MailScanner rules problem
nilton at hgnet.com.br
nilton at hgnet.com.br
Fri Mar 16 17:13:42 UTC 2018
Hi,
I've been doing a lot of testing and I've seen that MailScanner
perfectly recognizes rules written using spaces or <tab>, with or
without * before @ and even with regular expression.
I have seen that MailScanner does not receive or recognize only the
rules for local domains with the expression "To:" and so it does not
follow the rule. I've also seen that even for local domains for the
expression "From:" the rule is followed.
Looking at the header of a message sent from a user to itself, the To:
field appears empty, different from the From: field:
Return-Path: <nilton at domain1.com.br>
Delivered-To: nilton at domain1.com.br
X-Spam-Status: No
*X-HGnet-MailScanner-To:
X-HGnet-MailScanner-From:* nilton at domain1.com.br
The question is: Could the Postfix be creating a header with information
not recognized by MailScanner? Why the MailScanner does not recognize
only the local domains in "To:" rule, but recognize "From:" rule. My
search is currently focused on this issue.
Em 14/3/2018 17:40, Jim Creason escreveu:
>
>
> You don't have a wildcard asterisk before the @ in your rules, adding
> that would fix it, I believe.
>
>
> On 3/14/2018 3:21 PM, nilton at hgnet.com.br wrote:
>>
>> Hi List
>>
>> This is my first post here, so I'm sorry for my blunders. Sorry also
>> for my very bad english.
>>
>> I have a new installation of MailScanner with Postfix and Mysql and I
>> am seeing a serious problem that I have not been able to solve yet
>> and I need your help:
>>
>> Ubuntu 16.04 + MailScanner 5.0.7-2 + Postfix 3.1.0-3 + MySQL 5.7.21
>>
>> Everything works fine except for one detail. All rules related to
>> domains hosted on this mailserver are ignored by MailScanner.
>>
>> Look this:
>>
>> Local domains:
>> domain1.com.br
>> domain2.com.br
>> domain3.com.br
>>
>> ----------------
>> MailScanner.com
>> Archive Mail = %rules-dir%/archive.rules
>> Spam Actions = %rules-dir%/archive-spam.rules
>> Required SpamAssassin Score = %rules-dir%/score.rules
>> Is Definitely Not Spam = %rules-dir%/spam.whitelist.rules
>> -----------------
>>
>> archive.rules
>> FromOrTo:Â Â Â Â Â @domain2.com.br monitor at domain2.com.br
>> FromOrTo:Â Â Â Â Â @domain3.com.br monitor at domain3.com.br
>> FromOrTo:Â Â Â Â Â default monitor at X-Domain1-MailScanner-To:.com.br
>>
>> The rules for domin2.com.br and domain3.com.br are ignored by
>> Mailscanner and all messages follow default rules.
>> ----------------
>>
>> archive-spam.rules
>> To:    @domain2.com.br    forward spam at domain2.com.br delete header
>> "X-Spam-Status: Yes"
>> To:    @domain3.com.br    forward spam at domain3.com.br delete header
>> "X-Spam-Status: Yes"
>> From:  default            forward
>> spam at X-Domain1-MailScanner-To:.com.br delete header "X-Spam-Status: Yes"
>>
>> In the same way, the rules for domin2.com.br and domain3.com.br are
>> ignored by Mailscanner and all the messages follow default rules.
>> --------------------
>>
>> score.rules
>> To:      @domain2.com.br                 8.0
>> To:      @domain3.com.br                 9.0
>> To:      default                              5.0
>>
>> All messages for domain2.com and domain3.com are cached or not based
>> on default score 5.0.
>> ------------------
>>
>> spam.whitelist.rules
>> From:    @domain1.com.br            yes
>> From:    @domain2.com.br            yes
>> From:    @domain3.com.br            yes
>> From:    @google.com                yes
>> FromOrTo: default                    no
>>
>> Interestingly the "From:" rules even for local domains are recognized
>> by MailScanner.
>> Thus, it is possible to conclude that only the rules that contain
>> "To:" only for local domains do not work.
>> ----------------------
>>
>> Notice the message header below that X-Domain1-MailScanner-To: It is
>> empty, but X-Domain1-MailScanner-From: is not empty.
>>
>> Return-Path: <usertmp at Domain1.com.br>
>> Delivered-To: usertmp at Domain1.com.br
>> X-Spam-Status: No
>> X-Domain1-MailScanner-To:
>> X-Domain1-MailScanner-From: usertmp at Domain1.com.br
>> X-Domain1-MailScanner-SpamCheck: não spam (está em uma lista branca),
>> Â Â Â SpamAssassin (escore=0.4, requerido 4, ALL_TRUSTED -1.00,
>> Â Â Â BR_SAVED_URI 1.50, DKIM_SIGNED 0.10, DKIM_VALID -0.10,
>> Â Â Â DKIM_VALID_AU -0.10)
>> X-Domain1-MailScanner: Found to be clean
>> X-Domain1-MailScanner-ID: B6EBB14201A.AE9C1
>> X-Domain1-MailScanner-Information: Please contact the ISP for more
>> information
>> Received: from webmail.Domain1.com.br (localhost [127.0.0.1])
>> Â Â Â by mx1.Domain1.net.br (Postfix) with ESMTP id B6EBB14201A
>> Â Â Â for <usertmp at Domain1.com.br>; Wed, 14 Mar 2018 13:18:51 -0300 (-03)
>> DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/simple; d=Domain1.com.br;
>> Â Â Â s=default; t=1521044331; bh=w9NEcM38aPoJUJrmljw+GCJaBSw=;
>> Â Â Â h=Date:From:To:Subject;
>> b=164tD2Zhn2gvABzES+a+cpd/lZG8QHFaBb8B53JMPXbjbGVgTLIV8oH7dILByLLHV
>> Â c4W1EIgZ865H+m5BulZvekDY1gRg6E5dlkXjTp5M6CfNFbEyoV9rJUp4hs3civ/4Fq
>> Â hbRBSIxuEmoEEdsjiPrkApczoGOWxL+7PCLOfHKiiBc8MlEnr7dPI8kve8dOMgOKXR
>> Â NWz0H4qK6W+XUAIAHWSWryxWMnb6vkSafF/CxSN9W2hhjtFuqt5GhqFhOA+xxnLviQ
>> Â FdbyGg4W468XGYPsJppj8wSuVhQ7FzsuKFaM2X44oXcEGQV62HmpRpwfZyk77A4ue8
>> Â Â Â Â 8TxnOVTxrogdg==
>> MIME-Version: 1.0
>> Content-Type: text/plain; charset=US-ASCII;
>> Â format=flowed
>> Content-Transfer-Encoding: 7bit
>> Date: Wed, 14 Mar 2018 13:18:51 -0300
>> From: usertmp at Domain1.com.br
>> To: usertmp at Domain1.com.br
>> -------------------------
>>
>>
>> On the other server where everything works fine.
>> From - Wed Mar 14 13:19:49 2018
>> X-Account-Key: account27
>> X-UIDL: 000001925a9d6bca
>> X-Mozilla-Status: 0001
>> X-Mozilla-Status2: 00000000
>> X-Mozilla-Keys:
>> Return-Path: <nilton at exemplo2.com.br>
>> Delivered-To: nilton at exemplo2.com.br
>> X-Spam-Status: No
>> X-HGnet-MailScanner-To:
>> X-HGnet-MailScanner-From: nilton at exemplo2.com.br
>> X-HGnet-MailScanner-SpamCheck: não spam (está em uma lista branca),
>> Â Â Â SpamAssassin (escore=0.4, requerido 4, ALL_TRUSTED -1.00,
>> Â Â Â BR_SAVED_URI 1.50, DKIM_SIGNED 0.10, DKIM_VALID -0.10,
>> Â Â Â DKIM_VALID_AU -0.10)
>> X-HGnet-MailScanner: Found to be clean
>> X-HGnet-MailScanner-ID: B6EBB14201A.AE9C1
>> X-HGnet-MailScanner-Information: Please contact the ISP for more
>> information
>> Received: from webmail.exemplo2.com.br (localhost [127.0.0.1])
>> Â Â Â by mx1.hgnet.net.br (Postfix) with ESMTP id B6EBB14201A
>> Â Â Â for <nilton at exemplo2.com.br>; Wed, 14 Mar 2018 13:18:51 -0300 (-03)
>> DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/simple; d=exemplo2.com.br;
>> Â Â Â s=default; t=1521044331; bh=w9NEcM38aPoJUJrmljw+GCJaBSw=;
>> Â Â Â h=Date:From:To:Subject;
>> b=164tD2Zhn2gvABzES+a+cpd/lZG8QHFaBb8B53JMPXbjbGVgTLIV8oH7dILByLLHV
>> Â c4W1EIgZ865H+m5BulZvekDY1gRg6E5dlkXjTp5M6CfNFbEyoV9rJUp4hs3civ/4Fq
>> Â hbRBSIxuEmoEEdsjiPrkApczoGOWxL+7PCLOfHKiiBc8MlEnr7dPI8kve8dOMgOKXR
>> Â NWz0H4qK6W+XUAIAHWSWryxWMnb6vkSafF/CxSN9W2hhjtFuqt5GhqFhOA+xxnLviQ
>> Â FdbyGg4W468XGYPsJppj8wSuVhQ7FzsuKFaM2X44oXcEGQV62HmpRpwfZyk77A4ue8
>> Â Â Â Â 8TxnOVTxrogdg==
>> MIME-Version: 1.0
>> Content-Type: text/plain; charset=US-ASCII;
>> Â format=flowed
>> Content-Transfer-Encoding: 7bit
>> Date: Wed, 14 Mar 2018 13:18:51 -0300
>> From: nilton at exemplo2.com.br
>> To: nilton at exemplo2.com.br
>>
>> -----------------
>>
>> MailScanner or Postfix? There is a possibility that the problem is in
>> the way postfix is constructing the header, but I do not know how to
>> debug it.
>>
>> Thank you for your help on this.
>>
>> HGnet - A solução em TI.
>> <www.hgnet.com.br>
>> A Solução em TI
>>
>> *
>> Nilton Godoi*
>> Fones: +55 11 3582-2746 Â 3582-2756
>> Celular: +55 11 Â 98191-0001
>> www.hgnet.com.br
>>
>>
>>
>> --
>> Esta mensagem foi verificada pelo sistema de antiv�rus e
>> acredita-se estar livre de perigo.
>>
>>
>
>
> --
> Esta mensagem foi verificada pelo sistema de antiv�rus e
> acredita-se estar livre de perigo.
--
Esta mensagem foi verificada pelo sistema de antivírus e
acredita-se estar livre de perigo.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20180316/2dddbb89/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: hgnet_100.png
Type: image/png
Size: 6777 bytes
Desc: not available
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20180316/2dddbb89/attachment.png>
More information about the MailScanner
mailing list