It seems to be a harmful code(virus) executed within local network,
probably on mail server.
check your PCs and server with the following free tool for worms:
ftp.kaspersky-labs.com/utils/clrav.com
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive:
This problem happens from any mail client AND
ALSO from the web =messaging even if you choose to include
attachments.Thanks in advanceWaheed
Malek
Hi Chaps
Well, its been a long weekend (and monday morning) but this is now finally
working.
Just in case anybody else is unfortunate enough to have this bizarre problem
here goes:
NOTE: MS NLB uses the concept of a shared addres and dedicated addresses. A
shared adddress would be the address
Count me in! Thanks for the hard work.
-Jeff
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Admin-ML
Sent: Saturday, March 20, 2004
4:04 PM
To: [EMAIL PROTECTED]
Subject: [IMail Forum] IMail
Advanced spam checker add-in
Hi all,
- Original Message -
From:
Admin-ML
To: [EMAIL PROTECTED]
Sent: Saturday, March 20, 2004 4:04
PM
Subject: [IMail Forum] IMail Advanced
spam checker add-in
Anything that'll help with SPAM... (especially
FREEware...) Count me in.
Thanx...
-Gil
Hi All,
I've been having problems with Outlook Express hanging on me, with IMAIL',
while saving messages to the sent items folder. So I started to do some
investigation. Is there a known issue somewhere of IMAIL having problems
with the IMAP4 APPEND command? Here's an extract from a socket program
I sent a message the other day about the Statistical
Filtering Settings and what is the
best way to set this up. Someone said I have to train it for every user. I dont
see how that is done in email. That would be a look of work for over 300+ users.
I set it up for the following settings in
I sent a message the other day about the Statistical Filtering Settings
and what is the best way to set this up. Someone said I have to train it
for every user. I don t see how that is done in email. That would be a
look of work for over 300+ users.
That's just one of the drawbacks of
Title: Message
It
works best if every user sends it an equal number of "good" and "spam"
mail. To read up on it search for "antispamseeder".
Basically you need to create a MBX file for "GOOD" mail and one for
"SPAM"... then you need to run the antispamseeder on those files to
"train" it.
But there is no user called info it is strictly a local group name. As
far as I knew, No one is able to send on behalf of that group name. Even
though I am as proactive and diligent as I can be, should I assume that
someone on my network has a virus, and that is the cause?
Larry
Anyone
have any ideas?
Nektar Meletakos
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]On Behalf Of Nektar
MeletakosSent: March 18, 2004 9:42 AMTo:
[EMAIL PROTECTED]Subject: [IMail Forum] False positive
Antivirus
I have an issue
with a
Hello List
I want to filter mail based on the delivery address through a different router.
My internal ip range 10.25.n.n Filtered mail to Mail server on 10.2.n.n
My internet interface 192.168.n.n
I have setup my DNS to point at the internal mail server, but when Imail
tries to deliver, it uses
But there is no user called info it is strictly a local group name. As
far as I knew, No one is able to send on behalf of that group name. Even
though I am as proactive and diligent as I can be, should I assume that
someone on my network has a virus, and that is the cause?
No. Anyone on the
I'm unclear of the setting I need to change to increase the number of
incoming SMTP threads my server can handle simultaneously. I'm using a
single server as a gateway for anti-spam virus and the server sporatically
rejects incoming requests to port 25. I suspect it is because of the number
of
Anyone have any ideas?
It sounds like it is a bug in IMail AntiVirus. Specifically:
Message contained a virus
Virus detected -
The message was Redirected
It isn't reporting the name of the virus. Without a name of the virus, or
log file entries, it is very difficult to guess what may have
I have installed Imail Express and am having problems with Relay for
Addresses in SMTP Security. When I try to enter an address I receive:
C:\Program Files\Imail\smtpd32.loc
Failed to write access control file
At first I thought this was simply an Express limitation. However, on my
test server I
Is it set as read-only?
Travis
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Paul Lucido
Sent: Monday, March 22, 2004 7:37 AM
To: [EMAIL PROTECTED]
Subject: [IMail Forum] Imail Express
I have installed Imail Express and am having problems with
It didn't exist originally. I believe it is created when you first create
an IP. My server couldn't create it.
Regards,
Paul
Paul W. Lucido
312-583-0065
- Original Message -
From: Travis Rabe [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, March 22, 2004 9:47 AM
Subject: RE:
Virus names will not be reported under certain circumstances..One being a
message that couldn't be opened to scan (malformed header). IMail AV
considers any message that it can't open as a dangerous message by default.
You can ignore this by toggling the mal-formed header action in the
If I'm not mistaken store forward is disabled in IMail express so it
cannot be used as a gateway...
Eric S
- Original Message -
From: Paul Lucido [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, March 22, 2004 10:59 AM
Subject: Re: [IMail Forum] Imail Express
It didn't exist
As far as I know there is no setting for this...I believe it is more of a
resource issue and not being able to open another socket
Eric S
- Original Message -
From: Dave Strzemienski [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, March 22, 2004 9:53 AM
Subject: [IMail Forum] How
Any idea why it works on my test server? The only thing I can thing of is
that my test server is installed at c:\imail and my not-working server is
installed at c:\program files\imail.
If this is a non-working feature, wouldn't they disable it instead of giving
a weird error?
Regards,
Paul
I'm having trouble with the authentication for
remote users passing through a pix firewall/router ( so they cant send messages
for external domains), I have checked the IMAIL KBase but the line said to be
commented is not configured in this router. I will thank any info about this
problems.
Okay guys, here is the deal:
-
download it here http://www.iff.uni-stuttgart.de/download/software/AdvancedSpamCheck.rar
-
unpack it into your IMail dir
-
read the AdvancedSpamCheck.txt file on how to install it
-
install it *only* on off-peak times and be sure to check mail delivery right
I do think I remember a problem that came out a while back about having
a space in the pathname for Imail... I think if you search the archives
you will find something on this... Sorry I cant be more specific, but
the mention of the path made me remember it...
-Original Message-
From:
There is no virus, nor a file attachment...that's the point. Unfortunately I
don't have logs of the events. It's been awhile since I have disabled
scanning and my event viewer deleted those entries.
I was browsing around the Symantec AV install on my server and noticed that
there are a few .cfg
Reply from: Pat Thompson
What version of the PIX OS are you using?
I'm having trouble with the authentication for remote users passing through a pix
firewall/router ( so they cant send messages for external domains), I have checked
the IMAIL KBase but the line said to be commented is not
Title: Message
I am
trying to limit the mailbox size for all of our users and see the help files say
to click on the Global Change Button. I don't have a global change button. What
am I missing?
Kathy
Jim is correct. Installation paths for IMail cannot contain spaces.
Christian
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jim Comerford
Sent: Monday, March 22, 2004 11:26 AM
To: [EMAIL PROTECTED]
Subject: RE: [IMail Forum] Imail Express
I do think
First off let me say I know perfectly well the other party is flat out
lying to us. I know they're screwed up but I don't have the NOC
background to tell them exactly how...
I recently acquired a customer who I have set up with a web site and
Imail service. Fine and dandy. The former mail and
Darn, darn, darn. Ok, next question, can I change the top directory without
completely screwing things up? Or is it better to uninstall and reinstall?
- Original Message -
From: Christian Lawson [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, March 22, 2004 10:41 AM
Subject: RE:
Hi everyone. I hope you all don't mind my keeping this thread alive... it could be
considered off-topic, but since it deals with a specific product that is a direct
add-on of sorts for iMail servers, it's seems relevant enough. If you're tired of
it, just delete my message please.
I've been
Hi.
It is not uncommon for ISP's to reroute all connections to port 25 to a
local mailserver. It is usually achieved with a rule in ISP's
router/firewall. It is especially useful to stop users sending spam as
(among other things) it can limit the number of recipients etc.
If a telnet connection
Monday, March 22, 2004, 11:46:35 AM, you wrote:
MR Opening a cmd window from their office, the mail server domain pings to
MR the new mail server IP just fine. However if you actually send the mail
MR using mail.domain.com it gets routed thru the ISP's network (qhich
MR happens to use qmail).
I'm having trouble with the authentication for remote users passing
through a pix firewall/router ( so they cant send messages for external
domains), I have checked the IMAIL KBase but the line said to be commented
is not configured in this router. I will thank any info about this problems.
It may be a combination of many things, at the ISP I worked at a while back we had
this problem.
The customer hadn't asked us to remove their domain from our DNS server after they
changed their NS records at netsol, or make any changes what so ever so when they did
a NSlookup on mail.domain.com
If you have Declude or some other external spam tool, you shouldn't use it
in this version, since it won't call your other external spam tool after
it processed the data. This might be fixed in a later version. (If you
know some C++ you can change it yourself, since the source code is also
You can start by not sending pure html email. It increases the likelihood of your
email getting marked as spam
Harmeet
- Original Message -
From: [EMAIL PROTECTED]
Sent: Mar 20, 3:17 AM
What can I do with this list to help eliminate messages from
spammers?
To Unsubscribe:
I'm assuming your problem is with SMTP Authentication as opposed to
POP3/IMAP4 authentication. If so, check your PIX configuration to see
if fixup protocol smtp 25. If this command is present in your
configuration, the PIX will intercept traffic going to your IMail
server and censor it -
If you have Declude or some other external spam tool, you shouldn't use
it
in this version, since it won't call your other external spam tool after
it processed the data. This might be fixed in a later version. (If you
know some C++ you can change it yourself, since the source code is also
Title: Message
Kathy,
In the IMAIL admin, click on the MailHost / Users folder -
you will see the "Global User Change" button in theright-hand
pane
Sincerely,Randy ArmbrechtGlobal
Web Solutions, Inc.804-346-5300 ext. 1877-800-GLOBAL (4562) ext.
1http://globalweb.netRichmond's
Internet
Here's something else that may help-
Per Cisco - The protocol you are referring to is SMTP Fixup which only lets mail
servers receive the RFC 821, section 4.5.1 commands of HELO, MAIL, RCPT, DATA, RSET,
NOOP, and QUIT. All other commands are rejected with the 500 command unrecognized
reply
Can you pack it in zip format? I am having a problem
unpacking the file with the utilities that I have.
Thanks
==Stop spam on your domain,
Anti-spam solutionshttp://www.clickdoug.com/mailfilter.cfmFor
hosting solutions
Hi all, combined comments here to your responses.
DNS is set up properly. The actual domain is mail.cost-less.com and
dnsreports.com (and the rdns test at dnsstuff.com) all show what they're
supposed to. Its been going on 2 weeks now that the change was made so
we're well past any propagation
Title: Message
Was wondering if
anyone has encountered this using 8.02:
Webmail user has
exceeded their mail limit and has default preference settings
set.
When the user
deletes mail, nothing happens to their limit number. Also, when the user
goes into preferences and makes a check mark
This might work:
http://support.ipswitch.com/kb/KW-20020930-DM05.htm
~Rick
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of waheed malek
Sent: Monday, March 22, 2004 5:14 AM
To: [EMAIL PROTECTED]
Subject: Re: [IMail Forum] a problem with attachment
Matt do a NSLOOKUP on their DNS server for mail.cost-less.com
NSLOOKUP
server their_ip
set type=mx
mail.cost-less.com
Then just change the server to query other DN servers
Doing this will tellyou where the problem is. If their IPS still is
reporting the old information thei it is definatly
I want to thank you all for
your help, especially Scott from declude. I will be
unsubscribing from this list so you do not get the bounce messages when the
mailbox fills up. My
earlier prediction has come true.. I am no longer
working for this company.
We have over 600 virtual servers set up in our IMAIL system. With the new
black list features, doI have to set each one up or can I just set it up
for the main IP address?
Kathy
I have a newbie question. Do you have to run kiwi syslog daemon on a separate machine
than Imail. I notice that imail syslogd.exe takes up port 514...
Regards,
Greg Cerveny, Applications Development
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive:
http://support.ipswitch.com/kb/IM-20030509-DM02.htm
Only the IP address.
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kathy Lees
Sent: Monday, March 22, 2004 3:52 PM
To: [EMAIL PROTECTED]
Subject: [IMail Forum] Virtual Servers/Spam Black
Most of us that use Kiwi disable the Imail Syslog service. If you must have
both, you will have to change one of the port numbers.
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
-Original Message-
From: [EMAIL PROTECTED] [mailto:IMail_Forum-
[EMAIL PROTECTED] On Behalf
I am currently out of the office
I will be back Wednesday 3/24/04
Please call the helpdesk on x4040 with any urgent issues
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ:
I am currently out of the office
I will be back Wednesday 3/24/04
Please call the helpdesk on x4040 with any urgent issues
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ:
Ahhh, I see. I thought imails syslogd was what was generating the
messages. Woops.
Regards,
Greg Cerveny, Applications Development
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of John Tolmachoff
(Lists)
Sent: Monday, March 22, 2004 1:18 PM
To:
Title: Message
Is
there a way to change the default setting so every new account I add has the
default info? Also, is there a way to change everyone's settings without
clicking on each individual account?
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]On
I am trying to get my spam situation under control and have a question on the use and
effectiveness of dns blacklists. I would appreciate anyone posting the list of DNS
Blacklist services you use with your Imail setup. Will adding more than the default
ones be better? Also what set point
It would be far simpler to just uninstall and then reinstall.
Christian
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul Lucido
Sent: Monday, March 22, 2004 11:49 AM
To: [EMAIL PROTECTED]
Subject: Re: [IMail Forum] Imail Express
Darn, darn, darn.
Ahhh, I see. I thought imails syslogd was what was generating the
messages. Woops.
Yep, SYSLOGD = syslog daemon = syslog listener. The other daemons
serve as syslog clients.
--Sandy
Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division
Thanks. One final question. What are the limitations of Imail Express?
Anything other than 10 users and 1 domain?
- Original Message -
From: Christian Lawson [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, March 22, 2004 2:45 PM
Subject: RE: [IMail Forum] Imail Express
It
Thanks..that seems to have done the trick
Nektar Meletakos
Groupe Educalivres
(514) 334-8466 ext.2341
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of E. Shanbrom
(Ipswitch)
Sent: March 22, 2004 11:13 AM
To: [EMAIL PROTECTED]
Subject:
I am trying to get my spam situation under control and have a question on
the use and effectiveness of dns blacklists. I would appreciate anyone
posting the list of DNS Blacklist services you use with your Imail
setup. Will adding more than the default ones be better? Also what set
point
I just checked the ipswitch site and I don't see the list archive.
Where did it get moved to? I have a couple of questions but I want to
make sure they haven't been covered before.
Scott W. Coleman, PCAM
Network Administrator
Kramer Triad Management Group
(734) 973-5500 voice (734) 973-0001 fax
Kathy,
Just wanted to say that I don't think it's reasonable to expect someone
to get up to speed on blocking spam in just a matter of a few months,
especially when you started off using IMail's anti-spam and only turned
to Declude about a month ago. Maybe you are better off considering the
Check the link at the bottom... it's working for me...
Maybe it was temporary downtime.
---
Vincent Toussaint
Sys. Admin, Hybride
[EMAIL PROTECTED]
(450) 227-4245
www.hybride.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
Scoot, the link to the list archives should be at the bottom of each mail
item sent to the list -
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
-Original Message-
From: [EMAIL PROTECTED]
Dumb comment but needs to be asked...their mail clients are using the proper
name for the mail server and not the old IP address?
Eric S
- Original Message -
From: Matt Robertson [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, March 22, 2004 1:26 PM
Subject: RE: [IMail Forum] Imail
Seems to me that others have already asked the right questions, but let me
put it the way I would handle it.
1. Confirm that the various mail clients point to the correct mail server.
2. Check the DNS records for that client's access (DSL) provider. The fact
that you can force it to work by
I scanned my server with this utility. It came up clean. Now what?
Joe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dmitri Elgin
Sent: Monday, March 22, 2004 3:11 AM
To: [EMAIL PROTECTED]
Subject: [IMail Forum] Weird Error mEssages
It seems to be a
Hi Sandy,
Thank you for your quick response. I however doubt I have been compromised.
I am about as locked down as you can be with a public facing server and have
never been compromised, I keep up with this machine pretty well. The
Kaspersky scanner comes up clean as well. I have a couple of
We have had very slow web mail for over a year now, ever since we
upgraded from 5.x to 7.x, then 8.x. We recently upgraded to 3GHz,
special 3COM NIC, and fast RAM, SCSI 160 series drives. We saw an
improvement but still chugged along until last week when Imail web
mail suddenly
Is there any way to block 127.0.0.1 without blocking mail from being
originated from the local machine?
I wrote...
To stop the connection attempts from 66.34.190.239 to 66.34.190.239
from even being processed by your mailserver, you can add the IP to
SMTP Security--Control Access.
Note
You might try installing a piece of software called TCPView. Leaving this running
will allow you to (real-time) look at the
applications that are opening network connections on your server. Look for the
application which is opening the SMTP connections
from the server back to the server. It
Is there any way to block 127.0.0.1 without blocking mail from being
originated from the local machine?
That's kind of like saying I think a hacker broke into my network. How
can I prevent him from deleting files? While it is important that he
doesn't delete files, it's much better to get rid
So I can block 127.0.0.1 and my ASP Mailers and whatnot should still work?
Joe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Sanford Whiteman
Sent: Monday, March 22, 2004 8:03 PM
To: Joe Osborn
Subject: Re[4]: [IMail Forum] Weird Error mEssages
Is
I will kill him if he is! I am having some trouble seeing what you are
seeing. Everyone is saying I am infected or penetrated or something, I am
not real sure I follow. How are you coming up with this conclusion?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
OK,
Here is anoterh log snippet from a few minutes ago, this is all of the
suspicious activity all day. Now to me, it looks like this remote IP
Address is connecting to my server and trying to send mail, but as designed,
my server will not accept the mail because he did nto authenticate. Am I
So I can block 127.0.0.1 and my ASP Mailers and whatnot should still work?
NO--you cannot block 127.0.0.1 and still connect from 127.0.0.1, by
definition! The IP that is creating the mystery connections,
however, is not the loopback IP (127.0.0.1) but the actual IP of the
NIC.
I will kill him if he is! I am having some trouble seeing what you
are seeing. Everyone is saying I am infected or penetrated or
something, I am not real sure I follow. How are you coming up with
this conclusion?
We feel that you've been compromised because you say there
I want to thank you all for your help, especially Scott from
declude. I will be unsubscribing from this list so you do not get
the bounce messages when the mailbox fills up. My earlier prediction
has come true.. I am no longer working for this company.
Dismissed because she
I initially was asking why I am receiving these errors. I am not fully
versed in IMail error handling yet. There is a mystery, I am trying to nail
down what exactly is connecting, could it be a spoofed IP Address? I am
running a sniffer trace right now as well :-)
Joe
-Original
LOL,
I need to learn how to be more concise. All of my legitimate mailers and
apps use the real IP address of the NIC, nothing should be using 127.0.0.1
and I DO appreciate all the help :-)
Joe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Sanford
Opinions??
Mine is they are a spam house. I have received many spams from their ip
addresses. does anyone know of any legitimate email that has come from
them
Oh if they are a spam house and you looked them up in the ARIN database look
up Bluerock Dove and Blue Rock Dove
Kevin
I am having trouble getting mail from one of my accounts on my Imail Server.
When I try, I get the following error from Entourage, my email program:
The server for account 'myaddress' returned the error [IN-USE] failed to
lock or parse or multiple access. Your username/password or security
I want to thank you all for your help, especially
Scott from
declude. I will be unsubscribing from this list so you
do not get
the bounce messages when the mailbox fills up. My earlier
prediction
has come true.. I am no longer working for this company.
Dismissed
Marc A. Funaro, thank you for detailed answer, i find it very usefull and
respect your opinion.
Here i am to give the answer to the questions about any one tried this
product?, but
probably all messages in this tree are off topic. If so the site
administrator should consider my message to be
5 days ago I noticed that the log files although the services are working ok
and the emails delivered and received also ok the log files record nothing!
(spam, logXXX.txt syslog etc)
Running Imail 8.05hf2 windows 2003
Any suggestions? please help...
Periklis Drakos
To Unsubscribe:
87 matches
Mail list logo