DevHeads.net

Postfix - Amavis erroneus SPAM

Deal, a software that control an hardware has to send alarm mail when
something happens. Starting from two weeks ago, the alarms stops to be
sent and checking in the mail server logs I see the following message:

Mar 12 09:03:57 mailserver amavis[14797]: (14797-01) Blocked SPAM
{DiscardedOpenRelay,Quarantined}, [150.217.XXX.XXX]:3685 [150.217.XXX.XXX] <mail@mydomain> ->
<mail@externaldomain>, quarantine: M/spam-M9145UbnjoSh.gz, Queue-ID: CB9E3837E0F, Message-ID:
<5E7A686C7FD740989C918BF83AAEECF3@6204eng1>, mail_id: M9145UbnjoSh,
Hits: 6.57, size: 639, 551 ms

The alarms are blocked as SPAM. Is there a way to instruct
amavis/postfix that this mails aren't SPAM?

Comments

Re: Postfix - Amavis erroneus SPAM

By Noel Jones at 03/12/2018 - 10:13

On 3/12/2018 8:15 AM, Enrico Morelli wrote:

The mail is being blocked by amavisd, so exceptions or adjustments
will need to be made in amavis or spamassassin.

Search the maillog for the amavis ID 14797-01 or check the headers
of the mail in quarantine M/spam-M9145UbnjoSh.gz

Likely some adjustment to your spamassassin scores need to be made,
maybe adding a spamassassin whitelist_from_rcvd or if the mail has
SPF or DKIM a whitelist_auth entry.

For further help with amavis or spamassassin, refer to the
documentation and user lists for those programs.

-- Noel Jones

Re: Postfix - Amavis erroneus SPAM

By Matus UHLAR - f... at 03/12/2018 - 10:07

On 12.03.18 14:15, Enrico Morelli wrote:
you need to look at its spamassassin scores to see what you can do.

check headers of M/spam-M9145UbnjoSh.gz file in your quarantine directory.

RE: Postfix - Amavis erroneus SPAM

By Fazzina, Angelo at 03/12/2018 - 09:09

Hi, I would expect you need to search your logs for all the entries for this email

CB9E3837E0F

To see exactly what happened and go from there ?
Good Luck.

-ANGELO FAZZINA

ITS Service Manager:
Spam and Virus Prevention
Mass Mailing
G Suite/Gmail

<a href="mailto: ... at uconn dot edu"> ... at uconn dot edu</a>
University of Connecticut,  ITS, SSG, Server Systems
860-486-9075

Deal, a software that control an hardware has to send alarm mail when
something happens. Starting from two weeks ago, the alarms stops to be
sent and checking in the mail server logs I see the following message:

Mar 12 09:03:57 mailserver amavis[14797]: (14797-01) Blocked SPAM
{DiscardedOpenRelay,Quarantined}, [150.217.XXX.XXX]:3685 [150.217.XXX.XXX] <mail@mydomain> ->
<mail@externaldomain>, quarantine: M/spam-M9145UbnjoSh.gz, Queue-ID: CB9E3837E0F, Message-ID:
<5E7A686C7FD740989C918BF83AAEECF3@6204eng1>, mail_id: M9145UbnjoSh,
Hits: 6.57, size: 639, 551 ms

The alarms are blocked as SPAM. Is there a way to instruct
amavis/postfix that this mails aren't SPAM?

Re: Postfix - Amavis erroneus SPAM

By Enrico Morelli at 03/12/2018 - 09:21

On Mon, 12 Mar 2018 14:09:23 +0000

Mar 12 09:03:57 mailserver amavis[14797]: (14797-01) Blocked SPAM
{DiscardedOpenRelay,Quarantined}, [150.217.XXX.XX]:3685
[150.217.XXX.XXX] <mail@mydomain> -> <mail@externaldomain>, quarantine:
M/spam-M9145UbnjoSh.gz, Queue-ID: CB9E3837E0F, Message-ID:
<5E7A686C7FD740989C918BF83AAEECF3@6204eng1>, mail_id: M9145UbnjoSh,
Hits: 6.57, size: 639, 551 ms
Mar 12 09:03:57 mailserver postfix/smtp[14715]: CB9E3837E0F:
to=<mail@externaldomain>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.6, delays=0.05/0/0.01/0.55,
dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=14797-01 - spam)
Mar 12 09:03:57 mailserver postfix/qmgr[1761]: CB9E3837E0F: removed

The mail was discarded because identified as SPAM.