Topic: Handing spam for aliases and forwardings
REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER
- iRedMail version (check /etc/iredmail-release): 0.9.8 MYSQL edition
- Deployed with iRedMail Easy or the downloadable installer? installer
- Linux/BSD distribution name and version: Ubuntu 16.04.7 LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): no webserver
- Manage mail accounts with iRedAdmin-Pro? no
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
Hi,
our mail server correctly marks spam emails and moves them to the spam folder. This works if the spam mail is sent directly to a mailbox (e.g. user@example.com).
If spam is sent to an alias the mail is also marked as spam, but it is not moved to the spam folder of the alias recipient.
e.g. alias@another-example.com -> marked as spam and delivered to the inbox of user@example.com
For forwardings the mail is detected as spam, not moved to the spam folder but forwarded to the forwarding recipient.
e.g. user@example.com -> marked as spam and delivered to the inbox of user1@example.com
We would like to change the behaviour as follows:
a) move spam to the spam folder of the alias recipient
b) move spam to the spam folder and only forward mails NOT marked as spam
Here is a header of an alias address:
Return-Path: <MAILER-DAEMON>
Delivered-To: user@example.com
Received: from mail.example.com (localhost [127.0.0.1])
by mail.example.com (Postfix) with ESMTP id D9E373886F
for <alias@another-example.com>; Wed, 23 Dec 2020 11:57:53 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at mail.example.com
X-Spam-Flag: YES
X-Spam-Score: 21.685
X-Spam-Level: *********************
X-Spam-Status: Yes, score=21.685 tagged_above=2 required=6.31
tests=[BAYES_99=3.5, BAYES_999=0.2, BODY_URI_ONLY=2.999,
DKIM_ADSP_NXDOMAIN=0.9, FROM_ADDR_WS=2.999, HTML_FONT_SIZE_HUGE=0.001,
HTML_IMAGE_ONLY_08=1.651, HTML_IMAGE_RATIO_02=0.001,
HTML_MESSAGE=0.001, HTML_MIME_NO_HTML_TAG=0.377,
HTML_SHORT_LINK_IMG_1=0.001, INVALID_DATE=1.096, INVALID_MSGID=0.568,
MIME_HTML_ONLY=0.1, RDNS_NONE=0.793, SHORTENED_URL_HREF=0.999,
SHORTENER_SHORT_IMG=2.259, SPF_HELO_PASS=-0.001,
T_DATE_IN_FUTURE_Q_PLUS=0.01, T_HTML_TAG_BALANCE_CENTER=0.01,
T_REMOTE_IMAGE=0.01, T_TVD_MIME_EPI=0.01, URIBL_BLOCKED=0.001,
URIBL_CSS=0.1, URIBL_CSS_A=0.1, URIBL_DBL_SPAM=2.5, URI_NOVOWEL=0.5]
autolearn=spam autolearn_force=no
Received: from mail.example.com ([127.0.0.1])
by mail.example.com (mail.example.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id IG8OYXHhUO5Z for <alias@another-example.com>;
Wed, 23 Dec 2020 11:57:49 +0000 (UTC)
Received: from zoopermarked.no (unknown [185.235.40.208])
by mail.example.com (Postfix) with ESMTP
for <alias@another-example.com>; Wed, 23 Dec 2020 11:57:49 +0000 (UTC)
Content-Type: multipart/mixed; boundary="===============0052223709327919911=="
MIME-Version: 1.0
Received: by smtp50.i.amazonses.com with esmtpa (envelope-from <EC2-R59RKJ8IKHPN215AQ11DF@AWS-MAIL.COM>)
From: =?UTF-8?B?T2huZSBBdWZ3YW5kIFtQb3J0YWwgZvxyIENsZXZlcmVd?= <info.[a10]@ britnosslivegood.club></info>
To: alias@another-example.com
Subject: =?UTF-8?B?RmxpZd9lbmQgRW5nbGlzY2ggaW4gMiBXb2NoZW4gb2huZSBkYXMgSGF1cyB6dSB2ZXJsYXNzZW4gLSBkYXMgaXN0IGV0d2FzIGb8ciBTaWU=?=
Message-ID: EC2-R59RKJ8IKHPN215AQ11DF@AWS-MAIL.COM
Date: Wed, 10 Jan 2040 15:41:07 GMT +0300
--===============0052223709327919911==
Content-Type: text/html; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bitHere is a header of a forwarding:
Return-Path: <hlenbegehrtehindurch@dm-ap-southeast-1.console.aliyun.com>
Delivered-To: user1@example.com
Received: from mail.example.com (localhost [127.0.0.1])
by mail.example.com (Postfix) with ESMTP id A5F343E86F
for <user@example.com>; Wed, 9 Mar 2022 17:06:01 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at mail.example.com
X-Spam-Flag: YES
X-Spam-Score: 6.927
X-Spam-Level: ******
X-Spam-Status: Yes, score=6.927 tagged_above=2 required=6.31
tests=[BAYES_99=3.5, BAYES_999=0.2, DKIM_INVALID=0.1, DKIM_SIGNED=0.1,
FROM_LOCAL_NOVOWEL=0.5, HTML_MESSAGE=0.001,
HTML_MIME_NO_HTML_TAG=0.377, MIME_HTML_ONLY=0.1, MISSING_MID=0.497,
RCVD_IN_BL_SPAMCOP_NET=1.347, RCVD_IN_DNSWL_HI=-5,
RCVD_IN_VALIDITY_RPBL=1.31, RDNS_NONE=0.793, SCRIPT_GIBBERISH=2.599,
SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_REMOTE_IMAGE=0.01,
T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URI_NOVOWEL=0.5]
autolearn=no autolearn_force=no
Authentication-Results: mail.example.com (amavisd-new); dkim=neutral
reason="invalid (public key: not available)"
header.d=dm-ap-southeast-1.console.aliyun.com; domainkeys=neutral
reason="invalid (public key: not available)"
header.from=hlenbegehrtehindurchssklpsxrtxvarwwyoft@dm-ap-southeast-1.console.aliyun.com
header.d=dm-ap-southeast-1.console.aliyun.com
Received: from mail.example.com ([127.0.0.1])
by mail.example.com (mail.example.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id u5JmxdwiPVgp for <user@example.com>;
Wed, 9 Mar 2022 17:05:57 +0000 (UTC)
Received: from dm-ap-southeast-1.console.aliyun.com (unknown [91.103.252.210])
by mail.example.com (Postfix) with ESMTP
for <user@example.com>; Wed, 9 Mar 2022 17:05:56 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=smtp; d=dm-ap-southeast-1.console.aliyun.com;
h=Date:To:From:Subject:Content-Type:Mime-Version:Content-Transfer-Encoding; i=hlenbegehrtehindurchssklpsxrtxvarwwyoft@dm-ap-southeast-1.console.aliyun.com;
bh=Wh5KEN4gkb7Cp6oGj1OlkfA2tHU=;
b=MNrfYtdZyQSfzdYd3px5t1pP+2ATPQTp+ouugPu4WKvJJeFKCfsDQLh2bBfQ1szL26boAQvADwgq
HkYGf7CUrsEZOIjmS+rztbSoRCOvSd0JX6xD7GfIs+jWgJc5oO7vO8yN/HIfH8z9ImGXiiWg7hi3
QPhNccppcQLygYV3Ik8=
DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=smtp; d=dm-ap-southeast-1.console.aliyun.com;
b=SPlnW+EaBW1exU0B2MkT3qqYp2mxRoc49Xvpu0K5DX8VdknzA0HbdaNNd7ikwpJGjP7qLSQKZvYN
GFr+may8GAqOlzVGJ8STozjYEbuqHJjBtDzq6qsmNCc/rhS+VC2v+qrbbwznVpCWB/jZZRrrXjAi
z7d7GpZlX5ZpqW4rylo=;
Date: Wed, 09 Mar 2022 17:05:55 +0000
To: user@example.com
From: "=?UTF-8?Q?=44=69=65=20=48=C3=B6=68=6C=65=20=64=65=72=20=4C=C3=B6=77=65=6E?=" <hlenbegehrtehindurchssklpsxrtxvarwwyoft@dm-ap-southeast-1.console.aliyun.com>
Subject: =?UTF-8?Q?=44=65=72=20=47=72=75=6E=64=20=77=61=72=75=6D=20=6A=65=64=65=72=20=4C=C3=B6=77=65=20=69=6E=20=64=69=65=73=65=73=20=50=72=6F=64=75=6B=74=20=69=6E=76=65=73=74=69=65=72=74=20=68=61=74?=
Content-Type: text/html; charset="UTF-8"
Mime-Version: 1.0
Content-Transfer-Encoding: 8bitThanks in advance!
Chris
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.