3
Exchnage 2013 Anti Spam Header check
Hallo,
ich benutze seit ca. 1 Monat Exchange 2013. Ich empfange jeden Tag sehr viel Amerikanischen Casino Spam auf meine Mailadresse. Zuvor verwendete ich ISPConfig mit dem integrierten SPAM Filter und hatte nie Probleme alle Spam Mails wurden automatisch in den Junk verschoben.
Ich habe am Exchange bereits Anti Spam und Anti Malware konfiguriert und bin bei meiner Mailbox bis auf seinen SCL Wert von 3 herunter gegangen. Leider alles ohne erfolg ich erhalte jeden tag weiter Spam direkt in meiner Mailbox, legentlich ein kleiner Teil wandert in den Junk.
Hier die Anleitung nach der ich die Anti Spam konfiguriert habe:
http://chilltimes.de/2013/07/14/exchange-server-2013-malware-scanner/
Anbei auch noch einen Header ausschnitt aus einem von ISPConfig gefilterten Mail:
Return-Path: <prince_casino@gift-vegas.biz>
X-Original-To: a@maildaress.com
Delivered-To: a@maildaress.com
Received: from localhost (localhost [127.0.0.1])
by .server.tdl (Postfix) with ESMTP id 6803D387CF8
for <a@maildaress.com>; Tue, 27 Jan 2015 04:36:54 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at .server.tdl
X-Amavis-Alert: BAD HEADER SECTION, Missing required header field: "Date"
X-Spam-Flag: YES
X-Spam-Score: 21.906
X-Spam-Level: *
X-Spam-Status: Yes, score=21.906 tagged_above=1 required=4.5
tests=[BAYES_99=3.5, DNS_FROM_AHBL_RHSBL=2.699, FM_VEGAS_CASINO=0.851,
FROM_EXCESS_BASE64=0.979, HTML_MESSAGE=0.001,
MIME_HEADER_CTYPE_ONLY=0.717, MIME_HTML_MOSTLY=0.428,
MISSING_DATE=1.36, MPART_ALT_DIFF=0.79, NO_RDNS_DOTCOM_HELO=0.823,
RCVD_IN_XBL=0.375, RDNS_NONE=0.793, T_SURBL_MULTI1=0.01,
URIBL_DBL_SPAM=1.7, URIBL_JP_SURBL=1.25, URIBL_SBL=1.623,
URIBL_WS_SURBL=1.608, URI_NO_WWW_BIZ_CGI=2.399] autolearn=spam
Received: from .server.tdl ([127.0.0.1])
by localhost (.server.tdl [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id luOt7C6hKaBu for <a@maildaress.com>;
Tue, 27 Jan 2015 04:36:53 +0100 (CET)
Received: from mailserver.localhost.com (unknown [46.235.217.136])
by .server.tdl (Postfix) with ESMTP id 73D41387BFB
for <a@maildaress.com>; Tue, 27 Jan 2015 04:36:52 +0100 (CET)
Received: by mailserver.localhost.com id hos3t81613gm for <a@maildaress.com>; Tue, 27 Jan 2015 06:34:28 +0300 (envelope-from <prince_casino@gift-vegas.biz>)
Subject:
*SPAM*=?UTF-8?B?U3BpbiBQYWxhY2UgLSBUcmlwbGUgWW91ciBGaXJzdCBEZXBvc2l0IHVwIHRvIMKjJOKCrCAzMDAh?=
From: =?UTF-8?B?UHJpbmNlIENhc2lubw==?= <prince_casino@gift-vegas.biz>
To: "My Name" <a@maildaress.com>
X-Info: up/TxXMIu4Kdjl6xKc5QWtn19ad+u6ovRqWh0zt0MDM=
Message-ID: <a2195541463d88a31ce37a34f90665fb@gift-vegas.biz>
Content-Type: multipart/mixed; boundary="PHP-mixed-e2b9c99bc8b4344e0dbb3a326b76df78"
Date: Tue, 27 Jan 2015 04:36:54 +0100 (CET)
Ich weiß leider nichtmehr weiter und bitte um eure Hilfe
Danke im Voraus
ich benutze seit ca. 1 Monat Exchange 2013. Ich empfange jeden Tag sehr viel Amerikanischen Casino Spam auf meine Mailadresse. Zuvor verwendete ich ISPConfig mit dem integrierten SPAM Filter und hatte nie Probleme alle Spam Mails wurden automatisch in den Junk verschoben.
Ich habe am Exchange bereits Anti Spam und Anti Malware konfiguriert und bin bei meiner Mailbox bis auf seinen SCL Wert von 3 herunter gegangen. Leider alles ohne erfolg ich erhalte jeden tag weiter Spam direkt in meiner Mailbox, legentlich ein kleiner Teil wandert in den Junk.
Hier die Anleitung nach der ich die Anti Spam konfiguriert habe:
http://chilltimes.de/2013/07/14/exchange-server-2013-malware-scanner/
Anbei auch noch einen Header ausschnitt aus einem von ISPConfig gefilterten Mail:
Return-Path: <prince_casino@gift-vegas.biz>
X-Original-To: a@maildaress.com
Delivered-To: a@maildaress.com
Received: from localhost (localhost [127.0.0.1])
by .server.tdl (Postfix) with ESMTP id 6803D387CF8
for <a@maildaress.com>; Tue, 27 Jan 2015 04:36:54 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at .server.tdl
X-Amavis-Alert: BAD HEADER SECTION, Missing required header field: "Date"
X-Spam-Flag: YES
X-Spam-Score: 21.906
X-Spam-Level: *
X-Spam-Status: Yes, score=21.906 tagged_above=1 required=4.5
tests=[BAYES_99=3.5, DNS_FROM_AHBL_RHSBL=2.699, FM_VEGAS_CASINO=0.851,
FROM_EXCESS_BASE64=0.979, HTML_MESSAGE=0.001,
MIME_HEADER_CTYPE_ONLY=0.717, MIME_HTML_MOSTLY=0.428,
MISSING_DATE=1.36, MPART_ALT_DIFF=0.79, NO_RDNS_DOTCOM_HELO=0.823,
RCVD_IN_XBL=0.375, RDNS_NONE=0.793, T_SURBL_MULTI1=0.01,
URIBL_DBL_SPAM=1.7, URIBL_JP_SURBL=1.25, URIBL_SBL=1.623,
URIBL_WS_SURBL=1.608, URI_NO_WWW_BIZ_CGI=2.399] autolearn=spam
Received: from .server.tdl ([127.0.0.1])
by localhost (.server.tdl [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id luOt7C6hKaBu for <a@maildaress.com>;
Tue, 27 Jan 2015 04:36:53 +0100 (CET)
Received: from mailserver.localhost.com (unknown [46.235.217.136])
by .server.tdl (Postfix) with ESMTP id 73D41387BFB
for <a@maildaress.com>; Tue, 27 Jan 2015 04:36:52 +0100 (CET)
Received: by mailserver.localhost.com id hos3t81613gm for <a@maildaress.com>; Tue, 27 Jan 2015 06:34:28 +0300 (envelope-from <prince_casino@gift-vegas.biz>)
Subject:
*SPAM*=?UTF-8?B?U3BpbiBQYWxhY2UgLSBUcmlwbGUgWW91ciBGaXJzdCBEZXBvc2l0IHVwIHRvIMKjJOKCrCAzMDAh?=
From: =?UTF-8?B?UHJpbmNlIENhc2lubw==?= <prince_casino@gift-vegas.biz>
To: "My Name" <a@maildaress.com>
X-Info: up/TxXMIu4Kdjl6xKc5QWtn19ad+u6ovRqWh0zt0MDM=
Message-ID: <a2195541463d88a31ce37a34f90665fb@gift-vegas.biz>
Content-Type: multipart/mixed; boundary="PHP-mixed-e2b9c99bc8b4344e0dbb3a326b76df78"
Date: Tue, 27 Jan 2015 04:36:54 +0100 (CET)
Ich weiß leider nichtmehr weiter und bitte um eure Hilfe
Danke im Voraus
Share on Facebook
Share on Twitter
Share on Reddit
Share on LinkedinPlease also mark the comments that contributed to the solution of the article
Content-Key: 261277
Url: https://administrator.de/contentid/261277
Printed on: April 24, 2024 at 18:04 o'clock
3 Comments
Latest comment
Hallo,
das Teil hat doch schon nen schönen SPAM Tag.
das Teil hat doch schon nen schönen SPAM Tag.
Ja unter ispconfig erhält er den, jedoch beim Exchange leider nicht:
Received: from server.servername.tdl (IP.IP.IP.IP) by server.servername.tdl
(IP.IP.IP.IP) with Microsoft SMTP Server (TLS) id 15.0.847.32 via Mailbox
Transport; Tue, 27 Jan 2015 14:22:45 +0100
Received: from server.servername.tdl (IP.IP.IP.IP) by server.servername.tdl
(IP.IP.IP.IP) with Microsoft SMTP Server (TLS) id 15.0.847.32; Tue, 27 Jan
2015 14:19:47 +0100
Received: from mailserver.localhost.com (112.169.11.51) by server.servername.tdl
(IP.IP.IP.IP) with Microsoft SMTP Server id 15.0.847.32 via Frontend
Transport; Tue, 27 Jan 2015 14:19:46 +0100
Received: by mailserver.localhost.com id hou8701613gd for
<a@domain.tdl>; Tue, 27 Jan 2015 16:19:39 +0300 (envelope-from
<timefor_casino@bet-gain.us>)
Subject: =?UTF-8?B?SGFsbG8gQWxleGFuZXIgRmVsYmVybWF5ci4gRWluIE3DpHJjaGVuIHZvbGxlciBMaWViZSB1bmQgSW50cmlnZW4gaXN0IG51ciAgIGVpbmVuIEhlcnpzY2hsYWcgZW50ZmVybnQh?=
From: =?UTF-8?B?VGltZWZvciBDYXNpbm8=?= <timefor_casino@bet-gain.us>
To: My Name <a@domain.tdl>
X-Info: up/TxXMIu4Kdjl6xKc5QWtn19ad+u6ovRqCh0TJ2MQ==
Message-ID: <cf85cf9364ac4cd9073502015cc9defb@bet-gain.us>
Content-Type: multipart/mixed;
boundary="b1_985d0d39c3c6be8ebe58bcc84eb94366"
Return-Path: timefor_casino@bet-gain.us
Date: Tue, 27 Jan 2015 14:19:46 +0100
MIME-Version: 1.0
X-MS-Exchange-Organization-PRD: bet-gain.us
X-MS-Exchange-Organization-SenderIdResult: None
Received-SPF: None (server.servername.tdl: timefor_casino@bet-gain.us does not
designate permitted sender hosts)
X-MS-Exchange-Organization-Network-Message-Id: 73f7c394-a732-420f-558a-08d2084b785a
X-MS-Exchange-Organization-SCL: 1
X-MS-Exchange-Organization-PCL: 2
X-MS-Exchange-Organization-Antispam-Report: DV:3.3.5705.600;SID:SenderIDStatus None;OrigIP:112.169.11.51
X-MS-Exchange-Organization-AVStamp-Enterprise: 1.0
X-MS-Exchange-Organization-AuthSource: server.servername.tdl
X-MS-Exchange-Organization-AuthAs: Anonymous
Received: from server.servername.tdl (IP.IP.IP.IP) by server.servername.tdl
(IP.IP.IP.IP) with Microsoft SMTP Server (TLS) id 15.0.847.32 via Mailbox
Transport; Tue, 27 Jan 2015 14:22:45 +0100
Received: from server.servername.tdl (IP.IP.IP.IP) by server.servername.tdl
(IP.IP.IP.IP) with Microsoft SMTP Server (TLS) id 15.0.847.32; Tue, 27 Jan
2015 14:19:47 +0100
Received: from mailserver.localhost.com (112.169.11.51) by server.servername.tdl
(IP.IP.IP.IP) with Microsoft SMTP Server id 15.0.847.32 via Frontend
Transport; Tue, 27 Jan 2015 14:19:46 +0100
Received: by mailserver.localhost.com id hou8701613gd for
<a@domain.tdl>; Tue, 27 Jan 2015 16:19:39 +0300 (envelope-from
<timefor_casino@bet-gain.us>)
Subject: =?UTF-8?B?SGFsbG8gQWxleGFuZXIgRmVsYmVybWF5ci4gRWluIE3DpHJjaGVuIHZvbGxlciBMaWViZSB1bmQgSW50cmlnZW4gaXN0IG51ciAgIGVpbmVuIEhlcnpzY2hsYWcgZW50ZmVybnQh?=
From: =?UTF-8?B?VGltZWZvciBDYXNpbm8=?= <timefor_casino@bet-gain.us>
To: My Name <a@domain.tdl>
X-Info: up/TxXMIu4Kdjl6xKc5QWtn19ad+u6ovRqCh0TJ2MQ==
Message-ID: <cf85cf9364ac4cd9073502015cc9defb@bet-gain.us>
Content-Type: multipart/mixed;
boundary="b1_985d0d39c3c6be8ebe58bcc84eb94366"
Return-Path: timefor_casino@bet-gain.us
Date: Tue, 27 Jan 2015 14:19:46 +0100
MIME-Version: 1.0
X-MS-Exchange-Organization-PRD: bet-gain.us
X-MS-Exchange-Organization-SenderIdResult: None
Received-SPF: None (server.servername.tdl: timefor_casino@bet-gain.us does not
designate permitted sender hosts)
X-MS-Exchange-Organization-Network-Message-Id: 73f7c394-a732-420f-558a-08d2084b785a
X-MS-Exchange-Organization-SCL: 1
X-MS-Exchange-Organization-PCL: 2
X-MS-Exchange-Organization-Antispam-Report: DV:3.3.5705.600;SID:SenderIDStatus None;OrigIP:112.169.11.51
X-MS-Exchange-Organization-AVStamp-Enterprise: 1.0
X-MS-Exchange-Organization-AuthSource: server.servername.tdl
X-MS-Exchange-Organization-AuthAs: Anonymous
Ach so.
vor nem Exchange betreibt man in der Regel auch ein Vernünftiges SPAM Gateway
E-Mail Anti Spam Proxy mit CentOS
vor nem Exchange betreibt man in der Regel auch ein Vernünftiges SPAM Gateway
E-Mail Anti Spam Proxy mit CentOS
