Re: [Declude.JunkMail] Misunderstood DUL/DYNA

[Matt]

Andy, I think there is some confusion here on your part. What was discovered and initially discussed in this thread though is that Declude will not test the last hot with such tests when the Mail >From matches a local address.  That was also good design, but if you can whitelist all local senders, it is best to turn this off.  A suitable work around for this issue has been provided.  The work around that was discussed will only test the last hop.  When Declude uses the %IP4R% variable, this comes from the connecting IP (unless IPBYPASSed), and there is only one value tested. Matt Andy Schmidt wrote: >> You don't have to remove the tests, you just have to rename them.  I renamed mine with DYN, that way Declude doesn't see them as matching DUL/DYNA/DUHL and therefore will not skip them when the Mail From matches a local address. <<   But Matt - please correct me if I'm wrong. I believe we manage to talk about two different things. You are focused on the LAST hop - but I believe, you have lost sight of the purpose of DUL/DYNA/DUHL - which is the FIRST hop.   Let's look at a sample to make sure that we're talking apples and apples:   Sender: [EMAIL PROTECTED] 2nd hop:     smtp.cable.com -> mymailserver.andy.com 1st hop:     some-dynamic-ip-host.cable.com -> smtp.cable.com   The "some-dynamic-ip-host.cable.com" is listed in the "DYNA/DUHL" lists - and it should be.   As long as I have "DYNA/DUHL" in the name, Declude will NOT test the first hop - e.g., it will correctly permit the rest of the world to reach me through their providers' SMTP servers. The DYNA/DUHL tests only test the 2nd and subsequent hops - because THOSE should not be on a blacklist. Most importantly, they test the LAST hop (the one to my mail server) - because a DYNA/DUHL IP should never try to relay off me (unless it's using SMTP AUTH).   Now, if I were to follow your example and remove DYNA/DUHL from the name, then these tests will also test the FIRST hop - and thus I'd be swamped with false positives for any dialup/broadband user who CORRECTLY uses his/her provider's smtp server.     It seems that you are focused only on the LAST hop - but by removing DYNA/DUHL from the name, you end up hurting the FIRST hop.   The "conditional" check at the last hop was NOT the reason to introduce DYNA/DUHL, that's just a quirky "quick-fix" which should be optional for those who don't need this backdoor open. The reason for DYNA/DUHL was proper handling of the first hop - and that's why it can't be removed. Best Regards Andy Schmidt H&M Systems Software, Inc. 600 East Crescent Avenue, Suite 203 Upper Saddle River, NJ 07458-1846 Phone:  +1 201 934-3414 x20 (Business) Fax:    +1 201 934-9206 http://www.HM-Software.com/ -- ===================================================== MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ =====================================================