No Mails in Mail Manager since Update 9.706-9

What do you see on the 'SMTP Log' tab, Wolfgang?  What result do you get from the following?

     du -shx /var/chroot-smtp/spool/quarantine/*

Cheers - Bob

Hi Bob,

here we go:

/root # du -shx /var/chroot-smtp/spool/quarantine/*

252K /var/chroot-smtp/spool/quarantine/0
0 /var/chroot-smtp/spool/quarantine/quarantine.lock

Definitely from the complete SMTP log file Wolfgang.

Cheers - Bob

Ok, here we go, if you need more let me know:

2021:06:23-21:31:27 matrix exim-in[11289]: 2021-06-23 21:31:27 SMTP connection from [199.116.112.134]:56350 (TCP/IP connection count = 1)
2021:06:23-21:31:29 matrix exim-in[1441]: 2021-06-23 21:31:29 H=srv5.sevaa.com [199.116.112.134]:56350 Warning: Exception matched: Skipping greylisting for this message
2021:06:23-21:31:29 matrix exim-in[1441]: 2021-06-23 21:31:29 H=srv5.sevaa.com [199.116.112.134]:56350 Warning: domain.net profile excludes SANDBOX scan
2021:06:23-21:31:29 matrix exim-in[1441]: 2021-06-23 21:31:29 [199.116.112.134] F=<julianhernandez@onemoresponsor.com> R=<mail@goes.here> Verifying recipient address with callout
2021:06:23-21:31:30 matrix exim-in[1441]: 2021-06-23 21:31:30 1lw8av-0000NF-12 sasi reports probability: 0.109877, version: Antispam-Engine: 4.1.4, AntispamData: 2021.6.23.190316
2021:06:23-21:31:30 matrix exim-in[1441]: 2021-06-23 21:31:30 1lw8av-0000NF-12 <= julianhernandez@onemoresponsor.com H=srv5.sevaa.com [199.116.112.134]:56350 P=esmtps X=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no S=4532 id=E1lw8ap-00Fent-Lm@srv5.sevaa.com
2021:06:23-21:31:30 matrix exim-in[1441]: 2021-06-23 21:31:30 SMTP connection from srv5.sevaa.com [199.116.112.134]:56350 closed by QUIT
2021:06:23-21:31:31 matrix smtpd[11283]: QMGR[11283]: 1lw8av-0000NF-12 moved to work queue
2021:06:23-21:31:40 matrix smtpd[1459]: SCANNER[1459]: 1lw8b6-0000NX-5E <= julianhernandez@onemoresponsor.com R=1lw8av-0000NF-12 P=INPUT S=984
2021:06:23-21:31:40 matrix smtpd[1459]: SCANNER[1459]: id="1000" severity="info" sys="SecureMail" sub="smtp" name="email passed" srcip="199.116.112.134" from="julianhernandez@onemoresponsor.com" to="mail@goes.here" subject="Ein halb Steifer kommt sicher nicht gut an" queueid="1lw8b6-0000NX-5E" size="984"
2021:06:23-21:31:40 matrix smtpd[1459]: SCANNER[1459]: 1lw8av-0000NF-12 => work R=SCANNER T=SCANNER
2021:06:23-21:31:40 matrix smtpd[1459]: SCANNER[1459]: 1lw8av-0000NF-12 Completed
2021:06:23-21:31:40 matrix exim-out[1462]: 2021-06-23 21:31:40 1lw8b6-0000NX-5E => mail@goes.here P=<julianhernandez@onemoresponsor.com> R=static_route_hostlist T=static_smtp H=000.000.000.000 [000.000.000.000]:25 X=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no C="250 2.0.0 Ok: queued as 55A2CF60353"
2021:06:23-21:31:40 matrix exim-out[1462]: 2021-06-23 21:31:40 1lw8b6-0000NX-5E Completed

next:

21:06:23-20:23:43 matrix exim-in[24981]: 2021-06-23 20:23:43 [141.94.34.22] F=<return-dyn_mlid-dyncluster_iii20210623ca2027333-26817-426ab3=2@princeton.bounces.news.wahrmailler.de> R=<mail@goes.here> Verifying recipient address with callout
2021:06:23-20:23:44 matrix exim-in[24981]: 2021-06-23 20:23:44 1lw7XM-0006Uv-02 sasi reports probability: 0.129995, version: Antispam-Engine: 4.1.4, AntispamData: 2021.6.23.174216
2021:06:23-20:23:44 matrix exim-in[24981]: 2021-06-23 20:23:44 1lw7XM-0006Uv-02 Greylisting: Greylisted 141.94.34.22
2021:06:23-20:23:44 matrix exim-in[24981]: [1\72] 2021-06-23 20:23:44 1lw7XM-0006Uv-02 H=smtp117-023.beyond-mta.de [141.94.34.22]:54833 X=TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=no F=<return-dyn_mlid-dyncluster_iii20210623ca2027333-26817-426ab3=2@princeton.bounces.news.wahrmailler.de> temporarily rejected after DATA: Temporary local problem, please try again!
2021:06:23-20:23:44 matrix exim-in[24981]: [2\72] Envelope-from: <return-dyn_mlid-dyncluster_iii20210623ca2027333-26817-426ab3=2@princeton.bounces.news.wahrmailler.de>
2021:06:23-20:23:44 matrix exim-in[24981]: [3\72] Envelope-to: <mail@goes.here>
2021:06:23-20:23:44 matrix exim-in[24981]: [4\72] P Received: from smtp117-023.beyond-mta.de ([141.94.34.22]:54833)
2021:06:23-20:23:44 matrix exim-in[24981]: [5\72] by domain.here.net with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
2021:06:23-20:23:44 matrix exim-in[24981]: [6\72] (Exim 4.94.2)
2021:06:23-20:23:44 matrix exim-in[24981]: [7\72] (envelope-from <return-dyn_mlid-dyncluster_iii20210623ca2027333-26817-426ab3=2@princeton.bounces.news.wahrmailler.de>)
2021:06:23-20:23:44 matrix exim-in[24981]: [8\72] id 1lw7XM-0006Uv-02
2021:06:23-20:23:44 matrix exim-in[24981]: [9\72] for mail@goes.here; Wed, 23 Jun 2021 20:23:44 +0200
2021:06:23-20:23:44 matrix exim-in[24981]: [10\72] X-SASI-Hits: BODYTEXTH_SIZE_3000_MORE 0.000000, BODY_SIZE_10000_PLUS 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [11\72] CTYPE_JUST_HTML 0.847999, DKIM_ALIGNS 0.000000, DKIM_SIGNATURE 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [12\72] FONT_STYLE_0PT 0.000000, FROM_NAME_PHRASE 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [13\72] HREF_LABEL_TEXT_NO_URI 0.000000, HTML_90_100 0.100000,
2021:06:23-20:23:44 matrix exim-in[24981]: [14\72] HTML_FONT_INVISIBLE 0.100000, IMGSPAM_TABLE_1 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [15\72] KNOWN_MTA_TFX 0.000000, LINK_TO_IMAGE 0.000000, LIST_HEADER 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [16\72] MIME_LOWER_CASE 0.050000, OBFUSCATION 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [17\72] REPLYTO_FROM_DIFF_ADDY 0.100000, SENDER_NO_AUTH 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [18\72] STYLE_RATWARE_REF 0.000000, SXL_IP_TFX_WM 0.000000, URI_ENDS_IN_PHP 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [19\72] URI_WITH_PATH_ONLY 0.000000, __ANY_URI 0.000000, __BODY_NO_MAILTO 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [20\72] __BODY_TEXT_X4 0.000000, __CP_MEDIA_BODY 0.000000, __CP_URI_IN_BODY 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [21\72] __CT 0.000000, __CTE 0.000000, __CTYPE_HTML 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [22\72] __CTYPE_IS_HTML 0.000000, __DKIM_ALIGNS_1 0.000000, __DKIM_ALIGNS_2 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [23\72] __FROM_NAME_NOT_IN_ADDR 0.000000, __FROM_NAME_NOT_IN_BODY 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [24\72] __HAS_FROM 0.000000, __HAS_HTML 0.000000, __HAS_LIST_HEADER 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [25\72] __HAS_LIST_UNSUBSCRIBE 0.000000, __HAS_MSGID 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [26\72] __HAS_REPLYTO 0.000000, __HIDDEN_HTML_CONTENT 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [27\72] __HREF_LABEL_IMG 0.000000, __HREF_LABEL_TEXT 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [28\72] __HTML_AHREF_TAG 0.000000, __HTML_BAD_END 0.000000, __HTML_BOLD 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [29\72] __HTML_HREF_TAG_X2 0.000000, __HTML_TAG_CENTER 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [30\72] __HTML_TAG_DIV 0.000000, __HTML_TAG_TABLE 0.000000, __HTTPS_URI 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [31\72] __HTTP_IMAGE_TAG 0.000000, __IMGSPAM_TABLE_1 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [32\72] __IMG_THEN_TEXT 0.000000, __LEGIT_LIST_HEADER 0.000000, __MIME_HTML 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [33\72] __MIME_HTML_ONLY 0.000000, __MIME_TEXT_H 0.000000, __MIME_TEXT_H1 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [34\72] __MIME_VERSION 0.000000, __MULTIPLE_URI_HTML 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [35\72] __MULTIPLE_URI_TEXT 0.000000, __SANE_MSGID 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [36\72] __STOCK_PHRASE_7 0.000000, __STYLE_RATWARE 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [37\72] __STYLE_RATWARE_NEG 0.000000, __STYLE_TAG 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [38\72] __TAG_EXISTS_HTML 0.000000, __TO_MALFORMED_2 0.000000, __TO_NO_NAME 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [39\72] __URI_HAS_HYPHEN_USC 0.000000, __URI_IN_BODY 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [40\72] __URI_NOT_IMG 0.000000, __URI_NO_MAILTO 0.000000, __URI_NO_WWW 0.000000,
2021:06:23-20:23:44 matrix exim-in[24981]: [41\72] __URI_NS 0.000000, __URI_WITH_PATH 0.000000
2021:06:23-20:23:44 matrix exim-in[24981]: [42\72] X-SASI-Probability: 13%
2021:06:23-20:23:44 matrix exim-in[24981]: [43\72] X-SASI-RCODE: 200
2021:06:23-20:23:44 matrix exim-in[24981]: [44\72] X-SASI-Version: Antispam-Engine: 4.1.4, AntispamData: 2021.6.23.174216
2021:06:23-20:23:44 matrix exim-in[24981]: [45\72] DKIM-Signature: a=rsa-sha256; bh=a2FwY5Lw3tK8wENUE60iMKz39ODWd+Vu8jradbkAcKo=;
2021:06:23-20:23:44 matrix exim-in[24981]: [46\72] c=relaxed/relaxed; d=news.wahrmailler.de;
2021:06:23-20:23:44 matrix exim-in[24981]: [47\72] h=X-Mailer-Info:Mime-Version:X-Skip:Reply-To:Content-Type:X-Rclientid:X-Groupid:X-Providerid:X-Clientid:X-Brm-Dtag:From:Date:X-Campaignid:X-Rpcampaign:Message-Id:Subject:To:Content-Transfer-Encoding:List-Unsubscribe:X-Messageid:X-Memberid;
2021:06:23-20:23:44 matrix exim-in[24981]: [48\72] s=as; t=1624472623; v=1;
2021:06:23-20:23:44 matrix exim-in[24981]: [49\72] b=MnsvEgHfr04nieMXTSTUyWM0HvadUXJHcWklt724PdcdMehXK2m+cTsM53aiSRBM1G3k57kV
2021:06:23-20:23:44 matrix exim-in[24981]: [50\72] kplIEx86w+bp6/jBgeaAWMcd3368mYU1GTKxLRvAP2bYY8g8Tuler+R7f+GhYarKc9MMxL73FIG
2021:06:23-20:23:44 matrix exim-in[24981]: [51\72] i0pJezWeq0pETMI8YV15A8nA=
2021:06:23-20:23:44 matrix exim-in[24981]: [52\72] X-Mailer-Info: 3.QWeu9VbslGZ.AZ552YsV3c0VmcflWapJDMyEDM2IzMjFmMwIzNzMzM.09mczRXZuB0cjhmch1Wbl5mLuVGd.Imct1yYsFmch1iMwIDN30SMyUTOzkzMyMDOtEDO1UDO1MTLyAjM3MzMz0SM
2021:06:23-20:23:44 matrix exim-in[24981]: [53\72] Mime-Version: 1.0
2021:06:23-20:23:44 matrix exim-in[24981]: [54\72] X-Skip: 0
2021:06:23-20:23:44 matrix exim-in[24981]: [55\72] R Reply-To: reply@inflamesense.de
2021:06:23-20:23:44 matrix exim-in[24981]: [56\72] Content-Type: text/html; charset=utf-8
2021:06:23-20:23:44 matrix exim-in[24981]: [57\72] X-Rclientid: 1000
2021:06:23-20:23:44 matrix exim-in[24981]: [58\72] X-Groupid: 999
2021:06:23-20:23:44 matrix exim-in[24981]: [59\72] X-Providerid: 999
2021:06:23-20:23:44 matrix exim-in[24981]: [60\72] X-Clientid: 20247
2021:06:23-20:23:44 matrix exim-in[24981]: [61\72] X-Brm-Dtag:
2021:06:23-20:23:44 matrix exim-in[24981]: [62\72] F From: "Top-Verkaufspreise in Ihrer Region" <mail@news.wahrmailler.de>
2021:06:23-20:23:44 matrix exim-in[24981]: [63\72] Date: Wed, 23 Jun 2021 20:23:43 +0200
2021:06:23-20:23:44 matrix exim-in[24981]: [64\72] X-Campaignid: 2027333
2021:06:23-20:23:44 matrix exim-in[24981]: [65\72] X-Rpcampaign: brm_2027333
2021:06:23-20:23:44 matrix exim-in[24981]: [66\72] I Message-Id: <1624471915-2027333-1259393238-d3a14955a15e8d6b05ad37b7f48a439a-7dd230@bounces.news.wahrmailler.de>
2021:06:23-20:23:44 matrix exim-in[24981]: [67\72] Subject: Immobilienverkauf: Ist jetzt der richtige Zeitpunkt?
2021:06:23-20:23:44 matrix exim-in[24981]: [68\72] T To: mail@goes.here
2021:06:23-20:23:44 matrix exim-in[24981]: [69\72] Content-Transfer-Encoding: quoted-printable
2021:06:23-20:23:44 matrix exim-in[24981]: [70\72] List-Unsubscribe: <mailto:mail+5-1000-2027333-1259393238-55d2e3c3412eb305c28a184d00525b09@unsubscribe.news.wahrmailler.de>, <news.wahrmailler.de/unsubscribe
2021:06:23-20:23:44 matrix exim-in[24981]: [71\72] X-Messageid: 1855853
2021:06:23-20:23:44 matrix exim-in[24981]: [72/72] X-Memberid: 1259393238
2021:06:23-20:23:44 matrix exim-in[24981]: 2021-06-23 20:23:44 SMTP connection from smtp117-023.beyond-mta.de [141.94.34.22]:54833 closed by QUIT

2021:06:23-20:37:43 matrix exim-in[26157]: 2021-06-23 20:37:43 H=smtp117-105.beyond-mta.de [141.94.34.104]:50015 Warning: domain.net profile excludes SANDBOX scan
2021:06:23-20:37:43 matrix exim-in[26157]: 2021-06-23 20:37:43 [141.94.34.104] F=<return-dyn_mlid-dyncluster_iii20210623ca2027333-26817-426ab3=2@princeton.bounces.news.wahrmailler.de> R=<mail@goes.here> Verifying recipient address with callout
2021:06:23-20:37:44 matrix exim-in[26157]: 2021-06-23 20:37:44 1lw7kt-0006nt-2v sasi reports probability: 0.129995, version: Antispam-Engine: 4.1.4, AntispamData: 2021.6.23.180016
2021:06:23-20:37:44 matrix exim-in[26157]: 2021-06-23 20:37:44 1lw7kt-0006nt-2v Greylisting: Successful greylist retry from 141.94.34.104 (original host was 141.94.34.22/32)
2021:06:23-20:37:44 matrix exim-in[26157]: 2021-06-23 20:37:44 1lw7kt-0006nt-2v <= return-dyn_mlid-dyncluster_iii20210623ca2027333-26817-426ab3=2@princeton.bounces.news.wahrmailler.de H=smtp117-105.beyond-mta.de [141.94.34.104]:50015 P=esmtps X=TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=no S=25566 DKIM=news.wahrmailler.de id=1624471915-2027333-1259393238-d3a14955a15e8d6b05ad37b7f48a439a-7dd230@bounces.news.wahrmailler.de
2021:06:23-20:37:44 matrix exim-in[26157]: 2021-06-23 20:37:44 SMTP connection from smtp117-105.beyond-mta.de [141.94.34.104]:50015 closed by QUIT

The one from  [199.116.112.134] shows "Exception matched" - can you see which Exception might have matched that?

In the past, did the SMTP Proxy quarantine emails from news.wahrmailler.de?

Cheers - Bob

Hi Bob,

The expextion was greylisting for the recipient e-mail.

Exception matched: Skipping greylisting for this message. The skipped greylisting should no issue at all.

No, the proxy never quarantined mail from news.wahrmailler.de. so as workarround i put a blocklist in my postfix mailserver.

But that should not be the solution either...

cheers

How about this, Wolfgang - Show the lines from the log file for similar emails where one before the Up2Date was quarantined and one after the update was not quarantined.

Cheers - Bob

I can't , because i also switched to complete new hardware, because the support told me anti spam does not work anymore with my old hardware.

you can find my post related to that toppic under: spamd not working

I remember that, Wolfgang.  If you still have the old unit, the log files should be accessible.

Cheers - Bob

No i don't have the old unit, because i needed the SSD and some othr parts from it. 

so i made a new install without saving any logfiles, because my idea was, with all new my problems are gone.

well...

Well, round about 700 views of this and no one with the same issue ?

Am i the only one who get's no emails in the mail manger quaratine ?

The first email in your log doesn't appear to have been scanned by anti-spam, Wolfgang, so there must be another Exception that applied.  The second one was scanned and wasn't spam.  There may be an issue with a bad pattern.  If just rebooting didn't solve this, I'd be tempted to re-image from ISO and restore a backup.  Any luck?

Cheers - Bob

The first email in your log doesn't appear to have been scanned by anti-spam, Wolfgang, so there must be another Exception that applied.  The second one was scanned and wasn't spam.  There may be an issue with a bad pattern.  If just rebooting didn't solve this, I'd be tempted to re-image from ISO and restore a backup.  Any luck?

Cheers - Bob