Blacklisted spam
technical coordinator
tc at SHENANDOAH.K12.IN.US
Mon Mar 22 18:40:38 GMT 2004
On Friday I asked the question about spam being sent to the end user. I'm sending a copy of the logfile for two messages that show should have been deleted as high scoring spam(blacklisted) but made it to the end user. Also, at this point all hotmail accounts are being blacklisted. My blacklist does not include Hotmail.
Can anyone help me?
Dale
Message 1
Mar 22 12:56:05 mail sendmail[23266]: i2MHsZHZ023266: to=<user1 at domain.com>, delay=00:01:25, mailer=relay, pri=30378, stat=queued
Mar 22 12:56:05 mail MailScanner[18916]: New Batch: Scanning 1 messages, 2060 bytes
Mar 22 12:56:05 mail MailScanner[18916]: Spam Checks: Starting
Mar 22 12:56:05 mail MailScanner[18916]: Message i2MHsZHZ023266 from 81.198.33.155 (shannonrankin7 at hotmail.com) to shenandoah.k12.in.us is spam (blacklisted)
Mar 22 12:56:05 mail MailScanner[18916]: Spam Checks: Found 1 spam messages
Mar 22 12:56:05 mail MailScanner[18916]: Virus and Content Scanning: Starting
Mar 22 12:56:05 mail MailScanner[18916]: Uninfected: Delivered 1 messages
Mar 22 12:56:06 mail sendmail[23401]: i2MHsZHZ023266: to=<user1 at domain.com>, delay=00:01:26, xdelay=00:00:01, mailer=relay, pri=120378, relay=[10.1.4.1] [10.1.4.1], dsn=2.0.0, stat=Sent ( <VIRJGXXITRWBIQRHUVHSOXF at msn.com> Queued mail for delivery)
Message2
Mar 22 12:57:05 mail sendmail[23402]: i2MHuVHZ023402: to=<user1 at domain.com>, delay=00:00:24, mailer=relay, pri=30378, stat=queued
Mar 22 12:57:05 mail MailScanner[18905]: New Batch: Scanning 2 messages, 27065 bytes
Mar 22 12:57:05 mail MailScanner[18905]: Spam Checks: Starting
Mar 22 12:57:05 mail MailScanner[18905]: Message i2MHv2HZ023410 from 193.252.173.5 (promo at free-as-a-bird.com) to shenandoah.k12.in.us is spam, SpamAssassin (score=5.679, required 3, MICROSOFT_EXECUTABLE 0.10, MISSING_MIMEOLE 1.15, MSGID_FROM_MTA_SHORT 3.31, NO_REAL_NAME 0.28, PRIORITY_NO_NAME 0.83)
Mar 22 12:57:05 mail MailScanner[18905]: Message i2MHuVHZ023402 from 211.26.10.100 (shannonrankin7 at hotmail.com) to shenandoah.k12.in.us is spam (blacklisted)
Mar 22 12:57:05 mail MailScanner[18905]: Spam Checks: Found 2 spam messages
Mar 22 12:57:05 mail MailScanner[18905]: Spam Actions: message i2MHv2HZ023410 actions are spam at domain.com,forward,striphtml
Mar 22 12:57:06 mail MailScanner[18905]: Virus and Content Scanning: Starting
Mar 22 12:57:06 mail MailScanner[18905]: /var/spool/MailScanner/incoming/18905/i2MHv2HZ023410/your_picture.pif Infection: W32/Netsky.D at mm
Mar 22 12:57:06 mail MailScanner[18905]: Virus Scanning: F-Prot found virus W32/Netsky.D at mm
Mar 22 12:57:06 mail MailScanner[18905]: Virus Scanning: F-Prot found 1 infections
Mar 22 12:57:06 mail MailScanner[18905]: Infected message i2MHv2HZ023410 came from 193.252.173.5
Mar 22 12:57:06 mail MailScanner[18905]: Virus Scanning: Found 1 viruses
Mar 22 12:57:06 mail MailScanner[18905]: Filename Checks: Possible MS-Dos program shortcut attack (your_picture.pif)
Mar 22 12:57:06 mail MailScanner[18905]: Other Checks: Found 1 problems
Mar 22 12:57:06 mail MailScanner[18905]: Saved infected "your_picture.pif" to /var/spool/MailScanner/quarantine/20040322/i2MHv2HZ023410
Mar 22 12:57:06 mail MailScanner[18905]: Uninfected: Delivered 1 messages
Mar 22 12:57:06 mail sendmail[23426]: i2MHuVHZ023402: to=<user1 at domain.com>, delay=00:00:25, xdelay=00:00:00, mailer=relay, pri=120378, relay=[10.1.4.1] [10.1.4.1], dsn=2.0.0, stat=Sent ( <VIRJGXXITRWBIQRHUVHSOXF at msn.com> Queued mail for delivery)
More information about the MailScanner
mailing list