Mails als SPAM deklariert, obwohl kein SPAM

#1
Ich habe seit neuerem das Problem, dass E-Mails mit SPAM gekennzeichnet werden, obwohl diese gar keine SPAM Nachrichten sind.
Meistens haben diese Mails Anhänge wie PDF, WORD und/oder EXCEL Dokumente.
Oft sind es auch Mails welche ich mir selber als Kopie sende.

Hier eine Beispielnachricht, welche gekürzt und zensiert ist:
Code:
Return-Path: <info@***.de>
X-Original-To: info@***.de
Delivered-To: info@***.de
Received: from localhost (localhost [127.0.0.1])
    by ***.yourvserver.net (Postfix) with ESMTP id 40C1210172F
    for <info@***.de>; Mon, 12 Jan 2015 16:04:59 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=***.de;
    s=default; t=1421075099;
    bh=FU5J/7T5ORJlos/K0upL7U9WVuiOVBwlQs/YlShwhrw=;
    h=From:To:Cc:Subject:Date:From;
    b=gDBepY2y3prNjyw2233itAHyVTG8Hfs9F18Bnepam8GtT1g7WwGRFMGybgY+P7d2+
     5QO803Q3+Xwedqb0/OY55SVbSbvlUSgIEHngKI/K+Ih1eAQpfewM2VGghS3MjFYwDZ
     ElyOXhofrPmqpDsvFg0QFuYyCPeRPjkDttZfjmtY=
X-Virus-Scanned: Debian amavisd-new at ***.yourvserver.net
X-Spam-Flag: NO
X-Spam-Score: 2.082
X-Spam-Level: **
X-Spam-Status: No, score=2.082 tagged_above=2 required=7
    tests=[ALL_TRUSTED=-1, BAYES_00=-1.9, DKIM_SIGNED=0.1,
    DNS_FROM_AHBL_RHSBL=2.699, HTML_MESSAGE=0.001, TVD_RCVD_SINGLE=2.172,
    T_DKIM_INVALID=0.01] autolearn=no
Received: from ***.yourvserver.net ([127.0.0.1])
    by localhost (***.yourvserver.net [127.0.0.1]) (amavisd-new, port 10024)
    with ESMTP id 8A6nZSMIa9NV; Mon, 12 Jan 2015 16:04:58 +0100 (CET)
Received: from HANSSONY (ppp-83-171-161-214.dynamic.mnet-online.de [83.171.161.214])
    (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
    (No client certificate requested)
    (Authenticated sender: info@***.de)
    by ***.yourvserver.net (Postfix) with ESMTPSA id 9A8B1FFA2F;
    Mon, 12 Jan 2015 16:04:57 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=***.de;
    s=default; t=1421075098;
    bh=FU5J/7T5ORJlos/K0upL7U9WVuiOVBwlQs/YlShwhrw=;
    h=From:To:Cc:Subject:Date:From;
    b=Ju/ziU1zoS4r9HJHhYHiNiKuRscmFo9QS/Bnfsfm2VDTME59clUj3vf2WkMUJVxlH
     SdLFA5l6cXrVM45l2WgUTaqFknniyLs3LHrbxj/UutYqynr0C//m+G0IaFjRbfU4dm
     oxocwOo5lNC+YDtKgiTMGEbh/yR3tKLWju8gX4bs=
From: =?UTF-8?Q?Hans=
    =?UTF-8?Q?r?= <info@***.de>
To: "'Manuela'" <manuela@***.com>
Cc: "Jens" <jens@***.com>
Subject: [SPAM] Mettler, Hausmesser
Date: Mon, 12 Jan 2015 16:04:57 +0100
Message-ID: <00b801d02e79$21505e20$63f11a60$@***.de>
MIME-Version: 1.0
Content-Type: multipart/mixed;
    boundary="----=_NextPart_000_00B9_01D02E81.831625B0"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AdAueSDWlYkImg2pRAqreWP5pcs8+A==
Content-Language: de

This is a multipart message in MIME format.

------=_NextPart_000_00B9_01D02E81.831625B0
Content-Type: multipart/alternative;
    boundary="----=_NextPart_001_00BA_01D02E81.831625B0"


------=_NextPart_001_00BA_01D02E81.831625B0
Content-Type: text/plain;
    charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

***EMAIL-NACHRICHT***


------=_NextPart_001_00BA_01D02E81.831625B0
Content-Type: text/html;
    charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =
xmlns=3D"http://www.w3.org/TR/REC-html40"><head><meta =
http-equiv=3DContent-Type content=3D"text/html; charset=3Dutf-8"><meta =
name=3DGenerator content=3D"Microsoft Word 14 (filtered =
medium)"><style><!--
/* Font Definitions */
@font-face
    {font-family:Calibri;
    panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
    {margin:0cm;
    margin-bottom:.0001pt;
    font-size:11.0pt;
    font-family:"Calibri","sans-serif";
    mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
    {mso-style-priority:99;
    color:blue;
    text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
    {mso-style-priority:99;
    color:purple;
    text-decoration:underline;}
span.E-MailFormatvorlage17
    {mso-style-type:personal-compose;
    font-family:"Arial","sans-serif";
    color:windowtext;
    font-weight:normal;
    font-style:normal;}
.MsoChpDefault
    {mso-style-type:export-only;
    font-family:"Calibri","sans-serif";
    mso-fareast-language:EN-US;}
@page WordSection1
    {size:612.0pt 792.0pt;
    margin:70.85pt 70.85pt 2.0cm 70.85pt;}
div.WordSection1
    {page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]--></head><body lang=3DDE link=3Dblue =
vlink=3Dpurple><div class=3DWordSection1><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'>Hallo =
Manuela,=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 =
<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'><o:p>&nbsp;</=
o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'>ich hatte =
vergessen dir eine Messe zu melden, die zweite Hausmesse bei Mettler, =
siehe Anlage. Der Kunde veranstaltet eine gro=C3=9Fe Hausmesse im =
M=C3=A4rz, die mit der Messe zu Weihnachten nicht vergleichbar =
ist.<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'>Der Kunde =
hat zwar erst einmal bestellt, aber er m=C3=B6chte zuk=C3=BCnftig =
Beretta Artikel kaufen. Diese Messe w=C3=A4re dann unser =
Durchbruch.<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'>Der Beretta =
Anteil der Messekosten w=C3=A4re =E2=82=AC 250,00 + =E2=82=AC 300,00 um =
f=C3=BCr zwei Tage eine Werbedame zu bezahlen, also insgesamt =E2=82=AC =
550,00. <o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'>Bitte gebe =
mir deine Zusage, die Fa. Mettler ist einer der gro=C3=9Fen Service- =
Bund Mitglieder.<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'><o:p>&nbsp;</=
o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'>Danke =
f=C3=BCr ihre Info.<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'><o:p>&nbsp;</=
o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'>Gru=C3=9F =
Hans<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'><o:p>&nbsp;</=
o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;font-family:"Arial","sans-serif"'><o:p>&nbsp;</=
o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:12.0pt;mso-fareast-language:DE'>&nbsp;</span><span =
style=3D'font-size:12.0pt;mso-fareast-language:DE'><o:p></o:p></span></p>=
<p class=3DMsoNormal><span =
style=3D'mso-fareast-language:DE'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'mso-fareast-language:DE'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p></div></body></html>
------=_NextPart_001_00BA_01D02E81.831625B0--

------=_NextPart_000_00B9_01D02E81.831625B0
Content-Type: application/pdf;
    name="***.pdf"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
    filename="***.pdf"
Auf dem Server läuft Debian Wheezey (Debian Linux 7)
ISPConfig 3.0.5.4p5
Linux 3.2.0-4-amd64 on x86_64

An was kann das liegen?
 
#2
Meine main.cf:
Code:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = /usr/share/doc/postfix

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_tls_CAfile = /usr/local/ispconfig/interface/ssl/startssl.chain.class1.server.crt
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = ***.yourvserver.net
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
myorigin = /etc/mailname
mydestination = ***.yourvserver.net, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8 [::1]/128
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
html_directory = /usr/share/doc/postfix/html
virtual_alias_domains =
virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /var/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
inet_protocols = all
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_invalid_hostname,
    reject_non_fqdn_hostname,
    reject_non_fqdn_recipient,
    reject_non_fqdn_sender,
    reject_unauth_destination,
    reject_unknown_sender_domain,
    reject_unknown_recipient_domain,
    check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf,
    reject_unknown_client,
    warn_if_reject reject_unknown_hostname,
    #check_policy_service inet:127.0.0.1:10023
    permit
smtpd_tls_security_level = may
transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
smtpd_client_message_rate_limit = 100
maildrop_destination_concurrency_limit = 1
maildrop_destination_recipient_limit = 1
virtual_transport = dovecot
header_checks = regexp:/etc/postfix/header_checks
mime_header_checks = regexp:/etc/postfix/mime_header_checks
nested_header_checks = regexp:/etc/postfix/nested_header_checks
body_checks = regexp:/etc/postfix/body_checks
owner_request_special = no
dovecot_destination_recipient_limit = 1
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings
message_size_limit = 0

milter_default_action = accept
milter_protocol = 6
smtpd_milters = inet:localhost:4526
non_smtpd_milters = inet:localhost:4526

smtpd_helo_required = yes
disable_vrfy_command = yes
strict_rfc821_envelopes = yes
invalid_hostname_reject_code = 554
multi_recipient_bounce_reject_code = 554
non_fqdn_reject_code = 554
relay_domains_reject_code = 554
unknown_address_reject_code = 554
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
unknown_local_recipient_reject_code = 554
unknown_relay_recipient_reject_code = 554
#unknown_sender_reject_code = 554
unknown_virtual_alias_reject_code = 554
unknown_virtual_mailbox_reject_code = 554
unverified_recipient_reject_code = 554
unverified_sender_reject_code = 554
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2,!SSLv3
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_delay_reject = yes
smtp_tls_protocols = !SSLv2,!SSLv3
smtp_tls_security_level = may
smtp_tls_ciphers = export
smtpd_tls_received_header = yes
smtp_tls_loglevel = 1
smtpd_tls_loglevel = 1
smtpd_tls_eecdh_grade = strong
tls_preempt_cipherlist = yes

postscreen_greet_action = enforce
postscreen_helo_required = yes
postscreen_dnsbl_threshold = 2
postscreen_dnsbl_action = drop
postscreen_dnsbl_sites = zen.spamhaus.org*2
        bl.spamcop.net*1 b.barracudacentral.org*1
        ix.dnsbl.manitu.net
postscreen_dnsbl_action = drop
postscreen_enforce_tls = $smtpd_enforce_tls
postscreen_use_tls = $smtpd_use_tls

smtpd_reject_footer = Contact postmaster@***.de for technical
assistance. Please provide the following information in your
problem report: error message, time ($localtime),
client ($client_address) and server ($server_name).
We speak both English and German.

postscreen_reject_footer = Contact postmaster@***.de for technical
assistance. Please provide the following information in your
problem report: error message, time ($localtime),
client ($client_address) and server ($server_name).
We speak both English and German.
Noch meine Spamfilter Richtlinie:
Code:
SPAM Markierungslevel = 2
SPAM Markierungslevel 2 = 7
SPAM Markierungslevel Kill = 7
SPAM Markierungslevel DSN Cutoff = 0
SPAM Markierungslevel Quarantine Cutoff = 0
SPAM ändert Betreff = Yes
SPAM Betreff Markierung = [SPAM]
SPAM Betreff Markierung 2 = [SPAM]
 
Zuletzt bearbeitet:

Till

Administrator
#3
Das Problem ist dass die shbl Relatime blacklist abgeschaltet wurde und das Deim amavis / spamassasin noch nicht weiß. Führe mal aus:

sa-update

und starte dann amavis neu.
 

Werbung

Top