Amavisd - domain blacklist issue - add and then remove not working correctly?

[mshanley]

Hi,
Wierd problem..

Wiki says you can edit amavisd.conf.in to add a domain for blacklisting.
use a postive number to blacklist and neg number to whitelist

Example:

I blacklisted *@therosterdenver.com by using 25

# read_hash("/var/amavis/sender_scores_sitewide"),

{ # a hash-type lookup table (associative array)
'nobody@cert.org' => -3.0,
'*therosterdenver.com' => 25.0,


now I wanted to make sure it works so to remove blacklist i changed entry to -25

# read_hash("/var/amavis/sender_scores_sitewide"),

{ # a hash-type lookup table (associative array)
'nobody@cert.org' => -3.0,
'*therosterdenver.com' => -25.0,

I restarted server!

PROBLEM:
For some reason when i send e-mail to user@therosterdenver.com it come back to me in my inbox.
since it comes to me, i am not sure it's going out.
no idea why...????

Here is the header from the mail that was sent back to me..? Confused?


Return-Path: shon+caf_=mshanley=coloradoonly.com@theroster.com
Received: from mail.coloradoonly.com (LHLO mail.coloradoonly.com)
(192.168.1.5) by mail.coloradoonly.com with LMTP; Tue, 8 Dec 2009 09:58:41
-0700 (MST)
Received: from localhost (localhost.localdomain [127.0.0.1])
by mail.coloradoonly.com (Postfix) with ESMTP id D457F6D4034
for <mshanley@coloradoonly.com>; Tue, 8 Dec 2009 09:58:41 -0700 (MST)
X-Virus-Scanned: amavisd-new at coloradoonly.com
X-Spam-Flag: NO
X-Spam-Score: -3.419
X-Spam-Level:
X-Spam-Status: No, score=-3.419 tagged_above=-10 required=6.6
tests=[AWL=-0.821, BAYES_00=-2.599, HTML_MESSAGE=0.001]
autolearn=unavailable
Received: from mail.coloradoonly.com ([127.0.0.1])
by localhost (mail.coloradoonly.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id gvpTJlCbbCvp for <mshanley@coloradoonly.com>;
Tue, 8 Dec 2009 09:58:37 -0700 (MST)
Received: from mail-pw0-f53.google.com (mail-pw0-f53.google.com [209.85.160.53])
by mail.coloradoonly.com (Postfix) with ESMTP id 6FE5C6D4031
for <mshanley@coloradoonly.com>; Tue, 8 Dec 2009 09:58:35 -0700 (MST)
Received: by mail-pw0-f53.google.com with SMTP id 11so2344527pwi.32
for <mshanley@coloradoonly.com>; Tue, 08 Dec 2009 09:07:52 -0800 (PST)
Received: by 10.140.237.17 with SMTP id k17mr11767rvh.56.1260292072092;
Tue, 08 Dec 2009 09:07:52 -0800 (PST)
X-Forwarded-To: mshanley@coloradoonly.com
X-Forwarded-For: shon@theroster.com mshanley@coloradoonly.com

Delivered-To: shon@therosterdenver.com

Received: by 10.140.135.5 with SMTP id i5cs260808rvd;
Tue, 8 Dec 2009 09:07:51 -0800 (PST)
Received: by 10.101.136.3 with SMTP id o3mr1496193ann.173.1260292071403;


Tue, 08 Dec 2009 09:07:51 -0800 (PST)

Received: from mail.coloradoonly.com (mail.coloradoonly.com [173.8.226.219])
by mx.google.com with ESMTP id 9si12957876yxe.59.2009.12.08.09.07.50;
Tue, 08 Dec 2009 09:07:51 -0800 (PST)
Received-SPF: pass (google.com: domain of mshanley@coloradoonly.com designates 173.8.226.219 as permitted sender) client-ip=173.8.226.219;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of mshanley@coloradoonly.com designates 173.8.226.219 as permitted sender) smtp.mail=mshanley@coloradoonly.com

Received: from localhost (localhost.localdomain [127.0.0.1])
by mail.coloradoonly.com (Postfix) with ESMTP id 7A2B56D4034
for <shon@therosterdenver.com>; Tue, 8 Dec 2009 09:58:33 -0700 (MST)
X-Virus-Scanned: amavisd-new at coloradoonly.com

Received: from mail.coloradoonly.com ([127.0.0.1])
by localhost (mail.coloradoonly.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id FfwOJnIAF3Ri for <shon@therosterdenver.com>;
Tue, 8 Dec 2009 09:58:33 -0700 (MST)

Received: from mitch (unknown [192.168.1.1])
by mail.coloradoonly.com (Postfix) with ESMTPSA id 1114D6D4031
for <shon@therosterdenver.com>; Tue, 8 Dec 2009 09:58:33 -0700 (MST)

From: "Mitch Shanley" <mshanley@coloradoonly.com>
To: "'Shon Romines'" <shon@therosterdenver.com>
Subject: FW: Hi
Date: Tue, 8 Dec 2009 10:07:50 -0700
Message-ID: <7013922F40504FAC96E7D5EF96F65C6B@mitch>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0008_01CA77EE.4C88B570"
X-Mailer: Microsoft Office Outlook 11
Thread-Index: Acp4Jj7LRmsoQykDT+yVCEEaGU96mgAArSew
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579

[mshanley]

Dec 8 10:15:54 mail postfix/smtpd[3795]: connect from unknown[192.168.1.1]
Dec 8 10:15:54 mail postfix/smtpd[3795]: setting up TLS connection from unknown[192.168.1.1]
Dec 8 10:15:54 mail postfix/smtpd[3795]: Anonymous TLS connection established from unknown[192.168.1.1]: TLSv1 with cipher RC4-MD5 (128/128 bits)
Dec 8 10:15:54 mail saslauthd[11807]: zmauth: authenticating against elected url 'https://mail.coloradoonly.com:7071/service/admin/soap/' ...
Dec 8 10:15:54 mail saslauthd[11807]: zmpost: url='https://mail.coloradoonly.com:7071/service/admin/soap/' returned buffer->data='<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope"><soap:Header><context xmlns="urn:zimbra"><change token="18802"/></context></soap:Header><soap:Body><AuthResponse xmlns="urn:zimbraAccount"><authToken>0_b87a7dac427 4f7765eaaf0d5bc46a49583bc9a89_69643d33363a34363538 373062382d623735362d346336302d613865652d6633666332 643236356335383b6578703d31333a31323630343635333534 3638393b747970653d363a7a696d6272613b</authToken><lifetime>172800000</lifetime><skin>sky</skin></AuthResponse></soap:Body></soap:Envelope>', hti->error=''
Dec 8 10:15:54 mail saslauthd[11807]: auth_zimbra: mshanley auth OK
Dec 8 10:15:54 mail postfix/smtpd[3795]: AED096D4031: client=unknown[192.168.1.1], sasl_method=LOGIN, sasl_username=mshanley
Dec 8 10:15:54 mail postfix/cleanup[3798]: AED096D4031: message-id=<A6248FF454D3497DBAED652AFAA8DC19@mitch>
Dec 8 10:15:54 mail postfix/qmgr[11802]: AED096D4031: from=<mshanley@coloradoonly.com>, size=3761, nrcpt=1 (queue active)
Dec 8 10:15:54 mail amavis[9828]: (09828-01) ESMTP::10024 /opt/zimbra/data/amavisd/tmp/amavis-20091208T101554-09828: <mshanley@coloradoonly.com> -> <shon@therosterdenver.com> SIZE=3761 Received: from mail.coloradoonly.com ([127.0.0.1]) by localhost (mail.coloradoonly.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for <shon@therosterdenver.com>; Tue, 8 Dec 2009 10:15:54 -0700 (MST)
Dec 8 10:15:54 mail amavis[9828]: (09828-01) Checking: HJTYXKWQNfHr [192.168.1.1] <mshanley@coloradoonly.com> -> <shon@therosterdenver.com>
Dec 8 10:15:55 mail postfix/smtpd[3802]: connect from localhost.localdomain[127.0.0.1]
Dec 8 10:15:55 mail postfix/smtpd[3802]: 444ED6D4034: client=localhost.localdomain[127.0.0.1]
Dec 8 10:15:55 mail postfix/cleanup[3798]: 444ED6D4034: message-id=<A6248FF454D3497DBAED652AFAA8DC19@mitch>
Dec 8 10:15:55 mail postfix/qmgr[11802]: 444ED6D4034: from=<mshanley@coloradoonly.com>, size=4238, nrcpt=1 (queue active)
Dec 8 10:15:55 mail amavis[9828]: (09828-01) FWD via SMTP: <mshanley@coloradoonly.com> -> <shon@therosterdenver.com>,BODY=7BIT 250 2.0.0 Ok, id=09828-01, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 444ED6D4034
Dec 8 10:15:55 mail amavis[9828]: (09828-01) Passed CLEAN, LOCAL [192.168.1.1] [192.168.1.1] <mshanley@coloradoonly.com> -> <shon@therosterdenver.com>, Message-ID: <A6248FF454D3497DBAED652AFAA8DC19@mitch>, mail_id: HJTYXKWQNfHr, Hits: -4.398, size: 3761, queued_as: 444ED6D4034, 562 ms
Dec 8 10:15:55 mail postfix/smtp[3799]: AED096D4031: to=<shon@therosterdenver.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.6, delays=0.03/0.01/0.01/0.56, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=09828-01, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 444ED6D4034)
Dec 8 10:15:55 mail postfix/qmgr[11802]: AED096D4031: removed
Dec 8 10:15:55 mail amavis[9828]: (09828-01) extra modules loaded: /opt/zimbra/zimbramon/lib/x86_64-linux-gnu-thread-multi/auto/Net/SSLeay/autosplit.ix, /opt/zimbra/zimbramon/lib/x86_64-linux-gnu-thread-multi/auto/Net/SSLeay/randomize.al, IO/Socket/SSL.pm, Net/LDAP/Extension.pm, Net/SSLeay.pm
Dec 8 10:15:56 mail postfix/smtp[3803]: 444ED6D4034: to=<shon@therosterdenver.com>, relay=ASPMX.L.GOOGLE.com[209.85.210.31]:25, delay=1.3, delays=0.02/0.01/0.34/0.93, dsn=2.0.0, status=sent (250 2.0.0 OK 1260293113 39si12662466yxe.37)
Dec 8 10:15:56 mail postfix/qmgr[11802]: 444ED6D4034: removed
Dec 8 10:15:57 mail postfix/smtpd[3795]: disconnect from unknown[192.168.1.1]
Dec 8 10:15:57 mail postfix/smtpd[2425]: connect from mail-px0-f193.google.com[209.85.216.193]
Dec 8 10:16:00 mail postfix/smtpd[2425]: 2BEE06D4031: client=mail-px0-f193.google.com[209.85.216.193]
Dec 8 10:16:03 mail postfix/cleanup[3798]: 2BEE06D4031: message-id=<A6248FF454D3497DBAED652AFAA8DC19@mitch>
Dec 8 10:16:03 mail postfix/qmgr[11802]: 2BEE06D4031: from=<shon+caf_=mshanley=coloradoonly.com@theroste r.com>, size=5602, nrcpt=1 (queue active)
Dec 8 10:16:03 mail amavis[9832]: (09832-01) ESMTP::10024 /opt/zimbra/data/amavisd/tmp/amavis-20091208T101603-09832: <shon+caf_=mshanley=coloradoonly.com@theroster.com > -> <mshanley@coloradoonly.com> SIZE=5602 Received: from mail.coloradoonly.com ([127.0.0.1]) by localhost (mail.coloradoonly.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for <mshanley@coloradoonly.com>; Tue, 8 Dec 2009 10:16:03 -0700 (MST)
Dec 8 10:16:03 mail amavis[9832]: (09832-01) Checking: Fc4nheQfQW9u [209.85.216.193] <shon+caf_=mshanley=coloradoonly.com@theroster.com > -> <mshanley@coloradoonly.com>
Dec 8 10:16:06 mail zmmailboxdmgr[4135]: status requested
Dec 8 10:16:06 mail zmmailboxdmgr[4135]: status OK
Dec 8 10:16:07 mail postfix/smtpd[4243]: connect from localhost.localdomain[127.0.0.1]
Dec 8 10:16:07 mail postfix/smtpd[4243]: 157636D4034: client=localhost.localdomain[127.0.0.1]
Dec 8 10:16:07 mail postfix/cleanup[3798]: 157636D4034: message-id=<A6248FF454D3497DBAED652AFAA8DC19@mitch>
Dec 8 10:16:07 mail postfix/qmgr[11802]: 157636D4034: from=<shon+caf_=mshanley=coloradoonly.com@theroste r.com>, size=6281, nrcpt=1 (queue active)
Dec 8 10:16:07 mail amavis[9832]: (09832-01) FWD via SMTP: <shon+caf_=mshanley=coloradoonly.com@theroster.com > -> <mshanley@coloradoonly.com>,BODY=7BIT 250 2.0.0 Ok, id=09832-01, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 157636D4034
Dec 8 10:16:07 mail amavis[9832]: (09832-01) Passed CLEAN, [209.85.216.193] [173.8.226.219] <shon+caf_=mshanley=coloradoonly.com@theroster.com > -> <mshanley@coloradoonly.com>, Message-ID: <A6248FF454D3497DBAED652AFAA8DC19@mitch>, mail_id: Fc4nheQfQW9u, Hits: -3.416, size: 5600, queued_as: 157636D4034, 4053 ms
Dec 8 10:16:07 mail postfix/smtp[3799]: 2BEE06D4031: to=<mshanley@coloradoonly.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=9, delays=4.9/0/0.01/4, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=09832-01, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 157636D4034)
Dec 8 10:16:07 mail postfix/qmgr[11802]: 2BEE06D4031: removed
Dec 8 10:16:07 mail amavis[9832]: (09832-01) extra modules loaded: /opt/zimbra/zimbramon/lib/x86_64-linux-gnu-thread-multi/auto/Net/SSLeay/autosplit.ix, /opt/zimbra/zimbramon/lib/x86_64-linux-gnu-thread-multi/auto/Net/SSLeay/randomize.al, IO/Socket/SSL.pm, Net/LDAP/Extension.pm, Net/SSLeay.pm
Dec 8 10:16:07 mail postfix/lmtp[4244]: 157636D4034: to=<mshanley@coloradoonly.com>, relay=mail.coloradoonly.com[192.168.1.5]:7025, delay=0.14, delays=0.01/0.02/0/0.1, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)
Dec 8 10:16:07 mail postfix/qmgr[11802]: 157636D4034: removed
Dec 8 10:16:33 mail postfix/smtpd[2425]: disconnect from mail-px0-f193.google.com[209.85.216.193]
Dec 8 10:16:41 mail sshd[5270]: Accepted password for root from 192.168.1.128 port 2592 ssh2

[mshanley]

shon+caf_=mshanley=coloradoonly.com@theroster.com

i am seeing this as an e-mail address..
what the heck is going on.. i am not sending to this address

top 50 Senders by message size
------------------------------
42474 shon+caf_=mshanley=coloradoonly.com@theroster.com