Mails als SPAM deklariert, obwohl kein SPAM

DripleX

Member
Ich habe seit neuerem das Problem, dass E-Mails mit SPAM gekennzeichnet werden, obwohl diese gar keine SPAM Nachrichten sind.
Meistens haben diese Mails Anhänge wie PDF, WORD und/oder EXCEL Dokumente.
Oft sind es auch Mails welche ich mir selber als Kopie sende.

Hier eine Beispielnachricht, welche gekürzt und zensiert ist:
Code:
Return-Path: <info@***.de>
X-Original-To: info@***.de
Delivered-To: info@***.de
Received: from localhost (localhost [127.0.0.1])
    by ***.yourvserver.net (Postfix) with ESMTP id 40C1210172F
    for <info@***.de>; Mon, 12 Jan 2015 16:04:59 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=***.de;
    s=default; t=1421075099;
    bh=FU5J/7T5ORJlos/K0upL7U9WVuiOVBwlQs/YlShwhrw=;
    h=From:To:Cc:Subject:Date:From;
    b=gDBepY2y3prNjyw2233itAHyVTG8Hfs9F18Bnepam8GtT1g7WwGRFMGybgY+P7d2+
     5QO803Q3+Xwedqb0/OY55SVbSbvlUSgIEHngKI/K+Ih1eAQpfewM2VGghS3MjFYwDZ
     ElyOXhofrPmqpDsvFg0QFuYyCPeRPjkDttZfjmtY=
X-Virus-Scanned: Debian amavisd-new at ***.yourvserver.net
X-Spam-Flag: NO
X-Spam-Score: 2.082
X-Spam-Level: **
X-Spam-Status: No, score=2.082 tagged_above=2 required=7
    tests=[ALL_TRUSTED=-1, BAYES_00=-1.9, DKIM_SIGNED=0.1,
    DNS_FROM_AHBL_RHSBL=2.699, HTML_MESSAGE=0.001, TVD_RCVD_SINGLE=2.172,
    T_DKIM_INVALID=0.01] autolearn=no
Received: from ***.yourvserver.net ([127.0.0.1])
    by localhost (***.yourvserver.net [127.0.0.1]) (amavisd-new, port 10024)
    with ESMTP id 8A6nZSMIa9NV; Mon, 12 Jan 2015 16:04:58 +0100 (CET)
Received: from HANSSONY (ppp-83-171-161-214.dynamic.mnet-online.de [83.171.161.214])
    (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
    (No client certificate requested)
    (Authenticated sender: info@***.de)
    by ***.yourvserver.net (Postfix) with ESMTPSA id 9A8B1FFA2F;
    Mon, 12 Jan 2015 16:04:57 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=***.de;
    s=default; t=1421075098;
    bh=FU5J/7T5ORJlos/K0upL7U9WVuiOVBwlQs/YlShwhrw=;
    h=From:To:Cc:Subject:Date:From;
    b=Ju/ziU1zoS4r9HJHhYHiNiKuRscmFo9QS/Bnfsfm2VDTME59clUj3vf2WkMUJVxlH
     SdLFA5l6cXrVM45l2WgUTaqFknniyLs3LHrbxj/UutYqynr0C//m+G0IaFjRbfU4dm
     oxocwOo5lNC+YDtKgiTMGEbh/yR3tKLWju8gX4bs=
From: =?UTF-8?Q?Hans=
    =?UTF-8?Q?r?= <info@***.de>
To: "'Manuela'" <manuela@***.com>
Cc: "Jens" <jens@***.com>
Subject: [SPAM] Mettler, Hausmesser
Date: Mon, 12 Jan 2015 16:04:57 +0100
Message-ID: <00b801d02e79$21505e20$63f11a60$@***.de>
MIME-Version: 1.0
Content-Type: multipart/mixed;
    boundary="----=_NextPart_000_00B9_01D02E81.831625B0"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AdAueSDWlYkImg2pRAqreWP5pcs8+A==
Content-Language: de

This is a multipart message in MIME format.

------=_NextPart_000_00B9_01D02E81.831625B0
Content-Type: multipart/alternative;
    boundary="----=_NextPart_001_00BA_01D02E81.831625B0"


------=_NextPart_001_00BA_01D02E81.831625B0
Content-Type: text/plain;
    charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

***EMAIL-NACHRICHT***


------=_NextPart_001_00BA_01D02E81.831625B0
Content-Type: text/html;
    charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =
xmlns=3D"http://www.w3.org/TR/REC-html40"><head><meta =
http-equiv=3DContent-Type content=3D"text/html; charset=3Dutf-8"><meta =
name=3DGenerator content=3D"Microsoft Word 14 (filtered =
medium)"><style><!--
/* Font Definitions */
@font-face
    {font-family:Calibri;
    panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
    {margin:0cm;
    margin-bottom:.0001pt;
    font-size:11.0pt;
    font-family:"Calibri","sans-serif";
    mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
    {mso-style-priority:99;
    color:blue;
    text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
    {mso-style-priority:99;
    color:purple;
    text-decoration:underline;}
span.E-MailFormatvorlage17
    {mso-style-type:personal-compose;
    font-family:"Arial","sans-serif";
    color:windowtext;
    font-weight:normal;
    font-style:normal;}
.MsoChpDefault
    {mso-style-type:export-only;
    font-family:"Calibri","sans-serif";
    mso-fareast-language:EN-US;}
@page WordSection1
    {size:612.0pt 792.0pt;
    margin:70.85pt 70.85pt 2.0cm 70.85pt;}
div.WordSection1
    {page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]--></head><body lang=3DDE link=3Dblue =
vlink=3Dpurple><div class=3DWordSection1><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'>Hallo =
Manuela,=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 =
<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'><o:p>&nbsp;</=
o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'>ich hatte =
vergessen dir eine Messe zu melden, die zweite Hausmesse bei Mettler, =
siehe Anlage. Der Kunde veranstaltet eine gro=C3=9Fe Hausmesse im =
M=C3=A4rz, die mit der Messe zu Weihnachten nicht vergleichbar =
ist.<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'>Der Kunde =
hat zwar erst einmal bestellt, aber er m=C3=B6chte zuk=C3=BCnftig =
Beretta Artikel kaufen. Diese Messe w=C3=A4re dann unser =
Durchbruch.<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'>Der Beretta =
Anteil der Messekosten w=C3=A4re =E2=82=AC 250,00 + =E2=82=AC 300,00 um =
f=C3=BCr zwei Tage eine Werbedame zu bezahlen, also insgesamt =E2=82=AC =
550,00. <o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'>Bitte gebe =
mir deine Zusage, die Fa. Mettler ist einer der gro=C3=9Fen Service- =
Bund Mitglieder.<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'><o:p>&nbsp;</=
o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'>Danke =
f=C3=BCr ihre Info.<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'><o:p>&nbsp;</=
o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'>Gru=C3=9F =
Hans<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'><o:p>&nbsp;</=
o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'><o:p>&nbsp;</=
o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;mso-fareast-language:DE'>&nbsp;</span><span =
style=3D'font-size:12.0pt;mso-fareast-language:DE'><o:p></o:p></span></p>=
<p class=3DMsoNormal><span =
style=3D'mso-fareast-language:DE'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'mso-fareast-language:DE'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p></div></body></html>
------=_NextPart_001_00BA_01D02E81.831625B0--

------=_NextPart_000_00B9_01D02E81.831625B0
Content-Type: application/pdf;
    name="***.pdf"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
    filename="***.pdf"

Auf dem Server läuft Debian Wheezey (Debian Linux 7)
ISPConfig 3.0.5.4p5
Linux 3.2.0-4-amd64 on x86_64

An was kann das liegen?
 

DripleX

Member
Meine main.cf:
Code:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = /usr/share/doc/postfix

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_tls_CAfile = /usr/local/ispconfig/interface/ssl/startssl.chain.class1.server.crt
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = ***.yourvserver.net
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
myorigin = /etc/mailname
mydestination = ***.yourvserver.net, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8 [::1]/128
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
html_directory = /usr/share/doc/postfix/html
virtual_alias_domains =
virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /var/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
inet_protocols = all
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_invalid_hostname,
    reject_non_fqdn_hostname,
    reject_non_fqdn_recipient,
    reject_non_fqdn_sender,
    reject_unauth_destination,
    reject_unknown_sender_domain,
    reject_unknown_recipient_domain,
    check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf,
    reject_unknown_client,
    warn_if_reject reject_unknown_hostname,
    #check_policy_service inet:127.0.0.1:10023
    permit
smtpd_tls_security_level = may
transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
smtpd_client_message_rate_limit = 100
maildrop_destination_concurrency_limit = 1
maildrop_destination_recipient_limit = 1
virtual_transport = dovecot
header_checks = regexp:/etc/postfix/header_checks
mime_header_checks = regexp:/etc/postfix/mime_header_checks
nested_header_checks = regexp:/etc/postfix/nested_header_checks
body_checks = regexp:/etc/postfix/body_checks
owner_request_special = no
dovecot_destination_recipient_limit = 1
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings
message_size_limit = 0

milter_default_action = accept
milter_protocol = 6
smtpd_milters = inet:localhost:4526
non_smtpd_milters = inet:localhost:4526

smtpd_helo_required = yes
disable_vrfy_command = yes
strict_rfc821_envelopes = yes
invalid_hostname_reject_code = 554
multi_recipient_bounce_reject_code = 554
non_fqdn_reject_code = 554
relay_domains_reject_code = 554
unknown_address_reject_code = 554
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
unknown_local_recipient_reject_code = 554
unknown_relay_recipient_reject_code = 554
#unknown_sender_reject_code = 554
unknown_virtual_alias_reject_code = 554
unknown_virtual_mailbox_reject_code = 554
unverified_recipient_reject_code = 554
unverified_sender_reject_code = 554
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2,!SSLv3
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_delay_reject = yes
smtp_tls_protocols = !SSLv2,!SSLv3
smtp_tls_security_level = may
smtp_tls_ciphers = export
smtpd_tls_received_header = yes
smtp_tls_loglevel = 1
smtpd_tls_loglevel = 1
smtpd_tls_eecdh_grade = strong
tls_preempt_cipherlist = yes

postscreen_greet_action = enforce
postscreen_helo_required = yes
postscreen_dnsbl_threshold = 2
postscreen_dnsbl_action = drop
postscreen_dnsbl_sites = zen.spamhaus.org*2
        bl.spamcop.net*1 b.barracudacentral.org*1
        ix.dnsbl.manitu.net
postscreen_dnsbl_action = drop
postscreen_enforce_tls = $smtpd_enforce_tls
postscreen_use_tls = $smtpd_use_tls

smtpd_reject_footer = Contact postmaster@***.de for technical
assistance. Please provide the following information in your
problem report: error message, time ($localtime),
client ($client_address) and server ($server_name).
We speak both English and German.

postscreen_reject_footer = Contact postmaster@***.de for technical
assistance. Please provide the following information in your
problem report: error message, time ($localtime),
client ($client_address) and server ($server_name).
We speak both English and German.

Noch meine Spamfilter Richtlinie:
Code:
SPAM Markierungslevel = 2
SPAM Markierungslevel 2 = 7
SPAM Markierungslevel Kill = 7
SPAM Markierungslevel DSN Cutoff = 0
SPAM Markierungslevel Quarantine Cutoff = 0
SPAM ändert Betreff = Yes
SPAM Betreff Markierung = [SPAM]
SPAM Betreff Markierung 2 = [SPAM]
 
Zuletzt bearbeitet:

Till

Administrator
Das Problem ist dass die shbl Relatime blacklist abgeschaltet wurde und das Deim amavis / spamassasin noch nicht weiß. Führe mal aus:

sa-update

und starte dann amavis neu.
 

DripleX

Member
Danke für deine Hilfe, habe es soeben ausgeführt.

Ist meine main.cf so auch in Ordnung, oder sollte ich da was verbessern?
 

Werbung

Top