Could not analyze message

Julian Field MailScanner at
Thu Nov 2 19:46:45 GMT 2006

Hash: SHA1

Mike Kercher wrote:
> mailscanner-bounces at <> scribbled on :
>> Hi
>> I have a customer who cant recieve an email from a certain
>> domain, the message is quarantined with a quarantine report
>> showing "Could not analyze message".
>> The email is very basic, plain text with no attachments.
>> I tried to get around this by using the Scan Messages ruleset
>> Scan Messages = %rule-dir%/scan.messages.rules
>> and set the following in scan.messages.rules
>> FromOrTo:	default	no
>> From:	no
>> FromTo:	yes
>> where is the domain sending the email being
>> blocked and is the domain recieving. However
>> the message is still being quarantined.
>> Can anyone advise what can cause the "Could not analyze
>> message"? or why my ruleset setup is not working?
>> Kind Regards
>> Paul
> Your ruleset should look like this:
> From:		no
> FromTo:	no
> FromOrTo:	default		yes
> The way your ruleset is currently, it is matching on the default entry
That won't help, it doesn't matter where the "default" rule is.

I would suspect that the envelope sender address is and not just Use the "Add Envelope 
 From Header" and "Add Envelope To Header" to check the real sender and 
recipient addresses. You can't just use the From: and To: headers, as 
they often aren't the same as the real envelope details at all.

> Mike


- -- 
Julian Field MEng CITP
Buy the MailScanner book at

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
For all your IT requirements visit

Version: PGP Desktop 9.5.0 (Build 1112)
Comment: Fetch my public key foot-print from
Charset: ISO-8859-1


This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
For all your IT requirements visit

More information about the MailScanner mailing list