maillog transaction

gistfile1.txt

Feb 17 14:04:23 prometheus rspamd[23179]: <1c7c3b>; milter; rspamd_milter_process_command: got connection from 139.99.74.138:40350
Feb 17 14:04:23 prometheus postfix/cleanup[643]: 69AD418F7B59D: message-id=<93a90977fc14ea1e512e16ef2f8eb22f@blerohelf.surf>
Feb 17 14:04:23 prometheus rspamd[23179]: <1c7c3b>; proxy; rspamd_message_parse: loaded message; id: <93a90977fc14ea1e512e16ef2f8eb2
2f@blerohelf.surf>; queue-id: <69AD418F7B59D>; size: 30863; checksum: <0b8b783b260f7bfed806e581ec979759>
Feb 17 14:04:23 prometheus rspamd[23179]: <1c7c3b>; proxy; rspamd_mime_part_detect_language: detected part language: fr
Feb 17 14:04:23 prometheus rspamd[23179]: <1c7c3b>; proxy; rspamd_mime_part_detect_language: detected part language: fr
Feb 17 14:04:23 prometheus rspamd[23179]: <1c7c3b>; proxy; lua_task_insert_result_common: symbol insertion issue: unknown symbol IP_
REPUTATION_SPAM; trace: [1]:{/usr/share/rspamd/plugins/reputation.lua:78 - add_symbol_score [Lua]}; [2]:{/usr/share/rspamd/plugins/r
eputation.lua:430 - ipstats_check [Lua]}; [3]:{/usr/share/rspamd/plugins/reputation.lua:459 - continuation_cb [Lua]}; [4]:{/usr/shar
e/rspamd/plugins/reputation.lua:929 - callback [Lua]}; [5]:{/usr/share/rspamd/lualib/lua_redis.lua:1296 - callback [Lua]}; [6]:{/usr
/share/rspamd/lualib/lua_redis.lua:917 - <unknown> [Lua]};
Feb 17 14:04:24 prometheus rspamd[23179]: <1c7c3b>; proxy; rspamd_spf_maybe_return: stored record for blerohelf.surf (0x734aff5195ff
9f11) in LRU cache for 86400 seconds, 55/2000 elements in the cache
Feb 17 14:04:24 prometheus rspamd[23179]: <1c7c3b>; proxy; dkim_module_key_handler: stored DKIM key for default._domainkey.blerohelf
.surf in LRU cache for 86400 seconds, 55/2000 elements in the cache
Feb 17 14:04:24 prometheus rspamd[23179]: <1c7c3b>; proxy; rspamd_check_group_score: maximum group score 12.50 for group surbl has b
een reached, ignoring symbol ABUSE_SURBL with weight 5.50
Feb 17 14:04:24 prometheus rspamd[23179]: <1c7c3b>; proxy; rspamd_symcache_finalize_item: slow rule: MX_INVALID(261): 355.35 ms; ena
ble slow timer delay
Feb 17 14:04:24 prometheus rspamd[23179]: <1c7c3b>; proxy; rspamd_symcache_finalize_item: slow rule: SEM_URIBL_UNKNOWN(280): 496.35 
ms; enable slow timer delay
Feb 17 14:04:24 prometheus rspamd[23179]: <1c7c3b>; proxy; rspamd_task_process: skip learning: <93a90977fc14ea1e512e16ef2f8eb22f@ble
rohelf.surf> is skipped for bayes classifier: already in class spam; probability 100.00%
Feb 17 14:04:24 prometheus rspamd[23179]: <1c7c3b>; proxy; rspamd_task_write_log: id: <93a90977fc14ea1e512e16ef2f8eb22f@blerohelf.su
rf>, qid: <69AD418F7B59D>, ip: 139.99.74.138, from: <info@blerohelf.surf>, (default: T (reject): [25.63/19.90] [DBL_SPAM(12.50){bler
ohelf.surf:dkim;blerohelf.surf:url;},BAYES_SPAM(5.09){99.99%;},MX_MISSING(3.50){},HTML_SHORT_LINK_IMG_1(2.00){},RBL_SPAMHAUS_CSS(2.0
0){139.99.74.138:from;},MX_INVALID(0.50){},BAD_REP_POLICIES(0.10){},MIME_GOOD(-0.10){multipart/alternative;text/plain;},MANY_INVISIB
LE_PARTS(0.05){1;},HAS_LIST_UNSUB(-0.01){},ABUSE_SURBL(0.00){idokorul.com:url;},ASN(0.00){asn:16276, ipnet:139.99.0.0/17, country:FR
;},DKIM_TRACE(0.00){blerohelf.surf:+;},DMARC_POLICY_ALLOW(0.00){blerohelf.surf;none;},FROM_EQ_ENVFROM(0.00){},FROM_HAS_DN(0.00){},HA
S_REPLYTO(0.00){info@blerohelf.surf;},IP_REPUTATION_SPAM(0.00){asn: 16276(0.26), country: FR(-0.00), ip: 139.99.74.138(0.00);},MID_R
HS_MATCH_FROM(0.00){},MIME_TRACE(0.00){0:+;1:+;2:~;},PRECEDENCE_BULK(0.00){},PREVIOUSLY_DELIVERED(0.00){user@domain.com;},RCPT_
COUNT_ONE(0.00){1;},RCVD_COUNT_TWO(0.00){2;},RCVD_TLS_LAST(0.00){},REPLYTO_EQ_FROM(0.00){},R_DKIM_ALLOW(0.00){blerohelf.surf:s=defau
lt;},R_SPF_ALLOW(0.00){+ip4:139.99.74.138;},SUBJECT_ENDS_EXCLAIM(0.00){},TO_DN_EQ_ADDR_ALL(0.00){},TO_MATCH_ENVRCPT_ALL(0.00){}]), l
en: 30863, time: 786.818ms, dns req: 46, digest: <0b8b783b260f7bfed806e581ec979759>, rcpts: <user@domain.com>, mime_rcpts: <gae
le@de-labrusse.fr>
Feb 17 14:04:24 prometheus rspamd[23179]: <1c7c3b>; proxy; rspamd_protocol_http_reply: regexp statistics: 0 pcre regexps scanned, 5 
regexps matched, 174 regexps total, 69 regexps cached, 0B scanned using pcre, 25.88KiB scanned total
Feb 17 14:04:24 prometheus postfix/cleanup[643]: 69AD418F7B59D: milter-reject: END-OF-MESSAGE from blerohelf.surf[139.99.74.138]: 5.
7.1 Spam message rejected; from=<info@blerohelf.surf> to=<user@domain.comr> proto=ESMTP helo=<blerohelf.surf>
Feb 17 14:04:25 prometheus postfix/smtpd[637]: disconnect from blerohelf.surf[139.99.74.138]
Feb 17 14:04:25 prometheus rspamd[23179]: <5272b4>; proxy; proxy_milter_finish_handler: finished milter connection
Feb 17 14:04:59 prometheus rspamd[23180]: <yzhw5p>; lua; bayes_expiry.lua:440: finished expiry step 167: 997 items checked, 116 sign
ificant (1 made persistent), 48 insignificant (0 ttls set), 11 common (11 discriminated), 822 infrequent (0 ttls set), 2 mean, 9 std
Feb 17 14:06:26 prometheus dovecot: auth: Error: auth worker: Aborted PASSV request for chantal@de-labrusse.fr: Lookup timed out
Feb 17 14:06:44 prometheus rspamd[23180]: <yzhw5p>; lua; bayes_expiry.lua:440: finished expiry step 168: 997 items checked, 114 sign
ificant (2 made persistent), 37 insignificant (0 ttls set), 14 common (11 discriminated), 832 infrequent (0 ttls set), 2 mean, 3 std
Feb 17 14:06:44 prometheus dovecot: auth-worker(597): Warning: Auth master disconnected us while handling request for chantal@de-lab
russe.fr for 78 secs (result=OK)
Feb 17 14:07:35 prometheus postfix/smtpd[1068]: connect from unknown[91.243.45.40]