Part of MRTG died

Tue Jun 25 19:44:59 IST 2002

I have "Log Spam = yes" in my .conf and neither Spam nor spam in my mrtg.cfg
reveal any spam in my maillog.  *boggle*

----- Original Message -----
From: "Julian Field" <mailscanner at ECS.SOTON.AC.UK>
To: <MAILSCANNER at JISCMAIL.AC.UK>
Sent: Tuesday, June 25, 2002 11:35 AM
Subject: Re: Part of MRTG died

> Check your mailscanner.conf file for "Log Spam = no".
>
> At 17:19 25/06/2002, you wrote:
> >I've the same problem, after updating to the last available MailScanner
> >version, I've no spam reports in /var/log/maillog I've tried to do also
> >with changing "spam" to "Spam" but it doesn't work.
> >   I've sent a SPAM mail throught sendmail and here are the headers:
> >
> >
> >Return-Path: <yop at nohwere.com>
> >Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
> >         by Alufis35.uv.es (8.11.6/8.11.2) with SMTP id g5PG90512839
> >         for Pablo.Iranzo at alufis35.uv.es; Tue, 25 Jun 2002 18:09:14 +0200
> >Date: Tue, 25 Jun 2002 18:09:14 +0200
> >From: yop at nohwere.com
> >Message-Id: <200206251609.g5PG90512839 at Alufis35.uv.es>
> >X-Authentication-Warning: Alufis35.uv.es: localhost.localdomain
[127.0.0.1]
> >     didn't use HELO protocol
> >Subject: {SPAM?} Navega por telefonicaonline.com y ¡llévate cientos de
> >     Puntos Travel Club!
> >Content-type: text/html
> >MIME-Version: 1.0
> >Content-Transfer-Encoding: quoted-printable
> >X-MailScanner: Found to be clean
> >X-MailScanner-SpamCheck: SpamAssassin (score=10.1, required 5,
> >         SUBJ_HAS_Q_MARK, NO_REAL_NAME, PLING, BIG_FONT, CTYPE_JUST_HTML,
> >         MISSING_HEADERS, NO_MX_FOR_FROM)
> >
> >
> >(As you can see, thhe Mailscanner passed it throught SpamAssassin and
gave
> >it "Spam" status and did modified the subject)
> >
> >And here is the maillog "conversation":
> >
> >
> >Jun 25 18:04:50 Alufis35 sendmail[12739]: g5PG4nv12739: to=yop at yop.es,
> >delay=00:
> >00:01, xdelay=00:00:00, mailer=relay, pri=49438, relay=sello., dsn=2.0.
> >0, stat=Sent (g5PG4oJN009163 Message accepted for delivery)
> >Jun 25 18:09:00 Alufis35 sendmail[12839]: g5PG90512839: Authentication-
> >Warning:
> >Alufis35.uv.es: localhost.localdomain [127.0.0.1] didn't use HELO
protocol
> >Jun 25 18:09:37 Alufis35 sendmail[12839]: g5PG90512839:
> >from=yop at nohwere.com, si
> >ze=19465, class=0, nrcpts=1, msgid=<200206251609.g5PG90512839 at Alufis35>,
b
> >odytype=8BITMIME, proto=SMTP, daemon=MTA, relay=localhost.localdomain
> >[127.0.0.1
> >]
> >Jun 25 18:09:49 Alufis35 mailscanner[12624]: Scanning 1 messages, 20139
> >bytes
> >Jun 25 18:10:12 Alufis35 mailscanner[12624]: Scanned 1 messages, 20139
> >bytes in
> >4 seconds
> >Jun 25 18:10:13 Alufis35 sendmail[12868]: g5PG90512839:
> >to=iranzo at amena.com, del
> >ay=00:00:59, xdelay=00:00:00, mailer=relay, pri=139465, relay=sello. [1
> >47.156.1.112], dsn=5.6.0, stat=Data format error
> >Jun 25 18:10:14 Alufis35 sendmail[12868]: g5PG90512839: to=\iranzo,
> >delay=00:01:
> >00, xdelay=00:00:01, mailer=local, pri=139465, dsn=2.0.0, stat=Sent
> >Jun 25 18:10:14 Alufis35 sendmail[12868]: g5PG90512839: g5PGADY12868:
DSN:
> >Data
> >format error
> >Jun 25 18:10:14 Alufis35 sendmail[12868]: g5PGADY12868:
to=yop at nohwere.com,
> >dela
> >y=00:00:00, xdelay=00:00:00, mailer=relay, pri=49437, relay=sello., dsn
> >=2.0.0, stat=Sent (g5PGAEJN009658 Message accepted for delivery)
> >
> >It Scans the message, marks it as spam but doesn't reflect that on the
> >maillog.
> >
> >My syslog has the -r switch from previous versions. I'm running RedHat
7.3.
> >
> >
> >¿Any idea?
> >Thanks in advance
> >Pablo
>
> --
> Julian Field                Teaching Systems Manager
> jkf at ecs.soton.ac.uk         Dept. of Electronics & Computer Science
> Tel. 023 8059 2817          University of Southampton
>                              Southampton SO17 1BJ
>