there are two things which are odd:
> 1) If the bounce is misdirect (the domain part of the message-id doesn't
> match with one of the local domains) and a sql/pen pals check is not
> possible because it isn't configured then I would aspect amavis to
> classify the bounce as misdirected and add the $bounce_killer_score. For
> the reason that the message-id doesn't match which the local domains and
> there that there is no reference in the sql table that such a message was
> send.
You are right in principle. The catch here is that some outgoing mail
is generated by MUAs which do not specify a fully qualified domain name
in the Message-ID they generate, or provide some foreign domain.
By using pen pals such cases are still recognized and handled correctly
(i.e. a bounce to such valid but crippled outgoing message will not be
killed). In the absence of pen pals, I decided to rather play safe
and not kill such bounces right away (i.e. just let them be subject
to normal a spam scan).
> 2) Why does amavis bypass the spamassassin check if the domain part of the
> message-id doesn't match one of the local domains (1st log example)?
> On the other hand it will check the message if the bounce is rescued, 2nd
> log example. I would assume that amavis should check the message in both
> cases.
A bug. Such messages should still be eligible to spam checking.
Please apply the patch below to amavisd-new-2.6.4. (will be included
in 2.7.0-pre8)
--- amavisd~ 2009-06-25 14:39:01.000000000 +0200
+++ amavisd 2010-09-07 20:40:02.846462931 +0200
@@ -10715,9 +10715,15 @@
# not a bounce
} elsif ($msginfo->originating) {
- # rescued by originating
- } elsif (defined($bounce_msgid) && $bounce_msgid =~ /(\...@[^\@>]+)>?\z/ &&
+ # will be rescued from bounce killing by the originating flag
+ } elsif (defined($bounce_msgid) &&
+ $bounce_msgid =~ /(\...@[^\@>() \t][^\@>]*?)[ \t]*>?\z/ &&
lookup2(0,$1, ca('local_domains_maps'))) {
- # rescued by a local domain in referenced Message-ID
+ # will be rescued from bounce killing by a local domain
+ # in referenced Message-ID
+ } elsif (!defined($sql_storage) ||
+ c('penpals_bonus_score') <= 0 || c('penpals_halflife') <= 0) {
+ # will be rescued from bounce killing by pen pals disabled
} elsif (c('bounce_killer_score') > 20) {
+ # is a bounce and is eligible to bounce killing, no need for spam scan
$bypass_spam_checks_by_bounce_killer = 1;
}
Mark
------------------------------------------------------------------------------
This SF.net Dev2Dev email is sponsored by:
Show off your parallel programming skills.
Enter the Intel(R) Threading Challenge 2010.
http://p.sf.net/sfu/intel-thread-sfd
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
Please visit http://www.ijs.si/software/amavisd/ regularly
For administrativa requests please send email to rainer at openantivirus dot
org
