I have an amavis problem that's driving me nuts. Spam is being identified in the logs appropriately, but amavis still passes it, so I get a copy sent to the spam quarantine address, but also the original message is delivered without any headers added or the subject altered.
The setup is freebsd, most current amavisd-new, current postfix. Once postfix is done with the messages it forwards to a qmail instance on the same box for local delivery. Relevant amavis config entries: @local_domains_maps = ( <set to my domains $final_virus_destiny = D_DISCARD; $final_banned_destiny = D_BOUNCE; $final_spam_destiny = D_DISCARD; $final_bad_header_destiny = D_PASS; $spam_quarantine_to = '[EMAIL PROTECTED]'; @spam_lovers_maps = ( '[EMAIL PROTECTED]' ); $sa_spam_modifies_subj = 'true'; $sa_tag_level_deflt = 1.0; #$sa_tag2_level_deflt = 2.0; $sa_kill_level_deflt = 2.4; $sa_dsn_cutoff_level = 3; $sa_quarantine_cutoff_level = 200; An email comes in, SA processes, leaves an entry like so: Feb 16 14:39:34 host amavis[61828]: (61828-06) SPAM, <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>, Yes, score =8.206 tag=1 tag2=x kill=2.4 tests=[EXTRA_MPART_TYPE=0.815, HELO_DYNAMIC_DIALIN=2.08, HTML_MESSAGE=0.001, MY_CID_AND_ARIAL2=0.65, MY _CID_AND_CLOSING=0.9, MY_CID_AND_STYLE=0.71, MY_CID_ARIAL2_CLOSING=1.25, MY_CID_ARIAL_STYLE=1.05, SARE_GIF_ATTACH=0.75], autolearn=n o, quarantine 46YxBtP8cN-O ([EMAIL PROTECTED]) Then: Feb 16 14:39:34 host amavis[61828]: (61828-06) FWD via SMTP: <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>, 25 0 2.6.0 Ok, id=61828-06, from MTA([xx.xx.xx.xx]:25): 250 ok 1171654774 qp 65075 and Feb 16 14:39:35 host amavis[61828]: (61828-06) Passed SPAM, [84.163.88.231] [28.39.65.136] <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>, quarantine: [EMAIL PROTECTED], Message-ID: <[EMAIL PROTECTED]>, mail_id: 46YxBtP8cN-O, Hits: 8.206, queued_as: 250 ok 1171654774 qp 65075, 22908 ms Feb 16 14:39:35 host postfix/smtp[65052]: 129B5B86C: to=<[EMAIL PROTECTED]>, relay=127.0.0.1[127.0.0.1]:10024, delay=1280, delays=1257/0/0.01/23, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=61828-06, from MTA([xx.xx.xx.xx]:25): 250 ok 1171654774 qp 65075) So a copy goes to the quarantine address, [EMAIL PROTECTED] But the unaltered original is also delivered. Quite frustrating. Any ideas on where I could look to fix this? -- -------------------------------------------- Matthew Jonkman Bleeding Edge Threats 765-429-0398 765-807-3060 fax http://www.bleedingthreats.net -------------------------------------------- PGP: http://www.bleedingthreats.com/mattjonkman.asc ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
