email sent from virtual domains on server being tagged as spam
Jerry Benton
jerry.benton at mailborder.com
Thu Aug 6 16:45:02 UTC 2015
This is a MailScanner configuration issue.
https://www.mailscanner.info/MailScanner.conf.index.html#Spam Lists To Be Spam <https://www.mailscanner.info/MailScanner.conf.index.html#Spam%20Lists%20To%20Be%20Spam>
-
Jerry Benton
www.mailborder.com
> On Aug 6, 2015, at 12:41 PM, Howard Fleming <hfleming at moosebird.net> wrote:
>
> Hi Jerry,
>
> This is probably under the heading of a newbie question, but how do I go about fixing this?
>
> It appears spamhaus is picking up the ip address of the email client sending the the email, since it is being delivered locally on the server. I assume this is a postfix configuration issue?
>
> Thanks,
> Howard
>
>
> On 08/06/2015 12:18 PM, Jerry Benton wrote:
>> It is triggering on your RBLs.
>>
>>
>> X-Moosebird-MailScanner-SpamCheck: spam, spamhaus-ZEN
>>
>> -
>> Jerry Benton
>> www.mailborder.com <http://www.mailborder.com/>
>>
>>
>>
>>> On Aug 6, 2015, at 12:16 PM, Howard Fleming <hfleming at moosebird.net <mailto:hfleming at moosebird.net>> wrote:
>>>
>>> Header info:
>>> http://pastebin.com/FRpcJirk <http://pastebin.com/FRpcJirk>
>>>
>>> Virtual domains are handled by postfix (and if this is not what you are looking for, please let me know):
>>>
>>> main.cf:
>>> virtual_alias_domains = hash:/etc/postfix/virtual_alias_domains
>>> virtual_alias_maps = hash:/etc/postfix/virtual_alias_maps
>>>
>>> MTA is postfix.
>>>
>>> Thanks,
>>> Howard
>>>
>>>
>>>
>>>
>>>
>>> On 08/06/2015 11:41 AM, Jeremy McSpadden wrote:
>>>> Pastebin the header of one of the emails. What are you using for virtual domains ? What mta ?
>>>>
>>>> --
>>>> Jeremy McSpadden | Flux Labs
>>>> Local - 850-250-5590x501 <tel:850-250-5590;501> | Mobile - 850-890-2543 <tel:850-890-2543>
>>>> Fax - 850-254-2955 <tel:850-254-2955> | Toll Free - 877-699-FLUX <tel:877-699-FLUX>
>>>> Web - http://www.fluxlabs.net <http://www.fluxlabs.net/>
>>>>
>>>>
>>>> On Aug 6, 2015, at 10:36 AM, Howard Fleming <hfleming at moosebird.net <mailto:hfleming at moosebird.net>> wrote:
>>>>
>>>>> Good morning,
>>>>>
>>>>> I am in the process of rebuilding my mail server and running into a problem with any email sent from the 2 virtual domains on the system is being flagged as spam by MailScanner (the other 2 domains that are not virtual is working as it should). Other than the virtual domain outgoing email being flagged as spam, everything appears to be working as it should.
>>>>>
>>>>> Any suggestions on where to start looking and what additional information I need to send here for troubleshooting?
>>>>>
>>>>> System info:
>>>>>
>>>>> CentOS 6.6
>>>>> Postfix version 2.6.6, Release 6.el6_5
>>>>>
>>>>> MailScanner -v
>>>>> Running on
>>>>> Linux comm.moosebird.net <http://comm.moosebird.net/> 2.6.32-504.30.3.el6.x86_64 #1 SMP Wed Jul 15 10:13:09 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
>>>>> This is CentOS release 6.6 (Final)
>>>>> This is Perl version 5.010001 (5.10.1)
>>>>>
>>>>> This is MailScanner version 4.85.2
>>>>> Module versions are:
>>>>> 1.00 AnyDBM_File
>>>>> 1.30 Archive::Zip
>>>>> 0.23 bignum
>>>>> 1.11 Carp
>>>>> 2.021 Compress::Zlib
>>>>> 1.119 Convert::BinHex
>>>>> 0.17 Convert::TNEF
>>>>> 2.124 Data::Dumper
>>>>> 2.27 Date::Parse
>>>>> 1.03 DirHandle
>>>>> 1.06 Fcntl
>>>>> 2.77 File::Basename
>>>>> 2.14 File::Copy
>>>>> 2.02 FileHandle
>>>>> 2.08 File::Path
>>>>> 0.22 File::Temp
>>>>> 0.92 Filesys::Df
>>>>> 3.64 HTML::Entities
>>>>> 3.64 HTML::Parser
>>>>> 3.57 HTML::TokeParser
>>>>> 1.25 IO
>>>>> 1.14 IO::File
>>>>> 1.13 IO::Pipe
>>>>> 2.04 Mail::Header
>>>>> 1.9993 Math::BigInt
>>>>> 0.22 Math::BigRat
>>>>> 3.08 MIME::Base64
>>>>> 5.427 MIME::Decoder
>>>>> 5.427 MIME::Decoder::UU
>>>>> 5.427 MIME::Head
>>>>> 5.427 MIME::Parser
>>>>> 3.08 MIME::QuotedPrint
>>>>> 5.427 MIME::Tools
>>>>> 0.14 Net::CIDR
>>>>> 1.25 Net::IP
>>>>> 0.19 OLE::Storage_Lite
>>>>> 1.04 Pod::Escapes
>>>>> 3.13 Pod::Simple
>>>>> 1.17 POSIX
>>>>> 1.21 Scalar::Util
>>>>> 1.82 Socket
>>>>> 2.20 Storable
>>>>> 1.4 Sys::Hostname::Long
>>>>> 0.27 Sys::Syslog
>>>>> 1.40 Test::Pod
>>>>> 0.92 Test::Simple
>>>>> 1.9721 Time::HiRes
>>>>> 1.02 Time::localtime
>>>>>
>>>>> Optional module versions are:
>>>>> 1.58 Archive::Tar
>>>>> 0.23 bignum
>>>>> missing Business::ISBN
>>>>> missing Business::ISBN::Data
>>>>> 1.15 Data::Dump
>>>>> 1.82 DB_File
>>>>> 1.27 DBD::SQLite
>>>>> 1.609 DBI
>>>>> 1.16 Digest
>>>>> 1.01 Digest::HMAC
>>>>> 2.39 Digest::MD5
>>>>> 2.12 Digest::SHA1
>>>>> 1.01 Encode::Detect
>>>>> 0.17015 Error
>>>>> 0.27 ExtUtils::CBuilder
>>>>> 2.2203 ExtUtils::ParseXS
>>>>> 2.38 Getopt::Long
>>>>> 0.46 Inline
>>>>> 1.08 IO::String
>>>>> 1.09 IO::Zlib
>>>>> 2.28 IP::Country
>>>>> 0.29 Mail::ClamAV
>>>>> 3.003001 Mail::SpamAssassin
>>>>> v2.008 Mail::SPF
>>>>> 1.999001 Mail::SPF::Query
>>>>> 0.35 Module::Build
>>>>> 0.21 Net::CIDR::Lite
>>>>> 0.65 Net::DNS
>>>>> v0.003 Net::DNS::Resolver::Programmable
>>>>> 0.65 Net::LDAP
>>>>> 4.027 NetAddr::IP
>>>>> 1.965001 Parse::RecDescent
>>>>> missing SAVI
>>>>> 3.17 Test::Harness
>>>>> 1.22 Test::Manifest
>>>>> 2.0.0 Text::Balanced
>>>>> 1.40 URI
>>>>> 0.77 version
>>>>> missing YAML
>>>>>
>>>>>
>>>>> MailScanner --lint
>>>>> Trying to setlogsock(unix)
>>>>>
>>>>> Reading configuration file /etc/MailScanner/MailScanner.conf
>>>>> Reading configuration file /etc/MailScanner/conf.d/README
>>>>> Read 462 hostnames from the phishing whitelist
>>>>> Read 12121 hostnames from the phishing blacklists
>>>>>
>>>>> Checking version numbers...
>>>>> Version number in MailScanner.conf (4.85.2) is correct.
>>>>>
>>>>> Your envelope_sender_header in spam.assassin.prefs.conf is correct.
>>>>> MailScanner setting GID to (89)
>>>>> MailScanner setting UID to (89)
>>>>>
>>>>> Checking for SpamAssassin errors (if you use it)...
>>>>> Using SpamAssassin results cache
>>>>> Connected to SpamAssassin cache database
>>>>> SpamAssassin reported no errors.
>>>>> Connected to Processing Attempts Database
>>>>> Created Processing Attempts Database successfully
>>>>> There are 0 messages in the Processing Attempts Database
>>>>> Using locktype = posix
>>>>> MailScanner.conf says "Virus Scanners = clamd"
>>>>> Found these virus scanners installed: clamavmodule, clamd
>>>>> ===========================================================================
>>>>> Filename Checks: Windows/DOS Executable (1 eicar.com <http://eicar.com/>)
>>>>> Other Checks: Found 1 problems
>>>>> Virus and Content Scanning: Starting
>>>>> Clamd::INFECTED:: Eicar-Test-Signature :: ./1/eicar.com <http://eicar.com/>
>>>>> Virus Scanning: Clamd found 2 infections
>>>>> Infected message 1 came from 10.1.1.1
>>>>> Virus Scanning: Found 2 viruses
>>>>> ===========================================================================
>>>>> Virus Scanner test reports:
>>>>> Clamd said "eicar.com <http://eicar.com/> was infected: Eicar-Test-Signature"
>>>>>
>>>>> If any of your virus scanners (clamavmodule,clamd)
>>>>> are not listed there, you should check that they are installed correctly
>>>>> and that MailScanner is finding them correctly via its virus.scanners.conf.
>>>>>
>>>>> Thanks for any help,
>>>>> Howard
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> MailScanner mailing list
>>>>> mailscanner at lists.mailscanner.info <mailto:mailscanner at lists.mailscanner.info>
>>>>> http://lists.mailscanner.info/listinfo/mailscanner <http://lists.mailscanner.info/listinfo/mailscanner>
>>>>>
>>>>
>>>>
>>>
>>>
>>>
>>> --
>>> MailScanner mailing list
>>> mailscanner at lists.mailscanner.info <mailto:mailscanner at lists.mailscanner.info>
>>> http://lists.mailscanner.info/listinfo/mailscanner <http://lists.mailscanner.info/listinfo/mailscanner>
>>>
>>
>>
>>
>>
>
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/listinfo/mailscanner
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150806/e5fa6155/attachment.html>
More information about the MailScanner
mailing list