1. MDaemon receipt mail from internet and then creates its files as tmp files
2. Massage was passed through Spam Filter and examine the content of email
3. Spam system will give score of content that suspected as spam content
4. If the score is more than setup score in MDaemon then the email will be refused
Here is the example of log SMTP process file generated by MDaemon Server.
Fri 2010-02-12 00:03:10: Session 1111; child 1; thread 4572
Fri 2010-02-12 00:03:09: Accepting SMTP connection from [192.168.0.27 : 3202]
Fri 2010-02-12 00:03:09: --> 220 mycompany.co.id ESMTP MDaemon 9.0.6; Fri, 12 Feb 2010 00:03:09 +0700
Fri 2010-02-12 00:03:09: <-- EHLO interscan
Fri 2010-02-12 00:03:09: --> 250-mycompany.co.id Hello interscan, pleased to meet you
Fri 2010-02-12 00:03:09: --> 250-ETRN
Fri 2010-02-12 00:03:09: --> 250-AUTH=LOGIN
Fri 2010-02-12 00:03:09: --> 250-AUTH LOGIN CRAM-MD5
Fri 2010-02-12 00:03:09: --> 250-8BITMIME
Fri 2010-02-12 00:03:09: --> 250 SIZE 0
Fri 2010-02-12 00:03:09: <-- MAIL FROM:
Fri 2010-02-12 00:03:09: --> 250
Fri 2010-02-12 00:03:09: <-- RCPT TO:
Fri 2010-02-12 00:03:09: Sender attempted to deliver message to unknown address
Fri 2010-02-12 00:03:09: --> 550
Fri 2010-02-12 00:03:09: <-- RCPT TO:
Fri 2010-02-12 00:03:09: --> 250
Fri 2010-02-12 00:03:09: <-- RCPT TO:
Fri 2010-02-12 00:03:09: Sender attempted to deliver message to unknown address
Fri 2010-02-12 00:03:09: --> 550
Fri 2010-02-12 00:03:09: <-- RCPT TO:
Fri 2010-02-12 00:03:09: --> 250
Fri 2010-02-12 00:03:09: <-- RCPT TO:
Fri 2010-02-12 00:03:09: --> 250
Fri 2010-02-12 00:03:09: <-- DATA
Fri 2010-02-12 00:03:09: Creating temp file (SMTP): c:\mdaemon\queues\temp\md50000008281.tmp
Fri 2010-02-12 00:03:09: --> 354 Enter mail, end with
Fri 2010-02-12 00:03:09: Message size: 5889 bytes
Fri 2010-02-12 00:03:09: Passing message through Spam Filter (Size: 5889)...
Fri 2010-02-12 00:03:10: * 0.6 HTML_ATTR_UNIQUE BODY: HTML appears to have random attributes in
Fri 2010-02-12 00:03:10: * tags
Fri 2010-02-12 00:03:10: * 0.1 HTML_90_100 BODY: Message is 90% to 100% HTML
Fri 2010-02-12 00:03:10: * -4.7 BAYES_00 BODY: Bayesian spam probability is 0 to 1%
Fri 2010-02-12 00:03:10: * [score: 0.0000]
Fri 2010-02-12 00:03:10: * 0.0 HTML_MESSAGE BODY: HTML included in message
Fri 2010-02-12 00:03:10: * 4.0 URIBL_SBL Contains an URL listed in the SBL blocklist
Fri 2010-02-12 00:03:10: * [URIs: hilldid.com]
Fri 2010-02-12 00:03:10: * 8.0 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist
Fri 2010-02-12 00:03:10: * [URIs: hilldid.com]
Fri 2010-02-12 00:03:10: * 8.0 URIBL_AB_SURBL Contains an URL listed in the AB SURBL blocklist
Fri 2010-02-12 00:03:10: * [URIs: hilldid.com]
Fri 2010-02-12 00:03:10: * 3.0 URIBL_BLACK Contains a URL listed in the URIBL.com blacklist
Fri 2010-02-12 00:03:10: * [URIs: hilldid.com]
Fri 2010-02-12 00:03:10: * 9.0 URIBL_WS_SURBL Contains an URL listed in the WS SURBL blocklist
Fri 2010-02-12 00:03:10: * [URIs: hilldid.com]
Fri 2010-02-12 00:03:10: * 9.5 URIBL_OB_SURBL Contains an URL listed in the OB SURBL blocklist
Fri 2010-02-12 00:03:10: * [URIs: hilldid.com]
Fri 2010-02-12 00:03:10: * 8.0 URIBL_SC_SURBL Contains an URL listed in the SC SURBL blocklist
Fri 2010-02-12 00:03:10: * [URIs: hilldid.com]
Fri 2010-02-12 00:03:10: ---- End SpamAssassin results
Fri 2010-02-12 00:03:10: Spam Filter score/req: 45.60/5.0
Fri 2010-02-12 00:03:10: Message refused because spam score is too high
Fri 2010-02-12 00:03:10: --> 554 Sorry, message looks like SPAM to me
Fri 2010-02-12 00:03:10: <-- QUIT
Fri 2010-02-12 00:03:10: --> 221 See ya in cyberspace
Fri 2010-02-12 00:03:10: SMTP session terminated (Bytes in/out: 6121/566)
Fri 2010-02-12 00:03:10: ----------
