I just helped a friend move mail service for a few domains from his old
server to a new one running Postfix, Archiveopteryx, and Roundcube. The
move went well, but for one thing: mail sent through the new server to
Hotmail was accepted, but never delivered to the recipient's inbox, no
matter how permissive the anti spam settings. (Mail sent to GMail and
Yahoo worked fine.)
It took us a while to figure out what was going wrong. I had installed
SpamAssassin (for the first time; I don't use it myself) as an SMTP
content filter in Postfix, and it was adding spam evaluation fields to
all mail, including mail relayed to the outside world for the system's
users (who submit mail to Archiveopteryx, which forwards it to Postfix
for delivery). SA added fields that said "this is not spam":
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on example.com
X-Spam-Level:
X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED,AWL
autolearn=ham version=3.2.5
We had eliminated other possible causes (bad hostname/PTR configuration,
DNS blacklists, bad SPF records), so disabling SpamAssassin for outgoing
mail was the next thing to try (and I wanted to do it anyway, as soon as
I found out it was happening). It was easy to do. I applied the content
filter only to mail received over the external network interface, and
added a new SMTP service definition without any filters for mail from
localhost. So in /etc/postfix/master.cf, I have:
127.0.0.1:smtp inet n - - - - smtpd
A.B.C.D:smtp inet n - - - - smtpd -o content_filter=spamassassin
spamassassin unix - n n - - pipe
user=spamd argv=/usr/bin/spamc -f -e
/usr/sbin/sendmail -oi -f ${sender} ${recipient}
Fortunately, Hotmail started accepting and delivering mail from
the new server after this change.
I wonder if spammers forge negative SpamAssassin reports in their mail.
And… does it ever fool anyone?