I changed the settings:
# config show php
php=service
AllowUrlFopen=Off
MaxExecutionTime=1800
MemoryLimit=250M
PostMaxSize=15M
UploadMaxFilesize=15M
status=enabled
But this is making no difference.
What I see is, that tagging this email as spam kills the connection, while simply deleting or blacklisting is possible.
Return-Path: <ohnoxfm@hostepro.co.ua>
Delivered-To: maillog@saturn.foobar.com
Received: (qmail 12153 invoked by alias); 5 Jul 2017 01:20:31 -0000
Delivered-To: alias-localdelivery-maillog@foobar.com
Received: (qmail 12147 invoked by uid 453); 5 Jul 2017 01:20:31 -0000
X-Virus-Checked: by ClamAV 0.99.2 on saturn.foobar.com
X-Virus-Found: No
X-Spam-Status: No, score=2.7 required=4.0 autolearn=no autolearn_force=no
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on saturn.foobar.com
X-Spam-Details: * -0.0 SPF_PASS SPF: sender matches SPF record
* -0.0 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain
* 0.8 HTML_IMAGE_RATIO_02 BODY: HTML has a low ratio of text to image area
* 0.0 HTML_MESSAGE BODY: HTML included in message
* 1.8 HTML_IMAGE_ONLY_08 BODY: HTML: images with 400-800 bytes of words
* 0.1 HTML_SHORT_LINK_IMG_1 HTML is very short with a linked image
X-Spam-Level: **
X-Spam-User: qpsmtpd, 2 recipients
X-HELO: mail.hostepro.co.ua
Authentication-Results: saturn.foobar.com; auth=none; spf=pass smtp.mailfrom=hostepro.co.ua; dkim=none
Received: from vds3.hostepro.co.ua (HELO mail.hostepro.co.ua) (204.12.202.237)
by saturn.foobar.com (qpsmtpd/0.96) with ESMTP ; Wed, 05 Jul 2017 03:20:20 +0200
Received-SPF: pass (hostepro.co.ua: 204.12.202.237 is authorized to use 'ohnoxfm@hostepro.co.ua' in 'mfrom' identity (mechanism 'a/24' matched)) receiver=saturn.foobar.com; identity=mailfrom; envelope-from="ohnoxfm@hostepro.co.ua"; helo=mail.hostepro.co.ua; client-ip=204.12.202.237
Received: from hostepro.co.ua (mail.hostepro.co.ua [204.12.202.234])
by mail.hostepro.co.ua (Postfix) with ESMTPA id 9EC484E582;
Wed, 5 Jul 2017 02:19:48 +0300 (EEST)
Message-ID: <ohnoxfm52022474.32445882@mail.hostepro.co.ua>
From: "Mangosteen" <ohnoxfm@hostepro.co.ua>
To: <zentrale@iris-egris.de>
Subject: Beginnen Sie die FETTBEKAMPFUNG jetzt sofort!
Date: Wed, 05 Jul 2017 02:20:01 +0300
MIME-Version: 1.0
Content-Type: multipart/related;
type="multipart/alternative";
boundary="----=_NextPart_000_0018_01D2F534.A544F4F0"
Precedence: bulk
List-Id: b46626536v86275203
X-Complaints-To: abuse@hostepro.co.ua
List-Unsubscribe: <http://hostepro.co.ua/ru/unsubscribe/do?hash=2717271682876460>
This is a multi-part message in MIME format.
------=_NextPart_000_0018_01D2F534.A544F4F0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0019_01D2F534.A544F4F0"
------=_NextPart_000_0019_01D2F534.A544F4F0
Content-Type: text/plain;
charset="windows-1251"
Content-Transfer-Encoding: quoted-printable
=0D=0A=0D=0A=0D=0A=0D=0A =0D=0AArt der Anwendung =0D=0A>>&g=
t;=0D=0A=0D=0A
------=_NextPart_000_0019_01D2F534.A544F4F0
Content-Type: text/html;
charset="windows-1251"
Content-Transfer-Encoding: quoted-printable
<HTML><HEAD>=0D=0A<META content=3D"text/html; charset=3Dwindows-1=
251" http-equiv=3DContent-Type>=0D=0A</HEAD>=0D=0A<BODY bgColor=3D=
#ffffff>=0D=0A<DIV align=3Dcenter><A href=3D"
http://m.new-line-we=b.eu/mangosteen/index.html"><IMG border=3D0 hspace=3D0 alt=3D"" s=
rc=3D"cid:51a4001d2f535234fd41103a3bf977@ohnoxfm" width=3D720 hei=
ght=3D474></DIV> =0D=0A<DIV align=3Dcenter><FONT color=3D#0000ff=20=
size=3D4 face=3DArial><STRONG><A =0D=0Ahref=3D"
http://m.new-line-=web.eu/mangosteen/index.html">Art der Anwendung =0D=0A>>>=
;</A></STRONG></FONT></DIV></BODY></HTML>=0D=0A=0D=0A
------=_NextPart_000_0019_01D2F534.A544F4F0--
------=_NextPart_000_0018_01D2F534.A544F4F0
Content-Type: image/jpeg;
name="hx.jpeg"
Content-Transfer-Encoding: base64
Content-ID: <51a4001d2f535234fd41103a3bf977@ohnoxfm>
Horde says in the preview:
This part contains an attachment that can not be displayed within this part:
[multipart/alternative] Alternative 1 KB
This one can be tagged without any problem:
Return-Path: <facts@facts.axandra.com>
Delivered-To: maillog@saturn.foobar.com
Received: (qmail 10234 invoked by alias); 4 Jul 2017 22:18:41 -0000
Delivered-To: alias-localdelivery-maillog@foobar.com
Received: (qmail 10229 invoked by uid 453); 4 Jul 2017 22:18:41 -0000
X-Virus-Checked: by ClamAV 0.99.2 on saturn.foobar.com
X-Virus-Found: No
X-Spam-Status: No, score=0.0 required=4.0 autolearn=ham autolearn_force=no
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on saturn.foobar.com
X-Spam-Details: * -0.0 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain
* 0.0 HTML_MESSAGE BODY: HTML included in message
X-Spam-Level:
X-Spam-User: qpsmtpd, 2 recipients
X-HELO: news.axandra.com
Authentication-Results: saturn.foobar.com; auth=none; spf=none smtp.mailfrom=facts.axandra.com; dkim=none
Received: from news.axandra.com (HELO news.axandra.com) (178.77.77.121)
by saturn.foobar.com (qpsmtpd/0.96) with ESMTPS (DHE-RSA-AES256-SHA encrypted); Wed, 05 Jul 2017 00:18:30 +0200
Received-SPF: none (facts.axandra.com: No applicable sender policy available) receiver=saturn.foobar.com; identity=mailfrom; envelope-from="facts@facts.axandra.com"; helo=news.axandra.com; client-ip=178.77.77.121
Return-Path: <facts@facts.axandra.com>
Received: by news.axandra.com for <info.konto@foobar.com>; Tue, 4 Jul 2017 21:51:05 GMT
Message-ID: <20170704120258-1.1.du.tsyl.0.qp1fka715f@facts.axandra.com>
Date: Tue, 4 Jul 2017 21:51:05 GMT
From: "Axandra Search Engine Facts" <facts@facts.axandra.com>
To: <info.konto@foobar.com>
Subject: Search Engine Facts 4 July 2017
X-Mailer: OpenEMM V2013
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="-==AGNITASOUTER164240059B290001F2=="
This is a multi-part message in MIME format.
---==AGNITASOUTER164240059B290001F2==
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
You're receiving this newsletter because you subscribed to it on our web =
site or through our software programs or because you submitted your web s=
ite to AxxaSearch.com.
This is an HTML newsletter. You can view the full version on this page: h=
ttp://news.axandra.com/r.html?uid=3D1.du.tsyl.fn9.2o9rwcllrm
To stop getting this newsletter, go to:
http://news.axandra.com/r.html?ui=d=3D1.du.tsyl.fna.900kxcnpq8
---==AGNITASOUTER164240059B290001F2==
Content-Type: text/html; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "
http://www.w3.org/TR/h=tml4/strict.dtd">
<html>
<head>
<meta http-equiv=3D"Content-Type"
content=3D"text/html; charset=3DUTF-8">
<!-- Facebook sharing information tags -->
<meta name=3D"viewport" content=3D"width=3Ddevice-width">
<title>SEOprofiler newsletter</title>
<style type=3D"text/css">
Checking /var/log/messages /httpd/access /httpd/error brings up nothing. Somewhere else to check?
I don't know if it's a css problem. Regarding that the spam-tagging kills the connection. What brings me back to the Horde_Css package. How can the version be checked?
regards,
stefan