On Wed, Jul 20, 2016 at 04:14:36PM +0100, Always Learning wrote:
>
> On Tue, 2016-07-19 at 23:06 -0400, Jon LaBadie wrote:
>
> > My nightly logwatch report had a never before seen
> > section last night, "barracuda spam firewall".
>
> Is this a C7 issue, as opposed to C5 or C6 matter ?
>
C7.2, postfix, amavisd, spamassassin, clamav.
> Was the section empty or populated with entries ?
There were 3 pairs of entries:
--------------------- barracuda spam firewall Begin ------------------------
**Unmatched Entries**
Jul 18 10:16:52 mums amavis[4557]: (04557-16) (!)wxxeqBJaeOLR(cxRyepkC7qq6) \
SEND from <> -> <reception025 at jgcomp.com>, \
ENVID=AM.wxxeqBJaeOLR.20160718T141652Z at mums.jgcomp.com BODY=7BIT 550 5.1.1 \
from MTA(smtp:[127.0.0.1]:10025): 550 5.1.1 <reception025 at jgcomp.com>: \
Recipient address rejected: User unknown in local recipient table
Jul 18 10:16:52 mums amavis[4557]: (04557-16) (!)NOTICE: UNABLE TO SEND DSN \
to <reception025 at jgcomp.com>: 550 5.1.1 from MTA(smtp:[127.0.0.1]:10025): \
550 5.1.1 <reception025 at jgcomp.com>: Recipient address rejected: \
User unknown in local recipient table
[ snipped two more pairs for other messages, identical format ]
---------------------- barracuda spam firewall End -------------------------
Scanning two months worth of maillogs, these three entries are the only
ones with "ENVID=AM" and "UNABLE TO SEND DSN".
There were lots of 550 errors (unknown local recipient) but their logfile
entries did not contain the ENVID and DSN comments.
Jon
--
Jon H. LaBadie jon at jgcomp.com
11226 South Shore Rd. (703) 787-0688 (H)
Reston, VA 20190 (703) 935-6720 (C)