Contents
1. clamav ( anti-virus software )
1.1 Clamav Install
|
1 |
# zypper -n install clamav |
1.2 virus definition file update
①Configuration File Editing
|
1 2 3 4 5 |
# vi /etc/freshclam.conf # Line 74 : comment out and add below #DatabaseMirror database.clamav.net DatabaseMirror db.jp.clamav.net |
②virus definition file update
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
# freshclam ClamAV update process started at Thu Aug 28 10:36:17 2025 daily database available for download (remote version: 27745) Time: 4.2s, ETA: 0.0s [========================>] 61.71MiB/61.71MiB Testing database: '/var/lib/clamav/tmp.c65f872f61/clamav-e8f658de72039510bf0270d7358e8838.tmp-daily.cvd' ... Database test passed. daily.cvd updated (version: 27745, sigs: 2076468, f-level: 90, builder: raynman) main database available for download (remote version: 62) Time: 11.4s, ETA: 0.0s [========================>] 162.58MiB/162.58MiB Testing database: '/var/lib/clamav/tmp.c65f872f61/clamav-f79a81a9be01fb51585ff443ebf9d0a9.tmp-main.cvd' ... Database test passed. main.cvd updated (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr) bytecode database available for download (remote version: 336) Time: 0.3s, ETA: 0.0s [========================>] 277.52KiB/277.52KiB Testing database: '/var/lib/clamav/tmp.c65f872f61/clamav-48445547be1cc0a34c2ca7f4295ee3f1.tmp-bytecode.cvd' ... Database test passed. bytecode.cvd updated (version: 336, sigs: 83, f-level: 90, builder: nrandolp) WARNING: Clamd was NOT notified: Can't connect to clamd through /run/clamav/clamd.sock: No such file or directory |
1.3operation check
■If no virus is detected
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
# cd # clamscan --infected --remove --recursive / ----------- SCAN SUMMARY ----------- Known viruses: 8708228 Engine version: 1.4.3 Scanned directories: 142812 Scanned files: 919177 Infected files: 0 Total errors: 1184 Data scanned: 9837.73 MB Data read: 44114.47 MB (ratio 0.22:1) Time: 1505.335 sec (25 m 5 s) Start Date: 2025:08:28 10:58:15 End Date: 2025:08:28 11:23:20 |
■If a virus is detected
Download and scan for test viruses
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
# cd /home # wget https://secure.eicar.org/eicar.com.txt # clamscan --infected --remove --recursive /home /home/eicar.com.txt: Win.Test.EICAR_HDB-1 FOUND /home/eicar.com.txt: Removed. ----------- SCAN SUMMARY ----------- Known viruses: 8708228 Engine version: 1.4.3 Scanned directories: 10 Scanned files: 9 Infected files: 1 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 14.021 sec (0 m 14 s) Start Date: 2025:08:28 11:24:21 End Date: 2025:08:28 11:24:35 |
1.4 Deployment of virus scan auto-execution scripts
①Create script storage directory
|
1 |
# mkdir -p /srv/www/system |
②Creation of auto-execution scripts
|
1 |
# cd /srv/www/system |
Create clamscan.sh in /srv/www/system with the following contents
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
# vi /srv/www/system/clamscan.sh #!/bin/bash PATH=/usr/bin:/bin # excludeopt setup excludelist=/srv/www/system/clamscan.exclude if [ -s $excludelist ]; then for i in `cat $excludelist` do if [ $(echo "$i"|grep \/$) ]; then i=`echo $i|sed -e 's/^\([^ ]*\)\/$/\1/p' -e d` excludeopt="${excludeopt} --exclude-dir=$i" else excludeopt="${excludeopt} --exclude=$i" fi done fi # signature update freshclam # virus scan clamscan --recursive --remove ${excludeopt} / |
Grant execute permissions to scripts
|
1 |
# chmod 700 clamscan.sh |
The sys and proc directories are excluded from the scan because they cannot be scanned due to the specification.
OpenSUSE creates a large number of snapshots, so if necessary, set them in non-target directories.
|
1 2 3 |
# echo "/sys/" >> /srv/www/system/clamscan.exclude # echo "/proc/" >> /srv/www/system/clamscan.exclude # echo "/.snapshots/" >> /srv/www/system/clamscan.exclude |
Set up periodic virus scan
|
1 2 |
# crontab -e 0 1 * * * /srv/www/system/clamscan.sh > /dev/null 2>& |
Execute "/srv/www/system/clamscan.sh" to scan the entire system
|
1 |
# /srv/www/system/clamscan.sh |
2. Mail server Install
2.1 Postfix Install
①Install Postfix and build an SMTP server
|
1 |
# zypper -n install postfix |
②Postfix Settings
To prevent unauthorized mail relay, use the SASL function of Dovecot, described below, and configure Postfix to require authentication for sending as well.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 |
# vi /etc/postfix/main.cf # Line 108: Host name specification myhostname = mail.[domain] # Line 114: Uncomment and specify domain name mydomain = [domain] # Line 130: Uncomment myorigin = $mydomain # Line 294: Uncomment and add own network mynetworks = 127.0.0.0/8, 192.168.11.0/24 # Line 451: Uncommented Maildir format home_mailbox = Maildir/ # Line 714:Change inet_interfaces = all # Line 719: Memorization mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain # Lines 733,734. # Limit mailbox size as needed (1G in the example below) mailbox_size_limit = 1073741824 # Limit send/receive mail size as needed (10M in the example below) message_size_limit = 10485760 # Line 746: Comment and add below #smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination smtpd_recipient_restrictions = permit_mynetworks, permit_auth_destination, permit_sasl_authenticated, reject # Per line 768: Change smtpd_sasl_auth_enable = yes # Around lines 773,774: comment out and add below #smtpd_sasl_type = cyrus #smtpd_sasl_path = smtpd smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $myhostname # Line 855 : Comment #myhostname = localhost |
|
1 2 |
# systemctl start postfix # systemctl enable postfix |
③SMTP service permission is required if Firewalld is enabled; SMTP uses 25/TCP
|
1 2 3 4 |
# firewall-cmd --add-service=smtp --permanent success # firewall-cmd --reload success |
2.3 Dovecot
①Install
This time we will install dovecot2.3 with additional repositories
|
1 2 3 |
# zypper addrepo https://download.opensuse.org/repositories/server:mail/openSUSE_Tumbleweed/server:mail.repo # zypper refresh # zypper -n install dovecot23 |
②Dovecot Settings
Configure Dovecot to provide SASL functionality for Postfix.
|
1 2 3 |
# vi /etc/dovecot/dovecot.conf # Line 30:Uncomment (remove ", ::" if not listening for IPv6) listen = * |
|
1 2 3 4 5 6 |
# vi /etc/dovecot/conf.d/10-auth.conf # Line 10:Uncomment and change (also allow plain text authentication) disable_plaintext_auth = no # Line 100:add auth_mechanisms = plain login |
|
1 2 3 |
# vi /etc/dovecot/conf.d/10-mail.conf # Line 30:Uncommented and added mail_location = maildir:~/Maildir |
|
1 2 3 4 5 6 7 8 |
# vi /etc/dovecot/conf.d/10-master.conf # Lines 110-112: Uncomment and add # Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0666 user = postfix group = postfix } |
③Dovecot startup and automatic execution
|
1 2 3 |
# systemctl start dovecot # systemctl enable dovecot Created symlink /etc/systemd/system/multi-user.target.wants/dovecot.service → /usr/lib/systemd/system/dovecot.service. |
④POP/IMAP service permission required if Firewalld is enabled
POP uses 110/TCP, IMAP uses 143/TCP
|
1 2 3 4 |
# firewall-cmd --add-service={pop3,imap} --permanent success # firewall-cmd --reload success |
2.4 User Account Registration
①Preprocessing for new users
When a new user is added, set up the system to automatically send and receive mail.
|
1 2 3 4 |
# mkdir -p /etc/skel/Maildir/{new,cur,tmp} # chmod -R 700 /etc/skel/Maildir/ # echo "~/Maildir/"> /etc/skel/.forward # chmod 600 /etc/skel/.forward |
②Mail environment pre-processing for existing users
Configure already created users to be able to send and receive mail.
|
1 2 3 4 |
# mkdir -p /home/huong/Maildir/{new,cur,tmp} # chown -R huong:huong /home/huong/Maildir/ # chmod 700 /home/huong/Maildir # chmod 700 /home/huong/Maildir/{new,cur,tmp} |
➂Mail client installation
|
1 |
# zypper -n install mailx |
④Mailboxes are set to refer to Maildir
|
1 |
# echo 'export MAIL=$HOME/Maildir' >> /etc/profile.d/mail.sh |
2.5 Confirmation of operation
Set up an account in Thunderbird, a free email client, to check its operation.
However, depending on your provider, port 587 may be used for the outgoing server.
Please free up port 587 in your firewall settings.
|
1 2 |
# firewall-cmd --add-port=587/tcp --permanent # firewall-cmd --reload |
Set up and confirm your account in Mozilla Thunderbird (for OS user huong as mail user)
Start Thunderbird and click [New Account][Email] in the [Three] menu in the upper right corner.
Full name : Arbitrary name
Email address : huong@<domain-name>
Enter each and click "Continue".
Click on "EDIT CONFIGURATION"
Incoming Server Settings
Set [Connection security] to [None] and click [Continue].
Configure the outgoing server
Set [Connection security] to [None] and click [Test].
Click "Continue"
Enter the user's password in the "Password" field and click "Continue"
Click "Continue"
Click "Finish" when the email account has been successfully created.
3. Mail Server : Postfix + Clamav + clamav-milter+SpamAssassin
Set up Postfix and Clamav to work together to scan incoming and outgoing mail in real time.
3.1 clamav-milter Install
|
1 2 3 4 5 6 |
# zypper install https://www.rpmfind.net/linux/opensuse/tumbleweed/repo/oss/x86_64/libmilter1_0-8.18.1-8.1.x86_64.rpm # zypper install https://rpmfind.net/linux/opensuse/tumbleweed/repo/oss/x86_64/clamav-milter-1.4.3-2.1.x86_64.rpm # systemctl start clamd # systemctl enable clamd Created symlink /etc/systemd/system/multi-user.target.wants/clamd.service → /usr/lib/systemd/system/clamd.service. |
3.2 Configure clamav-milter
①Configuration File Editing
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
# vi /etc/clamav-milter.conf Line 16-17 MilterSocket /run/clamav/clamav-milter.sock MilterSocketMode 660 Line 37 #User vscan User postfix Per Line 93 ClamdSocket unix:/run/clamav/clamd.sock Per Line 167 OnInfected Blackhole Per Line189 AddHeader Yes |
②Startup and Auto-Run Settings
|
1 2 3 4 |
# systemctl start clamav-milter # systemctl enable clamav-milter Created symlink /etc/systemd/system/multi-user.target.wants/clamav-milter.service → /usr/lib/systemd/system/clamav-milter.service. |
3.3 Postfix and clamav-milter integration settings
|
1 2 3 4 5 |
# vi /etc/postfix/main.cf Add the following milter_default_action = tempfail smtpd_milters = unix:/run/clamav/clamav-milter.sock non_smtpd_milters = unix:/run/clamav/clamav-milter.sock |
3.4 Add postfix user to clamilt group
|
1 2 |
# groupadd clamilt # usermod -G clamilt -a postfix |
|
1 |
# systemctl restart postfix |
3.5 Check with Thunderbird
Send a blank email to yourself in Thunderbird and the following
"X-Virus-Scanned: clamav-milter 1.4.3 at Lepard" appears in the header display section of the received email.
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: xxxxx@xxxxxxx.com
X-Original-To: xxxxx@xxxxxxx.comm
Delivered-To: xxxxx@xxxxxxx.com
Received: from [192.168.11.6] (buffalo.setup [192.168.11.1])
by mail.xxxxxxx.com (Postfix) with ESMTPA id 2AA85887B
forxxxxxx@xxxxxxx.com; Sat, 30 Aug 2025 11:40:54 +0900 (JST)
Message-ID: b87809e5-18b8-4ef2-afbf-13d2bea5954f@xxxxxxx.com
Date: Sat, 30 Aug 2025 11:40:54 +0900
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
From: xxxxx xxxxx@xxxxxxx.com
Content-Language: en-US
To: xxxxx xxxxx@xxxxxxx.com
Subject: 444
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: clamav-milter 1.4.3 at Lepard
X-Virus-Status: Clean
4.virus scan script substitution
Set up a notification to a specified e-mail address after virus check scan.
① Create virus scan exclusion directory list
|
1 2 3 4 5 |
# cd /srv/www/system/ # vi clamscan.exclude /sys/ /proc/ /.snapshots ← openSUSE is configured to take a large number of snapshots, so if you don't need them, set |
②Disable existing script and create new virus scan script
|
1 2 3 |
# cd /srv/www/system/ # mv clamscan.sh clamscan.sh_bak # vi clamscan.sh |
Contents of new "clamscan.sh"
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
#!/bin/bash PATH=/usr/bin:/bin MAILTO="<Any email address>" # excludeopt setup excludelist=/srv/www/system/clamscan.exclude if [ -s $excludelist ]; then for i in `cat $excludelist` do if [ $(echo "$i"|grep \/$) ]; then i=`echo $i|sed -e 's/^\([^ ]*\)\/$/\1/p' -e d` excludeopt="${excludeopt} --exclude-dir=^$i" else excludeopt="${excludeopt} --exclude=^$i" fi done fi # signature update freshclam 2>&1 > /dev/null # virus scan CLAMSCANTMP=`mktemp` #clamscan --recursive --remove ${excludeopt} / > $CLAMSCANTMP 2>&1 clamscan --recursive ${excludeopt} / > $CLAMSCANTMP 2>&1 [ ! -z "$(grep FOUND$ $CLAMSCANTMP)" ] && \ # report mail send grep FOUND$ $CLAMSCANTMP | mail -s "Virus Found in `hostname`" $MAILTO rm -f $CLAMSCANTMP |
|
1 |
# chmod 700 clamscan.sh |
You will now be notified by email if there is a virus. If there is no virus, you will not be notified.
2.Email spam protection
2.1 SpamAssassin・spamass-milter・postfix setting
①SpamAssassin・spamass-milter Install
|
1 |
# zypper -n install spamassassin spamass-milter |
➁Launch SpamAssassin
|
1 |
# systemctl start spamd |
➂SpamAssassin Settings
|
1 2 3 4 |
# vi /etc/mail/spamassassin/v310.pre Delete # at the beginning of the line per line 24 loadplugin Mail::SpamAssassin::Plugin::DCC |
④Create script to update SpamAssassin configuration file
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
# cd /srv/www/system/ # vi spamassassin-update.sh Describe the following information #!/bin/bash cd /etc/mail/spamassassin wget -q https://github.com/kittyfreak/spamassassin_user_prefs/archive/refs/heads/main.zip [ $? -ne 0 ] && exit unzip main.zip >/dev/null 2>&1 [ $? -ne 0 ] && exit rm -f main.zip mv spamassassin_user_prefs-main/user_prefs . rm -rf spamassassin_user_prefs-main diff user_prefs user_prefs.org > /dev/null 2>&1 if [ $? -ne 0 ]; then cp user_prefs local.cf echo "report_safe 0" >> local.cf echo "rewrite_header Subject ***SPAM***" >> local.cf # SpamAssassin restart if [ -f /usr/bin/spamassassin ]; then /usr/bin/spamassassin restart > /dev/null else systemctl restart spamd > /dev/null fi fi cp user_prefs user_prefs.org |
Grant execute permission to the spamassassin-update script and run it
|
1 2 |
# chmod 700 /srv/www/system/spamassassin-update.sh # /srv/www/system/spamassassin-update.sh |
Confirm that the SpamAssassin configuration file (local.cf) is created in the /etc/mail/spamassassin directory with the date of the day
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
# ls -l /etc/mail/spamassassin total 1520 -rw-r--r-- 1 root root 1649 Jan 20 2025 init.pre -rw-r--r-- 1 root root 500636 Sep 1 18:47 local.cf drwx------ 1 root root 102 Sep 1 16:05 sa-update-keys -rw-r--r-- 1 root root 500588 Apr 30 2023 user_prefs -rw-r--r-- 1 root root 500588 Sep 1 18:54 user_prefs.org -rw-r--r-- 1 root root 2262 Sep 1 18:44 v310.pre -rw-r--r-- 1 root root 1168 Jan 20 2025 v312.pre -rw-r--r-- 1 root root 2416 Jan 20 2025 v320.pre -rw-r--r-- 1 root root 1237 Jan 20 2025 v330.pre -rw-r--r-- 1 root root 1020 Jan 20 2025 v340.pre -rw-r--r-- 1 root root 1315 Jan 20 2025 v341.pre -rw-r--r-- 1 root root 1519 Jan 20 2025 v342.pre -rw-r--r-- 1 root root 1266 Jan 20 2025 v343.pre -rw-r--r-- 1 root root 1482 Jan 20 2025 v400.pre -rw-r--r-- 1 root root 1118 Jan 20 2025 v401.pre |
Set up cron to automatically run a script daily that updates the SpamAssassin configuration file
|
1 2 |
# crontab -e 0 2 * * * /var/www/system/spamassassin-update.sh > /dev/null 2>&1 |
⑤spamass-milter startup and automatic startup settings
|
1 2 3 4 |
# systemctl start spamass-milter # systemctl enable spamass-milter Created symlink /etc/systemd/system/multi-user.target.wants/spamass-milter.service → /usr/lib/systemd/system/spamass-milter.service. |
⑥Postfix and spamass-milter integration settings
|
1 2 3 4 5 6 |
# vi /etc/postfix/main.cf Add the following milter_default_action = tempfail smtpd_milters = unix:/var/run/clamav-milter/clamav-milter.socket,unix:/run/spamass-milter/socket ※If clamav-milter is already defined non_smtpd_milters = unix:/var/run/clamav-milter/clamav-milter.socket,unix:/run/spamass-milter/socket ※If clamav-milter is already defined |
⑦postfix restart
|
1 |
# systemctl restart postfix |
⑧Procmail configuration
procmail configuration file creation
|
1 2 3 4 5 6 7 8 |
# vi /etc/procmailrc SHELL=/bin/bash PATH=/usr/bin:/bin DROPPRIVS=yes MAILDIR=$HOME/Maildir DEFAULT=$MAILDIR/ LOGFILE=$HOME/.procmail.log # Log output destination VERBOSE=ON # Detailed log output |
Create procmail log rotation configuration file
|
1 2 3 4 5 6 |
# vi /etc/logrotate.d/procmail /home/*/.procmail.log { missingok nocreate notifempty } |
⑨Postfix and Procmail integration settings
|
1 2 3 4 5 6 |
# vi /etc/postfix/main.cf Per line 481 : addition #mailbox_command = /some/where/procmail #mailbox_command = /some/where/procmail -a "$EXTENSION" mailbox_command = /usr/bin/procmail ← Addition (to be linked to Procmail) |
Postfix Settings Reflected
|
1 |
# systemctl restart postfix |
2.2 Spam mail sorting settings
Mail marked as spam in the mail header by SpamAssassin will be delivered to a spam-only mailbox, while other mail will be delivered to a normal mailbox.
Create a dedicated spam mailbox
For existing users, a dedicated spam mailbox will be added to the mailbox.
For new users, a spam-only mailbox should be automatically created when a user is added.
①Created script to create spam-only mailboxes
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
# vi spamfolder-create #!/bin/bash for user in `ls /home` do id -u $user > /dev/null 2>&1 if [ $? -eq 0 ] && [ ! -d /home/$user/Maildir/.Spam/new ]; then mkdir -p /home/$user/Maildir/.Spam/new mkdir -p /home/$user/Maildir/.Spam/cur mkdir -p /home/$user/Maildir/.Spam/tmp chmod -R 700 /home/$user/Maildir/.Spam chown -R $user. /home/$user/Maildir/.Spam echo $user fi done |
Run script to create spam-only mailboxes
|
1 2 |
# bash spamfolder-create huong |
Measures for new users
Automatic spam-only mailbox creation when adding new users
|
1 2 |
# mkdir -p /etc/skel/Maildir/.Spam/{new,cur,tmp} # chmod -R 700 /etc/skel/Maildir/.Spam |
➁spam mail sorting
Emails identified as spam by SpamAssassin are delivered to a spam-only mailbox.
|
1 2 3 4 5 6 |
# vi /etc/procmailrc Add the following to the end # Emails identified as spam by SpamAssassin are delivered to a spam-only mailbox :0 *^X-Spam-Flag: YES $HOME/Maildir/.Spam/ |
➂spamass-milter confirmation
When you send a blank email to yourself, the following message is appended to the header of the received email
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on Lepard
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: xxxxx@xxxxxxx.com
X-Original-To: xxxxx@xxxxxxx.com
Delivered-To: xxxxx@xxxxxxx.com
Received: from [192.168.11.6] (buffalo.setup [192.168.11.1])
by mail.xxxxxxx.com (Postfix) with ESMTPA id 92B895A84
for xxxxx@xxxxxxx.com; Mon, 01 Sep 2025 19:05:04 +0900 (JST)
Message-ID: 1fa32b8e-2091-440c-82be-aafddc244a0b@korodes.com
Date: Mon, 1 Sep 2025 19:05:03 +0900
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
From: xxxxx xxxxx@xxxxxxx.com
Content-Language: en-US
To: xxxxx xxxxx@xxxxxxx.com
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: clamav-milter 1.4.3 at Lepard
X-Virus-Status: Clean
X-Spam-Status: No, score=2.2 required=5.0 tests=ALL_TRUSTED,EMPTY_MESSAGE,
MISSING_SUBJECT,PDS_TONAME_EQ_TOLOCAL_VSHORT autolearn=no
autolearn_force=no version=4.0.1
X-Spam-Level: **
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on Lepard
④Spam check confirmation
Send yourself an email with the body of the email "XJSC4JDBQADN1.NSBN32IDNENGTUBE-STANDARD-ANTI-UBE-TEST-EMAILC.34X" and make sure the email is not delivered and is sorted into the Spam folder
The header states
X-Spam-Flag: YES
X-Spam-Status: Yes, score=1003.3 required=13.0 tests=ALL_TRUSTED,
CONTENT_TYPE_PRESENT,GTUBE,HTML_MESSAGE,MPART_ALT_DIFF,
MULTIPART_ALTERNATIVE autolearn=no autolearn_force=no version=4.0.1
X-Spam-Report:
* 0.1 ALL_TRUSTED Passed through trusted hosts only via SMTP
* -0.1 CONTENT_TYPE_PRESENT exists:Content-Type
* 0.1 MULTIPART_ALTERNATIVE Multipart/alternative
* 1000 GTUBE BODY: Generic Test for Unsolicited Bulk Email
* 2.2 MPART_ALT_DIFF BODY: HTML and text parts are different
* 1.0 HTML_MESSAGE BODY: HTML included in message
X-Spam-Level: *********************************************
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on Lepard
Subject: SPAM