Authenticated users' emails classified as spam #2622
Comments
|
Another thing is that I'm getting this: This user is authenticated. Why rspamd sees it as unauthenticated? |
|
Anyone? |
|
Make sure your MTA sends |
|
Thanks for the reply. This is what I have in Postfix: |
|
The quotes around parameter value look suspicious. Try to remove them. |
|
Indeed. The problem was the quotes! Thanks a lot @moisseev ! |
In modern times where a lot of spam is sent by hacked accounts of mailproviders with good reputation and not by bots, you should filter outgoing mails for spam too. Your users might have been hacked. |
|
Thanks @yoshimo ! You are probably right and I can also see the need. I've quickly checked the documentation https://rspamd.com/doc/tutorials/scanning_outbound.html which says that it is done through Rmilter but it also says that it is deprecated since Rspamd 1.6? The version I have is 1.8.1 |
|
You don't need rmilter anymore. Use rspamd proxy instead. |
|
I'm already using the rspamd proxy. Do I need special configs to filter outbound emails? |
|
No, just follow Using Rspamd with Postfix MTA. |
|
Sorry for the late reply. My Rspamd is already configured like that. Thanks a lot guys for all the help. Great support. |
Classification (Please choose one option):
Reproducibility (Please choose one option):
Rspamd version:
version 1.8.1
Operation system, CPU:
Debian 9
Description (Please provide a descriptive summary of the issue):
Some of the authenticated users' emails classified as spams.
Compile errors (if any):
Relevant logs (see details here):
Expected results:
local and authenticated users should not be classified as spams
Actual results:
Some authenticated users are classified as spams
Debugging information (see details here):
Configuration (e.g.
rspamadm configdump module):Additional information:
Hi,
As mentioned above, some of my authenticated users are being classified as spams as you can see below:
2018-11-07 11:02:13 #30678(rspamd_proxy) <363e69>; proxy; rspamd_task_write_log: id: <bb349cce-9968-688e-ed4a-7eee0c6817c0@example.com>, qid: <37D2F5A00>, ip: x.x.x.x, from: <john@example.com>, (default: F (add header): [13.66/15.00] [HFILTER_HELO_BADIP(4.50){192.168.1.26;1;},HFILTER_HOSTNAME_5(3.00){x.x-x-x.isp.orange.be;},IP_SCORE(2.27){ip: (5.91), ipnet: x.x.0.0/14(2.96), asn: 5432(2.47), country: BE(0.01);},DMARC_POLICY_REJECT(2.00){example.com : No valid SPF, No valid DKIM;reject;},RBL_SPAMHAUS_PBL(2.00){81.56.65.87.zen.spamhaus.org : 127.0.0.11;},MIME_GOOD(-0.10){text/plain;},MX_GOOD(-0.01){cached: mail.example.com;},ARC_NA(0.00){},ASN(0.00){asn:5432, ipnet:x.x.0.0/14, country:BE;},FROM_EQ_ENVFROM(0.00){},FROM_HAS_DN(0.00){},GREYLIST(0.00){pass;body;},MID_RHS_MATCH_FROM(0.00){},RCPT_COUNT_ONE(0.00){1;},RCVD_COUNT_ZERO(0.00){0;},RCVD_TLS_ALL(0.00){},R_DKIM_NA(0.00){},R_SPF_PERMFAIL(0.00){-all;},TO_DN_ALL(0.00){},TO_DOM_EQ_FROM_DOM(0.00){},TO_MATCH_ENVRCPT_ALL(0.00){}]), len: 447, time: 128.002ms real, 5.978ms virtual, dns req: 21, digest: <d67360b8433316135996d2ad208abfac>, rcpts: <peter@example.com>, mime_rcpts: <peter@example.com>What is also strange is that my domain "example.com" is rejected because it has no valid SPF no DKIM which is not the case. Could you please help?
The text was updated successfully, but these errors were encountered: