Return-Path: <Junk@tnt.be>
Received: from mail.tnt.be ([194.78.3.228] verified)
  by mail.tffenterprises.com (CommuniGate Pro SMTP 5.2.14)
  with ESMTP id 13978849 for cgpsa-discuss@mail.tffenterprises.com; Thu, 18 Nov 2010 09:23:28 -0800
Received-SPF: pass
 receiver=mail.tffenterprises.com; client-ip=194.78.3.228; envelope-from=Junk@tnt.be
X-TNT-Attach: Scanned
X-CGP-ClamAV-Result: CLEAN
X-VirusScanner: Niversoft's CGPClamav Helper v1.13 (ClamAV engine v0.96.3)
X-TNT-VirScan1: Scanned
X-TNT-VirScan2: Scanned
Received: from [84.193.34.49] (account junk HELO [192.168.162.108])
  by mail.tnt.be (CommuniGate Pro SMTP 5.1.16)
  with ESMTPA id 21894120 for cgpsa-discuss@mail.tffenterprises.com; Thu, 18 Nov 2010 18:23:06 +0100
Content-Type: text/plain; charset=windows-1252
Mime-Version: 1.0 (Apple Message framework v1082)
Subject: Re: [CGPSA] CGPSA rule for redirect messages
From: "Jona Tallieu (T & T nv)" <Junk@tnt.be>
In-Reply-To: <list-13978829@mail.tffenterprises.com>
Date: Thu, 18 Nov 2010 18:23:08 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <C156B65F-09A9-4F14-902A-D9E3547496CE@tnt.be>
References: <list-13978829@mail.tffenterprises.com>
To: "CGPSA Discussion List" <cgpsa-discuss@mail.tffenterprises.com>
X-Mailer: Apple Mail (2.1082)

The mails do get processed by CGPSA, I can see the CGPSA headers in the =
messages that are delivered to the ISP mailboxes.

The rule that calls CGPSA is rather complex, with lots of exceptions on =
IP's.



Best,


J.


On 18 Nov 2010, at 18:15, Stefan Seiz wrote:

> How does the rule look which you use to call CGPSA in the first place? =
Might
> only trigger on incoming (to your server) messages=8A
>=20
>=20
> On 18.11.10 14:09, Jona Tallieu (T & T nv) <Junk@tnt.be> wrote:
>=20
>> Hi all,
>>=20
>> we're using CGPSA on OSX Server 10.5.8 and CGP 5.1.16 in =
Full-Featured Mode.
>> We now received complaints from a big provider/ISP that we send out =
spam to
>> their servers.
>>=20
>> After examining the headers of those messages, it seems they are all =
messages
>> coming from groups on our server that are configured to redirect mail =
to a
>> mailbox at that provider.
>>=20
>> we have added the domainname of the people who forward their mail =
using the
>> groups into the "scan_domains" list in the CGPSA config file.
>> Now I'm trying to catch all the messages that are spam into a central
>> quarantine mailbox.
>>=20
>> I'm using this rule:
>>=20
>> (
>>      ("Header Field", is, "X-Autogenerated: group"),
>>      ("Header Field", is, "X-Spam-Flag: YES"),
>>      (
>>        "Header Field",
>>        in,
>>        "X-Spam-Checker-Version: mailscanner"
>>      )
>>    ),
>>    (("Store in", "~spambox@domain.com/QUARAN"), (Discard))
>>  ),=20
>>=20
>>=20
>> But it does not work.
>> If I look at the headers of those messages delivered in the mailbox =
of the
>> provider, we can see that there is a X-Spam-Flag: YES header added by =
CGPSA.
>>=20
>> Any ideas what I'm missing?
>>=20