This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Does your spam check have intermittent failures?

I have recently discovered the following error messages appearing together in my spam filter logs:

  •  spam acl condition: cannot parse spamd output
  •  Warning: ACL "warn" statement skipped: condition test deferred

When this occurs, the antispam check is skipped - there is not "ctasd results" message -- so the message will be allowed unless a static rule causes it to be blocked anyway.

It does not happen very often but it has happened on enough days during the last 2 months to get me worried.

I have a case open with support, but of course Level 1 has no idea what it means.  I expect to have trouble with escalation because I am running version 9.506-2, which I consider the "most recent stable release".   

So I am asking others in this forum to search their spam logs, see if they are also seeing this message.   Then please open a support case and summarize your findings here.  



This thread was automatically locked due to age.
Parents
  • Interesting, Doug.  An example  came from 190.153.242.173 (Chile) on 6-10.  There's no rDNS for that IP, but the message was delivered to the server instead of being rejected or quarantined.

    Starting a case now.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • UTM is my secondary spam filter, so all messages come  from the same internal source.  No reason to expect source sensitivity.

  • It's just that both 'Reject invalid HELO / missing RDNS' and 'Do strict RDNS checks' are selected in this UTM.

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply Children
No Data