Я пытаюсь понять, почему многие из моих писем считаются спамом. Установлены Exim4, Dovecot и SpamAssassin. Вот пример письма, которое приходит в почтовый ящик:
Return-path: <andy.newby@gmail.com>
Envelope-to: bob@start-eng.co.uk
Delivery-date: Thu, 01 Jun 2017 13:01:35 +0100
Received: from mail-wr0-f171.google.com ([209.85.128.171])
by admin.newbyhost.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
(Exim 4.86_2)
(envelope-from <andy.newby@gmail.com>)
id 1dGOnH-0002Qk-88
for bob@start-eng.co.uk; Thu, 01 Jun 2017 13:01:35 +0100
Received: by mail-wr0-f171.google.com with SMTP id v104so6526226wrb.0
for <bob@start-eng.co.uk>; Thu, 01 Jun 2017 05:01:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20161025;
h=mime-version:reply-to:from:date:message-id:subject:to;
bh=+UNmwam33KPk4JxoT31uL7p6g75CgwyhNIl2HRp+UHc=;
b=YF8QfeQ5JLTeWkc86CyuB0izOBh5zWc2bT1cjdqfbeNAzWcKVNNGvWouHqwJj5nFhm
tGZiy36zP/qjSltEtmtSTK+RtF8o7FlFFSPjxtzWbnRr1Uv2pNdkSdcz3hNkGF62e6CZ
M52lko32sFa/nd8kYQhPF9XtKed88oa4MxEoPgumgn2i66uu4ZL/mvVuKY9IQTugFM3M
0DFmWDn1utgEcJcYkybA6BKhtlQLDcpTG83d2BRjN2L7mEbtuXBt6J/5USzHMC8TmLPh
ukQ7nJo4OlIyNboKBLMMlfRBrbqUeQFQCf0ahtTD/iU0468unM+2ykcSU3KC/vnXwAVH
EPnA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:mime-version:reply-to:from:date:message-id
:subject:to;
bh=+UNmwam33KPk4JxoT31uL7p6g75CgwyhNIl2HRp+UHc=;
b=pw9PFq5poRdO1ZVTaMo1Kyx3MBBgbD8GR+PefSFv7BLAqwL6Ra1R7vCvRqaYiSZbCw
M4Mvbt20/wP+GpZJZcFicR6Q6oNZbfIq5+jHXc6COgogNq75mg5NKb6UVyooBSKDvxRQ
sJQMrCdQdf3QvoJq4njRi3o0M+KbF70KbstVsBEzzcwt8WqWgAxO97weWEC9Loo3wgpU
HeOMBDx2PJHTwJY7o7IDmtUG+3LW32TbkRudWa2J18mFcBXThQOLTHriDZn23N3Y0DJN
Si0VIM6zlhy0F9XoqKykkkbprY+g+FVlFo1RADGDvbgiSXUfYRYLY8yeFFYe2rdncGdl
XEBA==
X-Gm-Message-State: AODbwcCRSTYCmq3V0QXqzVn1SnIoUcklbBtHZ7nwT7P8Y0R6IaI6isx7
Fe2D8EAL7XgI2nLsOdApo8CMw6TTSQ==
X-Received: by 10.223.134.46 with SMTP id 43mr1190589wrv.123.1496318488607;
Thu, 01 Jun 2017 05:01:28 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.223.172.20 with HTTP; Thu, 1 Jun 2017 05:01:08 -0700 (PDT)
Reply-To: andy.newby@gmail.com
From: Andy Newby <andy.newby@gmail.com>
Date: Thu, 1 Jun 2017 13:01:08 +0100
Message-ID: <CALvgFsuZG24KsNqAShA5mgcwZYNEpaGyNdoMohe0RhYA8dx9gw@mail.gmail.com>
To: bob <bob@start-eng.co.uk>
Content-Type: multipart/alternative; boundary="001a1146b7bcfc00300550e4cbcd"
X-Spam-Score: 14
X-Spam-Bar: +
X-Spam-Report: Spam detection software, running on the system "admin.newbyhost.com",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: test Andy Newby *Email:* andy@ultranerds.co.uk *WWW: *http://www.ultranerds.co.uk
*Mobile: * 07769 201 576 test [...]
Content analysis details: (1.4 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: docs.google.com]
-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.128.171 listed in wl.mailspike.net]
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[209.85.128.171 listed in list.dnswl.org]
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(andy.newby[at]gmail.com)
0.0 HTML_MESSAGE BODY: HTML included in message
1.6 HTML_IMAGE_ONLY_12 BODY: HTML: images with 800-1200 bytes of words
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
0.0 T_REMOTE_IMAGE Message contains an external image
X-Spam-Status: Yes
X-ACL-Warn: SpamAssassin detected spam (from andy.newby@gmail.com to bob@start-eng.co.uk).
Subject: *** SPAM *** test
--001a1146b7bcfc00300550e4cbcd
Content-Type: text/plain; charset="UTF-8"
test
Andy Newby
*Email:* andy@ultranerds.co.uk
*WWW: *http://www.ultranerds.co.uk
*Mobile: * 07769 201 576
--001a1146b7bcfc00300550e4cbcd
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">test<div><br clear=3D"all"><div><div class=3D"gmail_signat=
ure" data-smartmail=3D"gmail_signature"><div dir=3D"ltr"><div><div dir=3D"l=
tr"><div><div dir=3D"ltr"><div><div dir=3D"ltr">Andy Newby=C2=A0<div><font =
size=3D"1"><b>Email:</b>=C2=A0 =C2=A0=C2=A0<a href=3D"mailto:andy@ultranerd=
s.co.uk" target=3D"_blank">andy@ultranerds.co.uk</a>=C2=A0</font></div><div=
><b><span style=3D"font-size:x-small">WWW:</span><span style=3D"font-size:x=
-small">=C2=A0 =C2=A0=C2=A0</span></b><a href=3D"http://www.ultranerds.co.u=
k" style=3D"font-size:x-small" target=3D"_blank">http://www.ultranerds.co.u=
k</a><span style=3D"font-size:x-small"> =C2=A0</span></div><div><b style=3D=
"font-size:x-small">Mobile:=C2=A0</b><span style=3D"font-size:x-small">=C2=
=A007769 201 576</span><div><div><img src=3D"https://docs.google.com/uc?exp=
ort=3Ddownload&id=3D0B2xS_1XN-aUHT2lBdXlSOFVFM2M&revid=3D0B2xS_1XN-=
aUHTUNrb0JVVHY5Q0lwb0h0czY4QlRaYW5pOWp3PQ" style=3D"font-size:12.8px"><br><=
/div></div></div><div><br></div></div></div></div></div></div></div></div><=
/div></div>
</div></div>
--001a1146b7bcfc00300550e4cbcd--
У него 2 совершенно противоположных результата, и я не уверен, почему: /
X-Spam-Score: 14
X-Spam-Bar: +
... а затем ниже:
Content analysis details: (1.4 points, 5.0 required)
И в связи с тем, что X-Spam-Status: является Yes (из-за 14 баллов, а мой порог равен 10), он переписывается и перемещается в мой ящик для спама. Я действительно не понимаю, что происходит
В /etc/exim4/exim4.conf.template у меня есть этот набор правил:
SPAMASSASSIN = yes
SPAM_SCORE = 10
system_filter = /etc/exim4/system.filter
system_filter_user = Debian-exim
... а затем это правило в /etc/exim4/system.filter:
if $h_X-Spam-Status: contains "Yes"
then
headers add "Old-Subject: $h_subject"
headers remove "Subject"
headers add "Subject: *** SPAM *** $h_old-subject"
headers remove "Old-Subject"
endif
ОБНОВИТЬ: По запросу, вот результат работы /var/log/mail.log:
Jun 1 13:55:40 admin spamd[3850]: spamd: connection from localhost [127.0.0.1]:45126 to port 783, fd 6
Jun 1 13:55:40 admin spamd[3850]: spamd: setuid to debian-spamd succeeded
Jun 1 13:55:40 admin spamd[3850]: spamd: checking message <CALvgFst0Sw_pMpaByZYZ0iv8+uXhUZKwBt14u4Nuxq+dFTJFKg@mail.gmail.com> for debian-spamd:114
Jun 1 13:55:41 admin spamd[3850]: spamd: clean message (1.6/5.0) for debian-spamd:114 in 0.2 seconds, 3924 bytes.
Jun 1 13:55:41 admin spamd[3850]: spamd: result: . 1 - FREEMAIL_FROM,HTML_IMAGE_ONLY_12,HTML_MESSAGE,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_PASS,T_DKIM_INVALID,T_REMOTE_IMAGE,URIBL_BLOCKED scantime=0.2,size=3924,user=debian-spamd,uid=114,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=45126,mid=<CALvgFst0Sw_pMpaByZYZ0iv8+uXhUZKwBt14u4Nuxq+dFTJFKg@mail.gmail.com>,autolearn=no autolearn_force=no
Jun 1 13:55:41 admin spamd[3670]: prefork: child states: II
^X^C
...а потом / var / журнал / exim4 / mainlog:
2017-06-01 13:55:40 1dGPdc-0004Pc-Uq DKIM: d=gmail.com s=20161025 c=relaxed/relaxed a=rsa-sha256 [verification succeeded]
2017-06-01 13:55:41 1dGPdc-0004Pc-Uq <= andy.newby@gmail.com H=mail-wm0-f45.google.com [74.125.82.45] P=esmtps X=TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128 CV=no S=5747 id=CALvgFst0Sw_pMpaByZYZ0iv8+uXhUZKwBt14u4Nuxq+dFTJFKg@mail.gmail.com
2017-06-01 13:55:41 1dGPdc-0004Pc-Uq => info <info@start-eng.co.uk> R=localuser_spam T=local_spam_delivery
2017-06-01 13:55:41 1dGPdc-0004Pc-Uq Completed