Thread Info
  • State Verified Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 35 replies
  • Subscribers 10 subscribers
  • Views 8588 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

9.706 - anti-spam engine changed to SASI

Alexander Busch

One of the changes is that: Email Protection anti-spam engine changed to Sophos Anti-Spam Interface (SASI)

Anybody has experience with that change? Does it effect the rate of recognition? I haven't figured out yet if the Commtouch Advanced Security Daemon (ctasd) is dropped with this or not. And if so aren't the results from cyren no longer used?

Best regards

Alex



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to WolfgangS

    Here we got some more Spam that's comming thru and this one is Bank Phising and not very funny :

    2021:07:21-08:36:50 matrix exim-in[21713]: [1\63] 2021-07-21 08:36:50 1m65qb-0005eD-1y H=m239-7.eu.mailgun.net [185.250.239.7]:61738 X=TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=no F=<bounce+49b234.36bd12-admin=domainname.de@outbound-mg-eu.sportlink-clubsites.nl> temporarily rejected after DATA: Temporary local problem, please try again!
    2021:07:21-08:36:50 matrix exim-in[21713]: [2\63] Envelope-from: <bounce+49b234.36bd12-admin=domainname.de@outbound-mg-eu.sportlink-clubsites.nl>
    2021:07:21-08:36:50 matrix exim-in[21713]: [3\63] Envelope-to: <user@domain.de>
    2021:07:21-08:36:50 matrix exim-in[21713]: [4\63] P Received: from m239-7.eu.mailgun.net ([185.250.239.7]:61738)
    2021:07:21-08:36:50 matrix exim-in[21713]: [5\63] by mail.hostname.net with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
    2021:07:21-08:36:50 matrix exim-in[21713]: [6\63] (Exim 4.94.2)
    2021:07:21-08:36:50 matrix exim-in[21713]: [7\63] (envelope-from <bounce+49b234.36bd12-admin=domainname.de@outbound-mg-eu.sportlink-clubsites.nl>)
    2021:07:21-08:36:50 matrix exim-in[21713]: [8\63] id 1m65qb-0005eD-1y
    2021:07:21-08:36:50 matrix exim-in[21713]: [9\63] for user@domain.de; Wed, 21 Jul 2021 08:36:49 +0200
    2021:07:21-08:36:50 matrix exim-in[21713]: [10\63] X-SASI-Hits: BODYTEXTH_SIZE_3000_MORE 0.000000, BODY_SIZE_10000_PLUS 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [11\63] CTE_BASE64 0.000000, CTYPE_JUST_HTML 0.847999, DKIM_ALIGNS 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [12\63] DKIM_SIGNATURE 0.000000, FONT_STYLE_0PT 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [13\63] FROM_NAME_ONE_WORD 0.050000, HREF_LABEL_TEXT_NO_URI 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [14\63] HREF_LABEL_TEXT_ONLY 0.000000, HTML_50_70 0.100000, KNOWN_MTA_TFX 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [15\63] LINK_TO_IMAGE 0.000000, LIST_HEADER 0.000000, MISSING_HEADERS 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [16\63] SENDER_NO_AUTH 0.000000, SINGLE_HREF_URI_IN_BODY 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [17\63] SUPERLONG_LINE 0.050000, SXL_IP_TFX_WM 0.000000, TO_MALFORMED 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [18\63] URI_ENDS_IN_HTML 0.000000, URI_WITH_PATH_ONLY 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [19\63] UTF8_SUBJ_OBFU 0.100000, __ANY_URI 0.000000, __BODY_NO_MAILTO 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [20\63] __BODY_TEXT_X4 0.000000, __CT 0.000000, __CTE 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [21\63] __CTYPE_HTML 0.000000, __CTYPE_IS_HTML 0.000000, __DKIM_ALIGNS_1 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [22\63] __DKIM_ALIGNS_2 0.000000, __FRAUD_INTRO 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [23\63] __FRAUD_MONEY_CURRENCY 0.000000, __FRAUD_MONEY_CURRENCY_EURO 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [24\63] __FROM_DOMAIN_NOT_IN_BODY 0.000000, __FROM_NAME_NOT_IN_ADDR 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [25\63] __HAS_FROM 0.000000, __HAS_HTML 0.000000, __HAS_MSGID 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [26\63] __HAS_SENDER 0.000000, __HREF_LABEL_TEXT 0.000000, __HTML_AHREF_TAG 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [27\63] __HTML_BAD_END 0.000000, __HTML_TAG_CENTER 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [28\63] __HTML_TAG_IMG_X2 0.000000, __HTML_TAG_TABLE 0.000000, __HTTPS_URI 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [29\63] __IMG_THEN_TEXT 0.000000, __MAL_TELEKOM_FROM_NAME 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [30\63] __MAL_TELEKOM_URI_LABEL 0.000000, __MIME_HTML 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [31\63] __MIME_HTML_ONLY 0.000000, __MIME_TEXT_H 0.000000, __MIME_TEXT_H1 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [32\63] __MIME_VERSION 0.000000, __PHISH_PHRASE2 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [33\63] __PHISH_SPEAR_GREETING 0.000000, __PHISH_SPEAR_STRUCTURE_1 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [34\63] __SANE_MSGID 0.000000, __SUBJ_ALPHA_END 0.000000, __SUBJ_ALPHA_END2 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [35\63] __SUBJ_HIGHBIT 0.000000, __TAG_EXISTS_HTML 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [36\63] __URI_HAS_HYPHEN_USC 0.000000, __URI_IN_BODY 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [37\63] __URI_NOT_IMG 0.000000, __URI_NO_MAILTO 0.000000, __URI_NO_WWW 0.000000,
    2021:07:21-08:36:50 matrix exim-in[21713]: [38\63] __URI_NS 0.000000, __URI_WITH_PATH 0.000000, __UTF8_SUBJ 0.000000
    2021:07:21-08:36:50 matrix exim-in[21713]: [39\63] X-SASI-Probability: 12%
    2021:07:21-08:36:50 matrix exim-in[21713]: [40\63] X-SASI-RCODE: 200
    2021:07:21-08:36:50 matrix exim-in[21713]: [41\63] X-SASI-Version: Antispam-Engine: 4.1.4, AntispamData: 2021.7.21.60915
    2021:07:21-08:36:50 matrix exim-in[21713]: [42\63] DKIM-Signature: a=rsa-sha256; v=1; c=relaxed/relaxed;
    2021:07:21-08:36:50 matrix exim-in[21713]: [43\63] d=outbound-mg-eu.sportlink-clubsites.nl; q=dns/txt; s=email;
    2021:07:21-08:36:50 matrix exim-in[21713]: [44\63] t=1626849409; h=From: Subject: Content-Transfer-Encoding: MIME-Version:
    2021:07:21-08:36:50 matrix exim-in[21713]: [45\63] Content-Type: Date: Message-Id: Sender;
    2021:07:21-08:36:50 matrix exim-in[21713]: [46\63] bh=MBWEIS6gaqSZMw7oEFrGg8ffeVDk4zClNVDbyRk7RHY=; b=KY22tMfOEHHwA2MWa+SXBa5Qmm2lA83cE6rTu7+pUUc8N4JUT0sYnkcRT7HYvW3dnu0fmD6g
    2021:07:21-08:36:50 matrix exim-in[21713]: [47\63] LAVsEMslsedztOxsA/qjGqBunE2ujPMu4+oCKNTYNK0D82umbYN+5oiP85aXpXfEgNhTcUeH
    2021:07:21-08:36:50 matrix exim-in[21713]: [48\63] AXmN7ait3hkqUwvgKawrrmiv9Qo=
    2021:07:21-08:36:50 matrix exim-in[21713]: [49\63] X-Mailgun-Sending-Ip: 185.250.239.7
    2021:07:21-08:36:50 matrix exim-in[21713]: [50\63] X-Mailgun-Sid: WyIzZmVlNyIsICJhZG1pbkBtaW5kc2V0LmRlIiwgIjM2YmQxMiJd
    2021:07:21-08:36:50 matrix exim-in[21713]: [51\63] P Received: from [0.0.147.115] (<unknown> [193.32.164.27]) by
    2021:07:21-08:36:50 matrix exim-in[21713]: [52\63] smtp-out-n02.prod.eu-central-1.postgun.com with SMTP id
    2021:07:21-08:36:50 matrix exim-in[21713]: [53\63] 60f7c080e8fa35afb770266d (version=TLS1.2,
    2021:07:21-08:36:50 matrix exim-in[21713]: [54\63] cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256); Wed, 21 Jul 2021 06:36:48
    2021:07:21-08:36:50 matrix exim-in[21713]: [55\63] GMT
    2021:07:21-08:36:50 matrix exim-in[21713]: [56\63] S Sender: postmaster@outbound-mg-eu.sportlink-clubsites.nl
    2021:07:21-08:36:50 matrix exim-in[21713]: [57\63] I Message-Id: <20210721063648.e8e679633bf32405@outbound-mg-eu.sportlink-clubsites.nl>
    2021:07:21-08:36:50 matrix exim-in[21713]: [58\63] Date: Wed, 21 Jul 2021 06:36:48 +0000
    2021:07:21-08:36:50 matrix exim-in[21713]: [59\63] Content-Type: text/html; charset="utf-8"
    2021:07:21-08:36:50 matrix exim-in[21713]: [60\63] MIME-Version: 1.0
    2021:07:21-08:36:50 matrix exim-in[21713]: [61\63] Content-Transfer-Encoding: base64
    2021:07:21-08:36:50 matrix exim-in[21713]: [62\63] Subject: =?utf-8?q?Unberechtigte_Lastschriften_zur=C3=BCckbuchen?=
    2021:07:21-08:36:50 matrix exim-in[21713]: [63/63] F From: Volksbank <postmaster@outbound-mg-eu.sportlink-clubsites.nl>
    2021:07:21-08:36:50 matrix exim-in[21713]: 2021-07-21 08:36:50 SMTP connection from m239-7.eu.mailgun.net [185.250.239.7]:61738 closed by QUIT

Unfiltered HTML