Last of the inbound mail is being migrated across today:
[quote author="Bob Pullen"]Planned Anti-spam/Email Platform Maintenance - Thursday 20th October
When's this work happening?
Today, 20th October.
What does it affect?
Inbound email delivery, spam and virus filtering.
How long will it take?
The work itself will be completed by the end of the working day, however the changes may take 24-48 hours to come into effect.
What does the work involve?
We're migrating the final batch of customers across to a new anti-spam platform.
Am I likely to notice this work?
The work is designed to be as transparent as possible, however the more astute may notice subtle changes to the way email is delivered across our network.
Is there anything else I need to know?
For further details surrounding this maintenance, please see the recently published blog article over on our Community Site - http://community.plus.net/blog/2011/10/04/plusnet-look-to-the-clouds-for-email-security-solution/
Kind Regards,
Bob Pullen
Customer Support

And the first of the outbound:
[quote author="Bob Pullen"]Planned Anti-spam/Email Platform Maintenance - Thursday 20th October
When's this work happening?
Today, 20th October.
What does it affect?
Outbound email delivery, spam and virus filtering.
How long will it take?
The work itself will be completed by the end of the working day, however the changes may take 24-48 hours to come into effect.
What does the work involve?
We're migrating FreeOnline and Force9 customers' email to a new outbound email and anti-spam platform.
Am I likely to notice this work?
The work is designed to be as transparent as possible, however the more astute may notice subtle changes to the way email is delivered across our network.
Is there anything else I need to know?
For further details surrounding this maintenance, please see the recently published blog article over on our Community Site - http://community.plus.net/blog/2011/10/04/plusnet-look-to-the-clouds-for-email-security-solution/.
Kind Regards,
Bob Pullen
Customer Support
Edit: Just to note at this stage that all Madasafish customers inbound email has already been moved across. We'll be moving Madasafish outbound along with FreeOnline and Force9.

@jelv, thanks for those - I'll do some digging.

Quote from: PhilipStyles

I can still send emails via Outlook on Windows desktops but any email originating from the Linux server (using postfix) appear to be accepted by relay.plus.net but is then 'black holed' and never delivered. I've checked the spam folder via webmail which is empty but it seems too much of a coincidence that 12th Oct was the first stage of Plusnet customer migration to the new anti-spam platform.

Alter your setup so that the emails get sent to an address where they *don't* go missing, raise a support ticket including the full headers/body of one of these emails and I'll look into it. You'll need to give me a nudge here once the ticket's raised though. It won't be anything to do with our relay servers because the outbound Plusnet VIP hasn't been moved across yet.

Quote from: jelv

Should we be reporting false positives and negatives to notspam@spamtraining.plus.com and spam@spamtraining.plus.com as previously? Should they still be sent as attachments (as per the help pages)? Will action be taken in respect of the emails we forward to those mailboxes? I've been moved over and first impression is that I'm not impressed!

I too am unimpressed.
But at least this thread and the information contained in it goes some way to explaining the 5 fold (and growing) increase in spam getting through the filters that has occured in the last few days but unfortunately it does nothing to explain the reasons why the system is suddenly rejecting all the mails I wish to send to spamtraining and other anti spam addresses.
Stiil, it is plusnet and a new anti spam toy, we all have far too much experience with this scenerio in the past to expect it to actually work from day 1 and while we wait the criminal scum are free to do their work unhindered.. 
I do hope Plusnet haven't actually paid for this new system yet.

Quote from: essexboy

but unfortunately it does nothing to explain the reasons why the system is suddenly rejecting all the mails I wish to send to spamtraining and other anti spam addresses.

Can you elaborate on this please?

Minor point with the Cloudmark 'unable to deliver' message. Appliance domain name duplicated as shown in the attached image.

Yep, noticed that David.
By the way  we've backed out Force9 (outbound) due to an influx of customers reporting the above errors when trying to send mail (ref: 68791).

Quote from: Bob

Quote from: essexboy but unfortunately it does nothing to explain the reasons why the system is suddenly rejecting all the mails I wish to send to spamtraining and other anti spam addresses. Can you elaborate on this please?

This is strange.
When I made my comment, some hours ago, forwarding a spam email to spamtraining and other destinations resulted in a rejection on the grounds it is either spam or contained a virus.
This seems now to have changed.  Spammy mail is now accepted but appears to be being silently dropped.  I have tried to send to bothj f9 and non f9 destinations.
<edit>
More time passes and the waters clear.
The first batch of spam mail I sent out today (mainly to spamcop) were delayed for some hours.  Copies of those same emails, (sent at the same time by the same process to spamtraining) appear to be the ones which were rejected as I have described.
Now it all seems to be working seemlessly but I don't have overnight batches anymore, just two or three an hour.
<edit #2>
More time passes and a few minutes ago when I turned on my machine and went for the mail, the 20 odd Facebook phishing emails I tried to forward were rejected with the following message:
"An error occurred while sending mail. The mail server responded: randomstring message rejected due to spam or virus. If you believe this is in error please login to your portal or contact your ISP support team.. Please check the message and try again."
This is wonderful, now the problem seems to be intermittent.
And I get this as well:
"Sending of message failed.
The message could not be sent because the connection to SMTP server relay.force9.net was lost in the middle of the transaction. Try again or contact your network administrator."
I have changed nothing, not a single thing and up until a couple of days ago hardly knew my email was there and now you have installed a new antispsm system and all of a sudden my email is having hysterics.  I wonder how long it will take you to tell me to reenter all my details.



 

.

Quote from: Bob

Alter your setup so that the emails get sent to an address where they *don't* go missing, raise a support ticket including the full headers/body of one of these emails and I'll look into it. You'll need to give me a nudge here once the ticket's raised though. It won't be anything to do with our relay servers because the outbound Plusnet VIP hasn't been moved across yet.

Thanks, but I've tried to send emails from root and standard users to both a specific mailbox and the catchall (both known to be successfully delivering email from other sources) but everything sent from the Linux box 'black holes'. I've also tried sending to <user>@<account>.plus.com rather than <user>@<my-hosted-domain> which are also not delivered. I do have received emails from 12th Oct and earlier; are those are likely to be of any use?

I think Bob wanted you to send it to somewhere like a mailbox on gmail.com so they could see the headers on the email as it left the PN systems.

Cloudmark thinks this is a valid email - I don't agree!

Quote

Dear Customer, Your Halifax Account security validation has expired, this maybe as a result of wrong or incomplete data entered during the last update. It's strongly required that you should validate your Account Ownership Security. for the safety of Your Accounts, UPDATE NOW. Best Regards, Customer Security Department HALIFAX BANK

Headers:

Return-path: <helpdesk@halifax.co.uk>
Envelope-to: xxx@yyy.me.uk
Delivery-date: Fri, 21 Oct 2011 08:39:42 +0100
Received: from [212.159.8.109] (helo=avasin11)
	  by inmx05.plus.net with esmtp (PlusNet MXCore v2.00) id 1RH9he-0002UB-Sb 
	  for xxx@yyy.me.uk; Fri, 21 Oct 2011 08:39:42 +0100
Received: from smtp4.clear.net.nz ([203.97.37.64])
	by avasin11 with Plusnet Cloudmark Gateway
	id nKff1h00D1P2N8B01Kfhev; Fri, 21 Oct 2011 08:39:42 +0100
X-CM-Score: 0.00
X-CNFS-Analysis: v=2.0 cv=DfuVW4RW c=1 sm=1 a=9c5kbP3iZEeg/9f9OOkSVQ==:17
 a=Dyoqhi_TatcA:10 a=tk2nSNPLgPYA:10 a=1qt-rfWeYskA:10 a=8EU9Q7FnrCoA:10
 a=Cfj4BQAnxiAA:10 a=JfO1Bi99ImcA:10 a=485j-6XuAAAA:8 a=9TbDINelAAAA:8
 a=PZmg7PAiAAAA:8 a=c0BbRnQLOoJyV7DufQUA:9 a=JBKYUPF6hJuIVNXibXcA:7
 a=Ft8UYL4EG9YA:10 a=tXsnliwV7b4A:10 a=jrg6b1KfSToA:10 a=e9aCGUqdqY8A:10
 a=EJqDOWstUFk4nGjb:21 a=rf1-Zt80QpKH-te5:21 a=b0AJ5KisJ0lDkPDDnoldNA==:117
Received: from User (graeme53.lnk.telstra.net [120.151.153.151])
 by smtp4.clear.net.nz (CLEAR Net Mail)
 with ESMTPA id <0LTE00ERZNOSRY10@smtp4.clear.net.nz> for xxx@yyy.me.uk;
 Fri, 21 Oct 2011 20:35:05 +1300 (NZDT)
Date: Fri, 21 Oct 2011 18:35:46 +1100
From: "helpdesk@halifax.co.uk" <helpdesk@halifax.co.uk>
Message-id: <0LTE00ES0NOTRY10@smtp4.clear.net.nz>
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
Content-type: text/html; charset=Windows-1251
Content-transfer-encoding: 7bit
X-Priority: 3
X-MSMail-priority: Normal
X-PN-Virus-Filtered: by PlusNet MXCore (v5.00)
X-PN-Spam-Filtered: by PlusNet MXCore (v5.00)
Subject: ACCOUNT SECURITY VALIDATION !

Today two more false positive. I've had more false positive in the last week than in the previous year.
Makes me wonder if some emails are being discarded as blatant spam.
I'm fast losing confidence in the new system!

I had another phising email come through the net (see what I did there?  )

Return-path: <customer.violations@barclays.com>
Envelope-to: ~~~
Delivery-date: Sat, 22 Oct 2011 11:31:35 +0100
Received: from [212.159.8.109] (helo=avasin07)
    	 by inmx17.plus.net with esmtp (PlusNet MXCore v2.00) id 1RHYrX-0008H1-5r 
    	 for ~~~; Sat, 22 Oct 2011 11:31:35 +0100
Received: from mailrelay.tugraz.at ([129.27.2.202])
    	by avasin07 with Plusnet Cloudmark Gateway
    	id nmXY1h00L4MWSbl01mXaxp; Sat, 22 Oct 2011 11:31:35 +0100
X-CM-Score: 0.00
X-CNFS-Analysis: v=2.0 cv=AcYz7grG c=1 sm=1 a=nJ6H7NrM4/Ni9HCRgd6XOg==:17
     a=eWf7rtoKYN4A:10 a=FXcmsGrf5tmp5Mmss00A:9 a=QEXdDO2ut3YA:10 a=Xll4MCe3AAAA:8
     a=hew50mKzfEX9hLTXSPQA:9 a=RVOdhQqTS6RwXsvkkekA:7 a=ud8QlHq_ve8A:10
     a=nJ6H7NrM4/Ni9HCRgd6XOg==:117
Received: from 24-217-226-64.dhcp.stls.mo.charter.com (24-217-226-64.dhcp.stls.mo.charter.com [24.217.226.64])
    	(authenticated bits=0)
    	by mailrelay1.tugraz.at (8.14.4/8.14.4) with ESMTP id p9MASLOa015531
    	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
    	Sat, 22 Oct 2011 12:28:49 +0200 (CEST)
Message-ID: <A2016BA2F6BD407A8F9251A6A926CBCA@kwsy>
From: "Barclays Bank PLC" <customer.violations@barclays.com>
Date: Sat, 22 Oct 2011 11:21:56 +0100
MIME-Version: 1.0
Content-Type: multipart/alternative;
    	boundary="----=_NextPart_000_07A9_01CC90AC.CEF66290"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Windows Mail 6.0.6001.18000
X-MimeOLE: Produced By Microsoft MimeOLE V6.0.6001.18049
X-TUG-Backscatter-control: uhWSJkmt3053U4aeH7sHCg
X-Spam-Scanner: SpamAssassin 3.003000 
X-Spam-Score-relay: 5.5
X-Scanned-By: MIMEDefang 2.70 on 129.27.10.18
X-PN-Virus-Filtered: by PlusNet MXCore (v5.00)
X-PN-Spam-Filtered: by PlusNet MXCore (v5.00)
Subject: Security Alert !

Quote

Barclays Notification We noticed a violation of our services on your account, this may have occurred due to a viral infection on your computer when you last accessed our online services. For security reasons, we have temporarily disabled access to your account until you complete the account restore process. Click Here To Resolve Now <http://www.**************.pt/includes/js/LoginMember.login.htm> Best Regards, Customer Service Team

My spam folder is still empty, where can I find email that has been marked as spam?

It depends on the setting you have selected for the option "How would you like us to deal with messages identified as spam?" on the Spam tab of http://email.plus.net