I tried to figure out from the log, but it seems al ok.
The Mails I'm talking about are undoubtedly good: coming from gmail.com, usual sender, plain text content, nothing special i the body, etc.
Of course I could whitelist the sender, but it makes no sense since I see no cause for the problem and the result is too random.
Thanks.
Lorenzo
Addendum.
I found out something that I think it might be important, but I'm no getting it all the way.
I just received today another of those email that seem OK (marked as green) but are tagged as SPAM.
Here is the SMTP Log
2015:01:14-14:35:13 mail smtpd[18706]: SCANNER[18706]: id="1000" severity="info" sys="SecureMail" sub="smtp" name="email passed" srcip="209.85.192.197" from="info+bncbcmob3657abrba7b3gsqkgqesisxh6y@anthogyr.it" to="lorenzo.raimondi@dentalica.com" subject="Aggiornamento Dati Anagrafici Anthogyr Italia [#372]" queueid="1YBO6L-0004ri-Cu" size="9991"
2015:01:14-14:35:14 mail exim-out[18751]: 2015-01-14 14:35:14 1YBO6L-0004ri-Cu => lorenzo.raimondi@dentalica.com P= R=static_route_hostlist T=static_smtp H=10.0.0.225 [10.0.0.225]:25 C="250 2.6.0 [InternalId=248901] Queued mail for deli"
2015:01:14-14:35:14 mail exim-out[18751]: 2015-01-14 14:35:14 1YBO6L-0004ri-Cu Completed
And here is the header of the email:
Delivered-To: l.raimondi@raimondi-consulting.it
Received: by 10.107.160.15 with SMTP id j15csp1677239ioe;
Wed, 14 Jan 2015 05:35:16 -0800 (PST)
X-Received: by 10.194.184.204 with SMTP id ew12mr7349856wjc.85.1421242515812;
Wed, 14 Jan 2015 05:35:15 -0800 (PST)
Return-Path:
Received: from mail.dentalica.com (mail.dentalica.com. [212.97.53.218])
by mx.google.com with ESMTPS id q6si3039374wiz.104.2015.01.14.05.35.15
for
(version=TLSv1 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
Wed, 14 Jan 2015 05:35:15 -0800 (PST)
Received-SPF: pass (google.com: domain of lorenzo.raimondi@dentalica.com designates 212.97.53.218 as permitted sender) client-ip=212.97.53.218;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of lorenzo.raimondi@dentalica.com designates 212.97.53.218 as permitted sender) smtp.mail=lorenzo.raimondi@dentalica.com;
dmarc=fail (p=NONE dis=NONE) header.from=wufoo.com
Resent-From:
Received: from mail.dentalica.com (10.0.0.253) by mail.dentalica.com
(10.0.0.225) with Microsoft SMTP Server id 14.3.195.1; Wed, 14 Jan 2015
14:35:13 +0100
Received: from mail-pd0-f197.google.com ([209.85.192.197]:59843) by
mail.dentalica.com with esmtps (TLSv1:AES128-SHA:128) (Exim
4.82_1-5b7a7c0-XX) (envelope-from
) id 1YBO6C-0004q5-0c
for lorenzo.raimondi@dentalica.com; Wed, 14 Jan 2015 14:35:07 +0100
Received: by mail-pd0-f197.google.com with SMTP id v10sf52934410pde.0
for ; Wed, 14 Jan 2015 05:35:00 -0800
(PST)
X-CTCH-RefID: str=0001.0A0C0209.54B67089.018F,ss=3,sh,re=0.001,recu=0.000,reip=0.000,cl=3,cld=1,fgs=512
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20130820;
h=x-gm-message-state:to:subject:from:reply-to:mime-version
:content-type:message-id[:D]ate:x-original-sender
:x-original-authentication-results[:P]recedence:mailing-list:list-id
:list-help;
bh=Ro2RR0xFa9lMw8IrAf0/JFB1ia/ooYUeEDz2Nv5GsPw=;
b=nNXXOj+KkbC69Zy+EypXxtuwii+dcqyUNyyNZFR8W3zIT+yrPokX135W83gA748I5a
z+kgV3LrIz4yG1YPGHzsHRdwl64qDlDjH/uf/GJLeOzJy7nfEDWBm4R8iDY8W3vdBdgS
1pyfk3zC2wtxDCJZ/fzicomt8sZBChBJihdWRKEya1T4gMgCmYPIRPUmV1NSDvqd8dtP
w6yq8BwrYvolClmcGhcmdakeiGRoycxxWqCBPPEKHCVQ81VUZPGcDZ5wRLz6ej4wbzYF
4ojaGX27jCb9nBhES5iEHS0ExTFq0DtqSOpPp+VeOuP6Sls7NBWLZ4h+eWYQ8Xlpf/5Z
4u8w==
X-Gm-Message-State: ALoCoQlykrA46oZHYC41Ha5WcOVhnxs8a+fthuaM0HXPSyug66bKavmoBITql78a/Q8RBtJo2fIn
X-Received: by 10.66.124.198 with SMTP id mk6mr3086590pab.22.1421242499948;
Wed, 14 Jan 2015 05:34:59 -0800 (PST)
X-BeenThere: info@anthogyr.it
Received: by 10.50.124.193 with SMTP id mk1ls1395110igb.1.canary; Wed, 14 Jan
2015 05:34:59 -0800 (PST)
X-Received: by 10.68.69.106 with SMTP id d10mr5852295pbu.60.1421242499700;
Wed, 14 Jan 2015 05:34:59 -0800 (PST)
Received: from Mta28.sjc.wufoo.com (mta28.sjc.wufoo.com. [75.98.93.178])
by mx.google.com with ESMTP id
im8si30559639pbc.229.2015.01.14.05.34.59 for ;
Wed, 14 Jan 2015 05:34:59 -0800 (PST)
Received-SPF: pass (google.com: domain of apache@wufoo.com designates 75.98.93.178 as permitted sender) client-ip=75.98.93.178;
X-MSFBL: aW5mb0BhbnRob2d5ci5pdEAjbW1vdmVAZGVmYXVsdEA=
Received: from [10.10.24.39] ([10.10.24.39:57193] helo=sjc-wfweb08.endor.lan)
by sjc-mta-02 (envelope-from ) (ecelerity 3.5.2.36399
r(ssh://hg@repos.int.messagesystems.com/MessageSystems/Platform:3.5.2.0))
with ESMTP id 75/44-01808-66076B45; Wed, 14 Jan 2015 05:34:30 -0800
Received: by sjc-wfweb08.endor.lan (Postfix, from userid 48) id 2AA0EA1638;
Wed, 14 Jan 2015 05:34:59 -0800 (PST)
To:
Subject: ---SPAM--- =?UTF-8?B?QWdnaW9ybmFtZW50byBEYXRpIEFuYWdyYWZpY2kgQW50aG9neXIgSXRhbGlhICBbIzM3Ml0=?=
From: =?UTF-8?B?TU9EVUxJIFBFUiBBTU1JTklTVFJBWklPTkU=?=
Reply-To:
MIME-Version: 1.0
Content-Type: text/html; charset="UTF-8"
Message-ID:
Date: Wed, 14 Jan 2015 05:34:59 -0800
X-Original-Sender: no-reply@wufoo.com
X-Original-Authentication-Results: mx.google.com; spf=pass (google.com:
domain of apache@wufoo.com designates 75.98.93.178 as permitted sender)
smtp.mail=apache@wufoo.com; dkim=pass header.i=@wufoo.com;
dmarc=pass (p=NONE dis=NONE) header.from=wufoo.com
Precedence: list
Mailing-list: list info@anthogyr.it; contact info+owners@anthogyr.it
List-ID:
X-Google-Group-Id: 167301830336
List-Help: ,
X-Spam-Flag: YES
Return-Path: info+bncbcmob3657abrba7b3gsqkgqesisxh6y@anthogyr.it
Note the X-Spam-Flag: YES at the bottom.
Is Astaro putting that ?
This thread was automatically locked due to age.
