Hi Bill, On 02/06/03 5:56pm you wrote... >Brian, I have been finding many entries like these in my log files and was >wondering what might be causing them:
> 2/6/2003 11:06:48 AM - Db228158000bacbfa.SMDInvalid pointer operation I have no idea. I searched through 3 months of log files here and could find no errors of this type at all. I would probably need to have the exact message to see if I could duplicate the error. The fact that you see this is not necessarily a problem. It means that the error was trapped correctly and that the worst that could happen is that the message would simply be delivered normally. We have exception traps all through the program for just this purpose. In a perfect world we would know exactly what data is coming in, and in what format it was. I have seen hundreds if not thousands of emails since we started this that are not even loosely close to a properly formatted email message. I am sure that whatever causes these is technically fixable, but I would need to be able to reproduce it somehow. >Also, can you please explain these entries and what they are looking for in >the e-mail messages and how a weight value is determined for them: > Invalid routing > Excessive Routing Invalid routing means that in the "Received:" header you may on occasion see an entry where a local domain is used, but does not match the IP address it says it is from. For example the message you sent me has this: Received: from PSMAIL.pointshare.com [204.189.39.252] by mail.solidoak.com with ESMTP (SMTPD32-7.04) id A1C61B20284; Thu, 06 Feb 2003 17:54:14 -0800 Now if it had this: Received: from solidoak.com [204.189.39.252] by mail.solidoak.com with ESMTP (SMTPD32-7.04) id A1C61B20284; Thu, 06 Feb 2003 17:54:14 -0800 You will see that the domain name says solidoak.com and the IP address is yours. I can reproduce this here any time I feel like it by creating a message and using SMTP to send directly to the recipients host server by resolving the MX record. In this case, the message never goes through any other mail server. I have yet to see a case where there is a good reason for doing this except to send spam from locations you want to keep a secret. Excessive routing is when there are excessive "hops" meaning the message was probably intentionally routed through several servers. I think Declude uses a more general term like "headers consistent with spam". >Are either of the "routing" log entries above controlled by the "BADROUTING" >configuration setting in the noxmail.nox file? Yes, the BADROUTING value controls the penalty for "Invalid Routing". It defaults to 2. Hope this helps, Brian --- [This E-mail scanned for viruses by Solid Oak Software] Archives: http://www.mail-archive.com/nox-list%40mail.noxmail.com/ Removal address: [EMAIL PROTECTED]
