I checked the W log files and it looks like they are coming in through web messaging (god knows how they are sending that much email through web messaging) under several IP's ranging from Nigeria to Israel. I blocked those IP's within Imail "Control Access".
Ah, that explains what is going on. That's the first time I've seen serious spammers try to send E-mail through web messaging.
How can I make Hijack work with webmessaging?
It is possible to do this, by having the declude.exe file act as the smtp32.exe file, so that Declude can intercept the web messaging E-mail.
This is done by renaming the smtp32.exe file to ipsmtp.exe, renaming the declude.exe file to smtp32.exe, using a "DAISYCHAIN ipsmtp.exe" line in the hijack.cfg file.
Then, you need to use regedit to change the HKEY_LOCAL_MACHINE\Software\Ipswitch\IMail\Global\SendName value to point to smtp32.exe instead of declude.com, and finally stop/restart the IMail SMTP service so that IMail will recognize the change
-Scott
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
--- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
