Hello,
Lately we have been testing our new Proxmox system in our active Exchange system. We have seen some spam not being filtered out by Proxmox but the overal results seem to be more than satisfactory. However, we would like our system to be more consistent. We have rule that defines spam from spamlevel 4 and up and another rule that takes all spam and marks it so our Exchange server can push the emails to the user's "suspicious email" folder.
As you can see below, one of our employees received an Email in her Inbox, which is sure to be spam. Other users received a similar (not same) email which was actually put under "suspicious". My question: what could cause this inconsistency?The Tracking Center comes up with this:
Lately we have been testing our new Proxmox system in our active Exchange system. We have seen some spam not being filtered out by Proxmox but the overal results seem to be more than satisfactory. However, we would like our system to be more consistent. We have rule that defines spam from spamlevel 4 and up and another rule that takes all spam and marks it so our Exchange server can push the emails to the user's "suspicious email" folder.
As you can see below, one of our employees received an Email in her Inbox, which is sure to be spam. Other users received a similar (not same) email which was actually put under "suspicious". My question: what could cause this inconsistency?
Von: Madore Yontz [mailto:demos@plaskdammen.com]
Gesendet: Mittwoch, 8. Oktober 2008 00:37
An: -------------------------
Betreff: 11 new message!
Gesendet: Mittwoch, 8. Oktober 2008 00:37
An: -------------------------
Betreff: 11 new message!
S
L s PENIS? ERE f E W C T N? W y t MA L CTIL DYSFUN TIO E WILL HELP!
L s PENIS? ERE f E W C T N? W y t MA L CTIL DYSFUN TIO E WILL HELP!
Cheap D t g ra, r lis a W the P r
es viag cia nd o r d ugs!
Click here (removed the link)
http://zgqsgg.blu.livefilestore.com...N9C9AgT9JdhhDXbsPweKIdK7PHHjXg/m07u79o68.htmlThey governed and as they were the receivers of happy dies
the man or woman whose body will be head looked like a golf
ball. He was a queer, the man. We had to ascertain in that
case, first let alone the price. You must have seen great.
es viag cia nd o r d ugs!
Click here (removed the link)
http://zgqsgg.blu.livefilestore.com...N9C9AgT9JdhhDXbsPweKIdK7PHHjXg/m07u79o68.htmlThey governed and as they were the receivers of happy dies
the man or woman whose body will be head looked like a golf
ball. He was a queer, the man. We had to ascertain in that
case, first let alone the price. You must have seen great.
Oct 8 00:37:22smtpdconnect from xxxxxxxxxxxxxxxxx[x.x.x.x]Oct 8 00:37:22smtpd315BF388B4: client=xxxxxxxxxxxxxxxxx[x.x.x.x]Oct 8 00:37:22smtpddisconnect from xxxxxxxxxxxxxxxxx[x.x.x.x]Oct 8 00:37:22proxprox388B648EBE4A2513EA: new mail
message-id=<3994240565.20081007222839@plaskdammen.com> Oct 8 00:37:22cleanup315BF388B4: message-id=<3994240565.20081007222839@plaskdammen.com>Oct 8 00:37:22qmgr315BF388B4: from=<demos@plaskdammen.com>, size=5062, nrcpt=1 (queue active)Oct 8 00:37:28proxprox388B648EBE4A2513EA: SA score=2/5 time=5.830 bayes=2.73026840680313e-06
autolearn=no hits=BAYES_00,HTML_MESSAGE,UNWANTED_LANGUAGE_BODY,URIBL_BLACK Oct 8 00:37:28proxprox388B648EBE4A2513EA: accept mail to <xxxxxxxx@xxxxxxx> (3E915388BA) Oct 8 00:37:28proxprox388B648EBE4A2513EA: processing time: 5.946 seconds Oct 8 00:37:28lmtp315BF388B4: to=<xxxxxxx@xxxxxxxxxx>, relay=127.0.0.1[127.0.0.1]:10024,
delay=6.2, delays=0.09/0/0.04/6, dsn=2.5.0, status=sent (250 2.5.0 OK
(388B648EBE4A2513EA))Oct 8 00:37:28qmgr315BF388B4: removedOct 8 00:37:28smtpdconnect from localhost[127.0.0.1]Oct 8 00:37:28smtpd3E915388BA: client=xxxxxxxxxxxxxxxxx[x.x.x.x]Oct 8 00:37:28smtpddisconnect from localhost[127.0.0.1]Oct 8 00:37:28cleanup3E915388BA: message-id=<3994240565.20081007222839@plaskdammen.com>Oct 8 00:37:28qmgr3E915388BA: from=<demos@plaskdammen.com>, size=5233, nrcpt=1 (queue active)Oct 8 00:37:28smtp3E915388BA: to=<xxxxxxxxxxx@xxxxxxxxxxxx>, relay=x.x.x.x[x.x.x.x]:25,
delay=0.32, delays=0.06/0/0/0.25, dsn=2.6.0, status=sent (250 2.6.0
<3994240565.20081007222839@plaskdammen.com> Queued mail for delivery)Oct 8 00:37:28qmgr3E915388BA: removed
message-id=<3994240565.20081007222839@plaskdammen.com> Oct 8 00:37:22cleanup315BF388B4: message-id=<3994240565.20081007222839@plaskdammen.com>Oct 8 00:37:22qmgr315BF388B4: from=<demos@plaskdammen.com>, size=5062, nrcpt=1 (queue active)Oct 8 00:37:28proxprox388B648EBE4A2513EA: SA score=2/5 time=5.830 bayes=2.73026840680313e-06
autolearn=no hits=BAYES_00,HTML_MESSAGE,UNWANTED_LANGUAGE_BODY,URIBL_BLACK Oct 8 00:37:28proxprox388B648EBE4A2513EA: accept mail to <xxxxxxxx@xxxxxxx> (3E915388BA) Oct 8 00:37:28proxprox388B648EBE4A2513EA: processing time: 5.946 seconds Oct 8 00:37:28lmtp315BF388B4: to=<xxxxxxx@xxxxxxxxxx>, relay=127.0.0.1[127.0.0.1]:10024,
delay=6.2, delays=0.09/0/0.04/6, dsn=2.5.0, status=sent (250 2.5.0 OK
(388B648EBE4A2513EA))Oct 8 00:37:28qmgr315BF388B4: removedOct 8 00:37:28smtpdconnect from localhost[127.0.0.1]Oct 8 00:37:28smtpd3E915388BA: client=xxxxxxxxxxxxxxxxx[x.x.x.x]Oct 8 00:37:28smtpddisconnect from localhost[127.0.0.1]Oct 8 00:37:28cleanup3E915388BA: message-id=<3994240565.20081007222839@plaskdammen.com>Oct 8 00:37:28qmgr3E915388BA: from=<demos@plaskdammen.com>, size=5233, nrcpt=1 (queue active)Oct 8 00:37:28smtp3E915388BA: to=<xxxxxxxxxxx@xxxxxxxxxxxx>, relay=x.x.x.x[x.x.x.x]:25,
delay=0.32, delays=0.06/0/0/0.25, dsn=2.6.0, status=sent (250 2.6.0
<3994240565.20081007222839@plaskdammen.com> Queued mail for delivery)Oct 8 00:37:28qmgr3E915388BA: removed
