<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>That doesn't seem desirable. This should be reproduceable, so
give me some time to lab this up and see what I can find out. It
wouldn't be the first time we've found interesting things lurking
in the perl mines.<br>
</p>
<div class="moz-cite-prefix">On 8/23/22 14:34, Ricky Boone wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAHAhptWgJN8k0OGJB-BKtKfQNS22H4V+KuJL8ozK2nJw-xoBCg@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<p><b><font size="+1" color="yellow">Warning: This message
originated from outside the organization. Use caution when
following links or opening attachments.</font></b><br>
</p>
<div dir="ltr">I'm troubleshooting an issue with a setting change
we're trying to test in our environment to provide users with
notifications that a message was flagged as spam, and why, as
well as to attach the original message to that notification.
<div><br>
</div>
<div>Based on the configuration docs and previous conversations,
this should be handled by including 'attachment' in the Spam
Actions setting (though some references note 'attachment'
along with 'deliver'). What I'm seeing, however, is that it
is not behaving as described. When the rule only includes
'attachment', no message is fully delivered. When it includes
'attachment' and 'deliver' (regardless of order, understanding
that it shouldn't matter), I get the message with the
'{Spam?}' subject prefix, but otherwise not encapsulated and
not including a notification message. When attempting with
'attachment' and 'notify', I only get the notification, and if
'attachment', 'deliver', and 'notify' are included, I get both
the non-encapsulated spam message and the notification without
an attachment.</div>
<div><br>
</div>
<div>Prior to opening an issue in the GitHub project, I just
want to be sure I'm not doing something incorrectly.
<div><br>
</div>
<div>For reference, I'm currently running MailScanner 5.3.3
(aware that there are newer versions, but none that appear
to be relevant to address this issue based on the changelog)
on CentOS 7 with postfix as the MTA, along with MailWatch
1.2.15. Spam Actions points to a custom rules file with a
default (FromOrTo) action set to 'store notify header
"X-Spam-Status: Yes"', but I have a To email address for
testing with 'store attachment deliver header
"X-Spam-Status: Yes"' (though I've tried this without
deliver, removing store and header, with notify, etc.).</div>
</div>
<div><br>
</div>
<div>The logs seem to reflect my settings, depending on what
I've saved and reloaded. For example, if I have attachment
and deliver set, I see this in the logs:</div>
<div><br>
</div>
<div>Aug 23 14:03:37 MailScanner[24433]: Delivery of spam:
message 0BD1220625B0.AB434 from [removed] to [removed] with
subject Re: Test message<br>
Aug 23 14:03:37 MailScanner[24433]: Spam Actions: message
0BD1220625B0.AB434 actions are attachment,store,deliver,header<br>
Aug 23 14:03:39 MailScanner[24433]: Requeue:
0BD1220625B0.AB434 to E965720625AA<br>
</div>
<div><br>
</div>
<div>And if I have only attachment set:</div>
<div><br>
</div>
<div>Aug 23 11:57:15 MailScanner[22466]: Non-delivery of spam:
message 8225F206258E.AB9CA from
[removed] to [removed] with subject Test message<br>
Aug 23 11:57:15 MailScanner[22466]: Spam Actions: message
8225F206258E.AB9CA actions are attachment,store,header<br>
</div>
<div><br>
</div>
</div>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
<pre class="moz-quote-pre" wrap="">
</pre>
</blockquote>
</body>
</html>