Outgoing email gets blocked

M

maenda

Active Member
Jul 10, 2020
36
0
26
49
Hi all,

Can anybody shed a light on why this message for example is bounced? It is an outgoing email using the PMG


Code: 
Spam detection results: 4
AWL 1.099 Adjusted score from AWL reputation of From: address
BAYES_00 -1.9 Bayes spam probability is 0 to 1%
DKIM_ADSP_CUSTOM_MED 0.001 No valid author signature, adsp_override is CUSTOM_MED
FORGED_GMAIL_RCVD 1 'From' gmail.com does not match 'Received' headers
FREEMAIL_FORGED_FROMDOMAIN 0.249 2nd level domains in From and EnvelopeFrom freemail headers are different
FREEMAIL_FROM 0.001 Sender email is commonly abused enduser mail provider
FREEMAIL_REPLYTO 1 Reply-To/From or Reply-To/body contain different freemails
FROM_EXCESS_BASE64 0.001 From: base64 encoded unnecessarily
GB_FREEM_FROM_NOT_REPLY 0.4 From: and Reply-To: have different freemail domains
HEADER_FROM_DIFFERENT_DOMAINS 0.25 From and EnvelopeFrom 2nd level mail domains are different
HTML_MESSAGE 0.001 HTML included in message
KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
KAM_NUMSUBJECT 0.5 Subject ends in numbers excluding current years
MPART_ALT_DIFF 0.79 HTML and text parts are different
NML_ADSP_CUSTOM_MED 0.9 ADSP custom_med hit, and not from a mailing list
SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record
SPF_PASS -0.001 SPF: sender matches SPF record
T_GB_FREEM_FROM_NOT_REPLY 0.01 From: and Reply-To: have different freemail domains
T_REMOTE_IMAGE 0.01 Message contains an external image
 
maenda said:
Can anybody shed a light on why this message for example is bounced? It is an outgoing email using the PMG
Click to expand...
You need to provide detailed logs.

=> Use the message tracking center.
 
tom said:
You need to provide detailed logs.

=> Use the message tracking center.
Click to expand...
Hi Tom,

This is what I see in the logs:

Mar 18 12:48:01 mx-1 postfix/smtpd[32652]: connect from pmgserver.url[ipaddress] Mar 18 12:48:01 mx-1 postfix/smtpd[32652]: Anonymous TLS connection established from pmgserver.url[ipaddress]: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256 Mar 18 12:48:01 mx-1 postfix/smtpd[32652]: NOQUEUE: client=pmgserver.url[ipaaddress] Mar 18 12:48:01 mx-1 pmg-smtp-filter[32027]: F7B60533DF14C9AE: new mail message-id=<E1lMr8D-003MQx-3d@pmgserver.url>#012 Mar 18 12:48:05 mx-1 pmg-smtp-filter[32027]: F7B60533DF14C9AE: SA score=4/5 time=3.884 bayes=0.00 autolearn=no autolearn_force=no hits=AWL(1.099),BAYES_00(-1.9),DKIM_ADSP_CUSTOM_MED(0.001),FORGED_GMAIL_RCVD(1),FREEMAIL_FORGED_FROMDOMAIN(0.249),FREEMAIL_FROM(0.001),FREEMAIL_REPLYTO(1),FROM_EXCESS_BASE64(0.001),GB_FREEM_FROM_NOT_REPLY(0.4),HEADER_FROM_DIFFERENT_DOMAINS(0.25),HTML_MESSAGE(0.001),KAM_DMARC_STATUS(0.01),KAM_NUMSUBJECT(0.5),MPART_ALT_DIFF(0.79),NML_ADSP_CUSTOM_MED(0.9),SPF_HELO_NONE(0.001),SPF_PASS(-0.001),T_GB_FREEM_FROM_NOT_REPLY(0.01),T_REMOTE_IMAGE(0.01) Mar 18 12:48:05 mx-1 pmg-smtp-filter[32027]: F7B60533DF14C9AE: notify <myemail> (rule: Block outgoing Spam, 45BD71213) Mar 18 12:48:05 mx-1 pmg-smtp-filter[32027]: F7B60533DF14C9AE: notify <senderemail> (rule: Block outgoing Spam, 4955B1215) Mar 18 12:48:05 mx-1 pmg-smtp-filter[32027]: F7B60533DF14C9AE: block mail to <receiveremail> (rule: Block outgoing Spam) Mar 18 12:48:05 mx-1 pmg-smtp-filter[32027]: F7B60533DF14C9AE: processing time: 3.995 seconds (3.884, 0.067, 0) Mar 18 12:48:05 mx-1 postfix/smtpd[32652]: proxy-reject: END-OF-MESSAGE: 554 5.7.1 Rejected for policy reasons (F7B60533DF14C9AE); from=<senderemail> to=<receiveremail> proto=ESMTP helo=<pmgserver.url> Mar 18 12:48:05 mx-1 postfix/smtpd[32652]: disconnect from pmgserver.url[ipaddress] ehlo=2 starttls=1 mail=1 rcpt=1 data=0/1 quit=1 commands=6/7
 
maenda said:
Mar 18 12:48:05 mx-1 pmg-smtp-filter[32027]: F7B60533DF14C9AE: notify <myemail> (rule: Block outgoing Spam, 45BD71213)
Click to expand...

You have an active rule in your rule system "Block outgoing Spam" blocking emails.

Your email got a score of 4.
maenda said:
18 12:48:05 mx-1 pmg-smtp-filter[32027]: F7B60533DF14C9AE: SA score=4/5 time=3.884 bayes=0.00 autolearn=no autolearn_force=no hits=AWL(1.099),BAYES_00(-1.9),DKIM_ADSP_CUSTOM_MED(0.001),FORGED_GMAIL_RCVD(1),FREEMAIL_FORGED_FROMDOMAIN(0.249),FREEMAIL_FROM(0.001),FREEMAIL_REPLYTO(1),FROM_EXCESS_BASE64(0.001),GB_FREEM_FROM_NOT_REPLY(0.4),HEADER_FROM_DIFFERENT_DOMAINS(0.25),HTML_MESSAGE(0.001),KAM_DMARC_STATUS(0.01),KAM_NUMSUBJECT(0.5),MPART_ALT_DIFF(0.79),NML_ADSP_CUSTOM_MED(0.9),SPF_HELO_NONE(0.001),SPF_PASS(-0.001),T_GB_FREEM_FROM_NOT_REPLY(0.01),T_REMOTE_IMAGE(0.01)
Click to expand...
 
Yes the rule I get. It is obvious the mail get blocked when it is spam.
But I'm not sure why exactly this is marked as spam and how I can prevent it?
Looks like the bottleneck is the FREEMAIL_REPLYTO. Correct?
 
The log shows the list of tests and the score of each test.
 
maenda said:
Hi all,

Can anybody shed a light on why this message for example is bounced? It is an outgoing email using the PMG


Code: 
Spam detection results: 4
AWL 1.099 Adjusted score from AWL reputation of From: address
BAYES_00 -1.9 Bayes spam probability is 0 to 1%
DKIM_ADSP_CUSTOM_MED 0.001 No valid author signature, adsp_override is CUSTOM_MED
FORGED_GMAIL_RCVD 1 'From' gmail.com does not match 'Received' headers
FREEMAIL_FORGED_FROMDOMAIN 0.249 2nd level domains in From and EnvelopeFrom freemail headers are different
FREEMAIL_FROM 0.001 Sender email is commonly abused enduser mail provider
FREEMAIL_REPLYTO 1 Reply-To/From or Reply-To/body contain different freemails
FROM_EXCESS_BASE64 0.001 From: base64 encoded unnecessarily
GB_FREEM_FROM_NOT_REPLY 0.4 From: and Reply-To: have different freemail domains
HEADER_FROM_DIFFERENT_DOMAINS 0.25 From and EnvelopeFrom 2nd level mail domains are different
HTML_MESSAGE 0.001 HTML included in message
KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
KAM_NUMSUBJECT 0.5 Subject ends in numbers excluding current years
MPART_ALT_DIFF 0.79 HTML and text parts are different
NML_ADSP_CUSTOM_MED 0.9 ADSP custom_med hit, and not from a mailing list
SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record
SPF_PASS -0.001 SPF: sender matches SPF record
T_GB_FREEM_FROM_NOT_REPLY 0.01 From: and Reply-To: have different freemail domains
T_REMOTE_IMAGE 0.01 Message contains an external image
Click to expand...
All this score add up to 4.
 
You must log in or register to reply here.
Top Bottom