Hello,
I think I found the problem:
I have an entry
if error_message then logwrite "$tod_log $message_id has an error_message"
finish
endif
which apparently hit these messages. It seems that some spam senders excite
(on purpose) this error path.
I assume forwarding these messages to an error folder would fix the issue:
if error_message then save Maildir/.AA-bokomoko.error/
logwrite "$tod_log $message_id has an error_message"
finish
endif
Regards
Rainer
Am Dienstag, 30. März 2021, 22:39:29 CEST schrieb Rainer Dorsch via Exim-
users:
> Hello,
>
> I received an email with this header:
>
> Return-path: <>
> Envelope-to: microdollar@???
> Delivery-date: Tue, 30 Mar 2021 14:14:46 +0200
> Received: from [194.87.238.87] (helo=rusohrana.su)
> by contabo.bokomoko.de with esmtp (Exim 4.92)
> id 1lRDGd-0004lC-Dr
> for microdollar@???; Tue, 30 Mar 2021 14:14:46 +0200
> MIME-Version: 1.0
> Message-Id: <INX.HDEkU.1ee9.7a6ae.2e18.iqBX8ac.bounce9@???>
> From: Gewichtsverlust Deal <support-team-146@???>
> Subject: Klicken Sie hier, um einen Zuschuss zu erhalten und Gewicht zu
> verlieren - 14 Kg in 1 Monat
> Reply-To: reply_iqBX8ac.bounce9@???
> To: microdollar@???
> Content-Transfer-Encoding: 7bit
> Content-Type: text/html; charset=UTF-8
> Date: Tue, 30 Mar 2021 14:14:06 +0200
> X-Spam-Score: 3.2 (+++)
>
> my .forward file contains
>
> elif "$original_local_part" is "microdollar" or $h_to: contains
> "microdollar@???" then save Maildir/.AA-bokomoko.spam/
>
> It seems to fail to match the above email:
>
> 2021-03-30 14:14:46 1lRDGd-0004lC-Dr <= <> H=(rusohrana.su) [194.87.238.87]
> P=esmtp K S=4309 id=INX.HDEkU.1ee9.7a6ae.2e18.iqBX8ac.bounce9@???
> 2021-03-30 14:14:46 1lRDGd-0004lC-Dr => rd <microdollar@???>
> R=local_user T=maildir_home
>
> For an email for which the filter applies, I see
>
> 2021-03-29 15:22:17 1lQrqF-00085A-LA <=
> pidVwypcDCvOSxt@??? H=(tr6a.ithound.com) [52.139.24.213]
> P=esmtp K S=2318
> 2021-03-29 15:22:17 1lQrqF-00085A-LA => /home/rd/Maildir/.AA-bokomoko.spam/
> (rd@???) <microdollar@???> R=userforward T=address_directory
> 2021-03-29 15:22:17 1lQrqF-00085A-LA Completed
>
> The corresponding header
>
> Return-path: <pidVwypcDCvOSxt@???>
> Envelope-to: microdollar@???
> Delivery-date: Mon, 29 Mar 2021 15:22:17 +0200
> Received: from [52.139.24.213] (helo=tr6a.ithound.com)
> by contabo.bokomoko.de with esmtp (Exim 4.92)
> (envelope-from <pidVwypcDCvOSxt@???>)
> id 1lQrqF-00085A-LA
> for microdollar@???; Mon, 29 Mar 2021 15:22:17 +0200
> MIME-Version: 1.0
> From: 2DF Bitcoin Bulletin <Bitcoin-Geld-
> iqjGxjnfXj@???>
> Subject: Finden Sie heraus, warum Mark Zuckerberg in Krypto investiert hat.
> Reply-To: reply_to@???
> Message-
> Id:<slcesknsyvjxirwklhfirm_bcmomruqmiv_pokrc_tzedyfulrddkkpnbsygbajgploxijzh
> tk@.amazonses.com> To: microdollar@???
> Content-Transfer-Encoding: 7bit
> Content-Type: text/html; charset=UTF-8
> Date: Mon, 29 Mar 2021 08:21:57 -0500
> X-Spam-Score: 3.5 (+++)
>
>
> Any idea or hint why these two emails are treated differently by the
> .forward file is very welcome.
>
> Thanks
> Rainer
--
Rainer Dorsch
http://bokomoko.de/
