PMG version 8.1.5
Hello everyone, we caught a bug\glitch with an empty whitelist.
At a certain point we noticed that there was more spam and the reason was the empty whitelist, after rebooting the problem went away.
Did pmg-smtp-filter catch a glitch?
CLI Whitelist:
root@mail:/etc/mail/spamassassin# pmgsh get /config/ruledb/who/38/objects
200 OK
[]
root@mail:/etc/mail/spamassassin# pmgsh get /config/ruledb/who/37/objects
200 OK
[]
Tracking Center, log of one of the letters:
2025-03-07T08:29:44 mail postfix/smtpd[1473912]: connect from unknown[192.253.236.92]
2025-03-07T08:29:45 mail postfix/smtpd[1473912]: NOQUEUE: client=unknown[192.253.236.92]
2025-03-07T08:29:46 mail pmg-smtp-filter[1475258]: 2001467CA844A09F2A: new mail message-id=<2025030726974210855525@oj749.repica.jp>#012
2025-03-07T08:29:46 mail pmg-smtp-filter[1475258]: 2001467CA844A09F2A: SA score=34/5 time=0.825 bayes=0.56 autolearn=spam autolearn_force=no =BAYES_50(0.3),DMARC_QUAR(0.1),ENA_SUBJ_LONG_WORD(2.2),GB_SUBJ25(0.5),HTML_MESSAGE(0.001),HTTP_ESCAPED_HOST(0.1),KAM_DMARC _QUARANTINE(2),KAM_DMARC_STATUS(0.01),KAM_VERY_BLACK_DBL(5),MIXED_HREF_CASE(1.997),RCVD_IN_HOSTKARMA_BL(2.5),RCVD_IN_MSPIKE_BL( 0.001),RCVD_IN_MSPIKE_ZBI(0.001),RCVD_IN_SBL(0.141),RCVD_IN_SBL_CSS(1.5),RDNS_NONE(1.5),SPF_HELO_NONE(0.001),SPF_SOF TFAIL(1.5),UNWANTED_LANGUAGE_BODY(2),URIBL_ABUSE_SURBL(1.25),URIBL_BLACK(1.7),URIBL_DBL_SPAM(10),URIBL_PH_SURBL(0.61)
2025-03-07T08:29:46 mail postfix/smtpd[1475336]: connect from localhost.localdomain[127.0.0.1]
2025-03-07T08:29:46 mail postfix/smtpd[1475336]: E0AE21449AF: client=localhost.localdomain[127.0.0.1], orig_client=unknown[192.253.236.92]
2025-03-07T08:29:46 mail postfix/cleanup[1475115]: E0AE21449AF: message-id=<2025030726974210855525@oj749.repica.jp>
2025-03-07T08:29:46 mail postfix/qmgr[3793576]: E0AE21449AF: from=<webmaster-psmbcarfd-Administrator-t5wM@accounts.nintendo.com>, size=8148, nrcpt=1 (queue active)
2025-03-07T08:29:46 mail pmg-smtp-filter[1475258]: 2001467CA844A09F2A: accept mail to <***@**** email> (E0AE21449AF) (rule: WL-recipients)
Hello everyone, we caught a bug\glitch with an empty whitelist.
At a certain point we noticed that there was more spam and the reason was the empty whitelist, after rebooting the problem went away.
Did pmg-smtp-filter catch a glitch?
CLI Whitelist:
root@mail:/etc/mail/spamassassin# pmgsh get /config/ruledb/who/38/objects
200 OK
[]
root@mail:/etc/mail/spamassassin# pmgsh get /config/ruledb/who/37/objects
200 OK
[]
Tracking Center, log of one of the letters:
2025-03-07T08:29:44 mail postfix/smtpd[1473912]: connect from unknown[192.253.236.92]
2025-03-07T08:29:45 mail postfix/smtpd[1473912]: NOQUEUE: client=unknown[192.253.236.92]
2025-03-07T08:29:46 mail pmg-smtp-filter[1475258]: 2001467CA844A09F2A: new mail message-id=<2025030726974210855525@oj749.repica.jp>#012
2025-03-07T08:29:46 mail pmg-smtp-filter[1475258]: 2001467CA844A09F2A: SA score=34/5 time=0.825 bayes=0.56 autolearn=spam autolearn_force=no =BAYES_50(0.3),DMARC_QUAR(0.1),ENA_SUBJ_LONG_WORD(2.2),GB_SUBJ25(0.5),HTML_MESSAGE(0.001),HTTP_ESCAPED_HOST(0.1),KAM_DMARC _QUARANTINE(2),KAM_DMARC_STATUS(0.01),KAM_VERY_BLACK_DBL(5),MIXED_HREF_CASE(1.997),RCVD_IN_HOSTKARMA_BL(2.5),RCVD_IN_MSPIKE_BL( 0.001),RCVD_IN_MSPIKE_ZBI(0.001),RCVD_IN_SBL(0.141),RCVD_IN_SBL_CSS(1.5),RDNS_NONE(1.5),SPF_HELO_NONE(0.001),SPF_SOF TFAIL(1.5),UNWANTED_LANGUAGE_BODY(2),URIBL_ABUSE_SURBL(1.25),URIBL_BLACK(1.7),URIBL_DBL_SPAM(10),URIBL_PH_SURBL(0.61)
2025-03-07T08:29:46 mail postfix/smtpd[1475336]: connect from localhost.localdomain[127.0.0.1]
2025-03-07T08:29:46 mail postfix/smtpd[1475336]: E0AE21449AF: client=localhost.localdomain[127.0.0.1], orig_client=unknown[192.253.236.92]
2025-03-07T08:29:46 mail postfix/cleanup[1475115]: E0AE21449AF: message-id=<2025030726974210855525@oj749.repica.jp>
2025-03-07T08:29:46 mail postfix/qmgr[3793576]: E0AE21449AF: from=<webmaster-psmbcarfd-Administrator-t5wM@accounts.nintendo.com>, size=8148, nrcpt=1 (queue active)
2025-03-07T08:29:46 mail pmg-smtp-filter[1475258]: 2001467CA844A09F2A: accept mail to <***@**** email> (E0AE21449AF) (rule: WL-recipients)
Last edited:
