if an email that is sent to two people gets quarantined due to (sql) policy setings for one user, but the score is above the threshold for another user, two msgrcpt entries are made, and x-blocked-to includes both names. using amavisd 2.6.2 on freebsd, mysql policy settings. (I think an earlier fix added x-blocked-to in cases where the email to one of the users was NOT blocked due to policy, how about if it was NOT supposed to be quarantined by policy?
example: email scored 19 points email came to [email protected] and [email protected] select spam_kill_level,spam_quarantine_cutoff_level from policy where id=(select policy_id from users where email='[email protected]'); +-----------------+------------------------------+ | spam_kill_level | spam_quarantine_cutoff_level | +-----------------+------------------------------+ | 6 | 20 | +-----------------+------------------------------+ select spam_kill_level,spam_quarantine_cutoff_level from policy where id=(select policy_id from users where email='[email protected]'); +-----------------+------------------------------+ | spam_kill_level | spam_quarantine_cutoff_level | +-----------------+------------------------------+ | 10 | 15 | +-----------------+------------------------------+ created two msgrcpt records: select * from msgrcpt where mail_id='re75DOwutBqo'\G *************************** 1. row *************************** partition_tag: 0 mail_id: re75DOwutBqo rid: 838 ds: B rs: bl: N wl: N bspam_level: 19.687 smtp_resp: 554 5.7.0 Reject, id=37059-16 - SPAM *************************** 2. row *************************** partition_tag: 0 mail_id: re75DOwutBqo rid: 13 ds: B rs: bl: N wl: N bspam_level: 19.687 smtp_resp: 554 5.7.0 Reject, id=37059-16 - SPAM 2 rows in set (0.01 sec) from quarantine file: X-Envelope-To-Blocked: <[email protected]>, <[email protected]> X-Spam-Status: Yes, score=19.687 tag=-999 tag2=5 kill=10 tests=[BAYES_99=3.5, so, should amavisd have NOT added the second msgsrcpt record, and (even though it WAS blocked) not added [email protected] to the Blocked list? if this is the design, then when doing quarantine reports, I can just doublecheck spam level and spam_quarantine_cutoff_level when doing reports. -- Michael Scheidell, CTO Phone: 561-999-5000, x 1259 > *| *SECNAP Network Security Corporation * Certified SNORT Integrator * King of Spam Filters, SC Magazine 2008 * Information Security Award 2008, Info Security Products Guide * CRN Magazine Top 40 Emerging Security Vendors * Finalist 2009 Network Products Guide Hot Companies _________________________________________________________________________ This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.secnap.com/products/spammertrap/ _________________________________________________________________________ ------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
