[X] ... I understand that not following the below instructions will result in immediate closure and/or deletion of my issue.
[X] ... I have understood that this bug report is dedicated for bugs, and not for support-related inquiries.
[X] ... I have understood that answers are voluntary and community-driven, and not commercial support.
[X] ... I have verified that my issue has not been already answered in the past. I also checked previous issues.
Description
Dear Team,
I've tried to use the "Learn Spam" feature with aliases.
When I'm receiving spam for multiple addresses (To) and any of them is a spam trap alias, all the other users will also receive the spam successfully.
If there is no spam trap address in the "To", the spam is getting rejected.
Is it possible to suppress/turn off the spam filtering only for the spam trap mailbox when there are multiple recipients in one (the same email)?
Please, let me know if I forgot something
Best regards / Mit freundlichen Grüßen,
Logs:
# With a spam trap address between the recipients:
Action | [ Score ]
no action | [ 0.00 / 15 ]
Symbols SPAM_TRAP (0)
ID 1536903311.54079.1717666989056.JavaMail.zimbra@atacadojoinville.com.br
Authenticated user unknown
# Without a spam trap address between the recipients:
Action | Score
reject | [ 25.48 / 15 ]
Symbols LOCAL_FUZZY_DENIED (10.089071) [11:af517b4864:1.00:bin, 11:7961a307eb:1.00:bin]
HAS_IPFS_GATEWAY_URL (6)
BAYES_SPAM (4.5) [100.00%]
MISSING_TO (2)
BAD_REP_POLICIES (2)
SUSPICIOUS_URL_IN_SUSPICIOUS_MESSAGE (1)
MIME_GOOD (-0.1) [multipart/alternative, text/plain]
MX_GOOD (-0.01) []
ASN (0) [asn:28343, ipnet:177.101.122.0/23, country:BR]
RCVD_TLS_LAST (0)
MID_RHS_MATCH_FROM (0)
R_SPF_ALLOW (0) [+mx:c]
NEURAL_HAM (0) [-1.000]
RCPT_MAILCOW_DOMAIN (0) [REDACTED]
ARC_SIGNED (0) [REDACTED:s=REDACTED:i=1]
R_DKIM_NA (0)
BCC (0)
RBL_SORBS_FAIL (0) [177.101.123.122:server fail]
DMARC_POLICY_ALLOW (0) [atacadojoinville.com.br, quarantine]
RCVD_COUNT_THREE (0) [3]
FROM_EQ_ENVFROM (0)
MIME_TRACE (0) [0:+, 1:+, 2:~]
HAS_XOIP (0)
ARC_NA (0)
FROM_HAS_DN (0)
ID 1064271135.53898.1717666976779.JavaMail.zimbra@atacadojoinville.com.br
Authenticated user unknown
Steps to reproduce:
1. get a spam for multiple, real mailboxes/aliases
2. rspamd will reject it
1. create a spam trap alias
2. receive the same spam for the spam trap address + multiple real mailboxes/aliases
3. check the mails, the spam will be delivered to everyone
It can be repeated multiple times.
The rspamd UI is super cool to test the mail against the filters.
Which branch are you using?
master
Which architecture are you using?
x86
Operating System:
Ubuntu 22.04 LTS
Server/VM specifications:
15Gi, 4 cores
Is Apparmor, SELinux or similar active?
yes
Virtualization technology:
KVM
Docker version:
26.0.1
docker-compose version or docker compose version:
v2.26.1
mailcow version:
2024-04
Reverse proxy:
-
Logs of git diff:
private keys, sogo config, etc.
do-ip6: no
enable_ipv6: false
I'm also having this happen. It took awhile to realise why it was happening, as the headers on the non spam trap users just show SPAM_TRAP as the rules, and a score of 0.
Contribution guidelines
I've found a bug and checked that ...
Description
Logs:
Steps to reproduce:
Which branch are you using?
master
Which architecture are you using?
x86
Operating System:
Ubuntu 22.04 LTS
Server/VM specifications:
15Gi, 4 cores
Is Apparmor, SELinux or similar active?
yes
Virtualization technology:
KVM
Docker version:
26.0.1
docker-compose version or docker compose version:
v2.26.1
mailcow version:
2024-04
Reverse proxy:
-
Logs of git diff:
Logs of iptables -L -vn:
Logs of ip6tables -L -vn:
Logs of iptables -L -vn -t nat:
Logs of ip6tables -L -vn -t nat:
DNS check: