<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>Confirmed unexpected behavior, more debugging and testing in
progress.<br>
</p>
<div class="moz-cite-prefix">On 8/30/22 08:50, Ricky Boone wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAHAhptXgZbnaCKUtdwKDtt0sZmM2+OfyX09HCwcw4T6toxoC5w@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">Thank you, Shawn, for the quick response. If
there's anything I can do to help with either the research
and/or troubleshooting around this, please let me know. I am by
no means a competent Perl dev, but my management is very
interested in getting this working properly (not meaning to add
any pressure or assume expectations), and I'm a bit stuck at the
moment.</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Tue, Aug 23, 2022 at 4:22
PM Shawn Iverson via MailScanner <<a
href="mailto:mailscanner@lists.mailscanner.info"
moz-do-not-send="true" class="moz-txt-link-freetext">mailscanner@lists.mailscanner.info</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
<p>That doesn't seem desirable. This should be
reproduceable, so give me some time to lab this up and
see what I can find out. It wouldn't be the first time
we've found interesting things lurking in the perl mines.<br>
</p>
<div>On 8/23/22 14:34, Ricky Boone wrote:<br>
</div>
<blockquote type="cite">
<p><b><font size="+1" color="yellow">Warning: This message
originated from outside the organization. Use
caution when following links or opening attachments.</font></b><br>
</p>
<div dir="ltr">I'm troubleshooting an issue with a setting
change we're trying to test in our environment to
provide users with notifications that a message was
flagged as spam, and why, as well as to attach the
original message to that notification.
<div><br>
</div>
<div>Based on the configuration docs and previous
conversations, this should be handled by including
'attachment' in the Spam Actions setting (though some
references note 'attachment' along with 'deliver').
What I'm seeing, however, is that it is not behaving
as described. When the rule only includes
'attachment', no message is fully delivered. When it
includes 'attachment' and 'deliver' (regardless of
order, understanding that it shouldn't matter), I get
the message with the '{Spam?}' subject prefix, but
otherwise not encapsulated and not including a
notification message. When attempting with
'attachment' and 'notify', I only get the
notification, and if 'attachment', 'deliver', and
'notify' are included, I get both the non-encapsulated
spam message and the notification without an
attachment.</div>
<div><br>
</div>
<div>Prior to opening an issue in the GitHub project, I
just want to be sure I'm not doing something
incorrectly.
<div><br>
</div>
<div>For reference, I'm currently running MailScanner
5.3.3 (aware that there are newer versions, but none
that appear to be relevant to address this issue
based on the changelog) on CentOS 7 with postfix as
the MTA, along with MailWatch 1.2.15. Spam Actions
points to a custom rules file with a default
(FromOrTo) action set to 'store notify header
"X-Spam-Status: Yes"', but I have a To email address
for testing with 'store attachment deliver header
"X-Spam-Status: Yes"' (though I've tried this
without deliver, removing store and header, with
notify, etc.).</div>
</div>
<div><br>
</div>
<div>The logs seem to reflect my settings, depending on
what I've saved and reloaded. For example, if I have
attachment and deliver set, I see this in the logs:</div>
<div><br>
</div>
<div>Aug 23 14:03:37 MailScanner[24433]: Delivery of
spam: message 0BD1220625B0.AB434 from [removed] to
[removed] with subject Re: Test message<br>
Aug 23 14:03:37 MailScanner[24433]: Spam Actions:
message 0BD1220625B0.AB434 actions are
attachment,store,deliver,header<br>
Aug 23 14:03:39 MailScanner[24433]: Requeue:
0BD1220625B0.AB434 to E965720625AA<br>
</div>
<div><br>
</div>
<div>And if I have only attachment set:</div>
<div><br>
</div>
<div>Aug 23 11:57:15 MailScanner[22466]: Non-delivery of
spam: message 8225F206258E.AB9CA from
[removed] to [removed] with subject Test message<br>
Aug 23 11:57:15 MailScanner[22466]: Spam Actions:
message 8225F206258E.AB9CA actions are
attachment,store,header<br>
</div>
<div><br>
</div>
</div>
<br>
<fieldset></fieldset>
</blockquote>
</div>
<br>
<br>
-- <br>
MailScanner mailing list<br>
<a href="mailto:mailscanner@lists.mailscanner.info"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">mailscanner@lists.mailscanner.info</a><br>
<a
href="http://lists.mailscanner.info/mailman/listinfo/mailscanner"
rel="noreferrer" target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">http://lists.mailscanner.info/mailman/listinfo/mailscanner</a><br>
<br>
</blockquote>
</div>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
<pre class="moz-quote-pre" wrap="">
</pre>
</blockquote>
</body>
</html>