Hy,

i'm running Plesk psa v8.2.1_build82070918.10 os_CentOS 5.

I have installed clamd spamassassin and qmail-scanner from ART repository. All works fine except for the option SA_REJECT in qmail-scanner.

If I set it on yes:

SA_DELETE="5"
SA_REJECT="yes"

The e-mail is not correctly reject but on remote server i have this error:

@4000000048da126b213aa144 delivery 127151: deferral: Connected_to_150.49.17.238_but_connection_died._Possible_duplicate!_error:1408F10B:SSL_routines:SSL3_GET_RECORD:wrong_version_number_(#4.4.2)/

instead of this: "We have reasons to believe this mail is SPAM (#5.7.1)"

Need qmail a special patch to works with SA_REJECT="yes"?

Thanks

This is the log of qmail-scanner:

Wed, 24 Sep 2008 12:37:25 CEST:6443: +++ starting debugging for process 6443 (ppid=5628) by uid=10003
Wed, 24 Sep 2008 12:37:25 CEST:6443: s_q: re-create the quarantine version file
Wed, 24 Sep 2008 12:37:25 CEST:6443: s_q: cleaning up files older than 2 days via /usr/bin/find /var/spool/qscan/tmp -mtime +2 -exec //bin/rm -rf {} ;
Wed, 24 Sep 2008 12:37:25 CEST:6443: s_q: cleaning up quarantined mail older than 14 days via /usr/bin/find /var/spool/qscan/quarantine -type f -mtime +14 -exec //bin/rm -rf {} ;
Wed, 24 Sep 2008 12:37:25 CEST:6443: ------ Process 6443 finished. Total of 0.427347 secs
Wed, 24 Sep 2008 12:37:47 CEST:6454: +++ starting debugging for process 6454 (ppid=6451) by uid=2020
Wed, 24 Sep 2008 12:37:47 CEST:6454: c_a_g: found URL in message - maybe phishy - better scan it
Wed, 24 Sep 2008 12:37:47 CEST:6454: w_c: Total time between DATA command and "." was 0.001907 secs
Wed, 24 Sep 2008 12:37:47 CEST:6454: g_e_h: return-path='info@test.com', recips='alessio@pippo.it'
Wed, 24 Sep 2008 12:37:47 CEST:6454: from='"Alessio" <info@test.com>', subj='test di invio 5', via SMTP from 88-149-163-77.static.ngi.it
Wed, 24 Sep 2008 12:37:47 CEST:6454: s_p_d: /var/spool/qscan/settings_per_domain.db doesn't exist falling to installed scanners
Wed, 24 Sep 2008 12:37:47 CEST:6454: clamdscan: finished scan in 0.006313 secs
Wed, 24 Sep 2008 12:37:47 CEST:6454: SA: yup, this smells like SPAM - hits=1001.6/7.0/12 - message rejected ...
Wed, 24 Sep 2008 12:37:47 CEST:6454: SA: finished scan in 0.19963 secs - hits=1001.6/7.0
Wed, 24 Sep 2008 12:37:47 CEST:6454: r_e: X-Qmail-Scanner-2.02st: We have reasons to believe this mail is SPAM (#5.7.1)
Wed, 24 Sep 2008 12:37:47 CEST:6454: ------ Process 6454 finished. Total of 0.214714 secs

An this from /var/log/messages

Sep 24 12:36:08 server xinetd[3539]: START: smtp pid=5613 from=88.149.163.77
Sep 24 12:36:09 server xinetd[3539]: EXIT: smtp status=0 pid=5613 duration=1(sec)
Sep 24 12:37:21 server clamd[3554]: /tmp/mkt_qs.5632-1222252641/eicar.com: Eicar-Test-Signature FOUND
Sep 24 12:37:46 server xinetd[3539]: START: smtp pid=6451 from=88.149.163.77
Sep 24 12:37:47 server xinetd[3539]: EXIT: smtp status=1 pid=6451 duration=1(sec)

No, thats a message from the other server more or less. Nothing you can do about that one really, its failing on a bad certificate

Hy scoot

thanks for your reply, also if i send with my e-mail client directly to the plesk server with qmail-scanner I get an error. And this is not a standard error.

But on other qmail installation, without plesk, but with qmail scanner mail are alway reject correctly (5.x.x code for a permanente error).

But in effect when I send an e-mail with GTUBE from postfix:

<alessio@test.com>: Protocol error: host mail.gbid.it[XX.XX.XXX.238] said:
X-Qmail-Scanner-2.02st: We have reasons to believe this mail is SPAM
(#5.7.1) 554 mail server permanently rejected message (#5.3.0) (in reply to
end of DATA command)

So now I think that the problem in on other qmail installation (based on shupp.org). But this is very strange because appaens only when i set SA_REJECT on qmail-scanner, anche the e-mail is spam. Sending a normal e-mail will be delivery correctly (with TLS):

X-Qmail-Scanner: 2.02st (Clear:RC:0(XXXXXXXX):SA:0(0.3/7.0):. Processed in 6.042377 secs Process 5756)
Received: from mail.test.com (XXXXXXX)
by server.ausilium.it with (DHE-RSA-AES256-SHA encrypted) SMTP; 24 Sep 2008 15:33:05 +0200
Received: (qmail 1116 invoked by uid 89); 24 Sep 2008 13:33:10 -0000

Have you any suggestions?