SPAM besser aussortieren
- Thread starter DerNorden
- Start date
Kannst du mit dem folgenden etwas anfangen?
Jun 10 06:38:11 pmg postfix/postscreen[11610]: CONNECT from [62.173.140.47]:48404 to [meine.IP]:25
Jun 10 06:38:17 pmg postfix/postscreen[11610]: PASS NEW [62.173.140.47]:48404
Jun 10 06:38:18 pmg postfix/smtpd[11706]: connect from mail.farenseri.de[62.173.140.47]
Jun 10 06:38:18 pmg pmgpolicy[10962]: SPF says pass
Jun 10 06:38:18 pmg postfix/smtpd[11706]: NOQUEUE: client=mail.farenseri.de[62.173.140.47]
Jun 10 06:38:18 pmg pmg-smtp-filter[7788]: 2020/06/10-06:38:18 CONNECT TCP Peer: "[127.0.0.1]:42140" Local: "[127.0.0.1]:10024"
Jun 10 06:38:18 pmg pmg-smtp-filter[7788]: 82465EE063BAB69F9: new mail message-id=<oymyhcl46881052.54416618@mail.farenseri.de>
Jun 10 06:38:23 pmg pmg-smtp-filter[7788]: 82465EE063BAB69F9: SA score=0/5 time=4.530 bayes=0.00 autolearn=no autolearn_force=no hits=BAYES_00(-1.9),HTML_IMAGE_ONLY_04(1.172),HTML_MESSAGE(0.001),HTML_SHORT_LINK_IMG_1(0.001),KAM_DMARC_STATUS(0.01),MAILING_LIST_MULTI(-1),MPART_ALT_DIFF(0.79),SPF_HELO_NONE(0.001),SPF_PASS(-0.001),URIBL_RED(0.001)
Jun 10 06:38:23 pmg postfix/smtpd[11716]: connect from localhost[127.0.0.1]
Jun 10 06:38:23 pmg postfix/smtpd[11716]: 4EC4B825F: client=localhost[127.0.0.1], orig_client=mail.farenseri.de[62.173.140.47]
Jun 10 06:38:23 pmg postfix/cleanup[11718]: 4EC4B825F: message-id=<oymyhcl46881052.54416618@mail.farenseri.de>
Jun 10 06:38:23 pmg postfix/qmgr[552]: 4EC4B825F: from=<oymyhcl@farenseri.de>, size=190556, nrcpt=1 (queue active)
Jun 10 06:38:23 pmg pmg-smtp-filter[7788]: 82465EE063BAB69F9: accept mail to <info@meinedomain.de> (4EC4B825F) (rule: default-accept)
Jun 10 06:38:23 pmg postfix/smtpd[11716]: disconnect from localhost[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 commands=5
Jun 10 06:38:23 pmg pmg-smtp-filter[7788]: 82465EE063BAB69F9: processing time: 4.582 seconds (4.53, 0.022, 0)
Jun 10 06:38:23 pmg postfix/smtpd[11706]: proxy-accept: END-OF-MESSAGE: 250 2.5.0 OK (82465EE063BAB69F9); from=<oymyhcl@farenseri.de> to=<info@meinedomain.de> proto=ESMTP helo=<mail.farenseri.de>
Jun 10 06:38:23 pmg postfix/smtpd[11706]: disconnect from mail.farenseri.de[62.173.140.47] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Jun 10 06:38:23 pmg postfix/smtp[11720]: Trusted TLS connection established to srv1.meinmailserver.net[meineserver.IP]:25: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Jun 10 06:38:23 pmg postfix/smtp[11720]: 4EC4B825F: to=<info@meinedomain.de>, relay=srv1.meinmailserver.net[meineserver.IP]:25, delay=0.11, delays=0.01/0.01/0.05/0.04, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 62E19667FBB)
Jun 10 06:38:23 pmg postfix/qmgr[552]: 4EC4B825F: removed
Jun 10 06:38:54 pmg pmgpolicy[30089]: starting policy database maintainance (greylist, rbl)
Jun 10 06:38:54 pmg pmgpolicy[30089]: end policy database maintainance (13 ms, 0 ms)
Jun 10 06:38:17 pmg postfix/postscreen[11610]: PASS NEW [62.173.140.47]:48404
Jun 10 06:38:18 pmg postfix/smtpd[11706]: connect from mail.farenseri.de[62.173.140.47]
Jun 10 06:38:18 pmg pmgpolicy[10962]: SPF says pass
Jun 10 06:38:18 pmg postfix/smtpd[11706]: NOQUEUE: client=mail.farenseri.de[62.173.140.47]
Jun 10 06:38:18 pmg pmg-smtp-filter[7788]: 2020/06/10-06:38:18 CONNECT TCP Peer: "[127.0.0.1]:42140" Local: "[127.0.0.1]:10024"
Jun 10 06:38:18 pmg pmg-smtp-filter[7788]: 82465EE063BAB69F9: new mail message-id=<oymyhcl46881052.54416618@mail.farenseri.de>
Jun 10 06:38:23 pmg pmg-smtp-filter[7788]: 82465EE063BAB69F9: SA score=0/5 time=4.530 bayes=0.00 autolearn=no autolearn_force=no hits=BAYES_00(-1.9),HTML_IMAGE_ONLY_04(1.172),HTML_MESSAGE(0.001),HTML_SHORT_LINK_IMG_1(0.001),KAM_DMARC_STATUS(0.01),MAILING_LIST_MULTI(-1),MPART_ALT_DIFF(0.79),SPF_HELO_NONE(0.001),SPF_PASS(-0.001),URIBL_RED(0.001)
Jun 10 06:38:23 pmg postfix/smtpd[11716]: connect from localhost[127.0.0.1]
Jun 10 06:38:23 pmg postfix/smtpd[11716]: 4EC4B825F: client=localhost[127.0.0.1], orig_client=mail.farenseri.de[62.173.140.47]
Jun 10 06:38:23 pmg postfix/cleanup[11718]: 4EC4B825F: message-id=<oymyhcl46881052.54416618@mail.farenseri.de>
Jun 10 06:38:23 pmg postfix/qmgr[552]: 4EC4B825F: from=<oymyhcl@farenseri.de>, size=190556, nrcpt=1 (queue active)
Jun 10 06:38:23 pmg pmg-smtp-filter[7788]: 82465EE063BAB69F9: accept mail to <info@meinedomain.de> (4EC4B825F) (rule: default-accept)
Jun 10 06:38:23 pmg postfix/smtpd[11716]: disconnect from localhost[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 commands=5
Jun 10 06:38:23 pmg pmg-smtp-filter[7788]: 82465EE063BAB69F9: processing time: 4.582 seconds (4.53, 0.022, 0)
Jun 10 06:38:23 pmg postfix/smtpd[11706]: proxy-accept: END-OF-MESSAGE: 250 2.5.0 OK (82465EE063BAB69F9); from=<oymyhcl@farenseri.de> to=<info@meinedomain.de> proto=ESMTP helo=<mail.farenseri.de>
Jun 10 06:38:23 pmg postfix/smtpd[11706]: disconnect from mail.farenseri.de[62.173.140.47] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Jun 10 06:38:23 pmg postfix/smtp[11720]: Trusted TLS connection established to srv1.meinmailserver.net[meineserver.IP]:25: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Jun 10 06:38:23 pmg postfix/smtp[11720]: 4EC4B825F: to=<info@meinedomain.de>, relay=srv1.meinmailserver.net[meineserver.IP]:25, delay=0.11, delays=0.01/0.01/0.05/0.04, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 62E19667FBB)
Jun 10 06:38:23 pmg postfix/qmgr[552]: 4EC4B825F: removed
Jun 10 06:38:54 pmg pmgpolicy[30089]: starting policy database maintainance (greylist, rbl)
Jun 10 06:38:54 pmg pmgpolicy[30089]: end policy database maintainance (13 ms, 0 ms)
Ich würde mal Bayes filtering abdrehen - die mail wird von dem mit -1.9 punkten bewertet.
Potentiell noch per custom spamassassin score HTML_IMAGE_ONLY_04 etwas höher bewerten.
Ich hoffe das hilft
Potentiell noch per custom spamassassin score HTML_IMAGE_ONLY_04 etwas höher bewerten.
Ich hoffe das hilft