thanks for your answer.
What do you mean by "OOO messages"?
And to my "problem":
Are the following assumptions correct?
(i'm "not really" a smtp specialist, just read a little about bounces, BATV, etc. a minute ago)
in the quoted log the following happened:
- mail got delivered to recipients mail server (correct and complete)
- the recipients mail server sends a (incorrect?) bounce-message
- our ASG doesn't accept the bounce, caused by an invalid BATV signature (*1)
*1
probably because of some encoding problems
What parts of a mail is the BATV-signature created from?
log quote again with some (important?) detail:
the @s in <sender@our.domain> at timestamp "2008:10:22-12:35:14" are replaced by %40 in the ASG-log
Code:
2008:10:22-12:35:10 (none) smtpd[31872]: SCANNER[31872]: id="1000" severity="info" sys="SecureMail" sub="smtp" name="email passed" srcip="ip_internal_Mailserver" from="sender@our.domain" to="rcp1@target.domain" subject="Subject" queueid="0yvRAf-0008Iu-1t" size="10697"
2008:10:22-12:35:10 (none) smtpd[31872]: SCANNER[31872]: id="1000" severity="info" sys="SecureMail" sub="smtp" name="email passed" srcip="ip_internal_Mailserver" from="sender@our.domain" to="rcp2@target.domain" subject="Subject" queueid="0yvRAg-0008Iu-1t" size="10697"
2008:10:22-12:35:10 (none) exim[31926]: 2008-10-22 12:35:10 0yvRAf-0008Iu-1t => rcp1@target.domain R=dnslookup T=remote_smtp H=recipient_mx [recipient_Mailserver_IP]:25
2008:10:22-12:35:10 (none) exim[31926]: 2008-10-22 12:35:10 0yvRAf-0008Iu-1t Completed
2008:10:22-12:35:11 (none) exim[31927]: 2008-10-22 12:35:11 0yvRAg-0008Iu-1t => rcp2@target.domain R=dnslookup T=remote_smtp H=recipient_mx [recipient_Mailserver_IP]:25
2008:10:22-12:35:11 (none) exim[31927]: 2008-10-22 12:35:11 0yvRAg-0008Iu-1t Completed
2008:10:22-12:35:13 (none) exim[5680]: 2008-10-22 12:35:13 SMTP connection from [recipient_Mailserver_IP]:46493 (TCP/IP connection count = 1)
2008:10:22-12:35:13 (none) exim[5680]: 2008-10-22 12:35:13 SMTP connection from [recipient_Mailserver_IP]:46494 (TCP/IP connection count = 2)
2008:10:22-12:35:14 (none) exim[31930]: 2008-10-22 12:35:14 id="1003" severity="info" sys="SecureMail" sub="smtp" name="email rejected" srcip="recipient_Mailserver_IP" from="" to="sender%40our.domain" size="-1" reason="batv" extra="Missing, invalid or expired BATV signature"
2008:10:22-12:35:14 (none) exim[31930]: 2008-10-22 12:35:14 H=recipient_mx [recipient_Mailserver_IP]:46493 F=<> rejected RCPT <sender@our.domain>: Missing, invalid or expired BATV signature
2008:10:22-12:35:14 (none) exim[31930]: 2008-10-22 12:35:14 SMTP connection from recipient_mx [recipient_Mailserver_IP]:46493 closed by DROP in ACL
2008:10:22-12:35:14 (none) exim[31931]: 2008-10-22 12:35:14 id="1003" severity="info" sys="SecureMail" sub="smtp" name="email rejected" srcip="recipient_Mailserver_IP" from="" to="sender%40our.domain" size="-1" reason="batv" extra="Missing, invalid or expired BATV signature"
2008:10:22-12:35:14 (none) exim[31931]: 2008-10-22 12:35:14 H=recipient_mx [recipient_Mailserver_IP]:46494 F=<> rejected RCPT <sender@our.domain>: Missing, invalid or expired BATV signature
2008:10:22-12:35:14 (none) exim[31931]: 2008-10-22 12:35:14 SMTP connection from recipient_mx [recipient_Mailserver_IP]:46494 closed by DROP in ACL