Michael wrote: > After upgrading to 2.4.2, getting backscatter I never got before: > It looks like amavisd-new is trying to bounce email (spam) back to me > even though it exceeds dsn cutoff level.
> Spammer uses From: [EMAIL PROTECTED] to [EMAIL PROTECTED] > Amavisd-new bounces it (score of 49+) > Even though I think I have amavisd-new set up to discard past 15. > (not bounce, no dns, etc) > (ps, it didn't do this with 2.3.2 :-) > Jul 3 13:13:41 0 postfix/smtpd[36165]: connect from > hel59-2-82-225-72-182.fbx.p > roxad.net[82.225.72.182] > Jul 3 13:13:42 0 postfix/smtpd[36165]: 079595FF408: > client=hel59-2-82-225-72-18 > 2.fbx.proxad.net[82.225.72.182] > Jul 3 13:13:42 0 postfix/cleanup[36183]: 079595FF408: > message-id=<224871103845. > [EMAIL PROTECTED]> > Jul 3 13:13:42 0 postfix/qmgr[35339]: 079595FF408: > from=<[EMAIL PROTECTED]>, > size=2017, nrcpt=1 (queue active) > Jul 3 13:13:44 0 amavis[35247]: (35247-07-3) Blocked SPAM, > [82.225.72.182] [66. > 83.118.225] <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>, > Message-ID: <22487 > [EMAIL PROTECTED]>, mail_id: 4DXdMnYVs1M2, > Hits: 49.836 > , 1998 ms > Jul 3 13:13:44 0 postfix/lmtp[36184]: 079595FF408: > to=<[EMAIL PROTECTED]>, r > elay=127.0.0.1[127.0.0.1], delay=3, status=bounced (host > 127.0.0.1[127.0.0.1] sa > id: 554 5.7.1 Rejected, id=35247-07-3 - SPAM (in reply to end of DATA > command)) This looks like D_REJECT, not D_BOUNCE. Grep amavisd.conf for D_REJECT (maybe in a policy bank?) > $final_spam_destiny=D_BOUNCE; however, > $sa_dsn_cutoff_level = 10; > And in sql policy: > select spam_dsn_cutoff_level from policy where id=5; > +-----------------------+ > | spam_dsn_cutoff_level | > +-----------------------+ > | 15 | > +-----------------------+ > 1 row in set (0.00 sec) > select email,policy_id,priority from users where > email='[EMAIL PROTECTED]' or email='@secnap.com' or email='@.' order > by priority; > +----------------------+-----------+----------+ > | email | policy_id | priority | > +----------------------+-----------+----------+ > | @. | 5 | 0 | > | [EMAIL PROTECTED] | 5 | 7 | > +----------------------+-----------+----------+ > 2 rows in set (0.00 sec) > So, why is it trying to bounce it back? If amavisd-new bounces it, the DSN will be from amavisd-new (although there should not be one in this case), if D_REJECT is used, your MTA will send the DSN. So, which one created it? Gary V Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
