![](https://seccdn.libravatar.org/avatar/27aacf61a13c66fcc083fcf8a84823bc.jpg?s=120&d=mm&r=g)
On 05/26/2019 06:29 AM, Carlos E. R. wrote: <snip>
[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 2D05C320ADE <2.5> 2019-05-25 15:29:59 Telcontar amavis 28714 - - (28714-15) Passed UNCHECKED {RelayedTaggedInternal}, MYNETS LOCAL [127.0.0.1]:45756 [209.85.208.196] <linux-xfs-owner@vger.kernel.org> -> <cer@localhost.valinor>, Queue-ID: C46623207AD, Message-ID: <CAE5jQCfP95cvjkKTmawpbfFLmBVwYZ3t89WED=U3uk4z+7U+CQ@mail.gmail.com>, mail_id: xtCJxEl4h1M1, Hits: -, size: 14080, queued_as: 2D05C320ADE, dkim_sd=20161025:gmail.com, 206 ms <2.6> 2019-05-25 15:29:59 Telcontar postfix 28977 - - C46623207AD: to=<cer@localhost.valinor>, orig_to=<cer@localhost>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.4, delays=0.19/0/0/0.21, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 2D05C320ADE) <2.6> 2019-05-25 15:29:59 Telcontar postfix 4365 - - C46623207AD: removed
There was indeed a mail sent to root from virusalert, identifuing the problem post. I then located it: a mail from the xfs mail list. I expected it to be huge, but it simply contains a 2.2 attachment named "xfs.img.bz2", sent with good intentions and not a virus. The problem is that it is an XFS partition debug image, which expands to 134,217,728 bytes! Of course that amavis had problems with it, LOL!
The mail passed with a warning in the subject line added, was not quarantined. And it came from my gmail account, who are rather suspicious folk when looking at spam or attachments.
I was surprised with the line:
[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 2D05C320ADE <2.5> 2019-05-25 15:29:59 Telcontar amavis 28714 - - (28714-15) Passed UNCHECKED {RelayedTaggedInternal}, MYNETS
if it was actually doing what it ways it was doing (as well as the line above that skipped virus checking the last 4096 bytes when the message exceeded quota. Seems like there may be a couple of issues to investigate. -- David C. Rankin, J.D.,P.E.