SpamAssassin still checks for Authenticated Users (v10.34)

Raise/discuss any potential issues with MailEnable for consideration in project issue register.
Post Reply
poweredge
Posts: 99
Joined: Sat May 29, 2021 11:16 am

SpamAssassin still checks for Authenticated Users (v10.34)

Post by poweredge » Mon Jun 21, 2021 2:18 pm

Under localhost>extensions>message filter>

I've enabled the option for Bypass SpamAssassin checks for Authenticated Users.
1.jpg
1.jpg (90.1 KiB) Viewed 1336 times
But somehow it's still checked for authenticate users, tried to uncheck and then checked the option to ensure, still the same. (ie, like the issue in Delivery to Junkmail box option in postoffice that I discovered previously)

From SpamAssassin in a box, Spamd.log
Mon Jun 21 20:57:18 2021 [-13000] info: spamd: connection from mewebmail.localhost [127.0.0.1]:59381 to port 783, fd 6
Mon Jun 21 20:57:21 2021 [-13000] info: spamd: checking message <001101d7669c$f706d370$e5147a50$@domain.com> for (unknown):0
Mon Jun 21 20:57:22 2021 [-13000] info: spamd: identified spam (10.5/5.0) for (unknown):0 in 4.2 seconds, 3242 bytes.
Mon Jun 21 20:57:22 2021 [-13000] info: spamd: result: Y 10 - BAYES_99,DOS_OUTLOOK_TO_MX,FSL_HELO_NON_FQDN_1,HELO_NO_DOMAIN,HTML_MESSAGE,RCVD_IN_PBL,RDNS_NONE scantime=4.2,size=3242,user=(unknown),uid=0,required_score=5.0,rhost=mewebmail.localhost,raddr=127.0.0.1,rport=59381,mid=<001101d7669c$f706d370$e5147a50$@domain.com>,bayes=0.996158,autolearn=no autolearn_force=no,shortcircuit=no

From MTAFilter-Report.log
06/21/21 20:48:00 Executed EE9C11F509DC4C60A00881E81A97BF06.MAI SMTP SpamAssassin ADD_SUBJECT_PREFIX,ADD_HEADER [SMTP:sender@domain.com] 61.93.154.60 CRITERIA=SPAMASSASSIN, DATA=<PASS>1</PASS> l koral new order

SpamAssassin is the customized filter I've added.
2.jpg
2.jpg (203.47 KiB) Viewed 1336 times
EE9C11F509DC4C60A00881E81A97BF06.MAI
The user@domain.com send a testing message via SMTP to himself, with subject "koral new order" and empty body

MailEnable-Ian
Site Admin
Posts: 9483
Joined: Mon Mar 22, 2004 4:44 am
Location: Melbourne, Victoria, Australia

Re: SpamAssassin still checks for Authenticated Users (v10.34)

Post by MailEnable-Ian » Tue Jun 22, 2021 5:12 am

Hi,

How did the user send the message? Was it using a third party email client? Or via web mail?
Regards,

Ian Margarone
MailEnable Support

poweredge
Posts: 99
Joined: Sat May 29, 2021 11:16 am

Re: SpamAssassin still checks for Authenticated Users (v10.34)

Post by poweredge » Tue Jun 22, 2021 6:05 am

MailEnable-Ian wrote:
Tue Jun 22, 2021 5:12 am
Hi,

How did the user send the message? Was it using a third party email client? Or via web mail?
He sent the message via Outlook, so it's authenticated via SMTP. I understand if it's via webmail, then it's treated local, and hence not authenticated.

Btw, I think this is related to question #3 in my previous post.
https://mailenable.com/forum/viewtopic.php?f=7&t=43929
3. Duplicated Filter?
a. "SpamAssassin" is a custom glogal filter I created, "Where the message fails SpamAssassin verification" > Mark as Spam
b. Spam Protection already has "Fails SpamAssassin" Positive Weighting > Mark as Spam, hence trigger the above [System Spam Filter]

So did I just create a duplicated filter? as Fails SA rule in Spam Protection will already Mark as Spam>Junk Mail folder.
I believe now my customized Spamassassin filter is a duplicated one which caused the problem.

I removed it (ie, the customized Spamassassin global filter) and [SPAM] prefix is no longer added for the same authenticated user.

But still doesn't quite explain why the option Bypass Authenticated user still get checked by Spamassassin.

Post Reply