ASSP version 2.6.3 *SPAM-Evaporator* build 19169
Postfix 3.1.0
I have a sender who is sending us emails that are not readable if they
pass through my ASSP filter / email server.
If received through my mail system:
Outlook believes they are encrypted and throws the following error
(depending on version):
"Sorry, we're having trouble opening this item. This could be temporary,
but if you see it again you might want to restart Outlook. Your Digital
ID name cannot be found by the underlying security system."
Thunderbird shows them as blank. If I view source in Thunderbird, I can
see the message, its contents, and I can decode the (small JPG) attachments.
ASSP is logging the following for the emails. Sample full log below:
info: SMIME/PGP message found
I do not believe that the sender is using encryption at all.
If I bypass my mail system, the emails are received without issue (i.e.
through GMail.)
What is the best way to troubleshoot this?
- Bob
Added the user to noprocessing as a troubleshooting step. It did not help.
Oct-04-19 12:58:15 m1-08295-07114 [Worker_2] [TLS-in] 12.197.32.39
<bad_sender@bad_sender_domain.com> info: found message size
announcement: 3.73 kByte
Oct-04-19 12:58:15 m1-08295-07114 [Worker_2] [TLS-in] 12.197.32.39
<bad_sender@bad_sender_domain.com> noprocessing Regex: noProcessing
'bad_sender@bad_sender_domain.com'
Oct-04-19 12:58:15 m1-08295-07114 [Worker_2] [TLS-in] 12.197.32.39
<bad_sender@bad_sender_domain.com> Message-Score: added -10
(tlsValencePB) for SSL-TLS-connection-OK, total score for this message
is now -10
Oct-04-19 12:58:15 m1-08295-07114 [Worker_2] [TLS-in] [NoProcessing]
12.197.32.39 <bad_sender@bad_sender_domain.com> to:
bcoff...@infofromdata.com message proxied without processing (except
checks enabled for noprocessing mails)
Oct-04-19 12:58:15 m1-08295-07114 [Worker_2] [TLS-in] 12.197.32.39
<bad_sender@bad_sender_domain.com> to: bcoff...@infofromdata.com
Whitelisted sender address: bad_sender@bad_sender_domain.com for
recipient bcoff...@infofromdata.com
Oct-04-19 12:58:15 m1-08295-07114 [Worker_2] [TLS-in] 12.197.32.39
<bad_sender@bad_sender_domain.com> to: bcoff...@infofromdata.com info:
SMIME/PGP message found
Oct-04-19 12:58:15 m1-08295-07114 [Worker_2] [TLS-in] 12.197.32.39
<bad_sender@bad_sender_domain.com> to: bcoff...@infofromdata.com info:
found known good HELO 'smtp.bad_sender_domain.com' - weight is -2
Oct-04-19 12:58:15 m1-08295-07114 [Worker_2] [TLS-in] 12.197.32.39
<bad_sender@bad_sender_domain.com> to: bcoff...@infofromdata.com
Message-Score: added -40 for KnownGoodHelo, total score for this message
is now -50
Oct-04-19 12:58:16 m1-08295-07114 [Worker_2] [TLS-in] 12.197.32.39
<bad_sender@bad_sender_domain.com> to: bcoff...@infofromdata.com
[Plugin] calling plugin ASSP_AFC
Oct-04-19 12:58:16 m1-08295-07114 [Worker_2] [TLS-in] 12.197.32.39
<bad_sender@bad_sender_domain.com> to: bcoff...@infofromdata.com message
proxied without processing (no bad attachments)
Oct-04-19 12:58:16 m1-08295-07114 [Worker_2] [TLS-in] [MessageOK]
12.197.32.39 <bad_sender@bad_sender_domain.com> to:
bcoff...@infofromdata.com message ok - (noProcessing) - [RE External
Email Re External Email Re email test]
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user
