This seems like it may be related (or could be a new bug) to one reported
earlier.
A user connects, sends mail. I attach the maillog here and the redacted
headers from that message which ended up delivered in a user's inbox. I'm
monitoring if I can find any further mail from them to find the debug log, but
I doubt it.
The mail goes through, but no X-ASSP header is added after the first Received
header. Moreover, the headers appear to be out of order in some weird way.Odd
that the X-Assp header isn't in there. Odd that the headers in the resulting
mail message appear out of order.
I don't know this is much to go by, but of course open to suggestiosn here...
==========================Jul-18-17 12:28:21 [Worker_2] Connected:
session:7FC4BF5721B0 218.4.45.155:52784 > 123.123.123.123:25 >
suede.mydomain.com:12225Jul-18-17 12:28:22 [Worker_2] 218.4.45.155 info: got
STARTTLS request from 218.4.45.155Jul-18-17 12:28:23 m1-95303-10942 [Worker_2]
[TLS-in] 218.4.45.155 <am...@longliqicom.com> Message-Score: added -10
(tlsValencePB) for SSL-TLS-connection-OK, total score for this message is now
-10Jul-18-17 12:28:24 m1-95303-10942 [Worker_2] [TLS-in] 218.4.45.155
<am...@longliqicom.com> to: u...@recipient.com recipient delayed:
user@recipient.comJul-18-17 12:28:24 m1-95303-10942 [Worker_2] [TLS-in]
218.4.45.155 <am...@longliqicom.com> to: u...@recipient.com [SMTP Status] 451
4.7.1 Please try again laterJul-18-17 12:28:24 m1-95303-10942 [Worker_2]
[TLS-in] 218.4.45.155 <am...@longliqicom.com> to: u...@recipient.com info:
PB-IP-Score for '218.4.45.0' is 0, added -10 in this sessionJul-18-17 12:28:24
m1-95303-10942 [Worker_2] [TLS-in] 218.4.45.155 <am...@longliqicom.com> to:
u...@recipient.com disconnected: session:7FC4BF5721B0 218.4.45.155 - processing
time 3 secondsJul-18-17 12:35:39 [Worker_2] Connected: session:7FC4A8A62BA0
218.4.45.155:53610 > 123.123.123.123:25 > suede.mydomain.com:12225Jul-18-17
12:35:39 [Worker_2] 218.4.45.155 info: got STARTTLS request from
218.4.45.155Jul-18-17 12:35:40 m1-95740-12534 [Worker_2] [TLS-in] 218.4.45.155
<am...@longliqicom.com> Message-Score: added -10 (tlsValencePB) for
SSL-TLS-connection-OK, total score for this message is now -10Jul-18-17
12:35:54 m1-95740-12534 [Worker_2] [TLS-in] 218.4.45.155
<am...@longliqicom.com> to: u...@recipient.com [scoring] SPF: none
ip=218.4.45.155 mailfrom=am...@longliqicom.com
helo=mail.longliqicom.comJul-18-17 12:35:55 m1-95740-12534 [Worker_2] [TLS-in]
218.4.45.155 <am...@longliqicom.com> to: u...@recipient.com [monitoring]
SenderBase -- Blocked IP-Country CN (CHINA TELECOM)Jul-18-17 12:35:55
m1-95740-12534 [Worker_2] [TLS-in] 218.4.45.155 <am...@longliqicom.com> to:
u...@recipient.com HMM-Check has given less than 6 results - using monitoring
mode onlyJul-18-17 12:35:55 m1-95740-12534 [Worker_2] [TLS-in] 218.4.45.155
<am...@longliqicom.com> to: u...@recipient.com HMM Check [monitoring] - Prob:
0.66667 => spam - answer/query relation: 1% of 76Jul-18-17 12:35:55
m1-95740-12534 [Worker_2] [TLS-in] 218.4.45.155 <am...@longliqicom.com> to:
u...@recipient.com Bayesian Check [scoring] - Prob: 0.00000 => ham -
answer/query relation: 36% of 65Jul-18-17 12:35:56 m1-95740-12534 [Worker_2]
[TLS-in] 218.4.45.155 <am...@longliqicom.com> to: u...@recipient.com [Plugin]
calling plugin ASSP_RazorJul-18-17 12:35:56 m1-95740-12534 [Worker_2] [TLS-in]
218.4.45.155 <am...@longliqicom.com> to: u...@recipient.com Message-Score:
added 15 (ASSP_RazorValencePB) for ASSP_Razor: [scoring] 'razor check failed',
total score for this message is now 5Jul-18-17 12:35:56 m1-95740-12534
[Worker_2] [TLS-in] 218.4.45.155 <am...@longliqicom.com> to: u...@recipient.com
deleting spamming safelisted tuplet: (218.4.45.0,longliqicom.com) age:
16sJul-18-17 12:35:56 m1-95740-12534 [Worker_2] [TLS-in] [razor] 218.4.45.155
<am...@longliqicom.com> to: u...@recipient.com [Plugin] calling plugin
ASSP_DCCJul-18-17 12:35:56 m1-95740-12534 [Worker_2] [TLS-in] [MessageOK]
218.4.45.155 <am...@longliqicom.com> to: u...@recipient.com message ok
[1]Jul-18-17 12:35:56 m1-95740-12534 [Worker_2] [TLS-in] 218.4.45.155
<am...@longliqicom.com> to: u...@recipient.com info: start damping on closing
connection (1)Jul-18-17 12:35:57 m1-95740-12534 [Worker_2] [TLS-in]
218.4.45.155 <am...@longliqicom.com> to: u...@recipient.com finished message -
received DATA size: 4.22 kByte - sent DATA size: 4.78 kByteJul-18-17 12:35:57
m1-95740-12534 [Worker_2] [TLS-in] 218.4.45.155 <am...@longliqicom.com> to:
u...@recipient.com disconnected: session:7FC4A8A62BA0 218.4.45.155 - processing
time 18 seconds==========================Received: from Mail.longrich.com
([218.4.45.155] helo=mail.longliqicom.com) by suede.mydomain.com with
SMTPS(TLSv1 DHE-RSA-AES128-SHA) (2.5.6); 18 Jul 2017 12:35:39 -0400Received:
from localhost (longliqi.cn [127.0.0.1]) by mail.longliqicom.com (EMOS V1.5
(Postfix)) with ESMTP id 094F0660860C; Mon, 17 Jul 2017 11:02:18 -0400
(EST)Received: (qmail 15043 invoked by uid 113); 18 Jul 2017 12:35:56
-0400Received: from 127.0.0.1 (EHLO suede.mydomain.com) (123.123.123.123) by
mta1010.rog.mail.gq1.yahoo.com with SMTPS; Tue, 18 Jul 2017 12:35:58
-0400Received: from smtp.longliqicom.com (unknown [14.160.52.166]) (using TLSv1
with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate
requested) by mail.longliqicom.com (EMOS V1.5 (Postfix)) with ESMTPSA id
7069F6608609; Mon, 17 Jul 2017 11:02:05 -0400 (EST)Received: from
mail.longliqicom.com ([127.0.0.1]) by localhost (longliqicom.com [127.0.0.1])
(amavisd-new, port 10024) with ESMTP id LeCoKceCptql; Mon, 17 Jul 2017 11:02:17
-0400 (EST)Received: (simscan 1.4.1 ppid 14865 pid 14880 t 15.2065s) (scanners:
clamav: 0.99.2/m:58/d:23542); 18 Jul 0117 12:35:41 -0400Received: from
suede.mydomain.com (HELO mail.longliqicom.com) (123.123.123.123) by
suede.mydomain.com with SMTP; 18 Jul 2017 12:35:41 -0400Received: (qmail 15045
invoked by uid 113); 18 Jul 2017 12:35:56 -0400From: "SENDER SENDER"
<am...@longliqicom.com>To: "Recipient" <u...@server.dom>, "Recipient"
<u...@server.dom>, "Recipient" <u...@server.dom>, "Recipient"
<u...@server.dom>, "Recipient" <u...@server.dom>, "Recipient"
<u...@server.dom>, "Recipient" <u...@server.dom>, "Recipient"
<u...@server.dom>, "Recipient" <u...@server.dom>, "Recipient"
<u...@server.dom>Subject: 1Date: Tue, 18 Jul 2017 12:27:56 -0400Message-ID:
<20170717030218.094f06608...@mail.longliqicom.com>MIME-Version:
1.0Content-Type: multipart/alternative;
boundary="----=_NextPart_000_00F0_01D2FFD1.37211B50"X-Mailer: Microsoft Outlook
16.0X-Originating-IP: [123.123.123.123]Thread-Index:
AQHRIRnZh0TqKO1YufW/UHVymvFwHQ============================
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
