wpatterson82
asked on
Email / Exchange / PostFix / MailScanner / ClamAV / SpamAssassin sending to wrong address ..
Ok,
I just setup a linux based spam filter/relay using MailScanner, ClamAV, and SpamAssassin. When an email arrives it scans the messages and then forwards it on to my exchange server if everything is ok and clean.
Everything works in regards to scanning incoming emails and filtering, however for some reason, once an email passes the filters it gets forwarded to the address "ok@mydomain.com".
The weird part is that all the headers say it should go to the actual email address. It's blowing my mind.
Here is what my /var/log/maillog looks like once the scan has completed and it forwards the message on:
Notice it is sending to "ok@mydomain.com" with an "orig_to" the actual email address.
Now, I tried to add the address "ok@mydomain.com" as an alias to my account, but that just makes EVERY email in my organization go to ME. Even when the "TO:" address has someone elses email address on it.
Here's the header from an email message that I received that was meant to someone else. You'll notice everything in the header says it's destined for "russ@mydomain.com". But because I added the email account "ok@mydomain.com" as my alias, I received it.
Wtf!?
Here's the header:
Everything would work PERFECTLY, if it would forward to the address it has listed in the "orig_" field ..
Any ideas? I don't know if it's MailScanner, or ClamAV, or SpamAssassin sending to that address, but I can't find reference to "ok@" after grepping for hours...
Thanks,
Bill
I just setup a linux based spam filter/relay using MailScanner, ClamAV, and SpamAssassin. When an email arrives it scans the messages and then forwards it on to my exchange server if everything is ok and clean.
Everything works in regards to scanning incoming emails and filtering, however for some reason, once an email passes the filters it gets forwarded to the address "ok@mydomain.com".
The weird part is that all the headers say it should go to the actual email address. It's blowing my mind.
Here is what my /var/log/maillog looks like once the scan has completed and it forwards the message on:
May 6 08:04:28 hostfilter postfix/smtp[24950]: 8081C6567B5: to=<ok@mydomain.com>, orig_to=<wpatterson@mydomain.com>, relay=172.25.2.249[172.25.2.249]:25, delay=22, delays=21/0.01/0/0.18, dsn=2.6.0, status=sent (250 2.6.0 <20110506140413.94AA96567AB@hostfilter.mydomain.com> Queued mail for delivery)
Notice it is sending to "ok@mydomain.com" with an "orig_to" the actual email address.
Now, I tried to add the address "ok@mydomain.com" as an alias to my account, but that just makes EVERY email in my organization go to ME. Even when the "TO:" address has someone elses email address on it.
Here's the header from an email message that I received that was meant to someone else. You'll notice everything in the header says it's destined for "russ@mydomain.com". But because I added the email account "ok@mydomain.com" as my alias, I received it.
Wtf!?
Here's the header:
X-Antivirus: AVG for E-mail
Received: from hostfilter.mydomain.com (172.25.2.141) by
peak2010.mydomain.com (172.25.2.249) with Microsoft SMTP Server id
8.2.255.0; Fri, 6 May 2011 07:58:41 -0600
Received: from col0-omc2-s2.col0.hotmail.com (col0-omc2-s2.col0.hotmail.com
[65.55.34.76]) by hostfilter.mydomain.com (Postfix) with ESMTP id
AA8E16567AB for <russ@mydomain.com>; Fri, 6 May 2011 07:59:22 -0600 (MDT)
Received: from COL106-W58 ([65.55.34.71]) by col0-omc2-s2.col0.hotmail.com
with Microsoft SMTPSVC(6.0.3790.4675); Fri, 6 May 2011 06:59:20 -0700
Message-ID: <col106-w589F1D49081EA69F5EA62EF1830@phx.gbl>
Content-Type: multipart/alternative;
boundary="_3542a2d4-c50f-40a5-8b71-e6f7c1b62089_"
X-Originating-IP: [209.48.126.163]
From: Bill Patterson <asdf@hotmail.com>
To: <russ@mydomain.com>
Subject: Testing
Date: Fri, 6 May 2011 07:59:19 -0600
Importance: Normal
MIME-Version: 1.0
X-OriginalArrivalTime: 06 May 2011 13:59:20.0252 (UTC) FILETIME=[CBE41FC0:01CC0BF5]
X-peakalarm-MailScanner-Information: Please contact the ISP for more information
X-peakalarm-MailScanner-ID: AA8E16567AB.A66B8
X-peakalarm-MailScanner: Found to be clean
X-peakalarm-MailScanner-From: asdf@hotmail.com
X-Spam-Status: No
Return-Path: asdf@hotmail.com
Everything would work PERFECTLY, if it would forward to the address it has listed in the "orig_" field ..
Any ideas? I don't know if it's MailScanner, or ClamAV, or SpamAssassin sending to that address, but I can't find reference to "ok@" after grepping for hours...
Thanks,
Bill
How or where are you adding the alias ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Open all your rules and look for the e-mail, this seems to be in the filter rules not the config files of your mails.
ASKER
Closed