Am 28.08.2013 22:12, schrieb Chris Wilson:
Hi Marius,
On Wed, 28 Aug 2013, Cyborg wrote:
This works for entire day and night, since one or more years, BUT
randomly, a spam slips throu with the remark, it wasn't scanned at
all. Which is true, as Spamassassins log shows not even the try to
check it.
It could be that a rule higher up in the ACL accepted the message
before it got to spamd. For example, do you have a rule to allow all
authenticated email? Or all email to a particular domain, or from a
particular host? Without seeing the entire ACL before the spamd
rule, it's difficult to know what to suggest.
The answere is no.
The skipped message has this header "X-Spam-Note: SpamAssassin
uebersprungen : domain=${domain:$h_to:} e=${domain:$recipients} "
which is the "your not authenticated and spamd did not give a result
either OR Antispam is disabled for that domain" rule.
As antispam is enabled and the sender is not authenticated, the
spamscore was not defined => not scanned.
But it should have been... i added debug output to find out the cause
of it.
OK. But the conditions on the spam rule and the warn rule are not the
same, if I understood your message correctly. So it's conceivable for
a message to not match the spam rule, but match the warn rule.
The mails get scanned correctly, when resend to the server, so the rule
applies. Thats what bothering me most, otherwise there would be a
mistake in the rule logic.
You might want to add another warn rule that duplicates the conditions
of the spam rule exactly, and see whether it's triggered if this
happens again.
already done ;) I even thought about a second spamcheck rule, if the
score should be defined, but isn't.
Is there anything in the Exim mainlog about a failure to contact spamd
(or the database, or anything else) at the time that the message
skipped the spam rule?
nope..
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
