Problem Messages

Remco Barendse mailscanner at barendse.to
Thu Jun 11 13:27:26 IST 2009 

On Tue, 2 Jun 2009, Julian Field wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Look for traces of the messages in your mail logs. That will tell you
> what happened. You might then want to try digging the messages out of
> quarantine and running them through MailScanner manually (start with
> "MailScanner --help" and work from there) one at a time to see what goes
> wrong.
>
> If you want to wipe the database you can always just delete it. Its
> location in set in MailScanner.conf (look for "Processing.db" in there).
>
> Also, the fact that they have been the cause of these problems means
> that they were never delivered, so you may want to take a look at them
> and figure out if they were important and what you might want to do
> about this.

I keep getting the problem messages e-mails. The fact that mails are not 
delivered is not a problem, so far they are all spam. I suspect the 
problem is in Processing.db because i get this in my e-mail :

Archive:

Number of messages: 1
Tries   Message Last Tried
=====   ======= ==========
6       n59KLG4X024369  Tue Jun  9 22:51:41 2009

--
MailScanner


However, when i search for that file :
[root at mail ]# locate -i 59KLG4X024369
/var/spool/MailScanner/quarantine/20090609/n59KLG4X024369
/var/spool/MailScanner/quarantine/20090609/n59KLG4X024369/dfn59KLG4X024369
/var/spool/MailScanner/quarantine/20090609/n59KLG4X024369/qfn59KLG4X024369

The messages are long gone into quarantine and dealt with.


[root at mail ]# cat /var/log/maillog | grep -i 59KLG4X024369
Jun  9 22:21:36 mail sendmail[24369]: n59KLG4X024369: 
from=<rit1win at msn.com>, size=10348, class=0, nrcpts=1, 
msgid=<BLU130-W211108316762336E4C0169EB440 at phx.gbl>, proto=ESMTP, 
daemon=MTA, relay=blu0-omc2-s15.blu0.hotmail.com [65.55.111.90]
Jun  9 22:21:36 mail sendmail[24369]: n59KLG4X024369: 
to=<x.xxxxxxxx at xxxx.xxx>, delay=00:00:00, mailer=esmtp, pri=40348, 
stat=queued
Jun  9 22:25:07 mail MailScanner[22079]: Making attempt 2 at processing 
message n59KLG4X024369
Jun  9 22:30:59 mail MailScanner[23616]: Making attempt 3 at processing 
message n59KLG4X024369
Jun  9 22:36:51 mail MailScanner[20198]: Making attempt 4 at processing 
message n59KLG4X024369
Jun  9 22:42:33 mail MailScanner[19693]: Making attempt 5 at processing 
message n59KLG4X024369
Jun  9 22:46:03 mail MailScanner[23456]: Making attempt 6 at processing 
message n59KLG4X024369
Jun  9 22:46:04 mail MailScanner[24456]: Warning: skipping message 
n59KLG4X024369 as it has been attempted too many times
Jun  9 22:46:04 mail MailScanner[24456]: Quarantined message 
n59KLG4X024369 as it caused MailScanner to crash several times
Jun  9 22:46:04 mail MailScanner[24456]: Saved entire message to 
/var/spool/MailScanner/quarantine/20090609/n59KLG4X024369

Doesn't make me any wiser

I'm running :
Running on
Linux 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 
2009 x86_64 x86_64 x86_64 GNU/Linux
This is CentOS release 5.3 (Final)
This is Perl version 5.008008 (5.8.8)

This is MailScanner version 4.77.10


I want to try to run the e-mail manually through MailScanner but --info 
doesn't enlighten me (yes also here PBKAC) :PPP

MailScanner [ -h|-v|--debug|--debug-sa|--lint ] |
             [ --processing | --processing=<minimum> ] |
             [ -c|--changed ] |
             [ --id=<message-id> ] |
             [ --inqueuedir=<dir-name|glob> ] |
             [--value=<option-name> --from=<from-address>
              --to=<to-address>,    --to=<to-address-2>, ...]
              --ip=<ip-address>,    --virus=<virus-name> ]
             <MailScanner.conf-file-location>


What should i do with the qf/df pair to run MailScanner manually?

Thanks!

More information about the MailScanner mailing list