Closed lifeboy closed 1 year ago
I have done another test, this time from a gmail account:
grep -R "Toets Poets" ../../../giesler.za.net/roland/
../../../giesler.za.net/roland/new/1670838432.M922098P4085393.box2,S=6288,W=6404:Subject: Toets Poets Boet!
Binary file ../../../giesler.za.net/roland/dovecot.index.cache matches
../../../giesler.za.net/roland/.Spam/new/1670836842.M210201P4081268.box2,S=31134,W=31615:Subject: Toets Poets
Binary file ../../../giesler.za.net/roland/.Spam/dovecot.index.cache matches
Also ends up in spam invisible to a GUI or mail client user
I have inspected the email headers of one of these spam messages:
X-Spam-Status: Yes, score=5.6 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU,DMARC_PASS,HTML_IMAGE_ONLY_08,
HTML_IMAGE_RATIO_02,HTML_MESSAGE,SPF_FAIL autolearn=no
autolearn_force=no version=3.4.4
X-Spam-Report:
* -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP
* 5.0 SPF_FAIL SPF check failed
* -0.1 DMARC_PASS DMARC check passed
* 0.0 HTML_MESSAGE BODY: HTML included in message
* 0.0 HTML_IMAGE_RATIO_02 BODY: HTML has a low ratio of text to image
* area
* 1.8 HTML_IMAGE_ONLY_08 BODY: HTML: images with 400-800 bytes of
* words
* -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
* 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
* valid
* -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
* author's domain
X-Spam-Score: 5.6
It seems SPF is the problem. In the "Custom DNS" page however this line is found:
Strict [SPF](http://tools.ietf.org/html/rfc4408) and [DMARC](https://datatracker.ietf.org/doc/draft-kucherawy-dmarc-base/?include_text=1) records will be added to all custom domains unless you override them.
It seems this doesn't happen. However:
$ dig +short abellardss.co.za TXT
"v=spf1 mx -all"
$ dig +short gmail.com TXT
"v=spf1 redirect=_spf.google.com"
"globalsign-smime-dv=CDYX+XFHUw2wml6/Gb8+59BsH31KzUr6c1l2BPvqKX8="
So both mail originating servers have spf records and they seem correct.
$ dig +short abellardss.co.za MX
10 posboom.abellardss.co.za.
$ dig +short posboom.abellardss.co.za A
197.214.119.186
The originating mail domains have spf records, yet spamassassin still flags the spf as a problem. What is going wrong here?
Does anybody know what I can do here? This is now becoming a problem, since all mail seems to be flagged as spam before it reaches the destination mailbox.
When issue #103 was resolved, this one was also resolved.
In a quest to fix the issue described in #103 I have noticed this. This email was sent from a fully up to date P-MiaB server to another P-MiaB server. It should not be marked spam to begin with! However, it is, and it end up in the alias' spam folder, where it cannot be seen by a mail client because there is not logon for the alias.
/home/user-data/mail/mailboxes/giesler.za.net/roland/new# grep -R "Toets Poets" ../../../giesler.za.net/roland/ ../../../giesler.za.net/roland/.Spam/new/1670836842.M210201P4081268.box2,S=31134,W=31615:Subject: Toets Poets
How does one address this and prevent this from happening?