Update I received confirmation that today they closed the pull request so we are getting closer... Thank you to Robert Scheck who had one fix and pull request since Aug 2018 and pushed this through with pure determination. He wouldn't let it sit. I had given up myself and was happy to go it alone w...

I think what you want is this virus_name_to_spam_score_maps ... This would allow you to score this in SA and provide that flexibility. https://lists.amavis.org/pipermail/amavis-users/2011-October/000934.html Anything matching would be sent on to SA where you could look at X-Amavis-AV-Status to see i...

This is freshclam. % grep 104.16.218.84 /opt/zimbra/log/freshclam.log Database updated (6823072 signatures) from db.us.clamav.net (IP: 104.16.218.84) Database updated (6825610 signatures) from db.us.clamav.net (IP: 104.16.218.84) .. If you don't need virus definitions updated, this would temporarily...

Hey David, You might want to play with dnsping,dnseval and dnstraceroute. Will definitely show oddities like transparent proxying (ISP/NSP interception), throttling, FW, slowness, etc. Something like this for udp and then tcp might shine a light. # dnsping -t TXT Mar2018._domainkey.aetna.com # dnspi...

I thought this was a caching DNS resolver... nope. From the documentation - "dnscache adds into the MTA servers a local DNS cache server that can keep all the external DNS request". Anyway, here is the root cause. "configured forward servers failed -- returning SERVFAIL" So you a...

I need to study this debugging log... perhaps -v option might be better option.

Interesting... I don't know if you noticed but this is what I see here: % dig -t txt aetna.com ;; Truncated, retrying in TCP mode. ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1 <<>> -t txt aetna.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10312...

Authentication-Results: mail.mydomain.com (amavisd-new); dkim=neutral reason="invalid (public key: DNS query timeout for Mar2018._domainkey.aetna.com at /opt/zimbra/common/lib/perl5/Mail/DKIM/DNS.pm line 156, <GEN16> line 2304.)" header.d=aetna.com header.b=SZqPtx4l; dkim=fail (1024-bit k...

Depending how you created it to begin with and which acme client --- perhaps this? https://stackoverflow.com/questions/38302401/letsencrypt-add-domain-to-existing-certificate It is trivial to re-issue and use the --force option with most acme clients also. BTW, if you use DNS validation, you can tes...

Not any more but it does handle most cases... There is a variation of spoofing that is signed by the spammer so my initial rule failed that case. I do something extra now and use the Return-Path which is the envelope from address. You are correct that you add a string of domains. I keep it as 2 rule...