Hello there, I have this list on sourceforge [email protected] and every day it came in my personal blacklist. As you can figure I don't what this, so I started do dig into the logs to try to understand why. The thing is that I don't.
So I'm here asking for help to figure it out. First the logs: mar-10-17 13:32:12 [Worker_2] Spam-Report: empty sender is replaced by 'X-Assp-Intended-For' [email protected] - no reports will be sent mar-10-17 13:32:12 [Worker_2] Spam-Report: process message from [email protected] mar-10-17 13:32:12 m-63531-12079 [Worker_1] [TLS-out] 94.177.196.100 <[email protected]> Message-Score: added 5 (irValencePB) for invalid address [email protected], total score for this message is now 5 mar-10-17 13:32:12 [Worker_2] Email: [email protected],[email protected] removed from Whitelist mar-10-17 13:32:12 [Worker_2] Email: [email protected],[email protected] removed from Whitelist mar-10-17 13:32:12 [Worker_2] Email: personal blacklist added: [email protected],[email protected] mar-10-17 13:32:12 m-63532-07185 [Worker_1] 94.177.196.100 info: PB-IP-Score for '94.177.196.0' is 5, added 5 in this session mar-10-17 13:32:12 m-63532-07185 [Worker_1] 94.177.196.100 disconnected: session:7F415D9F6CF0 94.177.196.100 - processed ids m-63531-12079 m-63532-07185 - processing time 1 seconds mar-10-17 13:32:12 [Worker_1] Worker_1 will sleep now mar-10-17 13:32:12 [Worker_2] Email: personal blacklist added: [email protected],[email protected] mar-10-17 13:32:12 [Worker_2] Email: personal blacklist added: [email protected],[email protected] mar-10-17 13:32:12 [Worker_2] Info: report message written to -> /usr/share/assp2/errors/spam/_heitor_bacula_com_br_spam--72276.rpt.eml mar-10-17 13:32:12 [Worker_2] Spam-Report: finished report-message from [email protected] mar-10-17 13:32:12 m-63532-01188 [Worker_2] 144.76.146.38 disconnected: session:7F4155951788 144.76.146.38 - processed ids m-63531-08447 m-63532-01188 - processing time 1 seconds mar-10-17 13:32:12 [Worker_2] Worker_2 will sleep now As you can see all starts with [email protected] being removed from the whitelist and then added to personal blacklist... The report message (_heitor_bacula_com_br_spam--72276.rpt.eml) is this: X-Assp-Reported-By: [email protected] Subject: [email protected]: spam Received: from mout.gmx.net ([212.227.15.15] helo=mout.gmx.net) X-Assp-ID: kyahosting.com m-63526-12337^MX-Assp-Tag: MessageLimit^MX-Assp-Envelope-From: [email protected]^MX-Assp-Intended-For: [email protected]^MReceived: from server.kyahosting.com (LHLO server.kyahosting.com) (144.76.146.38) by server.kyahosting.com with LMTP; Fri, 10 Mar 2017 13:32:11 -0300 (BRT) Received: from server.kyahosting.com (localhost.localdomain [127.0.0.1]) by server.kyahosting.com (Postfix) with ESMTPS id 636B957802B3 for <[email protected]>; Fri, 10 Mar 2017 13:32:11 -0300 (BRT) Received: from KyaHosting (localhost.localdomain [127.0.0.1]) by server.kyahosting.com (Postfix) with ESMTPS id 9456B57802AE for <[email protected]>; Fri, 10 Mar 2017 13:32:06 -0300 (BRT) X-Assp-Version: 2.5.5(16366) on kyahosting.com X-Assp-ID: kyahosting.com m-63526-12337 X-Assp-Session: 7F415E6CA158 (mail 1) X-Assp-Detected-RIP: 109.45.1.16 X-Assp-Source-IP: 109.45.1.16 X-Assp-Envelope-From: [email protected] X-Assp-Intended-For: [email protected] X-Assp-Client-TLS: yes X-Assp-Server-TLS: yes X-Assp-Message-Score: -10 (SSL-TLS-connection-OK) X-Assp-IP-Score: -10 (SSL-TLS-connection-OK) X-Assp-Message-Score: 10 (Message-ID not valid: 'trinity-bba6e4dd-4736-4805-b2a6-5ef88c424925-1489163524746@msvc-mesg-gmx119') X-Assp-IP-Score: 10 (Message-ID not valid: 'trinity-bba6e4dd-4736-4805-b2a6-5ef88c424925-1489163524746@msvc-mesg-gmx119') X-Original-Authentication-Results: kyahosting.com; spf=pass X-Assp-Message-Score: -10 (SPF pass) X-Assp-IP-Score: -10 (SPF pass) X-Assp-Message-Score: 10 (Foreign IP-Country DE (1&1 INTERNET AG)) X-Assp-Message-Score: 17 (DNSBL: neutral, 109.45.1.16 listed in l2.apews.org zen.spamhaus.org) X-Assp-IP-Score: 17 (DNSBL: neutral, 109.45.1.16 listed in l2.apews.org zen.spamhaus.org) X-Assp-DNSBL: neutral, 109.45.1.16 listed in (l2.apews.org<-127.0.0.2; zen.spamhaus.org<-127.0.0.11; ) X-Assp-Re-bombRe: PB 26: for 10% discount X-Assp-Message-Score: 26 (Regex: bombRe 'PB 26: for 10% discount' bombRe: '10% discount') X-Assp-IP-Score: 26 (Regex: bombRe 'PB 26: for 10% discount' bombRe: '10% discount') X-Assp-Message-Score: 49 (HMM Probability: 1.00000) X-Assp-IP-Score: 49 (HMM Probability: 1.00000) X-Assp-Tag: MessageLimit X-Assp-Spam: YES (Probably) X-Spam-Status:yes X-Assp-Spam-Reason: MessageScore passed low limit X-Assp-Message-Totalscore: 92 Received: from mout.gmx.net ([212.227.15.15] helo=mout.gmx.net) by kyahosting.com with SMTPS(TLSv1_2 ECDHE-RSA-AES128-GCM-SHA256) (2.5.5); 10 Mar 2017 13:32:06 -0300 Received: from [109.45.1.16] by msvc-mesg-gmx119.server.lan (via HTTP); Fri, 10 Mar 2017 17:32:04 +0100 MIME-Version: 1.0 Well AFAIK this [email protected] sent a message to the list [email protected] and ASSP caught it on a DNSBL right? What I don't understand is why ASSP removes [email protected] from whitelist and add it to the personal blacklist if the issue is with [email protected]? I've already added sourceforge.net on noProcessingDomains and *@lists.sourceforge.net|*@*.sourceforge.net on whiteListedDomains but this ain't worked. Can anyone give me a hand? Thanks -- Anahuac de Paula Gil "É agitando que se transforma a vida, o homem, a sociedade, o mundo". Francisco Julião Anahuac - http://www.anahuac.eu Tuttiverde - http://www.tuttiverde.com.br KyaHosting - http://www.kyahosting.com GUIA EcoMedical - http://ecomedical.med.br EXPOTEC - http://www.expotec.org.br suaNuvem - http://www.suanuvem.com DiasporaBR - http://diasporabr.com.br OpenLDAP - http://www.openldap.com.br Twitter: @anahuacpg Diaspora: [email protected] Jabber/XMPP: [email protected] ------------------------------------------------------------------------------ Announcing the Oxford Dictionaries API! The API offers world-renowned dictionary content that is easy and intuitive to access. Sign up for an account today to start using our lexical data to power your apps and projects. Get started today and enter our developer competition. http://sdm.link/oxford _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
