Preventing '{Disarmed}' from being added to outgoing messages
Posted: 28 Jan 2021, 15:36
Hi, All,
MailScanner v5.3.3
ConfigServer MailScanner Script v5.02
MailScanner Front-Ind v9.07
ConfigServer Security & Firewall v14.08
Not sure exactly when this started, but certain outbound mails to them are being marked "Disarmed".
Have:
(Sending and receiving domains are on the same VPS, so the message never actually left the host. It's definitely us adding the info.)
Here are some relevant Mailscanner headers in the test message (munged for identity as noted):
X-MailScanner-Information: Please contact <munged> for more information.
X-MailScanner-ID: <munged>
X-MailScanner: Found to be clean
X-MailScanner-SpamCheck: not spam (whitelisted),
SpamAssassin (not cached, score=1.581, required 5, ALL_TRUSTED -1.00,
AWL 0.01, BAYES_50 0.80, HTML_MESSAGE 0.00,
HTML_OBFUSCATE_05_10 0.26, KAM_DMARC_QUARANTINE 1.50,
KAM_DMARC_STATUS 0.01, URIBL_BLOCKED 0.00)
X-MailScanner-From: <munged - (whitelisted address from above)>
X-Spam-Status: No
There is some html in the message in the form of a signature with an embedded base64 company logo, but as the sender and ip are whitelisted, not sure that's relevant.
What else can I do to prevent these valid outgoing messages from being marked as "{Disarmed}" ?
Thank you!
--
Carl
MailScanner v5.3.3
ConfigServer MailScanner Script v5.02
MailScanner Front-Ind v9.07
ConfigServer Security & Firewall v14.08
Not sure exactly when this started, but certain outbound mails to them are being marked "Disarmed".
Have:
- whitelisted the sending IP in both /etc/csf.allow and /etc/csf.ignore
- Restarted CSF
- whitelisted the sending email address in /usr/mailscanner/etc/rules/spam.whitelist.rules
- Reloaded rulesets and restarted MailScanner
(Sending and receiving domains are on the same VPS, so the message never actually left the host. It's definitely us adding the info.)
Here are some relevant Mailscanner headers in the test message (munged for identity as noted):
X-MailScanner-Information: Please contact <munged> for more information.
X-MailScanner-ID: <munged>
X-MailScanner: Found to be clean
X-MailScanner-SpamCheck: not spam (whitelisted),
SpamAssassin (not cached, score=1.581, required 5, ALL_TRUSTED -1.00,
AWL 0.01, BAYES_50 0.80, HTML_MESSAGE 0.00,
HTML_OBFUSCATE_05_10 0.26, KAM_DMARC_QUARANTINE 1.50,
KAM_DMARC_STATUS 0.01, URIBL_BLOCKED 0.00)
X-MailScanner-From: <munged - (whitelisted address from above)>
X-Spam-Status: No
There is some html in the message in the form of a signature with an embedded base64 company logo, but as the sender and ip are whitelisted, not sure that's relevant.
What else can I do to prevent these valid outgoing messages from being marked as "{Disarmed}" ?
Thank you!
--
Carl