Hi,
since exim-4.20 with exiscan-4.20-06 (now -07 of course ;-) ) we
experiencing a problem with the logging of exim.
The message is transferred all right, I got the mail - no problem...
But why the hell gets this output to the reject log?
Why do the header at all reach any log??
I hope someone can explain this ;-)
Thanx, Michael
Following new ACL config for exiscan-acl was added:
========================================
acl_check_data:
deny message = This message contains a broken MIME
container
log_message = This message contains a broken MIME
container
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}
deny message = This message contains a file with a\
blacklisted extension
log_message = This message contains a file with a\
blacklisted extension
demime = vbs:vbe:wsf:wsh:js:jse:cmd:shs:hta:scr:pif
warn message = X-Infected: message contains virus
log_message = message contains virus
malware = *
warn message = X-Spam-Score: $spam_score ($spam_bar)
log_message = Spam-Score: $spam_score
spam = nobody:true
warn message = X-Spam-Report: $spam_report
spam = nobody:true
warn message = Subject: ** SPAM ** $h_Subject
spam = nobody
accept hosts = +local_networks : +relay_from_hosts
deny message = This message scored $spam_score spam
points
log_message = This message scored $spam_score spam
points
spam = nobody:true
condition = ${if >{$spam_score_int}{55}{1}{0}}
accept
========================================
========================================
/var/log/exim/exim_main.log
========================================
2003-05-21 11:24:04 H=exim-colo-01.whoc.theplanet.co.uk
[195.92.249.251] U=[8f9laRaCvjqIWsCtfmZo05FmBRHhfF0L] Warning:
reverse host lookup failed
2003-05-21 11:24:05 19IPpM-0002pA-IM
H=exim-colo-01.whoc.theplanet.co.uk [195.92.249.251] U
=[8f9laRaCvjqIWsCtfmZo05FmBRHhfF0L] Warning: Spam-Score: 0.8
2003-05-21 11:24:05 19IPpM-0002pA-IM <= exim-users-admin@???
H=exim-colo-01.whoc.theplanet.co.uk [195.92.249.251] U
=[8f9laRaCvjqIWsCtfmZo05FmBRHhfF0L] P=esmtp S=3386
id=20030521091018.27620.qmail@???
2003-05-21 11:24:05 19IPpM-0002pA-IM => michael.jakscht@???
R=smtp_router_rzvmail T=smtp_transport_von_extern_nach_rzv
H=rzvnotes3.vit.de [172.16.1.18]
2003-05-21 11:24:05 19IPpM-0002pA-IM Completed
========================================
========================================
/var/log/exim/exim_reject.log
========================================
2003-05-21 11:24:04 H=exim-colo-01.whoc.theplanet.co.uk
[195.92.249.251] U=[8f9laRaCvjqIWsCtfmZo05FmBRHhfF0L] Warning:
reverse host lookup failed
2003-05-21 11:24:05 19IPpM-0002pA-IM
H=exim-colo-01.whoc.theplanet.co.uk [195.92.249.251] U
=[8f9laRaCvjqIWsCtfmZo05FmBRHhfF0L] Warning: Spam-Score: 0.8
Envelope-from: <exim-users-admin@???>
Envelope-to: <michael.jakscht@???>
P Received: from exim-colo-01.whoc.theplanet.co.uk ([195.92.249.251]
ident=[8f9laRaCvjqIWsCtfmZo05FmBRHhfF0L])
by mail.vit.de with esmtp (Exim 4.20)
id 19IPpM-0002pA-IM
for michael.jakscht@???; Wed, 21 May 2003 11:24:04 +0200
P Received: from localhost.localdomain ([127.0.0.1]:36212 ident
=[CZu287krFFNSyWjqRmbYIOvumtJoKYy3])
by exim-colo-01.whoc.theplanet.co.uk with esmtp (Exim 4.20)
id 19IPhB-0007PJ-Qu; Wed, 21 May 2003 10:15:37 +0100
P Received: from web20808.mail.yahoo.com ([216.136.226.197]:31724)
by exim-colo-01.whoc.theplanet.co.uk with smtp (Exim 4.20)
id 19IPc4-0006hU-GX
for exim-users@???; Wed, 21 May 2003 10:10:20 +0100
I Message-ID: <20030521091018.27620.qmail@???>
P Received: from [193.188.97.152] by web20808.mail.yahoo.com via
HTTP; Wed, 21 May 2003 02:10:18 PDT
F From: nasir nasir <kollathodi@???>
T To: exim-users@???
MIME-Version: 1.0
content-transfer-encoding: 7bit
content-type: text/plain;
charset=us-ascii
Subject: [Exim] "Administrative prohibition" error with Amavisd
and exim Still not solved !!!
S Sender: exim-users-admin@???
Errors-To: exim-users-admin@???
X-BeenThere: exim-users@???
X-Mailman-Version: 2.0.13
Precedence: bulk
List-Help: <mailto:exim-users-request@exim.org?subject=help>
List-Post: <mailto:exim-users@exim.org>
List-Subscribe: <http://www.exim.org/mailman/listinfo/exim-users>,
<mailto:exim-users-request@exim.org?subject=subscribe>
List-Id: A user list for the exim MTA <exim-users.exim.org>
List-Unsubscribe:
<http://www.exim.org/mailman/listinfo/exim-users>,
<mailto:exim-users-request@exim.org?subject=unsubscribe>
List-Archive: <http://www.exim.org/pipermail/exim-users/>
Date: Wed, 21 May 2003 02:10:18 -0700 (PDT)
X-Warning: reverse host lookup failed
========================================
========================================
/var/log/allmessages
========================================
May 21 11:24:04 mail exim[10860]: 2003-05-21 11:24:04 no IP address
found for host no
May 21 11:24:04 mail exim[10860]: 2003-05-21 11:24:04
H=exim-colo-01.whoc.theplanet.co.uk [195.92.249.251] U
=[8f9laRaCvjqIWsCtfmZo05FmBRHhfF0L] Warning: reverse host lookup
failed
May 21 11:24:04 mail exim[10860]: 2003-05-21 11:24:04
H=exim-colo-01.whoc.theplanet.co.uk [195.92.249.251] U
=[8f9laRaCvjqIWsCtfmZo05FmBRHhfF0L] Warning: reverse host lookup
failed
May 21 11:24:04 mail spamd[9917]: connection from localhost
[127.0.0.1] at port 60764
May 21 11:24:04 mail spamd[10866]: checking message
<20030521091018.27620.qmail@???> for nobody:55.
May 21 11:24:04 mail spamd[10866]: clean message (0.8/5.5) for
nobody:55 in 0.1 seconds, 2444 bytes.
May 21 11:24:05 mail exim[10860]: 2003-05-21 11:24:05
19IPpM-0002pA-IM H=exim-colo-01.whoc.theplanet.co.uk
[195.92.249.251] U=[8f9laRaCvjqIWsCtfmZo05FmBRHhfF0L] Warning:
Spam-Score: 0.8
May 21 11:24:05 mail exim[10860]: [1\38] 2003-05-21 11:24:05
19IPpM-0002pA-IM H=exim-colo-01.whoc.theplanet.co.uk
[195.92.249.251] U=[8f9laRaCvjqIWsCtfmZo05FmBRHhfF0L] Warning:
Spam-Score: 0.8
May 21 11:24:05 mail exim[10860]: [2\38] Envelope-from:
<exim-users-admin@???>
May 21 11:24:05 mail exim[10860]: [3\38] Envelope-to:
<michael.jakscht@???>
May 21 11:24:05 mail exim[10860]: [4\38] P Received: from
exim-colo-01.whoc.theplanet.co.uk ([195.92.249.251] ident
=[8f9laRaCvjqIWsCtfmZo05FmBRHhfF0L])
May 21 11:24:05 mail exim[10860]: [5\38] by mail.vit.de with
esmtp (Exim 4.20)
May 21 11:24:05 mail exim[10860]: [6\38] id 19IPpM-0002pA-IM
May 21 11:24:05 mail exim[10860]: [7\38] for
michael.jakscht@???; Wed, 21 May 2003 11:24:04 +0200
May 21 11:24:05 mail exim[10860]: [8\38] P Received: from
localhost.localdomain ([127.0.0.1]:36212 ident
=[CZu287krFFNSyWjqRmbYIOvumtJoKYy3])
May 21 11:24:05 mail exim[10860]: [9\38] by
exim-colo-01.whoc.theplanet.co.uk with esmtp (Exim 4.20)
May 21 11:24:05 mail exim[10860]: [10\38] id 19IPhB-0007PJ-Qu;
Wed, 21 May 2003 10:15:37 +0100
May 21 11:24:05 mail exim[10860]: [11\38] P Received: from
web20808.mail.yahoo.com ([216.136.226.197]:31724)
May 21 11:24:05 mail exim[10860]: [12\38] by
exim-colo-01.whoc.theplanet.co.uk with smtp (Exim 4.20)
May 21 11:24:05 mail exim[10860]: [13\38] id 19IPc4-0006hU-GX
May 21 11:24:05 mail exim[10860]: [14\38] for
exim-users@???; Wed, 21 May 2003 10:10:20 +0100
May 21 11:24:05 mail exim[10860]: [15\38] I Message-ID:
<20030521091018.27620.qmail@???>
May 21 11:24:05 mail exim[10860]: [16\38] P Received: from
[193.188.97.152] by web20808.mail.yahoo.com via HTTP; Wed, 21 May
2003 02:10:18 PDT
May 21 11:24:05 mail exim[10860]: [17\38] F From: nasir nasir
<kollathodi@???>
May 21 11:24:05 mail exim[10860]: [18\38] T To: exim-users@???
May 21 11:24:05 mail exim[10860]: [19\38] MIME-Version: 1.0
May 21 11:24:05 mail exim[10860]: [20\38]
content-transfer-encoding: 7bit
May 21 11:24:05 mail exim[10860]: [21\38] content-type:
text/plain;
May 21 11:24:05 mail exim[10860]: [22\38] charset=us-ascii
May 21 11:24:05 mail exim[10860]: [23\38] Subject: [Exim]
"Administrative prohibition" error with Amavisd and exim Still not
solved !!!
May 21 11:24:05 mail exim[10860]: [24\38] S Sender:
exim-users-admin@???
May 21 11:24:05 mail exim[10860]: [25\38] Errors-To:
exim-users-admin@???
May 21 11:24:05 mail exim[10860]: [26\38] X-BeenThere:
exim-users@???
May 21 11:24:05 mail exim[10860]: [27\38] X-Mailman-Version:
2.0.13
May 21 11:24:05 mail exim[10860]: [28\38] Precedence: bulk
May 21 11:24:05 mail exim[10860]: [29\38] List-Help:
<mailto:exim-users-request@exim.org?subject=help>
May 21 11:24:05 mail exim[10860]: [30\38] List-Post:
<mailto:exim-users@exim.org>
May 21 11:24:05 mail exim[10860]: [31\38] List-Subscribe:
<http://www.exim.org/mailman/listinfo/exim-users>,
May 21 11:24:05 mail exim[10860]: [32\38]
<mailto:exim-users-request@exim.org?subject=subscribe>
May 21 11:24:05 mail exim[10860]: [33\38] List-Id: A user list for
the exim MTA <exim-users.exim.org>
May 21 11:24:05 mail exim[10860]: [34\38] List-Unsubscribe:
<http://www.exim.org/mailman/listinfo/exim-users>,
May 21 11:24:05 mail exim[10860]: [35\38]
<mailto:exim-users-request@exim.org?subject=unsubscribe>
May 21 11:24:05 mail exim[10860]: [36\38] List-Archive:
<http://www.exim.org/pipermail/exim-users/>
May 21 11:24:05 mail exim[10860]: [37\38] Date: Wed, 21 May 2003
02:10:18 -0700 (PDT)
May 21 11:24:05 mail exim[10860]: [38/38] X-Warning: reverse host
lookup failed
May 21 11:24:05 mail exim[10860]: 2003-05-21 11:24:05
19IPpM-0002pA-IM <= exim-users-admin@???
H=exim-colo-01.whoc.theplanet.co.uk [195.92.249.251] U
=[8f9laRaCvjqIWsCtfmZo05FmBRHhfF0L] P=esmtp S=3386
id=20030521091018.27620.qmail@???
May 21 11:24:05 mail exim[10867]: 2003-05-21 11:24:05
19IPpM-0002pA-IM => michael.jakscht@??? R=smtp_router_rzvmail
T=smtp_transport_von_extern_nach_rzv H=rzvnotes3.vit.de
[172.16.1.18]
May 21 11:24:05 mail exim[10867]: 2003-05-21 11:24:05
19IPpM-0002pA-IM Completed
========================================