Re: [Postfix-es] Problemas con la detección de Spam

Rafael B. rbravo en felpahost.masilla.org
Mar Jun 10 12:40:27 CEST 2008 

Gorka wrote:
> poco lo que pretendo. Envío un mail de john en example.com a john en example.com
> (a sí mismo), el cual tiene dos virtual_aliases, que son john en example.com y
> webmaster en loquesea.com. Los logs en caso de Passed Clean (entrega el mail al
> cliente de correo) y de Blocked Spam (lo pone en cuarentena) son: 
>
> ----------------Caso de Passed Clean----------------
> postfix/smtpd[9079]: connect from unknown[10.0.0.55]
> postfix/smtpd[9079]: 30C7CAE81D0: client=unknown[10.0.0.55]
> postfix/cleanup[9082]: 30C7CAE81D0:
> message-id=<1212681912.21392.17.camel en servidor.mio.es>
> postfix/qmgr[8821]: 30C7CAE81D0: from=<john en example.com>, size=759, nrcpt=1
> (queue active)
> postfix/smtpd[9086]: connect from localhost[127.0.0.1]
> postfix/smtpd[9086]: 626ACAE8346: client=localhost[127.0.0.1]
> postfix/smtpd[9079]: disconnect from unknown[10.0.0.55]
> postfix/cleanup[9082]: 626ACAE8346:
> message-id=<1212681912.21392.17.camel en servidor.mio.es>
> postfix/qmgr[8821]: 626ACAE8346: from=<john en example.com>, size=1230, nrcpt=2
> (queue active)
> postfix/smtpd[9086]: disconnect from localhost[127.0.0.1]
> amavis[8453]: (08453-02) Passed CLEAN, LOCAL [10.0.0.55] [10.0.0.55]
> <john en example.com> -> <john en example.com>, Message-ID:
> <1212681912.21392.17.camel en servidor.mio.es>, mail_id: LzQfTqVQvluH, Hits:
> -1.053, queued_as: 626ACAE8346, 201 ms
> postfix/smtp[9083]: 30C7CAE81D0: to=<john en example.com>,
> relay=127.0.0.1[127.0.0.1]:10024, delay=0.27, delays=0.06/0.01/0/0.2,
> dsn=2.6.0, status=sent (250 2.6.0 Ok, id=08453-02, from
> MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 626ACAE8346)
> postfix/qmgr[8821]: 30C7CAE81D0: removed
> postfix/smtp[9087]: 626ACAE8346: to=<webmaster en loquesea.com>,
> orig_to=<john en example.com>, relay=none, delay=0.06, delays=0.05/0.01/0/0,
> dsn=5.4.4, status=bounced (Host or domain name not found. Name service error
> for name=loquesea.com type=A: Host found but no data record of requested
> type)
> postfix/pipe[9088]: 626ACAE8346: to=<john en example.com>, relay=dovecot,
> delay=0.08, delays=0.05/0.01/0/0.03, dsn=2.0.0, status=sent (delivered via
> dovecot service)
> postfix/cleanup[9082]: 76D62AE8344:
> message-id=<20080605161203.76D62AE8344 en sistemas-genom7.igem.es>
> postfix/bounce[9090]: 626ACAE8346: sender non-delivery notification:
> 76D62AE8344
> postfix/qmgr[8821]: 76D62AE8344: from=<>, size=3345, nrcpt=2 (queue active)
> postfix/qmgr[8821]: 626ACAE8346: removed
> postfix/smtp[9087]: 76D62AE8344: to=<webmaster en loquesea.com>,
> orig_to=<john en example.com>, relay=none, delay=0.01, delays=0.01/0/0/0,
> dsn=5.4.4, status=bounced (Host or domain name not found. Name service error
> for name=loquesea.com type=A: Host found but no data record of requested
> type)
> postfix/pipe[9088]: 76D62AE8344: to=<john en example.com>, relay=dovecot,
> delay=0.02, delays=0.01/0/0/0.01, dsn=2.0.0, status=sent (delivered via
> dovecot service)
> postfix/qmgr[8821]: 76D62AE8344: removed
>
> ----------------Caso de Blocked Spam----------------
> postfix/smtpd[9022]: connect from unknown[10.0.0.55]
> postfix/smtpd[9022]: 22D0DAE81D0: client=unknown[10.0.0.55]
> postfix/cleanup[9025]: 22D0DAE81D0:
> message-id=<1212681744.21392.15.camel en servidor.mio.es>
> postfix/qmgr[8821]: 22D0DAE81D0: from=<john en example.com>, size=671, nrcpt=1
> (queue active)
> postfix/smtpd[9022]: disconnect from unknown[10.0.0.55]
> amavis[8329]: (08329-02) Blocked SPAM, LOCAL [10.0.0.55] [10.0.0.55]
> <john en example.com> -> <john en example.com>, quarantine: spam-h3n3cqsq+myM.gz,
>   

¡¡cuidado!! Bloquea el SPAM, tendría que decir "Passed" y no "Blocked", 
que lo ponga en cuarentena es indiferente de que lo deje pasar o no. ¿Te 
está coge bien la variable de D_PASS ?

$ grep D_PASS *
20-debian_defaults:$final_spam_destiny       = D_PASS;
20-debian_defaults:$final_bad_header_destiny = D_PASS;     # 
False-positive prone (for spam)

> Message-ID: <1212681744.21392.15.camel en servidor.mio.es>, mail_id:
> h3n3cqsq+myM, Hits: 998.951, 123 ms
> postfix/smtp[9026]: 22D0DAE81D0: to=<john en example.com>,
> relay=127.0.0.1[127.0.0.1]:10024, delay=0.19, delays=0.06/0/0/0.12,
> dsn=2.5.0, status=sent (250 2.5.0 Ok, id=08329-02, BOUNCE)
> postfix/qmgr[8821]: 22D0DAE81D0: removeddovecot: pop3-login: Login: user=<john en example.com>, method=PLAIN,
>   
> rip=10.0.0.86, lip=10.0.0.5
> dovecot: POP3(john en example.com): Disconnected: Logged out top=0/0, retr=0/0,
> del=0/0, size=0
>
> El '/etc/amavis/conf.d$ grep forward_method *' no me encuentra la variable
> en ninguno de los archivos de ese directorio.
>   
    Por defecto, lo envía al 127.0.0.1:10025 ;-) no hay problema.
   

    Saludos, Rafa.



  
    Saludos, Rafa.

Más información sobre la lista de distribución Postfix-es