[IMail Forum] Orphaned files in spool directory
Since a few months, IMail keeps orphaning mails in the spool directory and sending mails to the postmaster:"Delivery Failure - Orphaned files in spool directory"This means that mails are dropped without the user being notified,involvingthe postmaster to take corrective actions. I followed KB http://support.ipswitch.com/kb/IM-20040920-DM01.htmand got Ipswitch's answer that is is a known problem. So far, there is no fix.Who else has this problem? Today, I updated from 8.14HF1 to 8.15. I think it is definitely time to think over my loyality with this product... Marius
[IMail Forum] FYI About SBC (PacBell)
Didn't know if anyone here was aware of this. SBC (which bought pacbell and all of its DSL customers a few years ago) is now blocking outbound port 25 to anything but its own mail servers. - Duane Hill Sr E-Mail Administrator http://www.yournetplus.com To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
[IMail Forum] FYI More on SBC (PacBell)
http://seclists.org/lists/fulldisclosure/2005/Jan/0578.html SBC began to apply SMTP port 25 filters on Broadband and Dialup connections using DYNAMIC IP addresses in October 2004. This includes both residential and businesses using DYNAMIC IP addresses on broadband or dialup connections. The change was announced by SBC in the September 2004 customer newsletter and on the SBC web site. So I'm guessing that if a static IP is being assigned, it would still be ok for SMTP services running on the DSL. - Duane Hill Sr E-Mail Administrator http://www.yournetplus.com To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] FYI About SBC (PacBell)
Gee, I'm a TINY ISP (actually WISP), about 20 subscribers, and I block outbound port 25. It's the right thing to do. Period. I even use SPF (gasp!) records. Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Duane Hill Sent: Thursday, January 27, 2005 5:20 AM To: IMail_Forum@list.ipswitch.com Subject: [IMail Forum] FYI About SBC (PacBell) Didn't know if anyone here was aware of this. SBC (which bought pacbell and all of its DSL customers a few years ago) is now blocking outbound port 25 to anything but its own mail servers. - Duane Hill Sr E-Mail Administrator http://www.yournetplus.com To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
Re: [IMail Forum] FYI About SBC (PacBell)
On Thursday, January 27, 2005 at 11:10:52 AM, [EMAIL PROTECTED] confabulated: Gee, I'm a TINY ISP (actually WISP), about 20 subscribers, and I block outbound port 25. It's the right thing to do. Period. I even use SPF (gasp!) records. What are you using to check SPF records? I don't have SPF checking turned on with one of our primary servers (non IMail), but one of our backup MX servers I do have it turned on (non IMail). Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Duane Hill Sent: Thursday, January 27, 2005 5:20 AM To: IMail_Forum@list.ipswitch.com Subject: [IMail Forum] FYI About SBC (PacBell) Didn't know if anyone here was aware of this. SBC (which bought pacbell and all of its DSL customers a few years ago) is now blocking outbound port 25 to anything but its own mail servers. - Duane Hill Sr E-Mail Administrator http://www.yournetplus.com To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] Spam Filter
Sorry for the delay in the response, I got swamped with other issues yesterday. I removed the blacklist from server. So it's not even present. There are running iMail and are checking outgoing mail for spam I will see if they are adding this header. Thanks for the idea. Scott W. Coleman Network Administrator Associa 3131 Professional Drive Ann Arbor, Michigan 48104 (734) 973-5500 Phone (734) 973-0001 Fax (734) 531-2101 Direct (888) 206-0368 Toll Free Associa The Leader in Community Association Management -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Christian Lawson Sent: Tuesday, January 25, 2005 5:19 PM To: IMail_Forum@list.ipswitch.com Subject: RE: [IMail Forum] Spam Filter That blacklist is not enabled on the server. Does that mean that it exists at the Antispam folder at localhost, but on the Connection Filtering tab, it doesn't exist? Assuming it doesn't even exist at localhost, it's probably the other server. They appear to be an IMail server also and are most likely checking their outgoing email for spam. Their server adds the header, your rule traps it. Have a good one, Christian -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Scott Coleman Sent: Tuesday, January 25, 2005 4:51 PM To: IMail_Forum Subject: [IMail Forum] Spam Filter I am having trouble with a black list and it's not even enabled. Here is the snip from the log. 01:25 14:05 SMTPD(2DB100AE) [192.168.85.7] connect 207.89.196.2 port 3279 01:25 14:05 SMTPD(2DB100AE) [207.89.196.2] EHLO mail.bbgweb.net 01:25 14:05 SMTPD(2DB100AE) [207.89.196.2] MAIL FROM:[EMAIL PROTECTED] 01:25 14:05 SMTPD(2DB100AE) [207.89.196.2] RCPT To:[EMAIL PROTECTED] 01:25 14:05 SMTPD(2DB100AE) [207.89.196.2] e:\spool\D98742db100ae90a6.SMD 12350 01:25 14:05 SMTP-() Info - Adding Queue file e:\spool\Q98742db100ae90a6.SMD 01:25 14:05 SMTP-(04250017) processing e:\spool\Q98742db100ae90a6.SMD 01:25 14:05 SMTP-(04250017) Inbound X-IMail-Rule: H~X-IMAIL-SPAM:[EMAIL PROTECTED] Data- X-IMAIL-SPAM-DNSBL: (fiveten,1 01:25 14:05 SMTP-(04250017) ldeliver kramertriad.com spam-main (1) [EMAIL PROTECTED] 12350 01:25 14:05 SMTP-(04250017) finished e:\spool\Q98742db100ae90a6.SMD status=1 That blacklist is not enabled on the server. I enabled it, stopped and restarted services, then disabled it and stopped and restarted services to make sure. I even removed it from the list and stopped and restarted services. Any suggestions? I am running iMail 8.02.2003.0811.3. on a Win NT box. Scott W. Coleman Network Administrator Associa 3131 Professional Drive Ann Arbor, Michigan 48104 (734) 973-5500 Phone (734) 973-0001 Fax (734) 531-2101 Direct (888) 206-0368 Toll Free Associa The Leader in Community Association Management To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
Re: [IMail Forum] Orphaned files in spool directory
Since a few months, IMail keeps orphaning mails in the spool directory and sending mails to the postmaster: Delivery Failure - Orphaned files in spool directory This means that mails are dropped without the user being notified, involving the postmaster to take corrective actions. An orphaned file occurs when IMail cannot deliver an E-mail, and it cannot deliver the bounce either. For example, if I send an E-mail from [EMAIL PROTECTED] to [EMAIL PROTECTED], how do you expect me to get a bounce message? It can't happen, the way that SMTP works. In fact, no mailserver can deliver such an E-mail. Who else has this problem? Today, I updated from 8.14HF1 to 8.15. I think it is definitely time to think over my loyality with this product... There is no problem. It is just how SMTP works. If you still aren't convinced, write a letter (not E-mail) with a fake address and fake return address, and see if the post office delivers it to you. -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. This outgoing message is guaranteed to be authentic by Message Level users. Guarantee the authenticity of your email @ http://www.messagelevel.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
Re: [IMail Forum] I-mail and SmarterMail 2.0
Hi, I made a lot of test, but i didn't made a comparison list. It's a good idea anyway. New products always seem cooler, and a new product will usually not suffer the same problems as an older product. On the other hand, the new product may have many new problems of its own, or outright deficiencies (did someone This is correct. The guys from SmarterTools are not new in the business and are hungry to push and develop their products. I decided to sell ICS and SmarterMail in the future. SmarterMail will be the new 20 minutes solution and the affordable Mail Server for future and existing customers. I sent a huge feature request list to their support a few weeks ago. Some will implemented soon, others in the version 3.0. I somebody wants to know more about the feature requests, please contact me off-list. This place is not the right place to discuss this, i guess. Am Donnerstag, 27. Januar 2005 um 04:01 schrieben Sie: Just curious, but has anyone made a list of deficiencies of SmarterMail versus IMail? That is, if Ipswitch wanted to explain why IMail is the better product, or if some admins have reasons why they consider SmarterMail inferior, has anyone made such a pitch? New products always seem cooler, and a new product will usually not suffer the same problems as an older product. On the other hand, the new product may have many new problems of its own, or outright deficiencies (did someone say SmarterMail doesn't support program aliases?). It seems to me the place to start an evaluation is with the case against SmarterMail. Ben BC Web - Original Message - From: Martin Schaible [EMAIL PROTECTED] To: Wolf Tombe IMail_Forum@list.ipswitch.com Sent: Wednesday, January 26, 2005 1:23 PM Subject: Re: [IMail Forum] I-mail and SmarterMail 2.0 Hi Wolf, Has anyone evaluated SmarterMail with an eye on determining how robust or scalable it might be? (i.e., number of domains, users or messages it can handle compared to iMail) I compared SmarterMail vs. IMail on two identical machines. A small ColdFusion application send 200'000 mails in 24 hours to both candidates. SNMP sensors reported CPU-load, Memory load and other data to a log server. SmarterMail used less of CPU-load, Memory, etc... Unfortunately, i didn't made the tests with a lot of domains, i was i an hurry. I like SmarterMail; but, being a relatively new company I couldn't find any information about existing clients or implementations that could be considered anything other than modest uses of the application. Ask their Support-People. Am Mittwoch, 26. Januar 2005 um 20:29 schrieben Sie: Has anyone evaluated SmarterMail with an eye on determining how robust or scalable it might be? (i.e., number of domains, users or messages it can handle compared to iMail) I like SmarterMail; but, being a relatively new company I couldn't find any information about existing clients or implementations that could be considered anything other than modest uses of the application. Has anyone load tested SmarterMail in either a lab or production environment? -- Original Message -- From: Martin Schaible [EMAIL PROTECTED] Reply-To: IMail_Forum@list.ipswitch.com Date: Wed, 26 Jan 2005 20:08:55 +0100 Hi Tim, SmarterMail 2.0 is a complete mail server. Yes, it can be a good replacement for IMail. - Not every functionality is implemented yet, e.g. Program Aliases and other minor things. - The build in anti spam tools are not on the level of IMail, but they working on it. I can't translate intriguing, but i think this means cool or great... We made tons of tests with SmarterMail and it behaves really nice. If you need more info, check out the online forums at smartertools.com. I think SmarterMail and Declude AntiVirus/AntiSpam can be the perfect choice. Declude offers an introduction offer for both products for a fair price. Ooops, this was marketing... Am Mittwoch, 26. Januar 2005 um 19:38 schrieben Sie: We currently have I-mail Pro 8.15 along with Declude Anti-virus Std Edition and Junkmail Professional Edition. I have been noticing a lot of talk about the new SmarterMail that is packaged with Declude, and I even went to their site and was reading up on it. I do have a question about it though. Is SmarterMail a whole e-mail server software package to replace I-mail, or just an add-on to work with I-mail acting as the webmail interface? So far, we've been pretty pleased with the I-mail, however, the new look of the SmarterMail is intriguing. If anyone has had experience using SmarterMail 2.0 and can provide some insight, that would be helpful. Thanks Tim Cook Varsity Contractors IT Technical Support (208) 232-8599 x3035
RE: [IMail Forum] FYI More on SBC (PacBell)
http://seclists.org/lists/fulldisclosure/2005/Jan/0578.html SBC began to apply SMTP port 25 filters on Broadband and Dialup connections using DYNAMIC IP addresses in October 2004. This includes both residential and businesses using DYNAMIC IP addresses on broadband or dialup connections. The change was announced by SBC in the September 2004 customer newsletter and on the SBC web site. So I'm guessing that if a static IP is being assigned, it would still be ok for SMTP services running on the DSL. In the central US (Kansas) they are filtering more than just port 25 outbound. After a few hours on the phone with level 2, whatever, support.. I was told that We do not block any ports on your connection. To my dismay, and acute disbelief (with evidence in hand) I questioned the all mighty guru's once again: Why are you blocking my outbound traffic? They replied: We do not block any ports on your connection! You apparently don't know what you are talking about or have a problem with your computer! Ha, after I paused in disbelief I had discovered that there was some truth to what he said. I had neglected to bring myself up to the 'politically correct' terms of today. You see, since about 1979, my thinking was (and still is) that anytime data is being intentionally prohibited either in or out of the interface; then to me it is being 'blocked' - for whatever reason. So I asked the engineer, Ok then, why can't I send my email to my corporate servers without having to go through your mail servers? His reply? - Well that is because we filter many ports both inbound and outbound. Today, I'm educated once again: No it is not being blocked, it is being 'filtered'. Ha, filtered. Hehe.. I could of saved myself about 3 hours of life had I kept my wits up and just remembered to think outside the box. 'filtered'. Ok then it's filtered. How do have the filters removed? His reply was to have me go to there email abuse web page, select port 25 opt out, fill in the comment box and click submit. Well I did that.. Cgi error - 404 page not found. Ok, yet another 1 hour call to tech support. Tech support had to actually fill out my information for me and try try try until their own form would submit. My next 'outside the box' question was: Ok how do I have other ports 'not filtered' hehe.. Like ports 5177, 5178, 8181, 8383, etc etc? He said he didn't know if 'they' would do that. Trying to make his work easier I finally just asked if they would remove all 'filters'. Worth mentioning is that they do, here anyway, use IPSwitch IM (on the lan probably) so the tech understood my frustrations about not having 5177/5178 open. So, I'm on day 2 awaiting the release of the 'filters'. Tomorrow I cancel my xDSL connection and press on with COX. I just find it hard to believe that a company that big would have such lame methods inplace, to BLOCK their customers use of the internet, with little to no way of selectively removing 'filters' imposed upon them. I would hope that come to a firm conclusion and realize that not everyone that uses there service just surfs the internet. ~Rick _ Virus Scanned and Filtered by - http://www.FamHost.com E-Mail System. To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] FYI About SBC (PacBell)
I use SpamAssassin. It's wonderful. See my write-up at http://www.visioncomm.net/sac. Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Duane Hill Sent: Thursday, January 27, 2005 6:17 AM To: IMail_Forum@list.ipswitch.com Subject: Re: [IMail Forum] FYI About SBC (PacBell) On Thursday, January 27, 2005 at 11:10:52 AM, [EMAIL PROTECTED] confabulated: Gee, I'm a TINY ISP (actually WISP), about 20 subscribers, and I block outbound port 25. It's the right thing to do. Period. I even use SPF (gasp!) records. What are you using to check SPF records? I don't have SPF checking turned on with one of our primary servers (non IMail), but one of our backup MX servers I do have it turned on (non IMail). Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Duane Hill Sent: Thursday, January 27, 2005 5:20 AM To: IMail_Forum@list.ipswitch.com Subject: [IMail Forum] FYI About SBC (PacBell) Didn't know if anyone here was aware of this. SBC (which bought pacbell and all of its DSL customers a few years ago) is now blocking outbound port 25 to anything but its own mail servers. - Duane Hill Sr E-Mail Administrator http://www.yournetplus.com To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
[IMail Forum] pop log
Hi, Looking for some other problem I ran into this. Trying to find what's wrong I'm a bit confused by the POP log. Below is a snippet where there's a send error. Trying to determine to what connection it belongs I look at the sessionID, at least what I think is the sessionID, (01EC). To my surprise there are manny lines with that same ID, even at almost the same time. Is this correct bevaviour by IMail? We're runnig v8.05. At 14:20 s.vanwieren logs in from 212.123.136.208, getting sessionID (0E44) In the same second l.kuipers logs in from another ip number getting sessionID (01EC) At 14:21 there is an error with the sessionID forl.kuipers but the ip-number for s.vanwieren. What's going on? 01:25 14:19 POP3D (01EC) logon success for a.dekker tio.nl from 62.131.255.22201:25 14:19 POP3D (01ec) logoff for a.dekker R:0, D:0, P:001:25 14:19 POP3D (01EC) logon success for g.tenden tio.nl from 194.109.163.24801:25 14:19 POP3D (01ec) logoff for g.tenden R:0, D:0, P:001:25 14:19 POP3D (0D94) logon success for r.maring tio.nl from 217.114.99.19401:25 14:19 POP3D (0d94) logoff for r.maring R:0, D:0, P:001:25 14:19 POP3D (0CC8) logon success for r.broer student.tio.nl from 62.195.78.7401:25 14:19 POP3D (0cc8) logoff for r.broer R:0, D:0, P:001:25 14:19 POP3D (0D94) logon success for l.kuipers tio.nl from 217.114.99.19401:25 14:19 POP3D (0d94) logoff for l.kuipers R:0, D:0, P:001:25 14:20 POP3D (0A00) logon success for r.maring tio.nl from 217.114.99.19401:25 14:20 POP3D (0a00) logoff for r.maring R:0, D:0, P:001:25 14:20 POP3D (0E44) logon success for s.vanwieren tio.nl from 212.123.136.20801:25 14:20 POP3D (01EC) logon success for l.kuipers tio.nl from 217.114.99.19401:25 14:20 POP3D (01ec) logoff for l.kuipers R:0, D:0, P:001:25 14:20 POP3D (0e44) logoff for s.vanwieren R:2, D:2, P:001:25 14:21 POP3D (01EC) send error 212.123.136.208 1005401:25 14:21 POP3D (01ec) 212.123.136.208 connection reset01:25 14:21 POP3D (0748) logon success for e.slijkhuis student.tio.nl from 24.132.228.11401:25 14:21 POP3D (0748) logoff for e.slijkhuis R:0, D:0, P:0 I have seen other instances of this send error where indeed there was something weird going on with a user being logged on, then loggin on (other sessionID) and off (with that sessionID) after which came the send error with the first sessionID. That's understandable but the above. Groetjes, Bonno Bloksma
[IMail Forum] Queue Manager killing machine
Running 8.15 Queue Manager consuming 90%+ of CPU cycles. This is what I have done: Yes, I have cleared the Queue Twice... Yes, I have reinstalled Imail 8.15 Yes, I have rebooted the machine Yes, I have checked the hard drive for integrity... Yes, the problem remains Suggestions HELP!!! Bryant Nielson Managing Director [EMAIL PROTECTED] ITS FX INC. Feel the Effects of IT www.ITSFX.com 54 Tenafly Road Tenafly, NJ 07670 Telephone: (201) 568-4570 Fax: (201) 541-4044 ~~ No army can withstand the strength of an idea whose time has come. Victor Hugo To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
[IMail Forum] Null Headers, Null senders, Null bodies.
Null Headers, Null senders, Null bodies, or just entire blank messages. How can I stop them from getting through Imail?
Re: [IMail Forum] FYI About SBC (PacBell)
On Thursday, January 27, 2005 at 1:10:17 PM, [EMAIL PROTECTED] confabulated: I use SpamAssassin. It's wonderful. See my write-up at http://www.visioncomm.net/sac. That's what I'm using on one of our non IMail primary servers. I didn't want to turn that feature on yet for fear of what could happen. Just like I'm not reenforcing RDNS from the primary either. However, the backup MX to that primary does have SPF turned on and is reenforcing RDNS. I didn't know if IMail was supporting it yet or not. Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Duane Hill Sent: Thursday, January 27, 2005 6:17 AM To: IMail_Forum@list.ipswitch.com Subject: Re: [IMail Forum] FYI About SBC (PacBell) On Thursday, January 27, 2005 at 11:10:52 AM, [EMAIL PROTECTED] confabulated: Gee, I'm a TINY ISP (actually WISP), about 20 subscribers, and I block outbound port 25. It's the right thing to do. Period. I even use SPF (gasp!) records. What are you using to check SPF records? I don't have SPF checking turned on with one of our primary servers (non IMail), but one of our backup MX servers I do have it turned on (non IMail). Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Duane Hill Sent: Thursday, January 27, 2005 5:20 AM To: IMail_Forum@list.ipswitch.com Subject: [IMail Forum] FYI About SBC (PacBell) Didn't know if anyone here was aware of this. SBC (which bought pacbell and all of its DSL customers a few years ago) is now blocking outbound port 25 to anything but its own mail servers. - Duane Hill Sr E-Mail Administrator http://www.yournetplus.com To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
[IMail Forum] SmarterMail
Hi, I posted a thread about the feature requests here: http://forums.smartertools.com/ShowPost.aspx?PostID=7295 -- Mit freundlichen Grüssen Merlin Consulting Martin Schaible Bahnhofstrasse 27 CH-8702 Zollikon Phone: +41 1 391 30 00 Fax: +41 1 391 32 49 Mail:mailto:[EMAIL PROTECTED] URL: http://www.merlinconsulting.ch Support: http://support.merlinconsulting.ch GPS: N47 20.235 E8 34.226 News - Neue Produkte: .:. Kiwi Syslog Monitor .:. Paessler GmbH .:. Sawmill Loganalyzer .:. SmarterTools To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
Re: [IMail Forum] FYI About SBC (PacBell)
Didn't know if anyone here was aware of this. SBC (which bought pacbell and all of its DSL customers a few years ago) is now blocking outbound port 25 to anything but its own mail servers. amazing, and wonderful. pacbell's DSL lines have been HUGE sources of abuse for DSL-direct-to-MX spamming. now, if only, Level3, adelphia, comcast, roadroadrunner, and every other subscriber dsl/cable/dial-up access network on the planet would do the same ... Len _ http://IMGate.MEIway.com : free anti-spam gateway, runs on 1000's of sites To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
Re: [IMail Forum] FYI About SBC (PacBell)
On Thursday, January 27, 2005 at 2:39:47 PM, [EMAIL PROTECTED] confabulated: Didn't know if anyone here was aware of this. SBC (which bought pacbell and all of its DSL customers a few years ago) is now blocking outbound port 25 to anything but its own mail servers. amazing, and wonderful. pacbell's DSL lines have been HUGE sources of abuse for DSL-direct-to-MX spamming. now, if only, Level3, adelphia, comcast, roadroadrunner, and every other subscriber dsl/cable/dial-up access network on the planet would do the same ... I know RoadRunner, at least the part of NY our CEO is located, has port 25 filtering. I had to open up an additional port for SMTP so he could send mail from home. Frontier is another that started last year sometime. Len - Duane Hill Sr E-Mail Administrator http://www.yournetplus.com To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
[IMail Forum] Attachments in web messaging
Hi, we've been having problems with attachments coming through web messaging recently. Many users report that when they click on the binary attachment links (save target as..) in a message, the gathering file information box just hangs there indefinitely. Anyone else been through this? We're running web messaging v8.05 Best regards, Eric Carr To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] Orphaned files in spool directory
Thank you Scott. Sorry, both the sender and recipient addresses are valid... So much for jumping at conclusions. It is a known problem of the SMTP service, crashing on certain unknown conditions. - Quote from Ipswitch support case [T2004121004L6] - ERR 005 - Send message thread exception handled Step = 54555659 We have a defect for this that testing and development are working on. I do not know how soon this will be fixed. - End quote - Again, is anybody else experiencing these errors on a regular base? Marius -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of R. Scott Perry Sent: Thursday, January 27, 2005 1:00 PM To: IMail_Forum@list.ipswitch.com Subject: Re: [IMail Forum] Orphaned files in spool directory Since a few months, IMail keeps orphaning mails in the spool directory and sending mails to the postmaster: Delivery Failure - Orphaned files in spool directory This means that mails are dropped without the user being notified, involving the postmaster to take corrective actions. An orphaned file occurs when IMail cannot deliver an E-mail, and it cannot deliver the bounce either. For example, if I send an E-mail from [EMAIL PROTECTED] to [EMAIL PROTECTED], how do you expect me to get a bounce message? It can't happen, the way that SMTP works. In fact, no mailserver can deliver such an E-mail. Who else has this problem? Today, I updated from 8.14HF1 to 8.15. I think it is definitely time to think over my loyality with this product... There is no problem. It is just how SMTP works. If you still aren't convinced, write a letter (not E-mail) with a fake address and fake return address, and see if the post office delivers it to you. -Scott --- [snip] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] Attachments in web messaging
Clean out any orphaned files in the spool\web directory. Travis -Original Message- From: [EMAIL PROTECTED] [mailto:IMail_Forum- [EMAIL PROTECTED] On Behalf Of Eric Carr Sent: Thursday, January 27, 2005 7:12 AM To: IMail_Forum@list.ipswitch.com Subject: [IMail Forum] Attachments in web messaging Hi, we've been having problems with attachments coming through web messaging recently. Many users report that when they click on the binary attachment links (save target as..) in a message, the gathering file information box just hangs there indefinitely. Anyone else been through this? We're running web messaging v8.05 Best regards, Eric Carr To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
Re: [IMail Forum] Orphaned files in spool directory
Marius, We've been able to duplicate the error using the orphaned files in 8.14, but not in 8.15. Are you still seeing the issue in 8.15? Thanks, Tripp - Original Message - From: [EMAIL PROTECTED] To: IMail_Forum@list.ipswitch.com Sent: Thursday, January 27, 2005 10:30 AM Subject: RE: [IMail Forum] Orphaned files in spool directory Thank you Scott. Sorry, both the sender and recipient addresses are valid... So much for jumping at conclusions. It is a known problem of the SMTP service, crashing on certain unknown conditions. - Quote from Ipswitch support case [T2004121004L6] - ERR 005 - Send message thread exception handled Step = 54555659 We have a defect for this that testing and development are working on. I do not know how soon this will be fixed. - End quote - Again, is anybody else experiencing these errors on a regular base? Marius -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of R. Scott Perry Sent: Thursday, January 27, 2005 1:00 PM To: IMail_Forum@list.ipswitch.com Subject: Re: [IMail Forum] Orphaned files in spool directory Since a few months, IMail keeps orphaning mails in the spool directory and sending mails to the postmaster: Delivery Failure - Orphaned files in spool directory This means that mails are dropped without the user being notified, involving the postmaster to take corrective actions. An orphaned file occurs when IMail cannot deliver an E-mail, and it cannot deliver the bounce either. For example, if I send an E-mail from [EMAIL PROTECTED] to [EMAIL PROTECTED], how do you expect me to get a bounce message? It can't happen, the way that SMTP works. In fact, no mailserver can deliver such an E-mail. Who else has this problem? Today, I updated from 8.14HF1 to 8.15. I think it is definitely time to think over my loyality with this product... There is no problem. It is just how SMTP works. If you still aren't convinced, write a letter (not E-mail) with a fake address and fake return address, and see if the post office delivers it to you. -Scott --- [snip] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
[IMail Forum] Is the Imail Daily Report ALWAYS wrong?
I never really paid attention to this report before beyond receiving it and plugging the numbers into a spreadsheet that we maintain showing the volumes that are reported during a two week moving window. Then yesterday it hit me that the SPAM reported numbers appear to be completely bogus. For instance the daily report for 1/24/05 indicated the following: SpamContent 172 SpamPhrase71 LocalDeliver3449 RemoteDeliver 1482 SpamFeatures 4 SpamUrlDomain143 Our SPAM settings (http://www.summitinternetservices.com/tests.htm) are to delete any mail that fail two DNSBL tests and to quarantine ALL mail that fail the other tests. Adding up the SPAM flagged mail in the Daily Report for the 24th seems to indicate that the mail that has been flagged as SPAM totals to 390. The problem is that the actual number of emails in the quarantine folder for that day was 1,091 a discrepancy of 701. I went back and looked at other days over the past two weeks (the period of time that we keep quarantined mail) and saw the same type of reporting issue. The only answer I can think of is that is must be due to how we handle mail that fails only one Connection tests. If it fails any two of the Connection tests we delete it. If it fails just one Connection test we allow it to continue processing through the rest of the spam tests. However, on our in-bound rules if the mail had failed spamhaus or spamcop during the connection test we quarantine it too. I am going to modify our in-bound rules to place those emails into a different quarantine account to see if the numbers will add up. To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
[IMail Forum] IMail 8.2 Beta Program Invitation
Hello, Ipswitch is hard at work on Version 2.0 of Ipswitch Collaboration Suite and its IMail Server 8.2 component. As an important part of our development process, the Ipswitch Messaging Product Team would like to invite you to participate in the upcoming IMail 8.2 Beta Program. IMail 8.2 Beta Program participants will preview IMail 8.2 Beta software and have the opportunity to provide Ipswitch with invaluable feedback as we continue work on this important release. We are currently seeking users who have an active interest in utilizing the new features and enhancements listed below AND who are willing to give detailed feedback, participate in discussions, etc. Beta Nomination Process o We will review all requests to participate in the IMail 8.2 Beta Program and select those users whom we feel are the best candidates for this Beta Program. o Once selected, you will receive an e-mail which will contain additional information regarding the IMail 8.2 Beta Program, access to a private web forum, and instructions on defect reporting. o Please be aware that we are seeking a limited number of Beta testers. If you find that your application is rejected, this will in no way mean that we feel you are not up to the task, it will only mean that Beta applications have been heavily over subscribed. Indeed we will keep a record of your application, and may contact you in the future. IMail 8.2 Beta Information o We anticipate that the IMail 8.2 beta will be available for download sometime in early February. o We are targeting the beginning of Q2 2005 for the IMail 8.2 release. o All Beta builds will be distributed electronically via FTP. o Ipswitch expects that beta participants will regularly test builds provided, and report issues via the Beta Web Forum. New Features In Version 8.2 -- o Secure Socket Layer for POP The POP server will support SSL and TLS via the STLS extension and through a dedicated port. o Secure Socket Layer for IMAP The IMAP server will support SSL and TLS via the STARTTLS extension and through a dedicated port. o Secure Socket Layer for SMTP IMail Server will provide support for dedicated SSL and TLS negotiated sessions. o SPF - IMail connection filtering will support the draft RFC for Sender Policy Framework to enable administrators more control in stopping incoming mail from forged addresses. o Attachment Blocking - Attachment blocking will remove attachments based on attachment extension and MIME type o Major SMTPd Enhancements - SMTPd is now multi threaded and has been re-designed for better performance and stability. o Ability to block spam messages with bad/incorrect MIME headers and flag it as spam. o Ability to detect hyperlinks in plain text emails and check them against the spam URL blacklist table. If you are interested in participating, please complete the Beta Application Form at: http://www.ipswitch.com/apps/ICSBeta/ For questions regarding the IMail 8.2 Beta Program, please contact Jason Benton [EMAIL PROTECTED] Thank you for your participation, Ipswitch Messaging Team To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] Orphaned files in spool directory
Tripp, I updated from 8.14HF1 to 8.15 last night. I'll watch it for a few days now. Some of the orphaned mails were targeted to maildomains having an a-record instead of a regular MX. Marius -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tripp Allen Sent: Thursday, January 27, 2005 4:52 PM To: IMail_Forum@list.ipswitch.com Subject: Re: [IMail Forum] Orphaned files in spool directory Marius, We've been able to duplicate the error using the orphaned files in 8.14, but not in 8.15. Are you still seeing the issue in 8.15? Thanks, Tripp To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
Re: [IMail Forum] IMail 8.2 Beta Program Invitation
The 3 changes below are long and eagerly anticipated. - Original Message - New Features In Version 8.2 -- o Secure Socket Layer for POP The POP server will support SSL and TLS via the STLS extension and through a dedicated port. o Secure Socket Layer for IMAP The IMAP server will support SSL and TLS via the STARTTLS extension and through a dedicated port. o Secure Socket Layer for SMTP IMail Server will provide support for dedicated SSL and TLS negotiated sessions. To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] IMail 8.2 Beta Program Invitation
REQUEST: Build a Java IM client so it works cross-platforms! Barry -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason Benton Sent: Thursday, January 27, 2005 8:06 AM To: IMail_Forum@list.ipswitch.com Subject: [IMail Forum] IMail 8.2 Beta Program Invitation Hello, Ipswitch is hard at work on Version 2.0 of Ipswitch Collaboration Suite and its IMail Server 8.2 component. As an important part of our development process, the Ipswitch Messaging Product Team would like to invite you to participate in the upcoming IMail 8.2 Beta Program. IMail 8.2 Beta Program participants will preview IMail 8.2 Beta software and have the opportunity to provide Ipswitch with invaluable feedback as we continue work on this important release. We are currently seeking users who have an active interest in utilizing the new features and enhancements listed below AND who are willing to give detailed feedback, participate in discussions, etc. Beta Nomination Process o We will review all requests to participate in the IMail 8.2 Beta Program and select those users whom we feel are the best candidates for this Beta Program. o Once selected, you will receive an e-mail which will contain additional information regarding the IMail 8.2 Beta Program, access to a private web forum, and instructions on defect reporting. o Please be aware that we are seeking a limited number of Beta testers. If you find that your application is rejected, this will in no way mean that we feel you are not up to the task, it will only mean that Beta applications have been heavily over subscribed. Indeed we will keep a record of your application, and may contact you in the future. IMail 8.2 Beta Information o We anticipate that the IMail 8.2 beta will be available for download sometime in early February. o We are targeting the beginning of Q2 2005 for the IMail 8.2 release. o All Beta builds will be distributed electronically via FTP. o Ipswitch expects that beta participants will regularly test builds provided, and report issues via the Beta Web Forum. New Features In Version 8.2 -- o Secure Socket Layer for POP The POP server will support SSL and TLS via the STLS extension and through a dedicated port. o Secure Socket Layer for IMAP The IMAP server will support SSL and TLS via the STARTTLS extension and through a dedicated port. o Secure Socket Layer for SMTP IMail Server will provide support for dedicated SSL and TLS negotiated sessions. o SPF - IMail connection filtering will support the draft RFC for Sender Policy Framework to enable administrators more control in stopping incoming mail from forged addresses. o Attachment Blocking - Attachment blocking will remove attachments based on attachment extension and MIME type o Major SMTPd Enhancements - SMTPd is now multi threaded and has been re-designed for better performance and stability. o Ability to block spam messages with bad/incorrect MIME headers and flag it as spam. o Ability to detect hyperlinks in plain text emails and check them against the spam URL blacklist table. If you are interested in participating, please complete the Beta Application Form at: http://www.ipswitch.com/apps/ICSBeta/ For questions regarding the IMail 8.2 Beta Program, please contact Jason Benton [EMAIL PROTECTED] Thank you for your participation, Ipswitch Messaging Team To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] Attachments in web messaging
Should the spool\web dir be empty at all times? (How do i know if files are orphaned or not?) Best regards, Eric Carr -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Travis Rabe Sent: 27. januar 2005 16:37 To: IMail_Forum@list.ipswitch.com Subject: RE: [IMail Forum] Attachments in web messaging Clean out any orphaned files in the spool\web directory. Travis -Original Message- From: [EMAIL PROTECTED] [mailto:IMail_Forum- [EMAIL PROTECTED] On Behalf Of Eric Carr Sent: Thursday, January 27, 2005 7:12 AM To: IMail_Forum@list.ipswitch.com Subject: [IMail Forum] Attachments in web messaging Hi, we've been having problems with attachments coming through web messaging recently. Many users report that when they click on the binary attachment links (save target as..) in a message, the gathering file information box just hangs there indefinitely. Anyone else been through this? We're running web messaging v8.05 Best regards, Eric Carr To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] Attachments in web messaging
Look at the dates of the files. If they are more then 60 minutes old, they are orphaned. Travis -Original Message- From: [EMAIL PROTECTED] [mailto:IMail_Forum- [EMAIL PROTECTED] On Behalf Of Eric Carr Sent: Thursday, January 27, 2005 8:48 AM To: IMail_Forum@list.ipswitch.com Subject: RE: [IMail Forum] Attachments in web messaging Should the spool\web dir be empty at all times? (How do i know if files are orphaned or not?) Best regards, Eric Carr -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Travis Rabe Sent: 27. januar 2005 16:37 To: IMail_Forum@list.ipswitch.com Subject: RE: [IMail Forum] Attachments in web messaging Clean out any orphaned files in the spool\web directory. Travis -Original Message- From: [EMAIL PROTECTED] [mailto:IMail_Forum- [EMAIL PROTECTED] On Behalf Of Eric Carr Sent: Thursday, January 27, 2005 7:12 AM To: IMail_Forum@list.ipswitch.com Subject: [IMail Forum] Attachments in web messaging Hi, we've been having problems with attachments coming through web messaging recently. Many users report that when they click on the binary attachment links (save target as..) in a message, the gathering file information box just hangs there indefinitely. Anyone else been through this? We're running web messaging v8.05 Best regards, Eric Carr To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
Re: [IMail Forum] FYI More on SBC (PacBell)
At 02:46 AM 1/27/2005, you wrote: So I'm guessing that if a static IP is being assigned, it would still be ok for SMTP services running on the DSL. Yes, if you have a static IP port 25 is not blocked. You can fill out their online abuse reporting form and opt out of the port 25 block and they will remove it. Gary - Duane Hill Sr E-Mail Administrator http://www.yournetplus.com To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ ComsecNet Dedicated Data Services Stockton, CA Phone:(209) 463-2809 Fax:(209) 938-0481 Email: [EMAIL PROTECTED] Web: www.comsec.net This message is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient or an employee or agent responsible for delivering to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error please destroy this message and notify the sender by reply email. To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
Re: [IMail Forum] IMail 8.2 Beta Program Invitation
In light of Ipswitch's past moves, I view this as a step in the right direction as far as customer involvement goes. Jeff - Original Message - From: Jason Benton [EMAIL PROTECTED] To: IMail_Forum@list.ipswitch.com Sent: Thursday, January 27, 2005 11:05 AM Subject: [IMail Forum] IMail 8.2 Beta Program Invitation Hello, Ipswitch is hard at work on Version 2.0 of Ipswitch Collaboration Suite and its IMail Server 8.2 component. As an important part of our development process, the Ipswitch Messaging Product Team would like to invite you to participate in the upcoming IMail 8.2 Beta Program. IMail 8.2 Beta Program participants will preview IMail 8.2 Beta software and have the opportunity to provide Ipswitch with invaluable feedback as we continue work on this important release. We are currently seeking users who have an active interest in utilizing the new features and enhancements listed below AND who are willing to give detailed feedback, participate in discussions, etc. Beta Nomination Process o We will review all requests to participate in the IMail 8.2 Beta Program and select those users whom we feel are the best candidates for this Beta Program. o Once selected, you will receive an e-mail which will contain additional information regarding the IMail 8.2 Beta Program, access to a private web forum, and instructions on defect reporting. o Please be aware that we are seeking a limited number of Beta testers. If you find that your application is rejected, this will in no way mean that we feel you are not up to the task, it will only mean that Beta applications have been heavily over subscribed. Indeed we will keep a record of your application, and may contact you in the future. IMail 8.2 Beta Information o We anticipate that the IMail 8.2 beta will be available for download sometime in early February. o We are targeting the beginning of Q2 2005 for the IMail 8.2 release. o All Beta builds will be distributed electronically via FTP. o Ipswitch expects that beta participants will regularly test builds provided, and report issues via the Beta Web Forum. New Features In Version 8.2 -- o Secure Socket Layer for POP The POP server will support SSL and TLS via the STLS extension and through a dedicated port. o Secure Socket Layer for IMAP The IMAP server will support SSL and TLS via the STARTTLS extension and through a dedicated port. o Secure Socket Layer for SMTP IMail Server will provide support for dedicated SSL and TLS negotiated sessions. o SPF - IMail connection filtering will support the draft RFC for Sender Policy Framework to enable administrators more control in stopping incoming mail from forged addresses. o Attachment Blocking - Attachment blocking will remove attachments based on attachment extension and MIME type o Major SMTPd Enhancements - SMTPd is now multi threaded and has been re-designed for better performance and stability. o Ability to block spam messages with bad/incorrect MIME headers and flag it as spam. o Ability to detect hyperlinks in plain text emails and check them against the spam URL blacklist table. If you are interested in participating, please complete the Beta Application Form at: http://www.ipswitch.com/apps/ICSBeta/ For questions regarding the IMail 8.2 Beta Program, please contact Jason Benton [EMAIL PROTECTED] Thank you for your participation, Ipswitch Messaging Team To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail scanned for viruses by Declude Virus] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] Filanet InterJak 200
Len, Was wondering if you had taken a look at something called SpamCannibal at http://www.spamcannibal.org . It is something akin to the Anvil feature you describe, but with a twist. The stated aim of the daemon on its website is, SpamCannibal's TCP/IP tarpit stops spam by telling the spam server to send very small packets. SpamCannibal then causes the spam server to retry sending over and over - ideally bringing the spam server to a virtual halt for a long time or perhaps indefinitely. I haven't tried setting up a Postfix box for this yet, but it sounds like fun. :-) William Van Hefner Network Administrator Vantek Communications, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Len Conrad Sent: Wednesday, January 26, 2005 7:22 AM To: IMail_Forum@list.ipswitch.com Subject: Re: [IMail Forum] Filanet InterJak 200 If you're willing to get your hands dirty and learn a bit of *nix I recommend pf on OpenBSD which is _very_ flexible and will let you 'tarpit' spammers (with spamd) if you wish. It's free and it'll run very well on a pII 350mhz with 128m of RAM. It is a bit of a learning curve if you're a Windows only guy but well worth it IMHO. Even easier is IMGate/postfix's anvil feature which will dynamically smtp-blocks/rate-limits any IP that connects to postfix more than x times in y minutes. anvilled IPs connect to port 25, postfix sends an immediate SMTP 421 code, and hangs up. postfix can probably do that 200 times/second without impacting legit operation. I would say the majority of msgs to unknown users come from subscriber access networks of millions infected PCs, each of which doesn't attack any one MX at a high rate of attempts, so rate limiting is not helpful. Len To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
Re: [IMail Forum] IMail 8.2 Beta Program Invitation
JP In light of Ipswitch's past moves, I view this as a step in the right JP direction as far as customer involvement goes. Yes... and no... Maybe ipswitch tries to source out product testing to its users... This beta-program will only be usefull if the beta testers try the program under real load. But who is willing to beta test a new product if you consider the quality of the general available Builds from ipswitch. They seems beta too... I I won't confront my customers and myself with the problems of this new version until it is very acurate tested by ipswitch. with best regards Matti Haack To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] IMail 8.2 Beta Program Invitation
New Features In Version 8.2 -- o Secure Socket Layer for POP The POP server will support SSL and TLS via the STLS extension and through a dedicated port. o Secure Socket Layer for IMAP The IMAP server will support SSL and TLS via the STARTTLS extension and through a dedicated port. o Secure Socket Layer for SMTP IMail Server will provide support for dedicated SSL and TLS negotiated sessions. o SPF - IMail connection filtering will support the draft RFC for Sender Policy Framework to enable administrators more control in stopping incoming mail from forged addresses. o Attachment Blocking - Attachment blocking will remove attachments based on attachment extension and MIME type o Major SMTPd Enhancements - SMTPd is now multi threaded and has been re-designed for better performance and stability. o Ability to block spam messages with bad/incorrect MIME headers and flag it as spam. o Ability to detect hyperlinks in plain text emails and check them against the spam URL blacklist table. Noteably absent from this list is the ability of the SMTP server to accept authenticated only connections on an alterate port (587). With all the talk of ISPs blocking port 25 it would seem like Ipswitch should respond as quickly as possible to provide their client base with a solution. While I can solve the problem at our firewall, it means that my traveling users are forced to reconfigure their email everytime the move from inside to outside the firewall and back. This solution however, doesn't solve the problem of authenticated traffic only through the alternate port. A change to Imail is required for this. Thanks for listening. Regards, Brad Morgan IT Manager Horizon Interactive Inc. To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
Re: [IMail Forum] 550 not local host, but smtp authentication is enabled
Hi, She sees: 220 hagrid.e-postoffice.net (IMail 8.14 71028-6) NT-ESMTP Server X1 Which is our mail server, so it doesn't look like a block. Any thoughts? Michele -- Original Message -- From: E. Shanbrom \(Ipswitch\) [EMAIL PROTECTED] Reply-To: IMail_Forum@list.ipswitch.com Date: Tue, 25 Jan 2005 12:59:46 -0500 what does she see as the banner of the telnet session to port 25? Eric S - Original Message - From: Travis Rabe [EMAIL PROTECTED] To: IMail_Forum@list.ipswitch.com Sent: Tuesday, January 25, 2005 12:47 PM Subject: RE: [IMail Forum] 550 not local host, but smtp authentication is enabled I completely disagree. If they are filtering this, then their mail server will respond with that message - plain and simple. Travis -Original Message- From: [EMAIL PROTECTED] [mailto:IMail_Forum- [EMAIL PROTECTED] On Behalf Of Dan Barker Sent: Tuesday, January 25, 2005 9:27 AM To: IMail_Forum@list.ipswitch.com Subject: RE: [IMail Forum] 550 not local host, but smtp authentication is enabled 550 message is from a mailserver, not a firewall. This isn't a filter issue. Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Duane Hill Sent: Tuesday, January 25, 2005 11:24 AM To: Michele Cuttitta Subject: Re: [IMail Forum] 550 not local host, but smtp authentication is enabled RoadRunner I believe is filtering port 25. On a differant server we have here, I had to enable a second SMTP listener on a differant port to make it work. When port 25 is filtered, it doesn't matter if you SMTP auth or not. On Tuesday, January 25, 2005 at 4:08:21 PM, [EMAIL PROTECTED] confabulated: Hi, We have a customer who is connecting to our IMail server via Outlook 2003, and I have verified that SMTP authentication is checked, but she is still getting the 550 not local host, not a gateway error. She says it has been happening for a few days now and her ISP is roadrunner in NY. Any thoughts? Thanks, Michele - Duane Hill Sr E-Mail Administrator http://www.yournetplus.com To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
Re: [IMail Forum] I-mail and SmarterMail 2.0
Has anyone load tested SmarterMail in either a lab or production environment? We are running SM in a production environment. ~1000 domains on a Dual Proc Xeon (same server we used to run iMail on) with 1 GB RAM. The server is running Windows 2003 server. Since we have been running SM on this server we have had non-measurable comments like, it's faster, easier to use, cleaner, etc. For quantitative measurements. We were not previously running any sort of virus checking on this server, as we had offered that using a separate (IMGATE - thank Les!) server. We are now using a simple batch file to virus scan all incoming and outgoing e-mails using F-Prot. We are using the full anti-spam filter features of SM. We limited what we did with IMail due to our using IMGATE. For raw numbers Description Messages Delivered Since Start 1,192,139 (We installed some security patches and had to reboot 3 days ago) Last 5 Minutes 1,633 Last Hour 12,189 Last 24 Hours 268,022 Typically we are running ~ 300,000 messages a day for ~1000 domains. The servers's CPU usage is typically sitting between 0% and 3% with occasional jumps to 15%. Obviously this hardware is way overkill for SM. When running IMail the server's cpu used to run 5-10% with jumps to 50% or higher. Memory usage between the two appears to be the same with ~ 300 MB / 1000 MB available. If you have any specific questions please feel free to contact me off the list: [EMAIL PROTECTED] You can get a discount on SM here: http://tinyurl.com/3wbj8 Roger At 1/27/2005 04:30 AM, you wrote: Hi, I made a lot of test, but i didn't made a comparison list. It's a good idea anyway. New products always seem cooler, and a new product will usually not suffer the same problems as an older product. On the other hand, the new product may have many new problems of its own, or outright deficiencies (did someone This is correct. The guys from SmarterTools are not new in the business and are hungry to push and develop their products. I decided to sell ICS and SmarterMail in the future. SmarterMail will be the new 20 minutes solution and the affordable Mail Server for future and existing customers. I sent a huge feature request list to their support a few weeks ago. Some will implemented soon, others in the version 3.0. I somebody wants to know more about the feature requests, please contact me off-list. This place is not the right place to discuss this, i guess. Am Donnerstag, 27. Januar 2005 um 04:01 schrieben Sie: Just curious, but has anyone made a list of deficiencies of SmarterMail versus IMail? That is, if Ipswitch wanted to explain why IMail is the better product, or if some admins have reasons why they consider SmarterMail inferior, has anyone made such a pitch? New products always seem cooler, and a new product will usually not suffer the same problems as an older product. On the other hand, the new product may have many new problems of its own, or outright deficiencies (did someone say SmarterMail doesn't support program aliases?). It seems to me the place to start an evaluation is with the case against SmarterMail. Ben BC Web - Original Message - From: Martin Schaible [EMAIL PROTECTED] To: Wolf Tombe IMail_Forum@list.ipswitch.com Sent: Wednesday, January 26, 2005 1:23 PM Subject: Re: [IMail Forum] I-mail and SmarterMail 2.0 Hi Wolf, Has anyone evaluated SmarterMail with an eye on determining how robust or scalable it might be? (i.e., number of domains, users or messages it can handle compared to iMail) I compared SmarterMail vs. IMail on two identical machines. A small ColdFusion application send 200'000 mails in 24 hours to both candidates. SNMP sensors reported CPU-load, Memory load and other data to a log server. SmarterMail used less of CPU-load, Memory, etc... Unfortunately, i didn't made the tests with a lot of domains, i was i an hurry. I like SmarterMail; but, being a relatively new company I couldn't find any information about existing clients or implementations that could be considered anything other than modest uses of the application. Ask their Support-People. Am Mittwoch, 26. Januar 2005 um 20:29 schrieben Sie: Has anyone evaluated SmarterMail with an eye on determining how robust or scalable it might be? (i.e., number of domains, users or messages it can handle compared to iMail) I like SmarterMail; but, being a relatively new company I couldn't find any information about existing clients or implementations that could be considered anything other than modest uses of the application. Has anyone load tested SmarterMail in either a lab or production environment? -- Original Message -- From: Martin Schaible [EMAIL PROTECTED] Reply-To:
RE: [IMail Forum] Filanet InterJak 200
Was wondering if you had taken a look at something called SpamCannibal at http://www.spamcannibal.org . no, but it sounds ok It is something akin to the Anvil feature you describe, but with a twist. The stated aim of the daemon on its website is, SpamCannibal's TCP/IP tarpit stops spam by telling the spam server to send very small packets. SpamCannibal then causes the spam server to retry sending over and over - ideally bringing the spam server to a virtual halt for a long time or perhaps indefinitely. I'm not in favor of counter-attacking with tarpitting. postfix has several interface points in the SMTP session. a recent one is a policy/proxy service hook, where somebody could write a spamcannibal equivalent. I AM in favor of DoSing all websites that spamvertize. I haven't tried setting up a Postfix box for this yet, but it sounds like fun. :-) ask on the postfix list if anybody has setup spamcannibal as postfix policy/proxy service. Len _ http://IMGate.MEIway.com : free anti-spam gateway, runs on 1000's of sites To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] Filanet InterJak 200
At 10:02 AM 1/27/2005, you wrote: Len, Was wondering if you had taken a look at something called SpamCannibal at http://www.spamcannibal.org . It is something akin to the Anvil feature you describe, but with a twist. The stated aim of the daemon on its website is, SpamCannibal's TCP/IP tarpit stops spam by telling the spam server to send very small packets. SpamCannibal then causes the spam server to retry sending over and over - ideally bringing the spam server to a virtual halt for a long time or perhaps indefinitely. and if you bring down a server that was exploited through no fault of the owner then what? They trace the problem to software you intentionally installed on your server knowing it would crash other peoples servers.and you are reported to your upstream provider or you are sued. This is a very bad idea. Delete incoming SPAM, block the IP, report it to the source, or to SpamCop, ect., but please don't try to crash servers that may be victims of exploits without anymore information other than SPAM was delivered from this address. I haven't tried setting up a Postfix box for this yet, but it sounds like fun. :-) William Van Hefner Network Administrator Vantek Communications, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Len Conrad Sent: Wednesday, January 26, 2005 7:22 AM To: IMail_Forum@list.ipswitch.com Subject: Re: [IMail Forum] Filanet InterJak 200 If you're willing to get your hands dirty and learn a bit of *nix I recommend pf on OpenBSD which is _very_ flexible and will let you 'tarpit' spammers (with spamd) if you wish. It's free and it'll run very well on a pII 350mhz with 128m of RAM. It is a bit of a learning curve if you're a Windows only guy but well worth it IMHO. Even easier is IMGate/postfix's anvil feature which will dynamically smtp-blocks/rate-limits any IP that connects to postfix more than x times in y minutes. anvilled IPs connect to port 25, postfix sends an immediate SMTP 421 code, and hangs up. postfix can probably do that 200 times/second without impacting legit operation. I would say the majority of msgs to unknown users come from subscriber access networks of millions infected PCs, each of which doesn't attack any one MX at a high rate of attempts, so rate limiting is not helpful. Len To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ ComsecNet Dedicated Data Services Stockton, CA Phone:(209) 463-2809 Fax:(209) 938-0481 Email: [EMAIL PROTECTED] Web: www.comsec.net This message is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient or an employee or agent responsible for delivering to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error please destroy this message and notify the sender by reply email. To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
Re: [IMail Forum] 550 not local host, but smtp authentication is enabled
What is the response to the EHLO command after you get the banner...there should be 2 AUTH lines listed as capabilities. If they are not there go to the advanced tab of the SMTP service and uncheck the disable SMTP Auth reporting. Bounce the service and try it again. Eric S - Original Message - From: Michele [EMAIL PROTECTED] To: IMail_Forum@list.ipswitch.com Sent: Thursday, January 27, 2005 1:10 PM Subject: Re: [IMail Forum] 550 not local host, but smtp authentication is enabled Hi, She sees: 220 hagrid.e-postoffice.net (IMail 8.14 71028-6) NT-ESMTP Server X1 Which is our mail server, so it doesn't look like a block. Any thoughts? Michele -- Original Message -- From: E. Shanbrom \(Ipswitch\) [EMAIL PROTECTED] Reply-To: IMail_Forum@list.ipswitch.com Date: Tue, 25 Jan 2005 12:59:46 -0500 what does she see as the banner of the telnet session to port 25? Eric S - Original Message - From: Travis Rabe [EMAIL PROTECTED] To: IMail_Forum@list.ipswitch.com Sent: Tuesday, January 25, 2005 12:47 PM Subject: RE: [IMail Forum] 550 not local host, but smtp authentication is enabled I completely disagree. If they are filtering this, then their mail server will respond with that message - plain and simple. Travis -Original Message- From: [EMAIL PROTECTED] [mailto:IMail_Forum- [EMAIL PROTECTED] On Behalf Of Dan Barker Sent: Tuesday, January 25, 2005 9:27 AM To: IMail_Forum@list.ipswitch.com Subject: RE: [IMail Forum] 550 not local host, but smtp authentication is enabled 550 message is from a mailserver, not a firewall. This isn't a filter issue. Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Duane Hill Sent: Tuesday, January 25, 2005 11:24 AM To: Michele Cuttitta Subject: Re: [IMail Forum] 550 not local host, but smtp authentication is enabled RoadRunner I believe is filtering port 25. On a differant server we have here, I had to enable a second SMTP listener on a differant port to make it work. When port 25 is filtered, it doesn't matter if you SMTP auth or not. On Tuesday, January 25, 2005 at 4:08:21 PM, [EMAIL PROTECTED] confabulated: Hi, We have a customer who is connecting to our IMail server via Outlook 2003, and I have verified that SMTP authentication is checked, but she is still getting the 550 not local host, not a gateway error. She says it has been happening for a few days now and her ISP is roadrunner in NY. Any thoughts? Thanks, Michele - Duane Hill Sr E-Mail Administrator http://www.yournetplus.com To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] Filanet InterJak 200
and if you bring down a server that was exploited through no fault of the owner then what? this was debated earlier. I was not dissuaded then, and I'm not repeating the debate now. direct damage to spamvertizers hits them in $$$, and collateral damage alerts the collateral victims to take their own action. I'm done. Len _ http://IMGate.MEIway.com : free anti-spam gateway, runs on 1000's of sites To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
AW: [IMail Forum] IMail 8.2 Beta Program Invitation
o Ability to detect hyperlinks in plain text emails and check them against the spam URL blacklist table. This is a feature long awaited from myself. Fantastic :)... To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
[IMail Forum] SpamCannibal (was another topic)
Gary, This is NOT like some arbitrary DOS attack. The sending server would only be choking on their -OWN- spam. As soon as the server admin kills all attempts to send spam from their server to my server (and others), everything goes back to normal. The tarpitting ONLY occurs as long as spam is actively being delivered from their server. This is the same premise behind RBLs, in that if everyone used an RBL, an offensive spamming server would not be able to send mail (spam or legit) to anyone. In this case, the program simply throttles or kills the servers ability to send spam or other traffic until they have dealt with the issue and STOPPED SPAMMING. Also, this is a two-step process. A spamming server already has to have been blacklisted for spamming previously/recently before the daemon will be triggered. By the time it gets to that point, an admin should already know what's going on, and has had an opportunity to do something about it. As soon as they stop sending spam, the problem goes away. Seems fair enough to me. FYI, I am only considering installing this on my secondary MX, where absolutely NO legit traffic belongs in the first place. If everyone installed this program on their secondary MX, the abuse of secondaries would quickly vanish. William Van Hefner Network Administrator Vantek Communications, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gary Brumm Sent: Thursday, January 27, 2005 10:31 AM To: IMail_Forum@list.ipswitch.com Subject: RE: [IMail Forum] Filanet InterJak 200 At 10:02 AM 1/27/2005, you wrote: Len, Was wondering if you had taken a look at something called SpamCannibal at http://www.spamcannibal.org . It is something akin to the Anvil feature you describe, but with a twist. The stated aim of the daemon on its website is, SpamCannibal's TCP/IP tarpit stops spam by telling the spam server to send very small packets. SpamCannibal then causes the spam server to retry sending over and over - ideally bringing the spam server to a virtual halt for a long time or perhaps indefinitely. and if you bring down a server that was exploited through no fault of the owner then what? They trace the problem to software you intentionally installed on your server knowing it would crash other peoples servers.and you are reported to your upstream provider or you are sued. This is a very bad idea. Delete incoming SPAM, block the IP, report it to the source, or to SpamCop, ect., but please don't try to crash servers that may be victims of exploits without anymore information other than SPAM was delivered from this address. I haven't tried setting up a Postfix box for this yet, but it sounds like fun. :-) William Van Hefner Network Administrator Vantek Communications, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Len Conrad Sent: Wednesday, January 26, 2005 7:22 AM To: IMail_Forum@list.ipswitch.com Subject: Re: [IMail Forum] Filanet InterJak 200 If you're willing to get your hands dirty and learn a bit of *nix I recommend pf on OpenBSD which is _very_ flexible and will let you 'tarpit' spammers (with spamd) if you wish. It's free and it'll run very well on a pII 350mhz with 128m of RAM. It is a bit of a learning curve if you're a Windows only guy but well worth it IMHO. Even easier is IMGate/postfix's anvil feature which will dynamically smtp-blocks/rate-limits any IP that connects to postfix more than x times in y minutes. anvilled IPs connect to port 25, postfix sends an immediate SMTP 421 code, and hangs up. postfix can probably do that 200 times/second without impacting legit operation. I would say the majority of msgs to unknown users come from subscriber access networks of millions infected PCs, each of which doesn't attack any one MX at a high rate of attempts, so rate limiting is not helpful. Len To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ ComsecNet Dedicated Data Services Stockton, CA Phone:(209) 463-2809 Fax:(209) 938-0481 Email: [EMAIL PROTECTED] Web: www.comsec.net This message is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient or an employee or agent responsible for delivering
Re: [IMail Forum] Null Headers, Null senders, Null bodies.
Null Headers, Null senders, Null bodies, or just entire blank messages. How can I stop them from getting through Imail? In most cases, these are due to AV programs being run improperly on the IMail server. If you have an on-access virus scanner running on the IMail server, it must be set not to scan the \IMail directory or subdirectories. -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. This outgoing message is guaranteed to be authentic by Message Level users. Guarantee the authenticity of your email @ http://www.messagelevel.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] Filanet InterJak 200
this was debated earlier. I was not dissuaded then, and I'm not repeating the debate now. direct damage to spamvertizers hits them in $$$, and collateral damage alerts the collateral victims to take their own action. My laugh for the day. I'm not repeating the debate? I usually write a few filler sentences before I contradict myself. Maybe I can take one for the team and bring up Hitler and breastfeeding. That ought to kill the thread. Paul Navarre To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
Re: [IMail Forum] SpamCannibal (was another topic)
At 11:09 AM 1/27/2005, you wrote: Gary, This is NOT like some arbitrary DOS attack. The sending server would only be choking on their -OWN- spam. As soon as the server admin kills all attempts to send spam from their server to my server (and others), everything goes back to normal. The tarpitting ONLY occurs as long as spam is actively being delivered from their server. Hi William, Yes, but while you are attacking the offending server you are also interfering with the processing of legitimate email. This action may cause loss of customers and result in legal action. How would you feel if I was crashing your server because IMail had a bug (what are the odds of that :-) ) that someone had exploited and was sending SPAM through your server? I just had someone exploit a statistic server running on one of our machines. We received several reports of spam related to one of our IP's. We were able to track down the problem and fix it quickly. I realize that all providers are not so responsive. If someone had managed to crash the machine it would have taken 100+ websites offline and punished many people who were not at fault (not to mention it would really pizz me off :-)). All a real spammer would have to do is block your IP and go back to business. This is the same premise behind RBLs, in that if everyone used an RBL, an offensive spamming server would not be able to send mail (spam or legit) to anyone. In this case, the program simply throttles or kills the servers ability to send spam or other traffic until they have dealt with the issue and STOPPED SPAMMING. RBL's are elective (we use them) and only affect delivery to our customers. This is a completely different thing than attacking someone else's server. Also, this is a two-step process. A spamming server already has to have been blacklisted for spamming previously/recently before the daemon will be triggered. By the time it gets to that point, an admin should already know what's going on, and has had an opportunity to do something about it. As soon as they stop sending spam, the problem goes away. Seems fair enough to me. FYI, I am only considering installing this on my secondary MX, where absolutely NO legit traffic belongs in the first place. If everyone installed this program on their secondary MX, the abuse of secondaries would quickly vanish. Believe me, I hate spam and spammers as much as anyone but I don't want to crash legitimate servers that have been exploited. If I see a certain source of persistent spam I have no problem with its IP being blocked (our IP blocking expires after a time so if the problem is resolved the IP becomes useable again) or it being reported to an RBL. But I completely understand how you feel and I used to feel the same way before I had products like Declude (in my case) that have at least made the problem more manageable. Cheers, Gary William Van Hefner Network Administrator Vantek Communications, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gary Brumm Sent: Thursday, January 27, 2005 10:31 AM To: IMail_Forum@list.ipswitch.com Subject: RE: [IMail Forum] Filanet InterJak 200 At 10:02 AM 1/27/2005, you wrote: Len, Was wondering if you had taken a look at something called SpamCannibal at http://www.spamcannibal.org . It is something akin to the Anvil feature you describe, but with a twist. The stated aim of the daemon on its website is, SpamCannibal's TCP/IP tarpit stops spam by telling the spam server to send very small packets. SpamCannibal then causes the spam server to retry sending over and over - ideally bringing the spam server to a virtual halt for a long time or perhaps indefinitely. and if you bring down a server that was exploited through no fault of the owner then what? They trace the problem to software you intentionally installed on your server knowing it would crash other peoples servers.and you are reported to your upstream provider or you are sued. This is a very bad idea. Delete incoming SPAM, block the IP, report it to the source, or to SpamCop, ect., but please don't try to crash servers that may be victims of exploits without anymore information other than SPAM was delivered from this address. I haven't tried setting up a Postfix box for this yet, but it sounds like fun. :-) William Van Hefner Network Administrator Vantek Communications, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Len Conrad Sent: Wednesday, January 26, 2005 7:22 AM To: IMail_Forum@list.ipswitch.com Subject: Re: [IMail Forum] Filanet InterJak 200 If you're willing to get your hands dirty and learn a bit of *nix I recommend pf on OpenBSD which is _very_ flexible and will let you 'tarpit' spammers (with spamd) if you wish. It's free and it'll run very well on a pII 350mhz with 128m of RAM. It is a
Re: [IMail Forum] SpamCannibal (was another topic)
On Thursday, January 27, 2005, 14:09:10, William Van Hefner wrote: ... FYI, I am only considering installing this on my secondary MX, where absolutely NO legit traffic belongs in the first place. You'll have to clarify this one for me. If there's a network hiccup, or you're rebooting, or whatever that prevents a server from connecting to your primary MTA they're going to try connecting to your secondary. How can this not be considered legit traffic? -- [EMAIL PROTECTED] The avalanche has already started, it is too Rod Dorman late for the pebbles to vote. Ambassador Kosh To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] SpamCannibal (was another topic)
Rod, The only time that any legitimate traffic should flow through our secondary MX is when the primary is down completely. Our downtime on the primary network is so negligible that the more restrictive anti-spam filtering is really not worth worrying about. Keep in mind, even if our primary was down for hours, the only servers that would be affected are those that are already blacklisted from having sent e-mail to spam traps recently. In reality, the secondary MX I am talking about will actually be our LAST MX (tertiary???), which is at a different location on a different feed. A true second MX will be on that same circuit, and will act as the primary back up. I probably should have stated that previously, but couldn't figure out the word for third MX. :-) In the event of any failure of our primary circuit/server, all traffic should go to the secondary. Never, ever, ever should a single piece of legitimate e-mail go to the third MX. There is absolutely no conceivable circumstance (outside of a deranged sysadmin, who should probably be fired) that any legitimate mail server would ever connect to an MX with a priority of 50, when a server with a priority of 10 or even 30 is available. I am having this box reject pretty much everything, and will put the SapmCannibal there. That's the perfect position for it, IMHO. William Van Hefner Network Administrator Vantek Communications, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rod Dorman Sent: Thursday, January 27, 2005 1:09 PM To: IMail_Forum@list.ipswitch.com Subject: Re: [IMail Forum] SpamCannibal (was another topic) On Thursday, January 27, 2005, 14:09:10, William Van Hefner wrote: ... FYI, I am only considering installing this on my secondary MX, where absolutely NO legit traffic belongs in the first place. You'll have to clarify this one for me. If there's a network hiccup, or you're rebooting, or whatever that prevents a server from connecting to your primary MTA they're going to try connecting to your secondary. How can this not be considered legit traffic? -- [EMAIL PROTECTED] The avalanche has already started, it is too Rod Dorman late for the pebbles to vote. ? Ambassador Kosh To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
[IMail Forum] Virus scanner crashing on 2003 server
Title: Message Does anyone have a problem with the IMail virus scanner crashing on 2003 server? I have a client who constantly has to stop/restart the service and I just can't figure out what's going on. HELP! Thank you, Barry
RE: [IMail Forum] SpamCannibal (was another topic)
The only time that any legitimate traffic should flow through our secondary MX is when the primary is down completely. never, ever ??? not very humble, you IMHO In practice, simply not true, so don't bet any money on it. I admin several ISPs' MX1/2 where I see legit traffic hitting mx2 when mx1 has been up and handling traffic constantly. If there were a mx3, I would expect it to get traffic, too. yes, MOST of the traffic to backup MXs is crap, but surprisingly large amt is legit. Another error on your part: the MX preference field is sorted numerically ascending, such that 1, 2, 3 is effectively the same as 1, 2, 3000. Len _ http://IMGate.MEIway.com : free anti-spam gateway, runs on 1000's of sites To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] SpamCannibal (was another topic)
The only time that any legitimate traffic should flow through our secondary MX is when the primary is down completely. never, ever ??? not very humble, you IMHO In practice, simply not true, so don't bet any money on it. You are correct -- it the *remote* mailserver has a temporary problem with their Internet connection, the connection to the primary may fail, and the mailserver will contact the backup. So legitimate traffic definitely can go to the backup. -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. This outgoing message is guaranteed to be authentic by Message Level users. Guarantee the authenticity of your email @ http://www.messagelevel.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] SpamCannibal (was another topic)
Len, Point taken on the numbering thing. My bad. Maybe I should have said there never should be any legit traffic, rather than there never is any. Technically, there is no legitimate reason for any traffic to hit such a box. Other than a purposefully misconfigured mail server, how/why would mail pass up a server with a priority of 20 vs. one of 50 on the same network, sitting right next to each other? I am guessing that your servers are probably on different networks? If someone has purposefully violated RFCs to modify their mail server to deliver to the server with the lowest priority first, they deserve to be blocked as far as I am concerned. If they are on a blacklist on top of that, AND are spamming me, well, they get what they deserve. William Van Hefner Network Administrator Vantek Communications, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Len Conrad Sent: Thursday, January 27, 2005 1:59 PM To: IMail_Forum@list.ipswitch.com Subject: RE: [IMail Forum] SpamCannibal (was another topic) The only time that any legitimate traffic should flow through our secondary MX is when the primary is down completely. never, ever ??? not very humble, you IMHO In practice, simply not true, so don't bet any money on it. I admin several ISPs' MX1/2 where I see legit traffic hitting mx2 when mx1 has been up and handling traffic constantly. If there were a mx3, I would expect it to get traffic, too. yes, MOST of the traffic to backup MXs is crap, but surprisingly large amt is legit. Another error on your part: the MX preference field is sorted numerically ascending, such that 1, 2, 3 is effectively the same as 1, 2, 3000. Len _ http://IMGate.MEIway.com : free anti-spam gateway, runs on 1000's of sites To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
Re: [IMail Forum] SpamCannibal (was another topic)
I have found that some newsletters/legitimate bulk-mailing software will hit lower priority MX's, possibly by design (some setups don't have spam blocking configured for backups which makes them more desirable to hit, but also some software doesn't bother with MX priority, they just take the first entry returned). Because zombie spamware regularly ignores MX priorities, we set up 4 MX records with 4 different priorities and made sure that our DNS was round-robined, meaning that the records would be returned in random order, but that doesn't matter to a complaint SMTP server which should choose the proper priority. Spamware seems to just simply choose the first MX record returned, so when round-robined, that means that zombie spamware is evenly divided over our 4 records. This is effective enough that we then use Declude to filter for hits on all but the primary MX record, and we add points for such hits. It is very effective since hits to our MX3 and MX4 are 99.9% spam. Hits on our MX2 are scored lower since their is more legitimate traffic that may hit it and it is on a separate box on a separate network. MX3 and MX4 are on the same box as MX1, so technically, those should almost never be hit by anything remotely legitimate. Matt R. Scott Perry wrote: The only time that any legitimate traffic should flow through our secondary MX is when the primary is down completely. never, ever ??? not very humble, you IMHO In practice, simply not true, so don't bet any money on it. You are correct -- it the *remote* mailserver has a temporary problem with their Internet connection, the connection to the primary may fail, and the mailserver will contact the backup. So legitimate traffic definitely can go to the backup. -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. This outgoing message is guaranteed to be authentic by Message Level users. Guarantee the authenticity of your email @ http://www.messagelevel.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ -- = MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ = To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] SpamCannibal (was another topic)
Scott, Exactly. That is why I am putting this on a server with a priority of 50. There is a primary with a priority of 10 (on another network), and a secondary with a priority of 30 sitting right next to it on the same network. Even if the primary server or entire circuit is down, it should still not skip the secondary with an MX of 30. William Van Hefner Network Administrator Vantek Communications, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of R. Scott Perry Sent: Thursday, January 27, 2005 2:06 PM To: IMail_Forum@list.ipswitch.com Subject: RE: [IMail Forum] SpamCannibal (was another topic) The only time that any legitimate traffic should flow through our secondary MX is when the primary is down completely. never, ever ??? not very humble, you IMHO In practice, simply not true, so don't bet any money on it. You are correct -- it the *remote* mailserver has a temporary problem with their Internet connection, the connection to the primary may fail, and the mailserver will contact the backup. So legitimate traffic definitely can go to the backup. -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. This outgoing message is guaranteed to be authentic by Message Level users. Guarantee the authenticity of your email @ http://www.messagelevel.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
Re[2]: [IMail Forum] SpamCannibal (was another topic)
Technically, there is no legitimate reason for any traffic to hit such a box. You said that the box in question -- the tertiary, where you're thinking of deploying SpamCannibal -- is on a different location on a different feed. This is precisely the reason that legitimate mail _will_ flow there due to remote network issues. If you'll get satisfaction from the SpamCannibal concept, why don't you just register some dummy domains, propagate thousands of addresses at these dummies, and point their MX records at a separate tarpit? I think the whole concept is deeply flawed (probably vaporware in terms of its actual effect), but it makes more sense to create dedicated SC boxes than to bank on public MX records for real domains never getting legit mail. --Sandy Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] SpamAssassin plugs into Declude! http://www.mailmage.com/products/software/freeutils/SPAMC32/download/release/ Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases! http://www.mailmage.com/products/software/freeutils/exchange2aliases/download/release/ http://www.mailmage.com/products/software/freeutils/ldap2aliases/download/release/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] SpamCannibal (was another topic)
Matt, I do not consider ANY bulk mailer that purposefully violates RFCs legitimate. Heck, AOL will delete or bounce your mail just for not having a properly configured PTR. In my mind, purposefully violating RFCs for the express intent of deceiving/avoiding spam filters is enough reason to reject their mail, if they are doing it on a consistent basis. I mean, why have RFCs, if some admins feel that they don't apply to them? At least with PTRs, you can chalk some of those cases up to temporary problems of switching underlying networks or simple mistakes by admins. In order to send out bulk mailings to MXs in reverse order, you have to go WAY out of your way to modify a mail server or software to do something like that. There are no legit mail servers that do this in the default configuration. INTENT TO DECEIVE your mail server to accept their mail is the only reason someone would do something like this. In the end, its really all about money to these people though. If your solution works for you, great. On my system, 100% of the mail sent to the second or third MX is spam, or is sent by some shady bulk mailer. I have a much, much lower threshold for deleting spam on those servers. Any bulk mailers that want to get their garbage through the last MX (third) server will need to be whitelisted in the future, or pay me extra for the privilege of relaying their mailings via a server that they shouldn't even have to exist. William Van Hefner Network Administrator Vantek Communications, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matt Sent: Thursday, January 27, 2005 2:22 PM To: IMail_Forum@list.ipswitch.com Subject: Re: [IMail Forum] SpamCannibal (was another topic) I have found that some newsletters/legitimate bulk-mailing software will hit lower priority MX's, possibly by design (some setups don't have spam blocking configured for backups which makes them more desirable to hit, but also some software doesn't bother with MX priority, they just take the first entry returned). Because zombie spamware regularly ignores MX priorities, we set up 4 MX records with 4 different priorities and made sure that our DNS was round-robined, meaning that the records would be returned in random order, but that doesn't matter to a complaint SMTP server which should choose the proper priority. Spamware seems to just simply choose the first MX record returned, so when round-robined, that means that zombie spamware is evenly divided over our 4 records. This is effective enough that we then use Declude to filter for hits on all but the primary MX record, and we add points for such hits. It is very effective since hits to our MX3 and MX4 are 99.9% spam. Hits on our MX2 are scored lower since their is more legitimate traffic that may hit it and it is on a separate box on a separate network. MX3 and MX4 are on the same box as MX1, so technically, those should almost never be hit by anything remotely legitimate. Matt R. Scott Perry wrote: The only time that any legitimate traffic should flow through our secondary MX is when the primary is down completely. never, ever ??? not very humble, you IMHO In practice, simply not true, so don't bet any money on it. You are correct -- it the *remote* mailserver has a temporary problem with their Internet connection, the connection to the primary may fail, and the mailserver will contact the backup. So legitimate traffic definitely can go to the backup. -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. This outgoing message is guaranteed to be authentic by Message Level users. Guarantee the authenticity of your email @ http://www.messagelevel.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ -- = MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ = To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ:
RE: Re[2]: [IMail Forum] SpamCannibal (was another topic)
Sandy, Looks like our messages crossed, or we are miscommunication. The second and third servers are both on the same network. The primary is the one on the different network. So, if the primary is down, it should hit the #2 server first, not the third, since they are on the same feed, right next to each other. William Van Hefner Network Administrator Vantek Communications, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sanford Whiteman Sent: Thursday, January 27, 2005 2:44 PM To: William Van Hefner Subject: Re[2]: [IMail Forum] SpamCannibal (was another topic) Technically, there is no legitimate reason for any traffic to hit such a box. You said that the box in question -- the tertiary, where you're thinking of deploying SpamCannibal -- is on a different location on a different feed. This is precisely the reason that legitimate mail _will_ flow there due to remote network issues. If you'll get satisfaction from the SpamCannibal concept, why don't you just register some dummy domains, propagate thousands of addresses at these dummies, and point their MX records at a separate tarpit? I think the whole concept is deeply flawed (probably vaporware in terms of its actual effect), but it makes more sense to create dedicated SC boxes than to bank on public MX records for real domains never getting legit mail. --Sandy Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] SpamAssassin plugs into Declude! http://www.mailmage.com/products/software/freeutils/SPAMC32/do wnload/release/ Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases! http://www.mailmage.com/products/software/freeutils/exchange2aliases/downloa d/release/ http://www.mailmage.com/products/software/freeutils/ldap2aliases/download/re lease/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] SpamCannibal (was another topic)
William, I believe that reporting to a RBL, blocking an IP, or deleting email that you classify as spam is relatively passive as opposed to disabling someone's server which is a bit more of an active approach (IMHO). I see that you appear to be a small provider (as am I) and are located in California. As a fellow Californian I am sure you are aware that in this state more than just about anywhere else a lawsuit doesn't have to make sense to be filed or even won. If you take down a server from a company with deep pockets they can bankrupt you even if they don't win just by running up the cost of your defense. For the record this is one of the things that I absolutely hate about this state but it is an unfortunate reality at this time. I would give it a great deal of thought before using doing something that could potentially damage another companies business. I hope your frustration with the spam problem doesn't backfire on you. If you ever receive spam from one of our servers please forward the details and we will fix it (we don't like being hijacked anymore than we like receiving spam:-)). Regards, Gary At 01:57 PM 1/27/2005, you wrote: Gary, I think that we vastly differ on what constitutes an attack. This is not revenge, as you probably see it. It is pure defense, from my point of view. Keep in mind, the spamming server can stop the tarpitting AT ANY TIME, simply by stopping the stream of spam they are sending to me. He stops, I stop. Period. No revenge. No vigilante party. I am purely reflecting the attack back at them. Just as my own mail servers can be slowed down to a crawl or stopped entirely by spammers, I am simply shifting the burden back where it actually belongs. I am sending their spam back to them, with postage due. THEY are the ones launching the attack on MY server, not the other way around! All I am doing is making them choke on their OWN messages. I am no more blocking the delivery of legitimate e-mail than blacklists or RBLs are. These people are illegally trespassing on my property. Anyone reading our anti-spam policies knows that they are unwanted, and the vast majority of spams are in violation of the wussy CAN-SPAM Act. In my home, and on my servers, anyone attempting to break-in is shot on sight. Questions asked later. If other admins don't like it, all they have to do is kill the queued spam they are sending to me and to others. It's the incompetent admin who is responsible if their other subscriber's e-mails don't get through, not me, just as it is for mail admins who run open relays. No jury in the world who has ever received spam would convict me! William Van Hefner Network Administrator Vantek Communications, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gary Brumm Sent: Thursday, January 27, 2005 12:37 PM To: IMail_Forum@list.ipswitch.com Subject: Re: [IMail Forum] SpamCannibal (was another topic) At 11:09 AM 1/27/2005, you wrote: Gary, This is NOT like some arbitrary DOS attack. The sending server would only be choking on their -OWN- spam. As soon as the server admin kills all attempts to send spam from their server to my server (and others), everything goes back to normal. The tarpitting ONLY occurs as long as spam is actively being delivered from their server. Hi William, Yes, but while you are attacking the offending server you are also interfering with the processing of legitimate email. This action may cause loss of customers and result in legal action. How would you feel if I was crashing your server because IMail had a bug (what are the odds of that :-) ) that someone had exploited and was sending SPAM through your server? I just had someone exploit a statistic server running on one of our machines. We received several reports of spam related to one of our IP's. We were able to track down the problem and fix it quickly. I realize that all providers are not so responsive. If someone had managed to crash the machine it would have taken 100+ websites offline and punished many people who were not at fault (not to mention it would really pizz me off :-)). All a real spammer would have to do is block your IP and go back to business. This is the same premise behind RBLs, in that if everyone used an RBL, an offensive spamming server would not be able to send mail (spam or legit) to anyone. In this case, the program simply throttles or kills the servers ability to send spam or other traffic until they have dealt with the issue and STOPPED SPAMMING. RBL's are elective (we use them) and only affect delivery to our customers. This is a completely different thing than attacking someone else's server. Also, this is a two-step process. A spamming server already has to have been blacklisted for spamming previously/recently before the daemon will be triggered. By the time it gets to that point, an admin should already know what's going on,
Re: [IMail Forum] SpamCannibal (was another topic)
Hey, do whatever you want, it's your server and your customers, and as long as you are bouncing this stuff, it's no skin off my back. I was merely describing the realities of what is going on with lower priority MX hits. This supports most of your assertion, however here is a very big difference between 100% and 99.9% accuracy, or what I would consider to be about 99.5% accuracy with our second priority server. My view as a spam and virus blocking service is that delivering the good E-mail is my first priority, and blocking the bad is the second. We have few problems with either, and we don't have to take heavy handed tactics like this to achieve our goals. We don't penalize people for being stupid, we work around it. In fact, it's the lack of sophistication, practices, or the improper priorities of other companies that makes us look so good in comparison. The 99.7% block rates with 0.03% false positives for the typical domain doesn't hurt either :) Matt William Van Hefner wrote: Matt, I do not consider ANY bulk mailer that purposefully violates RFCs "legitimate". Heck, AOL will delete or bounce your mail just for not having a properly configured PTR. In my mind, purposefully violating RFCs for the express intent of deceiving/avoiding spam filters is enough reason to reject their mail, if they are doing it on a consistent basis. I mean, why have RFCs, if some admins feel that they don't apply to them? At least with PTRs, you can chalk some of those cases up to temporary problems of switching underlying networks or simple mistakes by admins. In order to send out bulk mailings to MXs in reverse order, you have to go WAY out of your way to modify a mail server or software to do something like that. There are no legit mail servers that do this in the default configuration. INTENT TO DECEIVE your mail server to accept their mail is the only reason someone would do something like this. In the end, its really all about money to these people though. If your solution works for you, great. On my system, 100% of the mail sent to the second or third MX is spam, or is sent by some shady bulk mailer. I have a much, much lower threshold for deleting spam on those servers. Any bulk mailers that want to get their garbage through the last MX (third) server will need to be whitelisted in the future, or pay me extra for the privilege of relaying their mailings via a server that they shouldn't even have to exist. William Van Hefner Network Administrator Vantek Communications, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Matt Sent: Thursday, January 27, 2005 2:22 PM To: IMail_Forum@list.ipswitch.com Subject: Re: [IMail Forum] SpamCannibal (was another topic) I have found that some newsletters/legitimate bulk-mailing software will hit lower priority MX's, possibly by design (some setups don't have spam blocking configured for backups which makes them more desirable to hit, but also some software doesn't bother with MX priority, they just take the first entry returned). Because zombie spamware regularly ignores MX priorities, we set up 4 MX records with 4 different priorities and made sure that our DNS was round-robined, meaning that the records would be returned in random order, but that doesn't matter to a complaint SMTP server which should choose the proper priority. Spamware seems to just simply choose the first MX record returned, so when round-robined, that means that zombie spamware is evenly divided over our 4 records. This is effective enough that we then use Declude to filter for hits on all but the primary MX record, and we add points for such hits. It is very effective since hits to our MX3 and MX4 are 99.9% spam. Hits on our MX2 are scored lower since their is more legitimate traffic that may hit it and it is on a separate box on a separate network. MX3 and MX4 are on the same box as MX1, so technically, those should almost never be hit by anything remotely legitimate. Matt R. Scott Perry wrote: The only time that any legitimate traffic should flow through our "secondary MX" is when the primary is down completely. "never, ever" ??? not very humble, you "IMHO" In practice, simply not true, so don't bet any money on it. You are correct -- it the *remote* mailserver has a temporary problem with their Internet connection, the connection to the primary may fail, and the mailserver will contact the backup. So legitimate traffic definitely can go to the backup. -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation.
RE: [IMail Forum] SpamCannibal (was another topic)
You are correct -- it the *remote* mailserver has a temporary problem with their Internet connection, the connection to the primary may fail, and the mailserver will contact the backup. So legitimate traffic definitely can go to the backup. Exactly. That is why I am putting this on a server with a priority of 50. There is a primary with a priority of 10 (on another network), and a secondary with a priority of 30 sitting right next to it on the same network. Even if the primary server or entire circuit is down, it should still not skip the secondary with an MX of 30. If that temporary problem lasts a few extra seconds, the attempt to the 2nd mailserver can fail too, causing the remote mailserver to hit the 3rd mailserver. Rare, yes. Probably rare enough to have very strict spam control on the 3rd mailserver (but not rare enough to delete it, at least for most people). -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. This outgoing message is guaranteed to be authentic by Message Level users. Guarantee the authenticity of your email @ http://www.messagelevel.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
[IMail Forum] Imap Frequently Disconnects
Anyone know an easy way to keep an Imap connection active between server client? Remote users (the farther away the worse the problem) are having their connection to the sent box disconnect after a few minutes of inactivity (so they get errors when their client saves a copy of their message), and the only way they seem to fix it is to look in the sent box before sending a message. Just having them save their sent messages to a local folder doesn't work for all clients either, as file copies need to be stored on the server. To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] SpamCannibal (was another topic)
Scott, If I had two different servers at two different locations (and feeds) both tank simultaneously, I'd probably have more problems to worry about than spam. :-) Seriously, my backup servers (everything but the primary) are located in my house, so I keep a pretty close eye on them. If the second server ever went down, I would likely be 10 feet away and could closely monitor any traffic hitting the third server. William Van Hefner Network Administrator Vantek Communications, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of R. Scott Perry Sent: Thursday, January 27, 2005 3:18 PM To: IMail_Forum@list.ipswitch.com Subject: RE: [IMail Forum] SpamCannibal (was another topic) You are correct -- it the *remote* mailserver has a temporary problem with their Internet connection, the connection to the primary may fail, and the mailserver will contact the backup. So legitimate traffic definitely can go to the backup. Exactly. That is why I am putting this on a server with a priority of 50. There is a primary with a priority of 10 (on another network), and a secondary with a priority of 30 sitting right next to it on the same network. Even if the primary server or entire circuit is down, it should still not skip the secondary with an MX of 30. If that temporary problem lasts a few extra seconds, the attempt to the 2nd mailserver can fail too, causing the remote mailserver to hit the 3rd mailserver. Rare, yes. Probably rare enough to have very strict spam control on the 3rd mailserver (but not rare enough to delete it, at least for most people). -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. This outgoing message is guaranteed to be authentic by Message Level users. Guarantee the authenticity of your email @ http://www.messagelevel.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] SpamCannibal (was another topic)
Gary, I could only hope that the spammer who targets me resides in California, as criminal code pertaining to hacking and spamming make what most spammers do within this state a felony, not just some piddly civil offense. As far as I know, the CAN-SPAM Act can only override state civil laws, and not criminal ones. Fortunately, I have a good attorney, and am not too worried about getting sued by a spammer, let alone an ISP that got tarpitted. I'm sure that I would be the least of their worries if they got their mail server owned by a spammer anyway. I don't think that SpamCannibal could possibly kill any reasonably designed mail server that was trying to deliver a single message to my server. It would take hitting multiple SpamCannibal servers in order to do any actual damage, if you want to call it that. My server would only slow them down a bit and stop their spam delivery to me. That's certainly nothing that they could collect any damages for. William Van Hefner Network Administrator Vantek Communications, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gary Brumm Sent: Thursday, January 27, 2005 3:02 PM To: IMail_Forum@list.ipswitch.com Subject: RE: [IMail Forum] SpamCannibal (was another topic) William, I believe that reporting to a RBL, blocking an IP, or deleting email that you classify as spam is relatively passive as opposed to disabling someone's server which is a bit more of an active approach (IMHO). I see that you appear to be a small provider (as am I) and are located in California. As a fellow Californian I am sure you are aware that in this state more than just about anywhere else a lawsuit doesn't have to make sense to be filed or even won. If you take down a server from a company with deep pockets they can bankrupt you even if they don't win just by running up the cost of your defense. For the record this is one of the things that I absolutely hate about this state but it is an unfortunate reality at this time. I would give it a great deal of thought before using doing something that could potentially damage another companies business. I hope your frustration with the spam problem doesn't backfire on you. If you ever receive spam from one of our servers please forward the details and we will fix it (we don't like being hijacked anymore than we like receiving spam:-)). Regards, Gary At 01:57 PM 1/27/2005, you wrote: Gary, I think that we vastly differ on what constitutes an attack. This is not revenge, as you probably see it. It is pure defense, from my point of view. Keep in mind, the spamming server can stop the tarpitting AT ANY TIME, simply by stopping the stream of spam they are sending to me. He stops, I stop. Period. No revenge. No vigilante party. I am purely reflecting the attack back at them. Just as my own mail servers can be slowed down to a crawl or stopped entirely by spammers, I am simply shifting the burden back where it actually belongs. I am sending their spam back to them, with postage due. THEY are the ones launching the attack on MY server, not the other way around! All I am doing is making them choke on their OWN messages. I am no more blocking the delivery of legitimate e-mail than blacklists or RBLs are. These people are illegally trespassing on my property. Anyone reading our anti-spam policies knows that they are unwanted, and the vast majority of spams are in violation of the wussy CAN-SPAM Act. In my home, and on my servers, anyone attempting to break-in is shot on sight. Questions asked later. If other admins don't like it, all they have to do is kill the queued spam they are sending to me and to others. It's the incompetent admin who is responsible if their other subscriber's e-mails don't get through, not me, just as it is for mail admins who run open relays. No jury in the world who has ever received spam would convict me! William Van Hefner Network Administrator Vantek Communications, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gary Brumm Sent: Thursday, January 27, 2005 12:37 PM To: IMail_Forum@list.ipswitch.com Subject: Re: [IMail Forum] SpamCannibal (was another topic) At 11:09 AM 1/27/2005, you wrote: Gary, This is NOT like some arbitrary DOS attack. The sending server would only be choking on their -OWN- spam. As soon as the server admin kills all attempts to send spam from their server to my server (and others), everything goes back to normal. The tarpitting ONLY occurs as long as spam is actively being delivered from their server. Hi William, Yes, but while you are attacking the offending server you are also interfering with the processing of legitimate email. This action may cause loss of customers and
RE: [IMail Forum] SpamCannibal (was another topic)
Matt, Fortunately, if you want to call it that, I am small enough so that I can keep a very close eye on what makes it way through our servers. I go through logs every night. Our block rates are very similar to yours, though the term false positives can often be in the eye of the beholder. :-) Fortunately, it is rare that false positives are an issue, and most of my customers are pretty ecstatic about the amount of spam reduction we bring them. With the addition of whitelisting, false-positives are rare, indeed. FWIW, I managed to write one rule in the past year that backfired on me by deleting anything with Cialis in the Subject: line. As it turns out, one of our subscribers receives a newsletter aimed at soCIALISts. I wonder how many of you will get this message trapped? :-) Fortunately, I saw this message get trapped in the logs and fixed the problem the same day. William Van Hefner Network Administrator Vantek Communications, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matt Sent: Thursday, January 27, 2005 3:17 PM To: IMail_Forum@list.ipswitch.com Subject: Re: [IMail Forum] SpamCannibal (was another topic) Hey, do whatever you want, it's your server and your customers, and as long as you are bouncing this stuff, it's no skin off my back. I was merely describing the realities of what is going on with lower priority MX hits. This supports most of your assertion, however here is a very big difference between 100% and 99.9% accuracy, or what I would consider to be about 99.5% accuracy with our second priority server. My view as a spam and virus blocking service is that delivering the good E-mail is my first priority, and blocking the bad is the second. We have few problems with either, and we don't have to take heavy handed tactics like this to achieve our goals. We don't penalize people for being stupid, we work around it. In fact, it's the lack of sophistication, practices, or the improper priorities of other companies that makes us look so good in comparison. The 99.7% block rates with 0.03% false positives for the typical domain doesn't hurt either :) Matt William Van Hefner wrote: Matt, I do not consider ANY bulk mailer that purposefully violates RFCs legitimate. Heck, AOL will delete or bounce your mail just for not having a properly configured PTR. In my mind, purposefully violating RFCs for the express intent of deceiving/avoiding spam filters is enough reason to reject their mail, if they are doing it on a consistent basis. I mean, why have RFCs, if some admins feel that they don't apply to them? At least with PTRs, you can chalk some of those cases up to temporary problems of switching underlying networks or simple mistakes by admins. In order to send out bulk mailings to MXs in reverse order, you have to go WAY out of your way to modify a mail server or software to do something like that. There are no legit mail servers that do this in the default configuration. INTENT TO DECEIVE your mail server to accept their mail is the only reason someone would do something like this. In the end, its really all about money to these people though. If your solution works for you, great. On my system, 100% of the mail sent to the second or third MX is spam, or is sent by some shady bulk mailer. I have a much, much lower threshold for deleting spam on those servers. Any bulk mailers that want to get their garbage through the last MX (third) server will need to be whitelisted in the future, or pay me extra for the privilege of relaying their mailings via a server that they shouldn't even have to exist. William Van Hefner Network Administrator Vantek Communications, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matt Sent: Thursday, January 27, 2005 2:22 PM To: IMail_Forum@list.ipswitch.com Subject: Re: [IMail Forum] SpamCannibal (was another topic) I have found that some newsletters/legitimate bulk-mailing software will hit lower priority MX's, possibly by design (some setups don't have spam blocking configured for backups which makes them more desirable to hit, but also some software doesn't bother with MX priority, they just take the first entry returned). Because zombie spamware regularly ignores MX priorities, we set up 4 MX records with 4 different priorities and made sure that our DNS was round-robined, meaning that the records would be returned in random order, but that doesn't matter to a complaint SMTP server which should choose the proper priority. Spamware seems to just simply choose the first MX record returned, so when round-robined, that means that zombie spamware is evenly divided over our 4 records. This is effective enough that we then use Declude to filter for hits on all but the primary MX record, and we add points for such hits. It is very effective since hits to our MX3 and MX4 are 99.9% spam. Hits on our MX2 are scored lower since
RE: [IMail Forum] Imap Frequently Disconnects
First I would ensure that they are PURGING their e-mail on at the least a weekly basis. If they are using outlook or outlook express they need to purge their e-mail to REALLY DELETE files. In IMAP if you delete the file it's not really gone until you tell the system to PURGE DELETED ITEMS. You can have the customer find this : EDIT PURGE DELETED ITEMS That would be a good start there !!! I have had customers have this issue with my unix server, and low and behold it ended up being a problem with too much mail in the server, and never expunging it. Regards, Rob - - - - - - - - - - Rob Szkutak Sr. Network Engineer Accram Inc. 602-264-0288 x137 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Roger Baker Sent: Thursday, January 27, 2005 4:19 PM To: IMail_Forum@list.ipswitch.com Subject: [IMail Forum] Imap Frequently Disconnects Anyone know an easy way to keep an Imap connection active between server client? Remote users (the farther away the worse the problem) are having their connection to the sent box disconnect after a few minutes of inactivity (so they get errors when their client saves a copy of their message), and the only way they seem to fix it is to look in the sent box before sending a message. Just having them save their sent messages to a local folder doesn't work for all clients either, as file copies need to be stored on the server. To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail scanned for viruses by Declude Virus] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] SpamCannibal (was another topic)
If that temporary problem lasts a few extra seconds, the attempt to the 2nd mailserver can fail too, causing the remote mailserver to hit the 3rd mailserver. If I had two different servers at two different locations (and feeds) both tank simultaneously, I'd probably have more problems to worry about than spam. :-) I think you misunderstood. I wasn't saying that there was a problem with *your* mailservers. I'm saying that if I send you an E-mail, the same problem that could cause me to go to your 2nd mailserver (a temporary connection problem on my end preventing me from reaching your 1st mailserver) could easily cause a problem reaching the 2nd mailserver (but successfully reaching the third). Let's say my Internet connection is out for a minute. My mailserver tries your primary, and times out after 30 seconds. It then tries the secondary, and times out after 30 more seconds. It then tries your 3rd mailserver, which it is now able to successfully connect to. Seriously, my backup servers (everything but the primary) are located in my house, so I keep a pretty close eye on them. If the second server ever went down, I would likely be 10 feet away and could closely monitor any traffic hitting the third server. The issue isn't an issue on *your* end. The issue is an issue on the remote end. -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. This outgoing message is guaranteed to be authentic by Message Level users. Guarantee the authenticity of your email @ http://www.messagelevel.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
Re: [IMail Forum] SpamCannibal (was another topic)
On Thursday, January 27, 2005, 18:31:57, William Van Hefner wrote: ... Seriously, my backup servers (everything but the primary) are located in my house, so I keep a pretty close eye on them. If the second server ever went down, I would likely be 10 feet away and could closely monitor any traffic hitting the third server. But your network and servers aren't the only points of failure. It could be anywhere in between you and them, you have no control over router flaps happening out in the rest of the world. -- [EMAIL PROTECTED] The avalanche has already started, it is too Rod Dorman late for the pebbles to vote. Ambassador Kosh To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] SpamCannibal (was another topic)
FWIW, I managed to write one rule in the past year that backfired on me by deleting anything with Cialis in the Subject: line. As it turns out, one of our subscribers receives a newsletter aimed at soCIALISts. I wonder how many of you will get this message trapped? :-) ... and specialist, which is more common. Of course, this is also an issue for Mr. Dick Hitchcock, the sexy chardonney-drinking assassin (who is a specialist in analyzing things), whose E-mail is often deleted by the filtering crowd (at least 8 oft-filtered words are lurking in that phrase). -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. This outgoing message is guaranteed to be authentic by Message Level users. Guarantee the authenticity of your email @ http://www.messagelevel.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] SpamCannibal (was another topic)
You know, since my last name reall is Hitchcock, you'd think that I'd have experienced that problem -- but I cannot recall a single instance of my email being rejected because of part of my last name. Jeff Hitchcock - [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of R. Scott Perry Sent: Thursday, January 27, 2005 7:28 PM To: IMail_Forum@list.ipswitch.com Subject: RE: [IMail Forum] SpamCannibal (was another topic) FWIW, I managed to write one rule in the past year that backfired on me by deleting anything with Cialis in the Subject: line. As it turns out, one of our subscribers receives a newsletter aimed at soCIALISts. I wonder how many of you will get this message trapped? :-) ... and specialist, which is more common. Of course, this is also an issue for Mr. Dick Hitchcock, the sexy chardonney-drinking assassin (who is a specialist in analyzing things), whose E-mail is often deleted by the filtering crowd (at least 8 oft-filtered words are lurking in that phrase). -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. This outgoing message is guaranteed to be authentic by Message Level users. Guarantee the authenticity of your email @ http://www.messagelevel.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
RE: [IMail Forum] SpamCannibal (was another topic)
Scott, I definitely misunderstood your point. Thanks for clarifying. Your scenario seems like a remote possibility, but one that I will definitely take into account. I regularly go through the spam traps on my secondary and have gone so many months without anything even close to credible being stopped (even the bulk mailers that purposefully target the secondary are either whitelisted or do not rate high enough a score to warrant deletion) that I do tend to think in black and white terms at times. Admittedly, my user base is small enough that remote possibilities don't tend to happen in my version of the real world very often. I'm sure that if I handled tens or hundreds of thousands of messages each day that I would be more likely to see these types of oddities occur. I'll experiment with the SpamCannibal project on my back up servers and see what kind of results that I get. If nothing else, it should at least be a source of personal amusement. :-) William Van Hefner Network Administrator Vantek Communications, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of R. Scott Perry Sent: Thursday, January 27, 2005 3:54 PM To: IMail_Forum@list.ipswitch.com Subject: RE: [IMail Forum] SpamCannibal (was another topic) If that temporary problem lasts a few extra seconds, the attempt to the 2nd mailserver can fail too, causing the remote mailserver to hit the 3rd mailserver. If I had two different servers at two different locations (and feeds) both tank simultaneously, I'd probably have more problems to worry about than spam. :-) I think you misunderstood. I wasn't saying that there was a problem with *your* mailservers. I'm saying that if I send you an E-mail, the same problem that could cause me to go to your 2nd mailserver (a temporary connection problem on my end preventing me from reaching your 1st mailserver) could easily cause a problem reaching the 2nd mailserver (but successfully reaching the third). Let's say my Internet connection is out for a minute. My mailserver tries your primary, and times out after 30 seconds. It then tries the secondary, and times out after 30 more seconds. It then tries your 3rd mailserver, which it is now able to successfully connect to. Seriously, my backup servers (everything but the primary) are located in my house, so I keep a pretty close eye on them. If the second server ever went down, I would likely be 10 feet away and could closely monitor any traffic hitting the third server. The issue isn't an issue on *your* end. The issue is an issue on the remote end. -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. This outgoing message is guaranteed to be authentic by Message Level users. Guarantee the authenticity of your email @ http://www.messagelevel.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
Re: [IMail Forum] 550 not local host, but smtp authentication is enabled
Hi, The customer deleted the account in Outlook and recreated it, and is now problem-free. Go figure. Thanks everyone for the input! Michele - Original Message - From: E. Shanbrom (Ipswitch) [EMAIL PROTECTED] To: IMail_Forum@list.ipswitch.com Sent: Thursday, January 27, 2005 1:34 PM Subject: Re: [IMail Forum] 550 not local host, but smtp authentication is enabled What is the response to the EHLO command after you get the banner...there should be 2 AUTH lines listed as capabilities. If they are not there go to the advanced tab of the SMTP service and uncheck the disable SMTP Auth reporting. Bounce the service and try it again. Eric S - Original Message - From: Michele [EMAIL PROTECTED] To: IMail_Forum@list.ipswitch.com Sent: Thursday, January 27, 2005 1:10 PM Subject: Re: [IMail Forum] 550 not local host, but smtp authentication is enabled Hi, She sees: 220 hagrid.e-postoffice.net (IMail 8.14 71028-6) NT-ESMTP Server X1 Which is our mail server, so it doesn't look like a block. Any thoughts? Michele -- Original Message -- From: E. Shanbrom \(Ipswitch\) [EMAIL PROTECTED] Reply-To: IMail_Forum@list.ipswitch.com Date: Tue, 25 Jan 2005 12:59:46 -0500 what does she see as the banner of the telnet session to port 25? Eric S - Original Message - From: Travis Rabe [EMAIL PROTECTED] To: IMail_Forum@list.ipswitch.com Sent: Tuesday, January 25, 2005 12:47 PM Subject: RE: [IMail Forum] 550 not local host, but smtp authentication is enabled I completely disagree. If they are filtering this, then their mail server will respond with that message - plain and simple. Travis -Original Message- From: [EMAIL PROTECTED] [mailto:IMail_Forum- [EMAIL PROTECTED] On Behalf Of Dan Barker Sent: Tuesday, January 25, 2005 9:27 AM To: IMail_Forum@list.ipswitch.com Subject: RE: [IMail Forum] 550 not local host, but smtp authentication is enabled 550 message is from a mailserver, not a firewall. This isn't a filter issue. Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Duane Hill Sent: Tuesday, January 25, 2005 11:24 AM To: Michele Cuttitta Subject: Re: [IMail Forum] 550 not local host, but smtp authentication is enabled RoadRunner I believe is filtering port 25. On a differant server we have here, I had to enable a second SMTP listener on a differant port to make it work. When port 25 is filtered, it doesn't matter if you SMTP auth or not. On Tuesday, January 25, 2005 at 4:08:21 PM, [EMAIL PROTECTED] confabulated: Hi, We have a customer who is connecting to our IMail server via Outlook 2003, and I have verified that SMTP authentication is checked, but she is still getting the 550 not local host, not a gateway error. She says it has been happening for a few days now and her ISP is roadrunner in NY. Any thoughts? Thanks, Michele - Duane Hill Sr E-Mail Administrator http://www.yournetplus.com To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
Re: [IMail Forum] IMail 8.2 Beta Program Invitation
Hi, New Features In Version 8.2 -- [] Noteably absent from this list is the ability of the SMTP server to accept authenticated only connections on an alterate port (587). With all the talk of ISPs blocking port 25 it would seem like Ipswitch should respond as quickly as possible to provide their client base with a solution. I was wondering if I was the only one who was missing this very particular item. I would think this would be one of the first items to add. It's very easy to do, almost no new functionality to program. All they have to do is also listen on port 587 and accept only incoming SMTP AUTH sessions. Listening on another port isn't that big of a step, a filter to only accept SMTP auth isn't that hard euther. All the other stuff has allready been programmed. People at Ipswitch. please can we have this? Groetjes, Bonno Bloksma Back up my hard drive? How do I put it in reverse? --- [E-mail scanned at tio.nl for viruses by Declude Virus] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/