HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Server Operation (http://www.howtoforge.com/forums/forumdisplay.php?f=5)
-   -   Amavisd-new rejecting emails as spam (http://www.howtoforge.com/forums/showthread.php?t=47352)

geek876 15th July 2010 16:35

Amavisd-new rejecting emails as spam
 
Dear All,

We have postfix-amavisdnew-spamassassin setup on Centos. Since last 2-3 days we are facing this strange issue where by genuine emails sent to users on our mail system are being tagged as UNSOLICIT SPAM and returned to sender. From what I can see, the problem occurs because amavisd-new is looking in the header of the email and due to the difference in the client IP address where the email was generated and the server which actually passed that email to our mail server, it is thinking it is spam. So example, I send an email from my yahoo account to an account on our Mail server. The email header would have something like

Recieved: from [my-machine-ip-address] by webxxx.mail.mud.yahoo.com via HTTP

Then further up when mail server at yahoo tries to deliver this email to the user on my mail server, our mail server rejects it with the error

First upstream SMTP client IP address: [IP_of_yahoo_email_server]
webxxx.mail.mud.yahoo.com
According to a 'Received:' trace, the message apparently originated at:
[my-machine-ip-address], [my-machine-ip-address]

If I disable header checks within amavisd-new by changing /etc/amavisd.conf
@bypass_header_checks_maps = (1); it works but then it also brings along lots of spam.

Can anybody help?

Thanks.

falko 16th July 2010 16:43

Did your IP address or DNS records change recently?

geek876 16th July 2010 16:46

No the IP is static and hasn't changed recently.

falko 17th July 2010 14:18

Please check if the IP got blacklisted: http://mxtoolbox.com/blacklists.aspx

geek876 19th July 2010 12:59

No, My Ip is not blacklisted. I am not too sure if amavisd is working at all. It is letting spams in. I can see the email is being checked by amavisd on arrival but it is letting it through, even quiet obvios spam emails are being allowed. I have not changed anything within amavisd apart from the domain name.

falko 20th July 2010 13:57

Any errors in your mail log?


All times are GMT +2. The time now is 04:46.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.