Hello everyone, I've recently upgraded my server and I followed the instructions "The Perfect Server - Ubuntu 16.04 (Xenial Xerus) with Apache, PHP, MySQL, PureFTPD, BIND, Postfix, Dovecot and ISPConfig 3.1" Everything works fine, except some legit emails are being rejected. when I look at the mail.log I see in front of the rejected email "5.7.1 message content rejected" I've tried everything I could, adding sender to white list, disabling spam, but it seems like none of these changes has any effect what so ever. I no longer get emails from amazon, from my bank and some other sources, even people trying to send me emails, some are being rejected with same error message. I did not have this problem on my old ispconfig 3 setup. How can I fix this ? Thank you, I appreciate the help
Can you post the whole lines? Basically, the each mail should have a message id, so you should grep the mail.log file for that id to fetch all log entries regarding this email.
I'd guess you are hitting header_checks or body_checks; as @sjau said, the log will tell you exactly what's going on (search google or paste an entry or two here if you need help understanding it)
Thanks for replying, Here is an example, I use mail-chimp and I'm not receiving any emails from them. And this is how it appears for pretty much every other legit email being rejected. May 15 12:36:43 server postfix/smtpd[8752]: connect from mail10.mailchimp.com[205.201.133.87] May 15 12:36:43 server postfix/smtpd[8752]: NOQUEUE: filter: RCPT from mail10.mailchimp.com[205.201.133.87]: <bounce-mc.us1_7612.734929-daniel=[email protected]>: Sender address triggers FILTER amavis:[127.0.0.1]:10026; from=<bounce-mc.us1_7612.734929-daniel=[email protected]> to=<[email protected]> proto=ESMTP helo=<mail10.mailchimp.com> May 15 12:36:43 server postfix/smtpd[8752]: NOQUEUE: filter: RCPT from mail10.mailchimp.com[205.201.133.87]: <bounce-mc.us1_7612.734929-daniel=[email protected]>: Sender address triggers FILTER amavis:[127.0.0.1]:10024; from=<bounce-mc.us1_7612.734929-daniel=[email protected]> to=<[email protected]> proto=ESMTP helo=<mail10.mailchimp.com> May 15 12:36:43 server postfix/smtpd[8752]: E6A0815E5BC5: client=mail10.mailchimp.com[205.201.133.87] May 15 12:36:43 server postfix/cleanup[8847]: E6A0815E5BC5: reject: header Received: from (127.0.0.1) by mail10.mailchimp.com id h37chm2akec0 for <[email protected]>; Mon, 15 May 2017 16:36:36 +0000 (envelope-from <bounce-mc.us1_7612.734929-daniel=mydomain.com@mail10 from mail10.mailchimp.com[205.201.133.87]; from=<bounce-mc.us1_7612.734929-daniel=[email protected]> to=<[email protected]> proto=ESMTP helo=<mail10.mailchimp.com>: 5.7.1 message content rejected May 15 12:36:44 server postfix/smtpd[8752]: disconnect from mail10.mailchimp.com[205.201.133.87] ehlo=1 mail=1 rcpt=1 data=0/1 quit=1 commands=4/5 Thank you
So it was rejected due to matching something in a Received: header. What do you have setup in your mail filters?
You've got it! I did have some rules rejecting some domains extension that were spamming some email accounts on my server and looks like it was picking up similar words on the legit emails.. i disabled them and emails that were not coming through started to appear in my inbox. I was heavily spammed from certain domains and I've added the following rules on mail content filter: - Head filter -Regexp. Pattern: /.*\@.*\.stream/ /.*\@.*\.top/ /.*@.*.science/ /.*@.*.us/ Action: reject Disabling these rules means I'll start to see a lot of trash in my inbox again, do you have any suggestion? I really appreciate your help. Thanks.
Try adding to /etc/spamassassin/local.cf: Code: blacklist_uri_host stream blacklist_uri_host top blacklist_uri_host science blacklist_uri_host us .us will have some false positives, you may not want that one (though there sure has been a fair bit of .us spam lately). Train your spam scanner and keep rules up to date. Install postscreen to utilize multiple weighted rbls.
