github-starred/sendmailanalyzer
2
0
Fork 0
mirror of https://github.com/darold/sendmailanalyzer.git synced 2026-05-15 22:02:32 -06:00
Code Issues 3 Projects Packages Wiki Activity Actions

[GH-ISSUE #30] Not virus or spam logged in sendmailanalyzer #22

New issue
Closed
opened 2026-05-05 14:59:50 -06:00 by gitea-mirror · 8 comments
gitea-mirror commented 2026-05-05 14:59:50 -06:00
Owner
Copy link

Originally created by @miquelangeld on GitHub (Sep 30, 2015).
Original GitHub issue: https://github.com/darold/sendmailanalyzer/issues/30

Hi, I'm using zimbra. I triggered the antivirus using a EICAR file. Maybe you can help me.

The logs is:

Sep 30 17:01:03 zimbraserver postfix/smtpd[11557]: 535721E1E6C: client=pccenofi35.ldomain.local[192.0.0.135], sasl_method=LOGIN, sasl_username=user@mydomain.test
Sep 30 17:01:03 zimbraserver postfix/smtpd[11557]: message repeated 2 times: [ 535721E1E6C: client=pccenofi35.ldomain.local[192.0.0.135], sasl_method=LOGIN, sasl_username=user@mydomain.test]
Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: 535721E1E6C: message-id=00aa01d0fb90$dea91630$9bfb4290$@mydomain.test
Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: message repeated 2 times: [ 535721E1E6C: message-id=00aa01d0fb90$dea91630$9bfb4290$@mydomain.test]
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 535721E1E6C: from=user@mydomain.test, size=3454, nrcpt=1 (queue active)
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: message repeated 2 times: [ 535721E1E6C: from=user@mydomain.test, size=3454, nrcpt=1 (queue active)]
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: connect from localhost[127.0.0.1]
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: message repeated 2 times: [ connect from localhost[127.0.0.1]]
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: 6CE4E1E1E71: client=localhost[127.0.0.1]
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: message repeated 2 times: [ 6CE4E1E1E71: client=localhost[127.0.0.1]]
Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: 6CE4E1E1E71: message-id=00aa01d0fb90$dea91630$9bfb4290$@mydomain.test
Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: message repeated 2 times: [ 6CE4E1E1E71: message-id=00aa01d0fb90$dea91630$9bfb4290$@mydomain.test]
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: disconnect from localhost[127.0.0.1]
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 6CE4E1E1E71: from=<>, size=4209, nrcpt=1 (queue active)
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: disconnect from localhost[127.0.0.1]
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 6CE4E1E1E71: from=<>, size=4209, nrcpt=1 (queue active)
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: disconnect from localhost[127.0.0.1]
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 6CE4E1E1E71: from=<>, size=4209, nrcpt=1 (queue active)
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: connect from localhost[127.0.0.1]
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: message repeated 2 times: [ connect from localhost[127.0.0.1]]
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: 73C6D1E1E73: client=localhost[127.0.0.1]
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: message repeated 2 times: [ 73C6D1E1E73: client=localhost[127.0.0.1]]
Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: 73C6D1E1E73: message-id=VAl55AbYWopZM9@zimbraserver.ldomain.local
Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: message repeated 2 times: [ 73C6D1E1E73: message-id=VAl55AbYWopZM9@zimbraserver.ldomain.local]
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: disconnect from localhost[127.0.0.1]
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 73C6D1E1E73: from=admin@zimbraserver.ldomain.local, size=2513, nrcpt=1 (queue active)
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: disconnect from localhost[127.0.0.1]
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 73C6D1E1E73: from=admin@zimbraserver.ldomain.local, size=2513, nrcpt=1 (queue active)
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: disconnect from localhost[127.0.0.1]
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 73C6D1E1E73: from=admin@zimbraserver.ldomain.local, size=2513, nrcpt=1 (queue active)
Sep 30 17:01:03 zimbraserver postfix/smtp[20923]: 73C6D1E1E73: to=admin@zimbraserver.ldomain.local, relay=none, delay=0.01, delays=0/0/0/0, dsn=5.4.6, status=bounced (mail for zimbraserver.ldomain.local loops back to myself)
Sep 30 17:01:03 zimbraserver postfix/smtp[20923]: message repeated 2 times: [ 73C6D1E1E73: to=admin@zimbraserver.ldomain.local, relay=none, delay=0.01, delays=0/0/0/0, dsn=5.4.6, status=bounced (mail for zimbraserver.ldomain.local loops back to myself)]
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: connect from localhost[127.0.0.1]
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: message repeated 2 times: [ connect from localhost[127.0.0.1]]
Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: 764B91E1E75: message-id=20150930150103.764B91E1E75@mail.mydomain.test
Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: message repeated 2 times: [ 764B91E1E75: message-id=20150930150103.764B91E1E75@mail.mydomain.test]
Sep 30 17:01:03 zimbraserver postfix/bounce[20924]: 73C6D1E1E73: sender non-delivery notification: 764B91E1E75
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 764B91E1E75: from=<>, size=4492, nrcpt=1 (queue active)
Sep 30 17:01:03 zimbraserver postfix/bounce[20924]: 73C6D1E1E73: sender non-delivery notification: 764B91E1E75
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: 77B3F1E1E74: client=localhost[127.0.0.1]
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 764B91E1E75: from=<>, size=4492, nrcpt=1 (queue active)
Sep 30 17:01:03 zimbraserver postfix/bounce[20924]: 73C6D1E1E73: sender non-delivery notification: 764B91E1E75
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 764B91E1E75: from=<>, size=4492, nrcpt=1 (queue active)
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: 77B3F1E1E74: client=localhost[127.0.0.1]
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: 77B3F1E1E74: client=localhost[127.0.0.1]
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 73C6D1E1E73: removed
Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: 77B3F1E1E74: message-id=VRl55AbYWopZM9@zimbraserver.ldomain.local
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 73C6D1E1E73: removed
Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: 77B3F1E1E74: message-id=VRl55AbYWopZM9@zimbraserver.ldomain.local
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 73C6D1E1E73: removed
Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: 77B3F1E1E74: message-id=VRl55AbYWopZM9@zimbraserver.ldomain.local
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: disconnect from localhost[127.0.0.1]
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: disconnect from localhost[127.0.0.1]
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 77B3F1E1E74: from=admin@zimbraserver.ldomain.local, size=1322, nrcpt=1 (queue active)
Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: disconnect from localhost[127.0.0.1]
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 77B3F1E1E74: from=admin@zimbraserver.ldomain.local, size=1322, nrcpt=1 (queue active)
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 77B3F1E1E74: from=admin@zimbraserver.ldomain.local, size=1322, nrcpt=1 (queue active)
Sep 30 17:01:03 zimbraserver postfix/smtp[20923]: 764B91E1E75: to=admin@zimbraserver.ldomain.local, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=5.4.6, status=bounced (mail for zimbraserver.ldomain.local loops back to myself)
Sep 30 17:01:03 zimbraserver postfix/smtp[20923]: message repeated 2 times: [ 764B91E1E75: to=admin@zimbraserver.ldomain.local, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=5.4.6, status=bounced (mail for zimbraserver.ldomain.local loops back to myself)]
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 764B91E1E75: removed
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: message repeated 2 times: [ 764B91E1E75: removed]
Sep 30 17:01:03 zimbraserver postfix/smtp[20566]: 535721E1E6C: to=user@mydomain.test, relay=127.0.0.1[127.0.0.1]:10026, delay=0.21, delays=0.06/0/0.01/0.14, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=25930-18 - INFECTED: Eicar-Test-Signature)
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 535721E1E6C: removed
Sep 30 17:01:03 zimbraserver postfix/smtp[20566]: 535721E1E6C: to=user@mydomain.test, relay=127.0.0.1[127.0.0.1]:10026, delay=0.21, delays=0.06/0/0.01/0.14, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=25930-18 - INFECTED: Eicar-Test-Signature)
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 535721E1E6C: removed
Sep 30 17:01:03 zimbraserver postfix/smtp[20566]: 535721E1E6C: to=user@mydomain.test, relay=127.0.0.1[127.0.0.1]:10026, delay=0.21, delays=0.06/0/0.01/0.14, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=25930-18 - INFECTED: Eicar-Test-Signature)
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 535721E1E6C: removed
Sep 30 17:01:03 zimbraserver postfix/lmtp[19468]: 77B3F1E1E74: to=user@mydomain.test, relay=svcenmbx01.ldomain.local[192.0.0.21]:7025, delay=0.15, delays=0.01/0/0.09/0.05, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 77B3F1E1E74: removed
Sep 30 17:01:03 zimbraserver postfix/lmtp[19468]: 77B3F1E1E74: to=user@mydomain.test, relay=svcenmbx01.ldomain.local[192.0.0.21]:7025, delay=0.15, delays=0.01/0/0.09/0.05, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)
Sep 30 17:01:03 zimbraserver postfix/lmtp[19468]: 77B3F1E1E74: to=user@mydomain.test, relay=svcenmbx01.ldomain.local[192.0.0.21]:7025, delay=0.15, delays=0.01/0/0.09/0.05, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 77B3F1E1E74: removed
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 77B3F1E1E74: removed
Sep 30 17:01:03 zimbraserver postfix/lmtp[19465]: 6CE4E1E1E71: to=virus-quarantine.xd24kyvo@mydomain.test, relay=svcenmbx01.ldomain.local[192.0.0.21]:7025, delay=0.21, delays=0.02/0/0.1/0.09, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)
Sep 30 17:01:03 zimbraserver postfix/lmtp[19465]: message repeated 2 times: [ 6CE4E1E1E71: to=virus-quarantine.xd24kyvo@mydomain.test, relay=svcenmbx01.ldomain.local[192.0.0.21]:7025, delay=0.21, delays=0.02/0/0.1/0.09, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)]
Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 6CE4E1E1E71: removed

But nothing are listed in sendmailanalyzer's amavis statspage. Same thing with spam.

Sep 30 17:10:30 svcenmta01 postfix/smtpd[11557]: message repeated 2 times: [ disconnect from unknown[192.168.0.17]]
Sep 30 17:10:43 svcenmta01 postfix/smtpd[11557]: connect from pccenofi35.ldomain.local[192.168.0.135]
Sep 30 17:10:43 svcenmta01 postfix/smtpd[11557]: message repeated 2 times: [ connect from pccenofi35.ldomain.local[192.168.0.135]]
Sep 30 17:10:43 svcenmta01 postfix/smtpd[11557]: Anonymous TLS connection established from pccenofi35.ldomain.local[192.168.0.135]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Sep 30 17:10:43 svcenmta01 postfix/smtpd[11557]: message repeated 2 times: [ Anonymous TLS connection established from pccenofi35.ldomain.local[192.168.0.135]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)]
Sep 30 17:10:43 svcenmta01 postfix/smtpd[11557]: NOQUEUE: filter: RCPT from pccenofi35.ldomain.local[192.168.0.135]: user@mydomain.test: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from=user@mydomain.test to=user@mydomain.test proto=ESMTP helo=
Sep 30 17:10:43 svcenmta01 postfix/smtpd[11557]: message repeated 2 times: [ NOQUEUE: filter: RCPT from pccenofi35.ldomain.local[192.168.0.135]: user@mydomain.test: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from=user@mydomain.test to=user@mydomain.test proto=ESMTP helo=]
Sep 30 17:10:43 svcenmta01 postfix/smtpd[11557]: CDBF11E1E6C: client=pccenofi35.ldomain.local[192.168.0.135], sasl_method=LOGIN, sasl_username=user@mydomain.test
Sep 30 17:10:43 svcenmta01 postfix/smtpd[11557]: message repeated 2 times: [ CDBF11E1E6C: client=pccenofi35.ldomain.local[192.168.0.135], sasl_method=LOGIN, sasl_username=user@mydomain.test]
Sep 30 17:10:43 svcenmta01 postfix/cleanup[26180]: CDBF11E1E6C: message-id=00b701d0fb92$38aa5b70$a9ff1250$@mydomain.test
Sep 30 17:10:43 svcenmta01 postfix/cleanup[26180]: message repeated 2 times: [ CDBF11E1E6C: message-id=00b701d0fb92$38aa5b70$a9ff1250$@mydomain.test]
Sep 30 17:10:43 svcenmta01 postfix/qmgr[15025]: CDBF11E1E6C: from=user@mydomain.test, size=3499, nrcpt=1 (queue active)
Sep 30 17:10:43 svcenmta01 postfix/qmgr[15025]: message repeated 2 times: [ CDBF11E1E6C: from=user@mydomain.test, size=3499, nrcpt=1 (queue active)]
Sep 30 17:10:43 svcenmta01 postfix/dkimmilter/smtpd[26184]: connect from localhost[127.0.0.1]
Sep 30 17:10:43 svcenmta01 postfix/dkimmilter/smtpd[26184]: message repeated 2 times: [ connect from localhost[127.0.0.1]]
Sep 30 17:10:43 svcenmta01 postfix/dkimmilter/smtpd[26184]: E82171E1E71: client=localhost[127.0.0.1]
Sep 30 17:10:43 svcenmta01 postfix/dkimmilter/smtpd[26184]: message repeated 2 times: [ E82171E1E71: client=localhost[127.0.0.1]]
Sep 30 17:10:43 svcenmta01 postfix/cleanup[26180]: E82171E1E71: message-id=00b701d0fb92$38aa5b70$a9ff1250$@mydomain.test
Sep 30 17:10:43 svcenmta01 postfix/cleanup[26180]: message repeated 2 times: [ E82171E1E71: message-id=00b701d0fb92$38aa5b70$a9ff1250$@mydomain.test]
Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: E82171E1E71: from=user@mydomain.test, size=3961, nrcpt=1 (queue active)
Sep 30 17:10:44 svcenmta01 postfix/dkimmilter/smtpd[26184]: disconnect from localhost[127.0.0.1]
Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: E82171E1E71: from=user@mydomain.test, size=3961, nrcpt=1 (queue active)
Sep 30 17:10:44 svcenmta01 postfix/dkimmilter/smtpd[26184]: disconnect from localhost[127.0.0.1]
Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: E82171E1E71: from=user@mydomain.test, size=3961, nrcpt=1 (queue active)
Sep 30 17:10:44 svcenmta01 postfix/dkimmilter/smtpd[26184]: disconnect from localhost[127.0.0.1]
Sep 30 17:10:44 svcenmta01 postfix/smtp[26181]: CDBF11E1E6C: to=user@mydomain.test, relay=127.0.0.1[127.0.0.1]:10026, delay=0.26, delays=0.07/0/0/0.18, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10030): 250 2.0.0 Ok: queued as E82171E1E71)
Sep 30 17:10:44 svcenmta01 postfix/smtp[26181]: message repeated 2 times: [ CDBF11E1E6C: to=user@mydomain.test, relay=127.0.0.1[127.0.0.1]:10026, delay=0.26, delays=0.07/0/0/0.18, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10030): 250 2.0.0 Ok: queued as E82171E1E71)]
Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: CDBF11E1E6C: removed
Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: message repeated 2 times: [ CDBF11E1E6C: removed]
Sep 30 17:10:44 svcenmta01 postfix/amavisd/smtpd[26191]: connect from localhost[127.0.0.1]
Sep 30 17:10:44 svcenmta01 postfix/amavisd/smtpd[26191]: message repeated 2 times: [ connect from localhost[127.0.0.1]]
Sep 30 17:10:44 svcenmta01 postfix/amavisd/smtpd[26191]: C71221E1E6C: client=localhost[127.0.0.1]
Sep 30 17:10:44 svcenmta01 postfix/amavisd/smtpd[26191]: message repeated 2 times: [ C71221E1E6C: client=localhost[127.0.0.1]]
Sep 30 17:10:44 svcenmta01 postfix/cleanup[26180]: C71221E1E6C: message-id=SAJkJUB99JO4Fh@svcenmta01.ldomain.local
Sep 30 17:10:44 svcenmta01 postfix/cleanup[26180]: message repeated 2 times: [ C71221E1E6C: message-id=SAJkJUB99JO4Fh@svcenmta01.ldomain.local]
Sep 30 17:10:44 svcenmta01 postfix/amavisd/smtpd[26191]: disconnect from localhost[127.0.0.1]
Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: C71221E1E6C: from=admin@svcenmta01.ldomain.local, size=4436, nrcpt=1 (queue active)
Sep 30 17:10:44 svcenmta01 postfix/amavisd/smtpd[26191]: disconnect from localhost[127.0.0.1]
Sep 30 17:10:44 svcenmta01 postfix/amavisd/smtpd[26191]: disconnect from localhost[127.0.0.1]
Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: C71221E1E6C: from=admin@svcenmta01.ldomain.local, size=4436, nrcpt=1 (queue active)
Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: C71221E1E6C: from=admin@svcenmta01.ldomain.local, size=4436, nrcpt=1 (queue active)
Sep 30 17:10:44 svcenmta01 postfix/smtp[26187]: E82171E1E71: to=user@mydomain.test, relay=127.0.0.1[127.0.0.1]:10032, delay=0.88, delays=0.08/0/0.01/0.79, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=15303-02 - spam)
Sep 30 17:10:44 svcenmta01 postfix/smtp[26187]: E82171E1E71: to=user@mydomain.test, relay=127.0.0.1[127.0.0.1]:10032, delay=0.88, delays=0.08/0/0.01/0.79, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=15303-02 - spam)
Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: E82171E1E71: removed
Sep 30 17:10:44 svcenmta01 postfix/smtp[26187]: E82171E1E71: to=user@mydomain.test, relay=127.0.0.1[127.0.0.1]:10032, delay=0.88, delays=0.08/0/0.01/0.79, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=15303-02 - spam)
Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: E82171E1E71: removed
Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: E82171E1E71: removed
Sep 30 17:10:44 svcenmta01 postfix/smtp[26192]: C71221E1E6C: to=admin@svcenmta01.ldomain.local, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=5.4.6, status=bounced (mail for svcenmta01.ldomain.local loops back to myself)
Sep 30 17:10:44 svcenmta01 postfix/smtp[26192]: message repeated 2 times: [ C71221E1E6C: to=admin@svcenmta01.ldomain.local, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=5.4.6, status=bounced (mail for svcenmta01.ldomain.local loops back to myself)]
Sep 30 17:10:44 svcenmta01 postfix/cleanup[26180]: CB5D81E1E73: message-id=20150930151044.CB5D81E1E73@mail.mydomain.test
Sep 30 17:10:44 svcenmta01 postfix/cleanup[26180]: message repeated 2 times: [ CB5D81E1E73: message-id=20150930151044.CB5D81E1E73@mail.mydomain.test]
Sep 30 17:10:44 svcenmta01 postfix/bounce[27320]: C71221E1E6C: sender non-delivery notification: CB5D81E1E73
Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: CB5D81E1E73: from=<>, size=6415, nrcpt=1 (queue active)
Sep 30 17:10:44 svcenmta01 postfix/bounce[27320]: C71221E1E6C: sender non-delivery notification: CB5D81E1E73
Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: CB5D81E1E73: from=<>, size=6415, nrcpt=1 (queue active)
Sep 30 17:10:44 svcenmta01 postfix/bounce[27320]: C71221E1E6C: sender non-delivery notification: CB5D81E1E73
Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: CB5D81E1E73: from=<>, size=6415, nrcpt=1 (queue active)
Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: C71221E1E6C: removed
Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: message repeated 2 times: [ C71221E1E6C: removed]
Sep 30 17:10:44 svcenmta01 postfix/smtp[26192]: CB5D81E1E73: to=admin@svcenmta01.ldomain.local, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=5.4.6, status=bounced (mail for svcenmta01.ldomain.local loops back to myself)
Sep 30 17:10:44 svcenmta01 postfix/smtp[26192]: message repeated 2 times: [ CB5D81E1E73: to=admin@svcenmta01.ldomain.local, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=5.4.6, status=bounced (mail for svcenmta01.ldomain.local loops back to myself)]
Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: CB5D81E1E73: removed

Thanks in advance

Originally created by @miquelangeld on GitHub (Sep 30, 2015). Original GitHub issue: https://github.com/darold/sendmailanalyzer/issues/30 Hi, I'm using zimbra. I triggered the antivirus using a EICAR file. Maybe you can help me. The logs is: Sep 30 17:01:03 zimbraserver postfix/smtpd[11557]: 535721E1E6C: client=pccenofi35.ldomain.local[192.0.0.135], sasl_method=LOGIN, sasl_username=user@mydomain.test Sep 30 17:01:03 zimbraserver postfix/smtpd[11557]: message repeated 2 times: [ 535721E1E6C: client=pccenofi35.ldomain.local[192.0.0.135], sasl_method=LOGIN, sasl_username=user@mydomain.test] Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: 535721E1E6C: message-id=<00aa01d0fb90$dea91630$9bfb4290$@mydomain.test> Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: message repeated 2 times: [ 535721E1E6C: message-id=<00aa01d0fb90$dea91630$9bfb4290$@mydomain.test>] Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 535721E1E6C: from=user@mydomain.test, size=3454, nrcpt=1 (queue active) Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: message repeated 2 times: [ 535721E1E6C: from=user@mydomain.test, size=3454, nrcpt=1 (queue active)] Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: connect from localhost[127.0.0.1] Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: message repeated 2 times: [ connect from localhost[127.0.0.1]] Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: 6CE4E1E1E71: client=localhost[127.0.0.1] Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: message repeated 2 times: [ 6CE4E1E1E71: client=localhost[127.0.0.1]] Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: 6CE4E1E1E71: message-id=<00aa01d0fb90$dea91630$9bfb4290$@mydomain.test> Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: message repeated 2 times: [ 6CE4E1E1E71: message-id=<00aa01d0fb90$dea91630$9bfb4290$@mydomain.test>] Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: disconnect from localhost[127.0.0.1] Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 6CE4E1E1E71: from=<>, size=4209, nrcpt=1 (queue active) Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: disconnect from localhost[127.0.0.1] Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 6CE4E1E1E71: from=<>, size=4209, nrcpt=1 (queue active) Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: disconnect from localhost[127.0.0.1] Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 6CE4E1E1E71: from=<>, size=4209, nrcpt=1 (queue active) Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: connect from localhost[127.0.0.1] Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: message repeated 2 times: [ connect from localhost[127.0.0.1]] Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: 73C6D1E1E73: client=localhost[127.0.0.1] Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: message repeated 2 times: [ 73C6D1E1E73: client=localhost[127.0.0.1]] Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: 73C6D1E1E73: message-id=VAl55AbYWopZM9@zimbraserver.ldomain.local Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: message repeated 2 times: [ 73C6D1E1E73: message-id=VAl55AbYWopZM9@zimbraserver.ldomain.local] Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: disconnect from localhost[127.0.0.1] Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 73C6D1E1E73: from=admin@zimbraserver.ldomain.local, size=2513, nrcpt=1 (queue active) Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: disconnect from localhost[127.0.0.1] Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 73C6D1E1E73: from=admin@zimbraserver.ldomain.local, size=2513, nrcpt=1 (queue active) Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: disconnect from localhost[127.0.0.1] Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 73C6D1E1E73: from=admin@zimbraserver.ldomain.local, size=2513, nrcpt=1 (queue active) Sep 30 17:01:03 zimbraserver postfix/smtp[20923]: 73C6D1E1E73: to=admin@zimbraserver.ldomain.local, relay=none, delay=0.01, delays=0/0/0/0, dsn=5.4.6, status=bounced (mail for zimbraserver.ldomain.local loops back to myself) Sep 30 17:01:03 zimbraserver postfix/smtp[20923]: message repeated 2 times: [ 73C6D1E1E73: to=admin@zimbraserver.ldomain.local, relay=none, delay=0.01, delays=0/0/0/0, dsn=5.4.6, status=bounced (mail for zimbraserver.ldomain.local loops back to myself)] Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: connect from localhost[127.0.0.1] Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: message repeated 2 times: [ connect from localhost[127.0.0.1]] Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: 764B91E1E75: message-id=20150930150103.764B91E1E75@mail.mydomain.test Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: message repeated 2 times: [ 764B91E1E75: message-id=20150930150103.764B91E1E75@mail.mydomain.test] Sep 30 17:01:03 zimbraserver postfix/bounce[20924]: 73C6D1E1E73: sender non-delivery notification: 764B91E1E75 Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 764B91E1E75: from=<>, size=4492, nrcpt=1 (queue active) Sep 30 17:01:03 zimbraserver postfix/bounce[20924]: 73C6D1E1E73: sender non-delivery notification: 764B91E1E75 Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: 77B3F1E1E74: client=localhost[127.0.0.1] Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 764B91E1E75: from=<>, size=4492, nrcpt=1 (queue active) Sep 30 17:01:03 zimbraserver postfix/bounce[20924]: 73C6D1E1E73: sender non-delivery notification: 764B91E1E75 Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 764B91E1E75: from=<>, size=4492, nrcpt=1 (queue active) Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: 77B3F1E1E74: client=localhost[127.0.0.1] Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: 77B3F1E1E74: client=localhost[127.0.0.1] Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 73C6D1E1E73: removed Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: 77B3F1E1E74: message-id=VRl55AbYWopZM9@zimbraserver.ldomain.local Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 73C6D1E1E73: removed Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: 77B3F1E1E74: message-id=VRl55AbYWopZM9@zimbraserver.ldomain.local Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 73C6D1E1E73: removed Sep 30 17:01:03 zimbraserver postfix/cleanup[19459]: 77B3F1E1E74: message-id=VRl55AbYWopZM9@zimbraserver.ldomain.local Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: disconnect from localhost[127.0.0.1] Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: disconnect from localhost[127.0.0.1] Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 77B3F1E1E74: from=admin@zimbraserver.ldomain.local, size=1322, nrcpt=1 (queue active) Sep 30 17:01:03 zimbraserver postfix/amavisd/smtpd[17226]: disconnect from localhost[127.0.0.1] Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 77B3F1E1E74: from=admin@zimbraserver.ldomain.local, size=1322, nrcpt=1 (queue active) Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 77B3F1E1E74: from=admin@zimbraserver.ldomain.local, size=1322, nrcpt=1 (queue active) Sep 30 17:01:03 zimbraserver postfix/smtp[20923]: 764B91E1E75: to=admin@zimbraserver.ldomain.local, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=5.4.6, status=bounced (mail for zimbraserver.ldomain.local loops back to myself) Sep 30 17:01:03 zimbraserver postfix/smtp[20923]: message repeated 2 times: [ 764B91E1E75: to=admin@zimbraserver.ldomain.local, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=5.4.6, status=bounced (mail for zimbraserver.ldomain.local loops back to myself)] Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 764B91E1E75: removed Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: message repeated 2 times: [ 764B91E1E75: removed] Sep 30 17:01:03 zimbraserver postfix/smtp[20566]: 535721E1E6C: to=user@mydomain.test, relay=127.0.0.1[127.0.0.1]:10026, delay=0.21, delays=0.06/0/0.01/0.14, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=25930-18 - INFECTED: Eicar-Test-Signature) Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 535721E1E6C: removed Sep 30 17:01:03 zimbraserver postfix/smtp[20566]: 535721E1E6C: to=user@mydomain.test, relay=127.0.0.1[127.0.0.1]:10026, delay=0.21, delays=0.06/0/0.01/0.14, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=25930-18 - INFECTED: Eicar-Test-Signature) Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 535721E1E6C: removed Sep 30 17:01:03 zimbraserver postfix/smtp[20566]: 535721E1E6C: to=user@mydomain.test, relay=127.0.0.1[127.0.0.1]:10026, delay=0.21, delays=0.06/0/0.01/0.14, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=25930-18 - INFECTED: Eicar-Test-Signature) Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 535721E1E6C: removed Sep 30 17:01:03 zimbraserver postfix/lmtp[19468]: 77B3F1E1E74: to=user@mydomain.test, relay=svcenmbx01.ldomain.local[192.0.0.21]:7025, delay=0.15, delays=0.01/0/0.09/0.05, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK) Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 77B3F1E1E74: removed Sep 30 17:01:03 zimbraserver postfix/lmtp[19468]: 77B3F1E1E74: to=user@mydomain.test, relay=svcenmbx01.ldomain.local[192.0.0.21]:7025, delay=0.15, delays=0.01/0/0.09/0.05, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK) Sep 30 17:01:03 zimbraserver postfix/lmtp[19468]: 77B3F1E1E74: to=user@mydomain.test, relay=svcenmbx01.ldomain.local[192.0.0.21]:7025, delay=0.15, delays=0.01/0/0.09/0.05, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK) Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 77B3F1E1E74: removed Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 77B3F1E1E74: removed Sep 30 17:01:03 zimbraserver postfix/lmtp[19465]: 6CE4E1E1E71: to=virus-quarantine.xd24kyvo@mydomain.test, relay=svcenmbx01.ldomain.local[192.0.0.21]:7025, delay=0.21, delays=0.02/0/0.1/0.09, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK) Sep 30 17:01:03 zimbraserver postfix/lmtp[19465]: message repeated 2 times: [ 6CE4E1E1E71: to=virus-quarantine.xd24kyvo@mydomain.test, relay=svcenmbx01.ldomain.local[192.0.0.21]:7025, delay=0.21, delays=0.02/0/0.1/0.09, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)] Sep 30 17:01:03 zimbraserver postfix/qmgr[15025]: 6CE4E1E1E71: removed But nothing are listed in sendmailanalyzer's amavis statspage. Same thing with spam. Sep 30 17:10:30 svcenmta01 postfix/smtpd[11557]: message repeated 2 times: [ disconnect from unknown[192.168.0.17]] Sep 30 17:10:43 svcenmta01 postfix/smtpd[11557]: connect from pccenofi35.ldomain.local[192.168.0.135] Sep 30 17:10:43 svcenmta01 postfix/smtpd[11557]: message repeated 2 times: [ connect from pccenofi35.ldomain.local[192.168.0.135]] Sep 30 17:10:43 svcenmta01 postfix/smtpd[11557]: Anonymous TLS connection established from pccenofi35.ldomain.local[192.168.0.135]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) Sep 30 17:10:43 svcenmta01 postfix/smtpd[11557]: message repeated 2 times: [ Anonymous TLS connection established from pccenofi35.ldomain.local[192.168.0.135]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)] Sep 30 17:10:43 svcenmta01 postfix/smtpd[11557]: NOQUEUE: filter: RCPT from pccenofi35.ldomain.local[192.168.0.135]: user@mydomain.test: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from=user@mydomain.test to=user@mydomain.test proto=ESMTP helo=<PCCENOFI35> Sep 30 17:10:43 svcenmta01 postfix/smtpd[11557]: message repeated 2 times: [ NOQUEUE: filter: RCPT from pccenofi35.ldomain.local[192.168.0.135]: user@mydomain.test: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from=user@mydomain.test to=user@mydomain.test proto=ESMTP helo=<PCCENOFI35>] Sep 30 17:10:43 svcenmta01 postfix/smtpd[11557]: CDBF11E1E6C: client=pccenofi35.ldomain.local[192.168.0.135], sasl_method=LOGIN, sasl_username=user@mydomain.test Sep 30 17:10:43 svcenmta01 postfix/smtpd[11557]: message repeated 2 times: [ CDBF11E1E6C: client=pccenofi35.ldomain.local[192.168.0.135], sasl_method=LOGIN, sasl_username=user@mydomain.test] Sep 30 17:10:43 svcenmta01 postfix/cleanup[26180]: CDBF11E1E6C: message-id=<00b701d0fb92$38aa5b70$a9ff1250$@mydomain.test> Sep 30 17:10:43 svcenmta01 postfix/cleanup[26180]: message repeated 2 times: [ CDBF11E1E6C: message-id=<00b701d0fb92$38aa5b70$a9ff1250$@mydomain.test>] Sep 30 17:10:43 svcenmta01 postfix/qmgr[15025]: CDBF11E1E6C: from=user@mydomain.test, size=3499, nrcpt=1 (queue active) Sep 30 17:10:43 svcenmta01 postfix/qmgr[15025]: message repeated 2 times: [ CDBF11E1E6C: from=user@mydomain.test, size=3499, nrcpt=1 (queue active)] Sep 30 17:10:43 svcenmta01 postfix/dkimmilter/smtpd[26184]: connect from localhost[127.0.0.1] Sep 30 17:10:43 svcenmta01 postfix/dkimmilter/smtpd[26184]: message repeated 2 times: [ connect from localhost[127.0.0.1]] Sep 30 17:10:43 svcenmta01 postfix/dkimmilter/smtpd[26184]: E82171E1E71: client=localhost[127.0.0.1] Sep 30 17:10:43 svcenmta01 postfix/dkimmilter/smtpd[26184]: message repeated 2 times: [ E82171E1E71: client=localhost[127.0.0.1]] Sep 30 17:10:43 svcenmta01 postfix/cleanup[26180]: E82171E1E71: message-id=<00b701d0fb92$38aa5b70$a9ff1250$@mydomain.test> Sep 30 17:10:43 svcenmta01 postfix/cleanup[26180]: message repeated 2 times: [ E82171E1E71: message-id=<00b701d0fb92$38aa5b70$a9ff1250$@mydomain.test>] Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: E82171E1E71: from=user@mydomain.test, size=3961, nrcpt=1 (queue active) Sep 30 17:10:44 svcenmta01 postfix/dkimmilter/smtpd[26184]: disconnect from localhost[127.0.0.1] Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: E82171E1E71: from=user@mydomain.test, size=3961, nrcpt=1 (queue active) Sep 30 17:10:44 svcenmta01 postfix/dkimmilter/smtpd[26184]: disconnect from localhost[127.0.0.1] Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: E82171E1E71: from=user@mydomain.test, size=3961, nrcpt=1 (queue active) Sep 30 17:10:44 svcenmta01 postfix/dkimmilter/smtpd[26184]: disconnect from localhost[127.0.0.1] Sep 30 17:10:44 svcenmta01 postfix/smtp[26181]: CDBF11E1E6C: to=user@mydomain.test, relay=127.0.0.1[127.0.0.1]:10026, delay=0.26, delays=0.07/0/0/0.18, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10030): 250 2.0.0 Ok: queued as E82171E1E71) Sep 30 17:10:44 svcenmta01 postfix/smtp[26181]: message repeated 2 times: [ CDBF11E1E6C: to=user@mydomain.test, relay=127.0.0.1[127.0.0.1]:10026, delay=0.26, delays=0.07/0/0/0.18, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10030): 250 2.0.0 Ok: queued as E82171E1E71)] Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: CDBF11E1E6C: removed Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: message repeated 2 times: [ CDBF11E1E6C: removed] Sep 30 17:10:44 svcenmta01 postfix/amavisd/smtpd[26191]: connect from localhost[127.0.0.1] Sep 30 17:10:44 svcenmta01 postfix/amavisd/smtpd[26191]: message repeated 2 times: [ connect from localhost[127.0.0.1]] Sep 30 17:10:44 svcenmta01 postfix/amavisd/smtpd[26191]: C71221E1E6C: client=localhost[127.0.0.1] Sep 30 17:10:44 svcenmta01 postfix/amavisd/smtpd[26191]: message repeated 2 times: [ C71221E1E6C: client=localhost[127.0.0.1]] Sep 30 17:10:44 svcenmta01 postfix/cleanup[26180]: C71221E1E6C: message-id=SAJkJUB99JO4Fh@svcenmta01.ldomain.local Sep 30 17:10:44 svcenmta01 postfix/cleanup[26180]: message repeated 2 times: [ C71221E1E6C: message-id=SAJkJUB99JO4Fh@svcenmta01.ldomain.local] Sep 30 17:10:44 svcenmta01 postfix/amavisd/smtpd[26191]: disconnect from localhost[127.0.0.1] Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: C71221E1E6C: from=admin@svcenmta01.ldomain.local, size=4436, nrcpt=1 (queue active) Sep 30 17:10:44 svcenmta01 postfix/amavisd/smtpd[26191]: disconnect from localhost[127.0.0.1] Sep 30 17:10:44 svcenmta01 postfix/amavisd/smtpd[26191]: disconnect from localhost[127.0.0.1] Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: C71221E1E6C: from=admin@svcenmta01.ldomain.local, size=4436, nrcpt=1 (queue active) Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: C71221E1E6C: from=admin@svcenmta01.ldomain.local, size=4436, nrcpt=1 (queue active) Sep 30 17:10:44 svcenmta01 postfix/smtp[26187]: E82171E1E71: to=user@mydomain.test, relay=127.0.0.1[127.0.0.1]:10032, delay=0.88, delays=0.08/0/0.01/0.79, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=15303-02 - spam) Sep 30 17:10:44 svcenmta01 postfix/smtp[26187]: E82171E1E71: to=user@mydomain.test, relay=127.0.0.1[127.0.0.1]:10032, delay=0.88, delays=0.08/0/0.01/0.79, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=15303-02 - spam) Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: E82171E1E71: removed Sep 30 17:10:44 svcenmta01 postfix/smtp[26187]: E82171E1E71: to=user@mydomain.test, relay=127.0.0.1[127.0.0.1]:10032, delay=0.88, delays=0.08/0/0.01/0.79, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=15303-02 - spam) Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: E82171E1E71: removed Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: E82171E1E71: removed Sep 30 17:10:44 svcenmta01 postfix/smtp[26192]: C71221E1E6C: to=admin@svcenmta01.ldomain.local, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=5.4.6, status=bounced (mail for svcenmta01.ldomain.local loops back to myself) Sep 30 17:10:44 svcenmta01 postfix/smtp[26192]: message repeated 2 times: [ C71221E1E6C: to=admin@svcenmta01.ldomain.local, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=5.4.6, status=bounced (mail for svcenmta01.ldomain.local loops back to myself)] Sep 30 17:10:44 svcenmta01 postfix/cleanup[26180]: CB5D81E1E73: message-id=20150930151044.CB5D81E1E73@mail.mydomain.test Sep 30 17:10:44 svcenmta01 postfix/cleanup[26180]: message repeated 2 times: [ CB5D81E1E73: message-id=20150930151044.CB5D81E1E73@mail.mydomain.test] Sep 30 17:10:44 svcenmta01 postfix/bounce[27320]: C71221E1E6C: sender non-delivery notification: CB5D81E1E73 Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: CB5D81E1E73: from=<>, size=6415, nrcpt=1 (queue active) Sep 30 17:10:44 svcenmta01 postfix/bounce[27320]: C71221E1E6C: sender non-delivery notification: CB5D81E1E73 Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: CB5D81E1E73: from=<>, size=6415, nrcpt=1 (queue active) Sep 30 17:10:44 svcenmta01 postfix/bounce[27320]: C71221E1E6C: sender non-delivery notification: CB5D81E1E73 Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: CB5D81E1E73: from=<>, size=6415, nrcpt=1 (queue active) Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: C71221E1E6C: removed Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: message repeated 2 times: [ C71221E1E6C: removed] Sep 30 17:10:44 svcenmta01 postfix/smtp[26192]: CB5D81E1E73: to=admin@svcenmta01.ldomain.local, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=5.4.6, status=bounced (mail for svcenmta01.ldomain.local loops back to myself) Sep 30 17:10:44 svcenmta01 postfix/smtp[26192]: message repeated 2 times: [ CB5D81E1E73: to=admin@svcenmta01.ldomain.local, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=5.4.6, status=bounced (mail for svcenmta01.ldomain.local loops back to myself)] Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: CB5D81E1E73: removed Thanks in advance
gitea-mirror commented 2026-05-05 14:59:55 -06:00
Author
Owner
Copy link

@darold commented on GitHub (Sep 30, 2015):

Hi,

Does amavisd send his logs to a separate file? Usually there must be line with "Blocked SPAM" when a virus is detected by amavisd.

Regards

<!-- gh-comment-id:144537792 --> @darold commented on GitHub (Sep 30, 2015): Hi, Does amavisd send his logs to a separate file? Usually there must be line with "Blocked SPAM" when a virus is detected by amavisd. Regards
gitea-mirror commented 2026-05-05 14:59:58 -06:00
Author
Owner
Copy link

@darold commented on GitHub (Sep 30, 2015):

Could you send me your real log (untouched) to my private email I do not understand why you have 3 time the same lines:

Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: E82171E1E71: from=user@mydomain.test, size=3961, nrcpt=1 (queue active)
Sep 30 17:10:44 svcenmta01 postfix/dkimmilter/smtpd[26184]: disconnect from localhost[127.0.0.1]
Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: E82171E1E71: from=user@mydomain.test, size=3961, nrcpt=1 (queue active)
Sep 30 17:10:44 svcenmta01 postfix/dkimmilter/smtpd[26184]: disconnect from localhost[127.0.0.1]
Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: E82171E1E71: from=user@mydomain.test, size=3961, nrcpt=1 (queue active)
Sep 30 17:10:44 svcenmta01 postfix/dkimmilter/smtpd[26184]: disconnect from localhost[127.0.0.1]

This is the same pid and same ID.

<!-- gh-comment-id:144542862 --> @darold commented on GitHub (Sep 30, 2015): Could you send me your real log (untouched) to my private email I do not understand why you have 3 time the same lines: Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: E82171E1E71: from=user@mydomain.test, size=3961, nrcpt=1 (queue active) Sep 30 17:10:44 svcenmta01 postfix/dkimmilter/smtpd[26184]: disconnect from localhost[127.0.0.1] Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: E82171E1E71: from=user@mydomain.test, size=3961, nrcpt=1 (queue active) Sep 30 17:10:44 svcenmta01 postfix/dkimmilter/smtpd[26184]: disconnect from localhost[127.0.0.1] Sep 30 17:10:44 svcenmta01 postfix/qmgr[15025]: E82171E1E71: from=user@mydomain.test, size=3961, nrcpt=1 (queue active) Sep 30 17:10:44 svcenmta01 postfix/dkimmilter/smtpd[26184]: disconnect from localhost[127.0.0.1] This is the same pid and same ID.
gitea-mirror commented 2026-05-05 14:59:59 -06:00
Author
Owner
Copy link

@miquelangeld commented on GitHub (Oct 5, 2015):

Of course, today I will send you the log lines.

<!-- gh-comment-id:145443928 --> @miquelangeld commented on GitHub (Oct 5, 2015): Of course, today I will send you the log lines.
gitea-mirror commented 2026-05-05 15:00:01 -06:00
Author
Owner
Copy link

@miquelangeld commented on GitHub (Oct 5, 2015):

I just send it to you the lines. When the mail system detect virus and spam.

<!-- gh-comment-id:145444824 --> @miquelangeld commented on GitHub (Oct 5, 2015): I just send it to you the lines. When the mail system detect virus and spam.
gitea-mirror commented 2026-05-05 15:00:02 -06:00
Author
Owner
Copy link

@miquelangeld commented on GitHub (Oct 6, 2015):

I had a mistake in my rsyslog configuration, that's why I have the same lines twice. Now it's fixed. But still don't spam or virus metrics

<!-- gh-comment-id:145757013 --> @miquelangeld commented on GitHub (Oct 6, 2015): I had a mistake in my rsyslog configuration, that's why I have the same lines twice. Now it's fixed. But still don't spam or virus metrics
gitea-mirror commented 2026-05-05 15:00:04 -06:00
Author
Owner
Copy link

@darold commented on GitHub (Oct 6, 2015):

Ok, thanks for your help I was able to find the issue. Please download and use latest code from github, last commit f53248c might fix it.

Regards,

<!-- gh-comment-id:145938737 --> @darold commented on GitHub (Oct 6, 2015): Ok, thanks for your help I was able to find the issue. Please download and use latest code from github, last commit f53248c might fix it. Regards,
gitea-mirror commented 2026-05-05 15:00:05 -06:00
Author
Owner
Copy link

@miquelangeld commented on GitHub (Oct 7, 2015):

Thanks! I try it right now. I keep you informed

<!-- gh-comment-id:146139295 --> @miquelangeld commented on GitHub (Oct 7, 2015): Thanks! I try it right now. I keep you informed
gitea-mirror commented 2026-05-05 15:00:08 -06:00
Author
Owner
Copy link

@miquelangeld commented on GitHub (Oct 7, 2015):

Works perfectly, now i can see both metrics! Thank you so much!

<!-- gh-comment-id:146158360 --> @miquelangeld commented on GitHub (Oct 7, 2015): Works perfectly, now i can see both metrics! Thank you so much!
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
v9.4
v9.3
v9.2
v9.1
v9.0
Labels
Clear labels   
enhancement

   
pull-request

Mirrored from GitHub Pull Request

No labels
enhancement
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/sendmailanalyzer#22
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?