Hello list,
I received a Spam message with these headers and all relays are recognized as
trusted, which is wrong:
X-Amavis-Alert: BAD HEADER, Non-encoded 8-bit data (char 85 hex): Subject: Das
ist es\205dein Traumjob!\n
X-Spam-Flag: NO
X-Spam-Score: 0.272
X-Spam-Level:
X-Spam-Status: No, score=0.272 tagged_above=-999 required=5
tests=[ALL_TRUSTED=-1.8, BAYES_00=-2.599, DCC_CHECK=2.17,
DIGEST_MULTIPLE=0.001, RAZOR2_CF_RANGE_51_100=0.5,
RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CHECK=0.5]
Received: from charybdis.rus.uni-stuttgart.de ([127.0.0.1])
by localhost (charybdis.rus.uni-stuttgart.de [127.0.0.1]) (amavisd-new,
port
10024)
with LMTP id ADlVFCPYapqG; Mon, 30 Mar 2009 12:51:11 +0200 (CEST)
Received: from 237-176-244-87.sat.poltava.ua (unknown [87.244.176.237])
by charybdis.rus.uni-stuttgart.de (Postfix) with ESMTP id 33141381E32;
Mon, 30 Mar 2009 12:51:10 +0200 (CEST)
Received: from [87.244.176.237] by mx0.qq.com; Mon, 30 Mar 2009 12:51:11 +0200
From: "Stan Pate" <teg...@qq.com>
To: <au...@somewhere.de>
Subject: Das ist esÂ…dein Traumjob!
Date: Mon, 30 Mar 2009 12:51:11 +0200
Message-ID: <01c9b136$33ab8980$edb0f...@tegocn>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Importance: Normal
X-Length: 2428
X-UID: 17304
But if I rerun the message through spamassassin it will not be trusted:
# sudo -H -u vscan spamassassin -D -t < spammail.mbox
...
[1762] dbg: metadata: X-Spam-Relays-Trusted: [ ip=127.0.0.1 rdns=
helo=charybdis.rus.uni-stuttgart.de by=localhost ident= envfrom= intl=1
id=ADlVFCPYapqG auth= msa=0 ]
[1762] dbg: metadata: X-Spam-Relays-Untrusted: [ ip=87.244.176.237 rdns=
helo=237-176-244-87.sat.poltava.ua by=charybdis.rus.uni-stuttgart.de ident=
envfrom= intl=0 id=33141381E32 auth= msa=0 ] [ ip=87.244.176.237 rdns= helo=!
87.244.176.237! by=mx0.qq.com ident= envfrom= intl=0 id= auth= msa=0 ]
[1762] dbg: metadata: X-Spam-Relays-Internal: [ ip=127.0.0.1 rdns=
helo=charybdis.rus.uni-stuttgart.de by=localhost ident= envfrom= intl=1
id=ADlVFCPYapqG auth= msa=0 ]
[1762] dbg: metadata: X-Spam-Relays-External: [ ip=87.244.176.237 rdns=
helo=237-176-244-87.sat.poltava.ua by=charybdis.rus.uni-stuttgart.de ident=
envfrom= intl=0 id=33141381E32 auth= msa=0 ] [ ip=87.244.176.237 rdns= helo=!
87.244.176.237! by=mx0.qq.com ident= envfrom= intl=0 id= auth= msa=0 ]
...
[1762] dbg: check:
tests=BAYES_00,DCC_CHECK,DIGEST_MULTIPLE,FH_HELO_EQ_D_D_D_D,HELO_DYNAMIC_IPADDR2,RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E4_51_100
,RAZOR2_CHECK,RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_XBL,RDNS_NONE,SA2DNSBLC,SUBJECT_NEEDS_ENCODING
...
Does someone know why amavisd/spamassassin has recognized this message as
ALL_TRUSTED?
Greetings
Stefan
------------------------------------------------------------------------------
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
