Probleme mit externen Blacklists
Posted: Fri Apr 14, 2017 6:01 am
Ich glaube das meine aktuelle Installation von MailWasher Pro 7.9 Emails nicht korrekt mit externen Blacklists abgleicht.
Bei der Überprüfung von E-Mails mit MailWasher wurde mir eine E-Mail zur manuellen Prüfung angezeigt. Die automatische Inhaltsbewertung ergab einen Wert von +39. Weitere automatische Prüfungen (Friend-List, Spam-List, DNSBLs, FirstAlert, usw.) ergaben keine Treffer. Da es sich eindeutig um Spam gehandelt hat, habe ich die IP bei der Blacklist inps.de manuell überprüft. Das Ergebnis ist, das die IP in inps.de sowie unter anderem in justspam.org gelistet ist. Diese beiden Blacklists habe ich auch in MailWasher eingebunden. Somit hätte die E-Mail eigentlich als Spam erkannt werden müssen.
Wie kann ich überprüfen, ob die Anfrage an die Blacklists korrekt durchgeführt wurden?
Folgende Spam-Email wurde von mir manuell gelöscht. Die IP befindet sich in o. g. Blacklists wurde jedoch automatisch von MailWasher nicht als Spam klassifiziert.
Folgende Log-Einträge sind für die gelöschte Datei in der MWPappapp_xxx vorhanden. Persönliche Daten wurden durch XXXXX ersetzt.
Im Anhang noch Bilder mit den Einstellungen zur Blacklist sowie dem Ergebnis der Abfrage bei inps.de. inps hat Priorität 1.
Bei der Überprüfung von E-Mails mit MailWasher wurde mir eine E-Mail zur manuellen Prüfung angezeigt. Die automatische Inhaltsbewertung ergab einen Wert von +39. Weitere automatische Prüfungen (Friend-List, Spam-List, DNSBLs, FirstAlert, usw.) ergaben keine Treffer. Da es sich eindeutig um Spam gehandelt hat, habe ich die IP bei der Blacklist inps.de manuell überprüft. Das Ergebnis ist, das die IP in inps.de sowie unter anderem in justspam.org gelistet ist. Diese beiden Blacklists habe ich auch in MailWasher eingebunden. Somit hätte die E-Mail eigentlich als Spam erkannt werden müssen.
Wie kann ich überprüfen, ob die Anfrage an die Blacklists korrekt durchgeführt wurden?
Folgende Spam-Email wurde von mir manuell gelöscht. Die IP befindet sich in o. g. Blacklists wurde jedoch automatisch von MailWasher nicht als Spam klassifiziert.
Code: Select all
*********************************************************************************************
Firetrust Mailwasher 2010 version: 843 Created 04-13-2017
*********************************************************************************************
04-13-2017 18:36:09.725 Info AddMsgToRecycleBin 84c4bc74008e72a0cb4b4dbc7fb6de41 DeleteReason=0 SQL=UPDATE cache SET delete_reason = ?, delete_date = ? WHERE uid = '84c4bc74008e72a0cb4b4dbc7fb6de41'; dt=2017-04-13 18:36:09 DeleteReason=0
Code: Select all
04-13-2017 18:29:35.541 Info BEGIN FETCH MAIL SESSION ON ACCOUNT XXXXX_XXXXX_online_de Acct-311727788
04-13-2017 18:29:35.541 Info ****************************************************************************************************************************
04-13-2017 18:29:35.541 Info MWPfetch::ObjectThreadMethod acc=Acct-311727788 AccountType=1 user=XXXXX.XXXXX@online.de host=imap.1und1.de port=993 logintype=1 sslmode=1
04-13-2017 18:29:35.541 Info MWPapplication::FetchAccount acc=Acct-311727788 AccountType=1 user=XXXXX.XXXXX@online.de host=imap.1und1.de port=993 logintype=1 sslmode=1
04-13-2017 18:29:35.541 Info IMAPservice::IMAPservice host=imap.1und1.de port=993
04-13-2017 18:29:35.541 Info LOGIN acc=Acct-311727788 user=XXXXX.XXXXX@online.de host=imap.1und1.de port=993 logintype=1 sslmode=1
04-13-2017 18:29:35.963 Info C: LOGIN *******
04-13-2017 18:29:35.983 Info C: CAPABILITY
04-13-2017 18:29:35.999 Info C: SELECT "INBOX"
04-13-2017 18:29:35.999 Info SELECT "INBOX"
04-13-2017 18:29:35.999 Info WASH START Acct-311727788
04-13-2017 18:29:36.015 Info S: * 70 EXISTS
04-13-2017 18:29:36.015 Info S: * 0 RECENT
04-13-2017 18:29:36.015 Info S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
04-13-2017 18:29:36.015 Info S: * OK [PERMANENTFLAGS (\Answered \Flagged \Draft \Deleted \Seen \*)] Unlimited
04-13-2017 18:29:36.015 Info S: * OK [UNSEEN 41] Message 41 is first unseen
04-13-2017 18:29:36.015 Info S: * OK [UIDNEXT 37215] Predicted next UID
04-13-2017 18:29:36.015 Info S: * OK [UIDVALIDITY 0] UIDs valid
04-13-2017 18:29:36.015 Info S: mw4 OK [READ-WRITE] SELECT completed
04-13-2017 18:29:36.015 Info *** IMAP UID FETCH ***
04-13-2017 18:29:36.015 Info C: FETCH 1:* (FLAGS UID RFC822.SIZE)
04-13-2017 18:29:36.039 Info UIDL list size = 25
04-13-2017 18:29:36.039 Info UID count=25
04-13-2017 18:29:36.047 Info UID FETCH LIST SENT TO Acct-311727788
04-13-2017 18:29:36.055 Info WASH Acct-311727788 bc7149eaa58e78ef73d1bdd89e3d2bf7
04-13-2017 18:29:36.068 Info DO REGEX Acct-311727788 bc7149eaa58e78ef73d1bdd89e3d2bf7
04-13-2017 18:29:36.069 Info * 70 FETCH (UID 37214 BODY[]<0> {3181}
04-13-2017 18:29:36.070 Info CALL IMAPservice::PipelineGetEmailLines(25, 200)
04-13-2017 18:29:36.077 Info RBL START XXXXX_XXXXX_online_de bc7149eaa58e78ef73d1bdd89e3d2bf7
04-13-2017 18:29:36.082 Info RBL Lookup: ip=217.72.192.66 domain=dnsbl.inps.de cached=-1
04-13-2017 18:29:36.088 Info CALL MWPmsgCache::CacheMessage(84c4bc74008e72a0cb4b4dbc7fb6de41) NumLines 200
04-13-2017 18:29:36.089 Info FETCH RATE 5 emails in 0.09 secs 53.19 emails a second
04-13-2017 18:29:36.089 Info FETCHDONE SENT XXXXX_XXXXX_online_de
04-13-2017 18:29:36.089 Info FETCHDONE XML <MWPFETCHDONE><ACCOUNT_TEXT>XXXXX_XXXXX_online_de</ACCOUNT_TEXT><ACCOUNT>Acct-311727788</ACCOUNT><EMAILSINDROP>25</EMAILSINDROP><MAXTOFETCH>26</MAXTOFETCH><EMAILSFETCHED>5</EMAILSFETCHED><EMAILSPERSECOND>53.2</EMAILSPERSECOND><HOST>imap.1und1.de</HOST><USER>XXXXX.XXXXX@online.de</USER></MWPFETCHDONE>
04-13-2017 18:29:36.089 Info IMAP QUIT Acct-311727788
04-13-2017 18:29:36.089 Info C: QUIT
04-13-2017 18:29:36.096 Info WASH Acct-311727788 a2f016f91b8ad241c32a3f0bb1d67689
04-13-2017 18:29:36.115 Info DO REGEX Acct-311727788 a2f016f91b8ad241c32a3f0bb1d67689
04-13-2017 18:29:36.122 Info RBL START XXXXX_XXXXX_online_de a2f016f91b8ad241c32a3f0bb1d67689
04-13-2017 18:29:36.127 Info RBL Lookup: ip=217.72.192.66 domain=dnsbl.inps.de cached=-1
04-13-2017 18:29:36.136 Info WASH Acct-311727788 56b278db9f5a8962af80284e8b71bdfb
04-13-2017 18:29:36.148 Info DO REGEX Acct-311727788 56b278db9f5a8962af80284e8b71bdfb
04-13-2017 18:29:36.157 Info RBL START XXXXX_XXXXX_online_de 56b278db9f5a8962af80284e8b71bdfb
04-13-2017 18:29:36.161 Info RBL Lookup: ip=217.72.192.66 domain=dnsbl.inps.de cached=-1
04-13-2017 18:29:36.175 Info WASH Acct-311727788 e034d498e835144b6a48693d3edde407
04-13-2017 18:29:36.187 Info DO REGEX Acct-311727788 e034d498e835144b6a48693d3edde407
04-13-2017 18:29:36.195 Info RBL START XXXXX_XXXXX_online_de e034d498e835144b6a48693d3edde407
04-13-2017 18:29:36.200 Info RBL Lookup: ip=212.227.15.40 domain=dnsbl.inps.de cached=-1
04-13-2017 18:29:36.214 Info WASH Acct-311727788 84c4bc74008e72a0cb4b4dbc7fb6de41
04-13-2017 18:29:36.216 Info RBL Lookup: ip=217.72.192.66 domain=ix.dnsbl.manitu.net cached=-1
04-13-2017 18:29:36.216 Info RBL Lookup: ip=217.72.192.66 domain=ix.dnsbl.manitu.net cached=-1
04-13-2017 18:29:36.216 Info RBL Lookup: ip=217.72.192.66 domain=ix.dnsbl.manitu.net cached=-1
04-13-2017 18:29:36.219 Info DO REGEX Acct-311727788 84c4bc74008e72a0cb4b4dbc7fb6de41
04-13-2017 18:29:36.223 Info RBL START XXXXX_XXXXX_online_de 84c4bc74008e72a0cb4b4dbc7fb6de41
04-13-2017 18:29:36.226 Info RBL Lookup: ip=217.72.192.66 domain=dnsbl.inps.de cached=-1
04-13-2017 18:29:36.226 Info RBL Lookup: ip=217.72.192.66 domain=ix.dnsbl.manitu.net cached=-1
04-13-2017 18:29:36.229 Info WASHDONE SENT XXXXX_XXXXX_online_de
04-13-2017 18:29:36.229 Info WASHDONE XML <MWPWASHDONE><ACCOUNT>Acct-311727788</ACCOUNT><EMAILSINDROP>0</EMAILSINDROP><MAXTOWASH>5</MAXTOWASH><EMAILSWASHED>5</EMAILSWASHED><HOST>imap.1und1.de</HOST><USER>XXXXX.XXXXX@online.de</USER></MWPWASHDONE>
04-13-2017 18:29:36.229 Info WAIT FOR FirstAlert TO FINISH XXXXX_XXXXX_online_de
04-13-2017 18:29:36.295 Info RBL Lookup: ip=212.227.15.40 domain=ix.dnsbl.manitu.net cached=-1
04-13-2017 18:29:36.300 Info RBL Lookup: ip=217.72.192.66 domain=ixhash.spameatingmonkey.net cached=-1
04-13-2017 18:29:36.300 Info RBL Lookup: ip=217.72.192.66 domain=ixhash.spameatingmonkey.net cached=-1
04-13-2017 18:29:36.300 Info RBL Lookup: ip=217.72.192.66 domain=ixhash.spameatingmonkey.net cached=-1
04-13-2017 18:29:36.300 Info RBL Lookup: ip=217.72.192.66 domain=ixhash.spameatingmonkey.net cached=-1
04-13-2017 18:29:36.422 Info RBL Lookup: ip=212.227.15.40 domain=ixhash.spameatingmonkey.net cached=-1
04-13-2017 18:29:36.483 Info RBL Lookup: ip=217.72.192.66 domain=sbl-xbl.spamhaus.org cached=-1
04-13-2017 18:29:36.483 Info RBL Lookup: ip=217.72.192.66 domain=sbl-xbl.spamhaus.org cached=-1
04-13-2017 18:29:36.483 Info RBL Lookup: ip=217.72.192.66 domain=sbl-xbl.spamhaus.org cached=-1
04-13-2017 18:29:36.483 Info RBL Lookup: ip=217.72.192.66 domain=sbl-xbl.spamhaus.org cached=-1
04-13-2017 18:29:36.505 Info RBL Lookup: ip=212.227.15.40 domain=sbl-xbl.spamhaus.org cached=-1
04-13-2017 18:29:36.873 Info RBL Lookup: ip=217.72.192.66 domain=spam.dnsbl.anonmails.de cached=-1
04-13-2017 18:29:36.873 Info RBL Lookup: ip=217.72.192.66 domain=spam.dnsbl.anonmails.de cached=-1
04-13-2017 18:29:36.873 Info RBL Lookup: ip=217.72.192.66 domain=spam.dnsbl.anonmails.de cached=-1
04-13-2017 18:29:36.873 Info RBL Lookup: ip=217.72.192.66 domain=spam.dnsbl.anonmails.de cached=-1
04-13-2017 18:29:36.891 Info RBL Lookup: ip=212.227.15.40 domain=spam.dnsbl.anonmails.de cached=-1
04-13-2017 18:29:36.971 Info RBL Lookup: ip=217.72.192.66 domain=cbl.abuseat.org cached=-1
04-13-2017 18:29:36.971 Info RBL Lookup: ip=217.72.192.66 domain=cbl.abuseat.org cached=-1
04-13-2017 18:29:36.971 Info RBL Lookup: ip=217.72.192.66 domain=cbl.abuseat.org cached=-1
04-13-2017 18:29:36.971 Info RBL Lookup: ip=217.72.192.66 domain=cbl.abuseat.org cached=-1
04-13-2017 18:29:36.992 Info RBL Lookup: ip=212.227.15.40 domain=cbl.abuseat.org cached=-1
04-13-2017 18:29:37.055 Info RBL Lookup: ip=217.72.192.66 domain=dnsbl.sorbs.net cached=-1
04-13-2017 18:29:37.055 Info RBL Lookup: ip=217.72.192.66 domain=dnsbl.sorbs.net cached=-1
04-13-2017 18:29:37.055 Info RBL Lookup: ip=217.72.192.66 domain=dnsbl.sorbs.net cached=-1
04-13-2017 18:29:37.055 Info RBL Lookup: ip=217.72.192.66 domain=dnsbl.sorbs.net cached=-1
04-13-2017 18:29:37.387 Info RBL Lookup: ip=212.227.15.40 domain=dnsbl.sorbs.net cached=-1
04-13-2017 18:29:37.575 Info FIRST ALERT SUBMISSION START bc7149eaa58e78ef73d1bdd89e3d2bf7
04-13-2017 18:29:37.582 Info FIRST ALERT SUBMISSION DONE XXXXX_XXXXX_online_de m_uid = bc7149eaa58e78ef73d1bdd89e3d2bf7
04-13-2017 18:29:37.772 Info FIRST ALERT SUBMISSION START a2f016f91b8ad241c32a3f0bb1d67689
04-13-2017 18:29:37.775 Info FIRST ALERT SUBMISSION DONE XXXXX_XXXXX_online_de m_uid = a2f016f91b8ad241c32a3f0bb1d67689
04-13-2017 18:29:37.775 Info FIRST ALERT SUBMISSION START 56b278db9f5a8962af80284e8b71bdfb
04-13-2017 18:29:37.781 Info FIRST ALERT SUBMISSION DONE XXXXX_XXXXX_online_de m_uid = 56b278db9f5a8962af80284e8b71bdfb
04-13-2017 18:29:37.782 Info FIRST ALERT SUBMISSION START e034d498e835144b6a48693d3edde407
04-13-2017 18:29:37.789 Info FIRST ALERT SUBMISSION DONE XXXXX_XXXXX_online_de m_uid = e034d498e835144b6a48693d3edde407
04-13-2017 18:29:37.789 Info FIRST ALERT SUBMISSION START 84c4bc74008e72a0cb4b4dbc7fb6de41
04-13-2017 18:29:37.791 Info FIRST ALERT SUBMISSION DONE XXXXX_XXXXX_online_de m_uid = 84c4bc74008e72a0cb4b4dbc7fb6de41
04-13-2017 18:29:38.066 Info RBL Lookup: ip=217.72.192.66 domain=bl.spamcop.net cached=-1
04-13-2017 18:29:38.066 Info RBL Lookup: ip=217.72.192.66 domain=bl.spamcop.net cached=-1
04-13-2017 18:29:38.066 Info RBL Lookup: ip=217.72.192.66 domain=bl.spamcop.net cached=-1
04-13-2017 18:29:38.066 Info RBL Lookup: ip=217.72.192.66 domain=bl.spamcop.net cached=-1
04-13-2017 18:29:38.071 Info RBL Lookup: ip=212.227.15.40 domain=bl.spamcop.net cached=-1
04-13-2017 18:29:38.202 Info RBL Lookup: ip=212.227.15.40 domain=db.wpbl.info cached=-1
04-13-2017 18:29:38.231 Info FirstAlert FINISH XXXXX_XXXXX_online_de
04-13-2017 18:29:38.231 Info WAIT FOR RBL's TO FINISH XXXXX_XXXXX_online_de
04-13-2017 18:29:38.366 Info RBL Lookup: ip=217.72.192.66 domain=db.wpbl.info cached=-1
04-13-2017 18:29:38.366 Info RBL Lookup: ip=217.72.192.66 domain=db.wpbl.info cached=-1
04-13-2017 18:29:38.366 Info RBL Lookup: ip=217.72.192.66 domain=db.wpbl.info cached=-1
04-13-2017 18:29:38.366 Info RBL Lookup: ip=217.72.192.66 domain=db.wpbl.info cached=-1
04-13-2017 18:29:38.405 Info RBL Lookup: ip=212.227.15.40 domain=z.mailspike.net cached=-1
04-13-2017 18:29:38.506 Info RBL Lookup: ip=212.227.15.40 domain=bl.spamcannibal.org cached=-1
04-13-2017 18:29:38.742 Info RBL Lookup: ip=212.227.15.40 domain=dnsbl-1.uceprotect.net cached=-1
04-13-2017 18:29:38.743 Info RBL Lookup: ip=217.72.192.66 domain=z.mailspike.net cached=-1
04-13-2017 18:29:38.743 Info RBL Lookup: ip=217.72.192.66 domain=z.mailspike.net cached=-1
04-13-2017 18:29:38.743 Info RBL Lookup: ip=217.72.192.66 domain=z.mailspike.net cached=-1
04-13-2017 18:29:38.743 Info RBL Lookup: ip=217.72.192.66 domain=z.mailspike.net cached=-1
04-13-2017 18:29:38.852 Info RBL Lookup: ip=217.72.192.66 domain=bl.spamcannibal.org cached=-1
04-13-2017 18:29:38.852 Info RBL Lookup: ip=217.72.192.66 domain=bl.spamcannibal.org cached=-1
04-13-2017 18:29:38.852 Info RBL Lookup: ip=217.72.192.66 domain=bl.spamcannibal.org cached=-1
04-13-2017 18:29:38.852 Info RBL Lookup: ip=217.72.192.66 domain=bl.spamcannibal.org cached=-1
04-13-2017 18:29:38.991 Info RBL Lookup: ip=212.227.15.40 domain=dnsbl-2.uceprotect.net cached=-1
04-13-2017 18:29:39.084 Info RBL Lookup: ip=217.72.192.66 domain=dnsbl-1.uceprotect.net cached=-1
04-13-2017 18:29:39.084 Info RBL Lookup: ip=217.72.192.66 domain=dnsbl-1.uceprotect.net cached=-1
04-13-2017 18:29:39.084 Info RBL Lookup: ip=217.72.192.66 domain=dnsbl-1.uceprotect.net cached=-1
04-13-2017 18:29:39.084 Info RBL Lookup: ip=217.72.192.66 domain=dnsbl-1.uceprotect.net cached=-1
04-13-2017 18:29:39.192 Info RBL Lookup: ip=212.227.15.40 domain=dnsbl.justspam.org cached=-1
04-13-2017 18:29:39.327 Info RBL Lookup: ip=217.72.192.66 domain=dnsbl-2.uceprotect.net cached=-1
04-13-2017 18:29:39.327 Info RBL Lookup: ip=217.72.192.66 domain=dnsbl-2.uceprotect.net cached=-1
04-13-2017 18:29:39.327 Info RBL Lookup: ip=217.72.192.66 domain=dnsbl-2.uceprotect.net cached=-1
04-13-2017 18:29:39.327 Info RBL Lookup: ip=217.72.192.66 domain=dnsbl-2.uceprotect.net cached=-1
04-13-2017 18:29:39.374 Info RBL DONE Acct-311727788 m_uid = e034d498e835144b6a48693d3edde407
04-13-2017 18:29:39.583 Info RBL Lookup: ip=217.72.192.66 domain=dnsbl.justspam.org cached=-1
04-13-2017 18:29:39.583 Info RBL Lookup: ip=217.72.192.66 domain=dnsbl.justspam.org cached=-1
04-13-2017 18:29:39.583 Info RBL Lookup: ip=217.72.192.66 domain=dnsbl.justspam.org cached=-1
04-13-2017 18:29:39.583 Info RBL Lookup: ip=217.72.192.66 domain=dnsbl.justspam.org cached=-1
04-13-2017 18:29:40.656 Info RBL DONE Acct-311727788 m_uid = a2f016f91b8ad241c32a3f0bb1d67689
04-13-2017 18:29:40.656 Info RBL DONE Acct-311727788 m_uid = 84c4bc74008e72a0cb4b4dbc7fb6de41
04-13-2017 18:29:40.656 Info RBL DONE Acct-311727788 m_uid = bc7149eaa58e78ef73d1bdd89e3d2bf7
04-13-2017 18:29:40.656 Info RBL DONE Acct-311727788 m_uid = 56b278db9f5a8962af80284e8b71bdfb
04-13-2017 18:29:40.735 Info RBL's FINISHED XXXXX_XXXXX_online_de
04-13-2017 18:29:40.735 Info FIRST ALERT DISCONNECT XXXXX_XXXXX_online_de LAST WASH THREAD
04-13-2017 18:29:40.735 Info WASH STOP XXXXX_XXXXX_online_de
04-13-2017 18:29:40.735 Info FETCH THREAD XXXXX_XXXXX_online_de WAIT FOR FINISH
04-13-2017 18:29:40.735 Info FETCH THREAD XXXXX_XXXXX_online_de FINISHED