SA not marking spam as such after forwarding locally

Tom-

Verified User
Joined
Nov 14, 2014
Messages
21
Here's the situation. I have a forward set up for an address. lets say:

forward@mail.com > info@mail.com

Both forward and info address are on my server. The problem: SA is working fine on any regular address, but not when combined with a forward.
It does seem to mark the original mail as spam, because my 'this is spam' message actually appears in the header.

Example of such a forwarded message's header below. I've altered the server and mail addresses to match my example info above.

Return-Path: <SRS0=BrV8V/=OI=elekworld.cn=Ashley@mail.com>
Delivered-To: forward@mail.com
Received: from mail.mailserver.com
by mail.mailserver.com with LMTP id iPSmJzRoAFw2bQAAtONZJQ
for <forward@mail.com>; Thu, 29 Nov 2018 23:29:08 +0100
Return-path: <SRS0=BrV8V/=OI=elekworld.cn=Ashley@mail.com>
Envelope-to: info@mail.com
Delivery-date: Thu, 29 Nov 2018 23:29:08 +0100
Received: from mail.elekworld.com ([150.242.228.98])
by mail.mailserver.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
(Exim 4.90_1)
(envelope-from <Ashley@elekworld.cn>)
id 1gSUny-0007M0-Qq
for info@mail.com; Thu, 29 Nov 2018 23:29:08 +0100
Received: from MB133.hicom.com (unknown [192.168.68.133])
by mail.elekworld.com (Mail Balance Service Hicom System) with ESMTPS id 17676615E6
for <info@mail.com>; Fri, 30 Nov 2018 06:28:00 +0800 (CST)
Received: from mail1.elekworld.com (elekworld.cn [192.168.68.132])
by MB133.hicom.com (Mail Balance Service of Hicom System) with ESMTPS id 202F522328
for <info@mail.com>; Fri, 30 Nov 2018 06:27:56 +0800 (CST)
Received: by mail1.elekworld.com (HicomMail, from userid 103)
id A5DCD80D21; Fri, 30 Nov 2018 06:26:42 +0800 (CST)
Received: from luke-virtual-machine (unknown [192.168.68.153])
by mail1.elekworld.com (HicomMail) with ESMTPA id 7839B80D1C
for <info@mail.com>; Fri, 30 Nov 2018 06:25:50 +0800 (CST)
Date: Fri, 30 Nov 2018 06:27:55 +0800 (CST)
From: Ashley <Ashley@elekworld.cn>
To: info@mail.com
Message-ID: <1139546639.727263.1543530475385@luke-virtual-machine>
Subject: ******* Screen Pricing Updated
MIME-Version: 1.0
Content-Type: text/html;charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Forward-Confirmed-ReverseDNS: Reverse and forward lookup success on 150.242.228.98, -10 Spam score
X-Spam-Score: 1.1 (+)
X-Spam-Report: This email has been marked as spam by the anti spam service of
"mail.mailserver.com". You can view the contents of the original message below.
If you have questions about this, please contact ..............
Partial contents spam message: Latest update for ******* screens. S9 Plus US$177.3 S9 US$157.4
[...]
View below for the complete message.
Analyse: (1.1 points, 3.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: elekworld.cn]
0.0 HTML_MESSAGE BODY: HTML included in message
0.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.4 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag
SpamTally: Final spam score: 1



Was the original message marked as spam when it arrived at forward@mail.com (which could explain the X-spam report stating that its spam, perhaps?), and the final message which arrived at info@mail.com not considered spam because it was locally delivered? I'm not following what exactly is going on here, so any light shed on this would be great :)
 
Top