[AMaViS-user] bounce killer feature with pen pals disabled
Stefan
I don't use pen pals, means sql lookups are not configured, but the bounce
killer feature is enabled ($bounce_killer_score = 100).
I received a misdirected bounce message and saw the following lines in my
logfile (amavisd-new 2.6.4):
amavis[23652]: (23652-01) bounce rescued by: pen pals disabled (DSN), <> ->
<ste...@localside.net>, date: Tue, 7 Sep 2010 12:35:30 +0200 (CEST), from:
ste...@localside.net, message-id: <201009071035...@example.com>,
return-path: <ste...@localside.net>
amavis[23652]: (23652-01) SPAM-TAG, <> -> <ste...@localside.net>, No, score=x
tagged_above=0 required=5 tests=[] autolearn=unavailable
amavis[23652]: (23652-01) Passed CLEAN, [AAA.BBB.CCC.DDD] [AAA.BBB.CCC.DDD] <>
-> <ste...@localside.net>, Message-ID:
<201009071035...@example.com>, mail_id: cU0RlDKJmh1U, Hits: -, size:
3425, queued_as: 15A694B70116, 497 ms
Then I received a real bounce:
amavis[23652]: (23652-02) bounce rescued by domain (DSN), <> ->
<ste...@localside.net>, date: Tue, 07 Sep 2010 12:41:14 +0200, from: "Stefan
Jakobs" <ste...@localside.net>, message-id:
<00000...@valaskjalf.localside.net>, return-path: <ste...@localside.net>
amavis[23652]: (23652-02) Passed CLEAN, [AAA.BBB.CCC.DDD] [AAA.BBB.CCC.DDD] <>
-> <ste...@localside.net>, Message-ID:
<201009071041...@example.com>, mail_id: kSxqYc-Mtpyq, Hits: -1.9,
size: 4154, queued_as: 11B554B70116, 11516 ms
Now there are two things which are odd:
1) If the bounce is misdirect (the domain part of the message-id doesn't match
with one of the local domains) and a sql/pen pals check is not possible
because it isn't configured then I would aspect amavis to classify the bounce
as misdirected and add the $bounce_killer_score. For the reason that the
message-id doesn't match which the local domains and there that there is no
reference in the sql table that such a message was send.
2) Why does amavis bypass the spamassassin check if the domain part of the
message-id doesn't match one of the local domains (1st log example)?
On the other hand it will check the message if the bounce is rescued, 2nd log
example. I would assume that amavis should check the message in both cases.
Can someone help me to understand this behaviour?
Thanks and best regards
Stefan
------------------------------------------------------------------------------
This SF.net Dev2Dev email is sponsored by:
Show off your parallel programming skills.
Enter the Intel(R) Threading Challenge 2010.
http://p.sf.net/sfu/intel-thread-sfd
_______________________________________________
AMaViS-user mailing list
AMaVi...@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
Please visit http://www.ijs.si/software/amavisd/ regularly
For administrativa requests please send email to rainer at openantivirus dot org
Mark Martinec
You are right in principle. The catch here is that some outgoing mail
is generated by MUAs which do not specify a fully qualified domain name
in the Message-ID they generate, or provide some foreign domain.
By using pen pals such cases are still recognized and handled correctly
(i.e. a bounce to such valid but crippled outgoing message will not be
killed). In the absence of pen pals, I decided to rather play safe
and not kill such bounces right away (i.e. just let them be subject
to normal a spam scan).
> 2) Why does amavis bypass the spamassassin check if the domain part of the
> message-id doesn't match one of the local domains (1st log example)?
> On the other hand it will check the message if the bounce is rescued, 2nd
> log example. I would assume that amavis should check the message in both
> cases.
A bug. Such messages should still be eligible to spam checking.
Please apply the patch below to amavisd-new-2.6.4. (will be included
in 2.7.0-pre8)
--- amavisd~ 2009-06-25 14:39:01.000000000 +0200
+++ amavisd 2010-09-07 20:40:02.846462931 +0200
@@ -10715,9 +10715,15 @@
# not a bounce
} elsif ($msginfo->originating) {
- # rescued by originating
- } elsif (defined($bounce_msgid) && $bounce_msgid =~ /(\@[^\@>]+)>?\z/ &&
+ # will be rescued from bounce killing by the originating flag
+ } elsif (defined($bounce_msgid) &&
+ $bounce_msgid =~ /(\@[^\@>() \t][^\@>]*?)[ \t]*>?\z/ &&
lookup2(0,$1, ca('local_domains_maps'))) {
- # rescued by a local domain in referenced Message-ID
+ # will be rescued from bounce killing by a local domain
+ # in referenced Message-ID
+ } elsif (!defined($sql_storage) ||
+ c('penpals_bonus_score') <= 0 || c('penpals_halflife') <= 0) {
+ # will be rescued from bounce killing by pen pals disabled
} elsif (c('bounce_killer_score') > 20) {
+ # is a bounce and is eligible to bounce killing, no need for spam scan
$bypass_spam_checks_by_bounce_killer = 1;
}
Mark