[vPostMaster] vPostMaster sometimes ignores Spamassassin score

Thu May 22 12:54:33 MDT 2008

Has anyone run into anything like this before?

I get email that is clearly spam, that spamassassin correctly identifies
as spam, but vpostmaster lets through as "OK"

Here are sample headers from one such email:

>From www-data at byteplant.com  Thu May 22 14:45:17 2008
X-Original-To: sysadmin at cpc401k.com
Delivered-To: sysadmin at cpc401k.com
Received: from byteplant.com (byteplant.com [78.47.119.33])
	by lippman.cpc.local (vPostMaster) with ESMTP id 3E7694E80FD
	for <sysadmin at cpc401k.com>; Thu, 22 May 2008 14:43:35 -0400 (EDT)
Received: from www-data by byteplant.com with local-bsmtp (Exim 4.63)
	(envelope-from <www-data at byteplant.com>)
	id 1JzFlG-0001R5-D5
	for sysadmin at cpc401k.com; Thu, 22 May 2008 20:43:34 +0200
Subject: Test mail 3/7 (ID=mpNPHQSNHlpdjy2AoW8ezA)
From: "E-Mail Security Test" <emailsecurity at byteplant.com>
To: sysadmin at cpc401k.com
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-Id: <E1JzFlG-0001R5-D5 at byteplant.com>
Sender: www-data <www-data at byteplant.com>
Date: Thu, 22 May 2008 20:43:34 +0200
X-vPostMaster-Status: OK
X-vPostMaster-SpamAssassin-Score: 996.8
X-vPostMaster-SpamAssassin-Details: 0.2 SUBJECT_NOVOWEL Subject: has
long non-vowel letter sequence
X-vPostMaster-SpamAssassin-Details: -0.0 SPF_HELO_PASS SPF: HELO matches
SPF record
X-vPostMaster-SpamAssassin-Details: -1.8 ALL_TRUSTED Passed through
trusted hosts only via SMTP
X-vPostMaster-SpamAssassin-Details: 1000 GTUBE BODY: Generic Test for
Unsolicited Bulk Email
X-vPostMaster-SpamAssassin-Details: -0.7 BAYES_20 BODY: Bayesian spam
probability is 5 to 20%
X-vPostMaster-SpamAssassin-Details: -0.9 AWL AWL: From: address is in
the auto white-list

Notice the X-vPostMaster-Status is OK, while the SpamAssassin score is
996.8. What is really confusing is that for some spams it works as it
should, while for some it does not. I can't figure out why. Below is a
spam that was caught successfully:

>From mmetzger at cpc401k.com  Thu May 22 14:45:20 2008
X-Original-To: sysadmin at cpc401k.com
Delivered-To: sysadmin at cpc401k.com
Received: from steinbrenner (steinbrenner.cpc.local [192.168.0.47])
	by lippman.cpc.local (vPostMaster) with ESMTP id EAA9F4E8024
	for <sysadmin at cpc401k.com>; Thu, 22 May 2008 14:45:19 -0400 (EDT)
From: "Mary K. Metzger" <mmetzger at cpc401k.com>
To: <sysadmin at cpc401k.com>
Subject: [SPAM] FW: Automobile Style & Design Inspired Roadster
collection from Cartier.
Date: Thu, 22 May 2008 14:45:09 -0400
Message-ID: <002001c8bc3b$f64616e0$2f00a8c0 at cpc.local>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.6838
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
Thread-Index: Aci8O+kavXLnbdI4QrygavKXkdECCwAAAEnA
Importance: Normal
X-vPostMaster-Status: QUARANTINE
X-vPostMaster-Reason: SpamAssassin detected this as spam.
X-vPostMaster-SpamAssassin-Score: 6.8
X-vPostMaster-SpamAssassin-Details: -1.8 ALL_TRUSTED Passed through
trusted hosts only via SMTP
X-vPostMaster-SpamAssassin-Details: -2.6 BAYES_00 BODY: Bayesian spam
probability is 0 to 1%
X-vPostMaster-SpamAssassin-Details: 1.6 URIBL_SBL Contains an URL listed
in the SBL blocklist
X-vPostMaster-SpamAssassin-Details: 3.0 URIBL_BLACK Contains an URL
listed in the URIBL blacklist
X-vPostMaster-SpamAssassin-Details: 4.5 URIBL_SC_SURBL Contains an URL
listed in the SC SURBL blocklist
X-vPostMaster-SpamAssassin-Details: 4.1 URIBL_JP_SURBL Contains an URL
listed in the JP SURBL blocklist
X-vPostMaster-SpamAssassin-Details: 3.8 URIBL_AB_SURBL Contains an URL
listed in the AB SURBL blocklist
X-vPostMaster-SpamAssassin-Details: 2.1 URIBL_WS_SURBL Contains an URL
listed in the WS SURBL blocklist
X-vPostMaster-SpamAssassin-Details: 3.0 URIBL_OB_SURBL Contains an URL
listed in the OB SURBL blocklist
X-vPostMaster-SpamAssassin-Details: -11 AWL AWL: From: address is in the
auto white-list

Any help would be appreciated.

Thanks!
-- 
Ramon Medina