Watermarking not working
BlaaT 0001
blaat0001 at gmail.com
Fri Oct 31 09:39:22 GMT 2008
Hello all,
I'm still having problems using watermarking. My MailScanner settings
related to watermarking are:
Use Watermarking = yes
Add Watermark = %rules-dir%/add.watermark.rules
Check Watermarks With No Sender =
%rules-dir%/check.watermarks.with.no.sender.rules
Treat Invalid Watermarks With No Sender as Spam = 20
Check Watermarks To Skip Spam Checks = no
Watermark Secret = ***************
Watermark Lifetime = 604800
Watermark Header = X-%org-name%-WM:
We add a watermark on outgoing mail, and we check incoming mail on
watermarks (using the rulesets).
Every "no sender" mail gets marked by the watermarking feature, from the
logfile:
Oct 31 08:39:31 mailscan02 MailScanner[26686]: Message 720DF48F44B.05390 had
bad watermark, added 20 to spam score
Oct 31 08:39:31 mailscan02 MailScanner[26686]: Message 720DF48F44B.05390
from 194.106.220.35 () to ourdomain.tld is spam (no watermark or sender
address), SpamAssassin (score=0, vereist 20, autolearn=disabled)
This was a legit bounce mail, a response to a mail send from our MailScanner
machine with a watermark attached.
This is the full message:
----------------------------------------------------------------
Received: from mail91.messagelabs.com (mail91.messagelabs.com [
194.106.220.35])
by mailscan02.ourdomain.tld (Postfix) with ESMTP id 720DF48F44B
for <ra.user at ourdomain.tld>; Fri, 31 Oct 2008 08:39:26 +0100 (CET)
X-VirusChecked: Checked
X-Msg-Ref: server-7.tower-91.messagelabs.com!1225438765!40564331!1
X-StarScan-Version: 5.5.12.14.2; banners=-,-,-
X-Originating-IP: [77.94.249.25]
X-SpamReason: No, hits=0.0 required=7.0 tests=
Received: (qmail 30403 invoked from network); 31 Oct 2008 07:39:25 -0000
Received: from net3-nl-smtp-01.vevida.net (HELO net3-nl-smtp-01.vevida.net)
(77.94.249.25)
by server-7.tower-91.messagelabs.com with AES256-SHA encrypted SMTP; 31
Oct 2008 07:39:25 -0000
Received: from net3-nl-mail-02.vevida.net (net3-nl-mail-02.vevida.net [
77.94.249.24])
by net3-nl-smtp-01.vevida.net (Postfix) with ESMTP id 3976B2EC542
for <ra.user at ourdomain.tld>; Fri, 31 Oct 2008 08:39:25 +0100 (CET)
Received: by net3-nl-mail-02.vevida.net (Postfix, from userid 8)
id 3793E35002B; Fri, 31 Oct 2008 08:39:25 +0100 (CET)
Message-ID: <dovecot-1225438765-217569-0 at net3-nl-mail-02.vevida.net>
Date: Fri, 31 Oct 2008 08:39:25 +0100
From: Mail Delivery Subsystem <postmaster at vevida.net>
To: <ra.user at ourdomain.tld>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=disposition-notification;
boundary="21397/net3-nl-mail-02.vevida.net"
Subject: Automatically rejected mail
Auto-Submitted: auto-replied (rejected)
Precedence: bulk
This is a MIME-encapsulated message
--21397/net3-nl-mail-02.vevida.net
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Your message to <newz at raar-nieuws.nl> was automatically rejected:
Quota exceeded
--21397/net3-nl-mail-02.vevida.net
Content-Type: message/disposition-notification
Reporting-UA: net3-nl-mail-02.vevida.net; Dovecot Mail Delivery Agent
Final-Recipient: rfc822; newz at raar-nieuws.nl
Original-Message-ID:
<F5C8BFB7A516F643817E53C49577255F01164454 at EXCHANGE3.internal.domain>
Disposition: automatic-action/MDN-sent-automatically; deleted
--21397/net3-nl-mail-02.vevida.net
Content-Type: message/rfc822
Return-Path: <ra.user at ourdomain.tld>
Delivered-To: newz at raar-nieuws.nl
Received: from net3-nl-mx-03.vevida.net (net3-nl-mx-03.vevida.net [
77.94.249.31])
by net3-nl-mail-02.vevida.net (Postfix) with ESMTP id 332F8350029
for <newz at raar-nieuws.nl>; Fri, 31 Oct 2008 08:39:25 +0100 (CET)
X-Virus-Scanned: amavisd-new at vevida.net
X-Spam-Status: No, score=0.202 required=5 tests=[ANY_BOUNCE_MESSAGE=0.1,
HTML_MESSAGE=0.001, UNPARSEABLE_RELAY=0.001, VBOUNCE_MESSAGE=0.1]
Received: from mail.ourdomain.tld (mail.ourdomain.tld [our.ip.add.ress])
by net3-nl-mx-03.vevida.net (Postfix) with ESMTP id 38DB8976BC
for <newz at raar-nieuws.nl>; Fri, 31 Oct 2008 08:39:24 +0100 (CET)
Received: from sgmg.ourdomain.tld (sgmg.ourdomain.tld [10.2.10.109])
by mailscan02.ourdomain.tld (Postfix) with ESMTP id B76B148F448
Received: (from smtpd at 127.0.0.1) by sgmg.prdf.nl (8.13.8/8.13.8)
id m9V7dJj1022834 for <newz at raar-nieuws.nl>; Fri, 31 Oct 2008
08:39:19 +0100
Received: from unknown [10.2.10.114] by gateway id /processing/kwlCeRw3; Fri
Oct 31 08:39:19 2008
MIME-Version: 1.0
X-MimeOLE: Produced By Microsoft Exchange V6.5
Subject: Out of Office AutoReply: RaaR - muziek op zondag - Jazz au Foyer
Date: Fri, 31 Oct 2008 08:39:18 +0100
Message-ID:
<F5C8BFB7A516F643817E53C49577255F01164454 at EXCHANGE3.internal.domain>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: RaaR - muziek op zondag - Jazz au Foyer
Thread-Index: Ack7K8SpBsNSNiAkRmq5jBTFlWpQiwAAAOPO
From: "User, R" <ra.user at ourdomain.tld>
To: "RaaR eten & drinken" <newz at raar-nieuws.nl>
Content-class: urn:content-classes:message
X-ORG-WM: 1226043563.0392 at OUzi9liSBFaJtjtI7nMePQ
X-ORG: Clean
----------------------------------------------------------------
We're using a third party to scan our email and forward it to us. We use
MailScanner to filter out marked messages (spam header), we don't do much
spam-scanning ourselves, just the default SpamAssassin ruleset without any
dns checks. All our outgoing mail is relayed through the MailScanner machine
and then delivered directly to the receiver's mailserver.
We're using Postfix 2.5.1 as a MTA on an OpenBSD 4.3 machine.
-bash-3.2# /opt/MailScanner/bin/MailScanner -v
Running on
OpenBSD mailscan02.ourdomain.tld 4.3 GENERIC#698 i386
This is Perl version 5.008008 (5.8.8)
This is MailScanner version 4.70.7
Module versions are:
1.00 AnyDBM_File
1.23 Archive::Zip
0.21 bignum
1.04 Carp
2.008 Compress::Zlib
1.119 Convert::BinHex
0.17 Convert::TNEF
2.121_08 Data::Dumper
2.27 Date::Parse
1.00 DirHandle
1.05 Fcntl
2.74 File::Basename
2.09 File::Copy
2.01 FileHandle
1.08 File::Path
0.19 File::Temp
0.90 Filesys::Df
1.35 HTML::Entities
3.56 HTML::Parser
2.37 HTML::TokeParser
1.23 IO
1.14 IO::File
1.13 IO::Pipe
2.02 Mail::Header
1.86 Math::BigInt
0.19 Math::BigRat
3.07 MIME::Base64
5.425 MIME::Decoder
5.425 MIME::Decoder::UU
5.425 MIME::Head
5.425 MIME::Parser
3.07 MIME::QuotedPrint
5.425 MIME::Tools
0.11 Net::CIDR
1.25 Net::IP
0.16 OLE::Storage_Lite
1.04 Pod::Escapes
3.05 Pod::Simple
1.09 POSIX
1.19 Scalar::Util
1.78 Socket
2.16 Storable
1.4 Sys::Hostname::Long
0.18 Sys::Syslog
1.26 Test::Pod
0.7 Test::Simple
1.9707 Time::HiRes
1.02 Time::localtime
Optional module versions are:
1.36 Archive::Tar
0.21 bignum
missing Business::ISBN
missing Business::ISBN::Data
missing Data::Dump
1.814 DB_File
1.14 DBD::SQLite
1.59 DBI
1.14 Digest
1.01 Digest::HMAC
2.36 Digest::MD5
2.11 Digest::SHA1
missing Encode::Detect
missing Error
missing ExtUtils::CBuilder
missing ExtUtils::ParseXS
2.36 Getopt::Long
missing Inline
1.08 IO::String
1.08 IO::Zlib
missing IP::Country
missing Mail::ClamAV
3.002004 Mail::SpamAssassin
missing Mail::SPF
1.999001 Mail::SPF::Query
missing Module::Build
0.20 Net::CIDR::Lite
0.63 Net::DNS
missing Net::DNS::Resolver::Programmable
missing Net::LDAP
missing NetAddr::IP
missing Parse::RecDescent
missing SAVI
2.64 Test::Harness
missing Test::Manifest
1.95 Text::Balanced
1.35 URI
missing version
missing YAML
What could be causing this? Why isn't watermarking working properly?
Any help is much appreciated!
Cheers.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20081031/0c9440c7/attachment.html
More information about the MailScanner
mailing list