I am using fetchmail to forward emails into rt-mailgate. We have been recently receiving emails from msnpath.com that are refusing to be accepted through rt-mailgate. No Errors from syslog. Not sure how to find errors for rt-mailgate. The errors I receive from fetchmail look like this:
fetchmail: 2 messages (2 seen) for user@domain.com at mail.domain.com (2465905 octets).
No Errors. It does not do this with all the email, most go through, and then we get like one/two a day that are just quietly skipped. I started to tear into each email, and the only correlation I could find was a rejection from X-SPAM:
X-Spam-Processed: mail.domain.com, Thu, 11 May 2017 12:48:25 -0500
(not processed: message size (1178472) exceeds spam filter configured max size of (204800))
X-MDDKIM-Result: unapproved (mail.domain.com)
X-MDSPF-Result: unapproved (mail.domain.com)
Now, if I forward this email right back into the same mailbox, THAT email does get processed. It’s X_SPAM response states:
X-Spam-Processed: mail.domain.com, Fri, 12 May 2017 12:35:20 -0500
(not processed: message from trusted or authenticated source)
… and nothing else. A good email that also gets processed looks like this:
X-Spam-Processed: mail.domain.com, Fri, 12 May 2017 10:26:30 -0500
X-MDOP-RefID: str=0001.0A020206.5915D423.007F,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0 (_st=1 _vt=0 _iwf=0)
X-MDSPF-Result: neutral (mail.domain.com)
FYI, this is what the fetchmail entry look like:
poll mail.domain.com
protocol pop3
username user@domain.com
password ************************************
mda “/usr/bin/perl /usr/bin/rt-mailgate --url https://localhost:3773 --queue RT_QUEUE --no-verify-ssl --action correspond”
is host_server
no rewrite
no flush
no idle
ssl
sslfingerprint “09:02:4B:F8:C4:DE:C8:9E:D1:BE:D4:98:F2:C5:9A:0D”
sslcertpath /etc/ssl/certs
fetchsizelimit 0
So, my speculation is that rt-mailgate is quietly dropping these unapproved X-MDSPF and X-MDDKIM emails. Am I correct in this? Is there something else I should look for. can I get more debuglike errors from rt-mailgate?
Thanks,
Eric