There is no field other than X-CTCH-RefID in scanned e-mail header. Is this normal ? I just want to make sure the antispam feature is working properly.
220 centos.coba.local ESMTP PostfixEHLO utm.test.local250-centos.coba.local250-PIPELINING250-SIZE 10240000250-VRFY250-ETRN250-ENHANCEDSTATUSCODES250-8BITMIME250 DSNMAIL FROM:<alice@test.local> SIZE=3117RCPT TO:<hasan@coba.local>DATA250 2.1.0 Ok250 2.1.5 Ok354 End data with <CR><LF>.<CR><LF>Received: from [192.168.100.2] (port=44036 helo=srv2.test.local) by utm.test.local with esmtp (Exim 4.94.2) (envelope-from <alice@test.local>) id 1lqBH8-0001yQ-0E for hasan@coba.local; Mon, 07 Jun 2021 17:10:32 +0800Received: from box (unknown [192.168.100.3]) by srv2.test.local (Postfix) with ESMTP id BB54D1879EF8 for <hasan@coba.local>; Tue, 8 Jun 2021 17:12:52 +0800 (WITA)X-CTCH-RefID: str=0001.0A673410.60BDE288.0010,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0Date: Mon, 7 Jun 2021 17:12:55 +0000From: Alice <alice@test.local>To: hasan@coba.localSubject: Coba 01Message-ID: <20210607171255.05157ee4@box>X-Mailer: Claws Mail 3.17.5 (GTK+ 2.24.32; i686-pc-linux-gnu)MIME-Version: 1.0Content-Type: text/plain; charset=US-ASCIIContent-Transfer-Encoding: 7bit
Good day to you,
I am Mrs.Bella Fishman and i am sending you this mail from my hospitalbed . I know my message will come to you as a surprise. But don'tworry. All i hope is that you will not betray this trust and confidenti am about to impose on you. I thank God for his direction as regardsthis mission. God want me to complete this mission hence, I got yourcontact from the internet through a nursing friend so that you can helpme utilize this wealth the way I am going to instruct herein.
My husband earned these funds, Nine Million Two Hundred ThousandsUnited State Dollars ($9,200,000.00 USD) but he died in a plane crashin 2010 and left everything behind for me and since i will join himsoon due to my ill health. Due to my infertility resulting from medicalproblems I became barren. God has a reason for everything. I would wantyou to contact my lawyer; he will inform you on what to do. Contact himwith the below details:
Barrister Adrian PetersEmail: (barr.adrianp@yahoo.co.uk)Telephone: +447086466341
Ensure to use a greater portion of the funds for its purpose infulfillment of my last wish. Furthermore you will never have anyproblem with the law as far as my lawyer is in concern. The most majorpart you will use to bless Children all over the world .250 2.0.0 Ok: queued as 226F532606QUIT221 2.0.0 Bye
Hi Fauji Ferdiansyah,
Thanks for reaching out to the Community!
What is the current firmware version on your firewall? What do you see in the smtpd logs on your firewall?
The "X-CTCH-RefID" is one of the custom fields added by the firewall which means "This is a value representing the transaction between ctasd and the Datacenter on behalf of the message."
Thanks,
Is there anything that i can do
I'd suggest you update the firmware on your firewall to 9.706. Check out the full release note here: UTM Up2Date 9.706 Released
Hai Fauji and welcome to the UTM Community!
Did Harsh's suggestion fix your problem?
Cheers - Bob
I found another problem. Now the problem is i found this notification on SMTP log :
"spam acl condition: spamd: failed to connect to any address for 127.0.0.1: Connection refused"
and
"spam acl condition: all spamd servers failed"
Of course, i've already updated the firmware.
If this is a paid license or a demo license supplied by a reseller, you will want to get a Support case opened. Someone with experience needs to have eyes on this directly.
Unfortunately i'm using the home edition of the UTM.
In your initial post, you showed the lines used to generate an email at the command line, not the headers of an email. Show us the headers and the lines related to the email from the SMTP log file.
Actually that is the SMTP packet that i've captured before with Wireshark using "Follow the TCP stream" because i'm using GNS3.
This is the latest header of email i've sent.
And this is the line from SMTP log that related to the email above
I think your original problem that caused you to start this thread was caused by what you later found: "spam acl condition: all spamd servers failed"
How does your setup compare to DNS best practice?
Just those what i configured in DNS. You maybe will interested to what i found yesterday. I found this in sasi.log.
sasi.log
Show us pictures of the Edits of the "External Mail" and the "Internal mail server" objects.
Why is "External (Network)" in 'Allowed Networks'?