[AMaViS-user] Understanding Blocked Spam Messages

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

So today I saw a message was blocked by Amavisd with the following in my logs:

ar 26 12:40:14 mail postfix/qmgr[6810]: 8CBBF77AFE7:
from=<us...@my...>, size=1092, nrcpt=1 (queue active)
Mar 26 12:40:15 mail amavis[24976]: (24976-05) Blocked SPAM, MYNETS
LOCAL [192.168.0.164] [173.132.102.218] <us...@my...> ->
<rec...@my...>, quarantine: spam-bDpQHvADjOfc.gz,
Message-ID: <2E1...@my...>,
mail_id: bDpQHvADjOfc, Hits: 9.201, size: 1092, 487 ms

I found the message in /var/virusmails/ and saw the following:

[carlos@tuna] $ zcat spam-bDpQHvADjOfc.gz
**************************************************************************
Return-Path: <>
Delivered-To: spam-quarantine
X-Envelope-From: <us...@so...>
X-Envelope-To: <us...@my...>
X-Envelope-To-Blocked: <us...@my...>
X-Quarantine-ID: <bDpQHvADjOfc>
X-Spam-Flag: YES
X-Spam-Score: 9.201
X-Spam-Level: *********
X-Spam-Status: Yes, score=9.201 tag=-999 tag2=5 kill=8 tests=[BAYES_00=-1.9,
	FH_HELO_EQ_D_D_D_D=3.177, HELO_DYNAMIC_IPADDR2=3.607,
	RCVD_IN_PBL=3.335, RDNS_DYNAMIC=0.982] autolearn=no
Received: from mail.mydomain.tld ([127.0.0.1])
	by localhost (mydomain.tld [127.0.0.1]) (amavisd-new, port 10024)
	with LMTP id bDpQHvADjOfc for <us...@my...>;
	Fri, 26 Mar 2010 12:40:14 -0400 (EDT)
Received: from miller (unknown [192.168.0.164])
	by mail.mydomain.tld (Postfix) with ESMTP id 8CBBF77AFE7
	for <us...@my...>; Fri, 26 Mar 2010 12:40:14 -0400 (EDT)
Received: from 173-132-102-218.pools.spcsdns.net
(173-132-102-218.pools.spcsdns.net [173.132.102.218])
	by miller (Postfix) with ESMTP id 45A2867EE7
	for <us...@my...>; Fri, 26 Mar 2010 12:40:14 -0400 (EDT)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Apple Message framework v1077)
Subject: Re: Package at Front Desk
From: Kurt <us...@so...>
In-Reply-To: <94c...@my...>
Date: Fri, 26 Mar 2010 12:40:12 -0400
Content-Transfer-Encoding: 7bit
Message-Id: <2E1...@so...>
References: <94c...@my...>
To: Damon <us...@my...>
X-Mailer: Apple Mail (2.1077)

Thank you.

On Mar 26, 2010, at 12:37 PM, Damon wrote:

> Kurt,
>
> You received a package today from UPS.  It is located at the front desk.
>
> Damon
>

How do I understand what triggered this message to score so high in
Amavisd? They're asking me why and I don't know how to respond based
after reviewing this message above.