RE: [Declude.JunkMail] Hijack Enhancement
Scott, How about a small executable that talks to console the same way Declude.exe does to send a release signal? Thanks, Chuck Frolick ArgoNet, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of R. Scott Perry Sent: Monday, February 03, 2003 10:03 AM To: [EMAIL PROTECTED] Subject: RE: [Declude.JunkMail] Hijack Enhancement >It would be nice if there was a way to reset a held IP remotely to allow it >through. That is a good idea. However, if your remote access program can't access the Declude Hijack console, it's going to be hard to come up with a way to reset the IPs. -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] Hijack Enhancement
> However, if your remote access program can't access the Declude Hijack > console, it's going to be hard to come up with a way to reset the IPs. I know you are waiting in anticipation for me to say it, so I will: MS Terminal services. I was thinking something along the lines of a command prompt for Declude Console IP reset. John Tolmachoff MCSE, CSSA IT Manager, Network Engineer RelianceSoft, Inc. Fullerton, CA 92835 www.reliancesoft.com --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] Hijack Enhancement
It would be nice if there was a way to reset a held IP remotely to allow it through. That is a good idea. However, if your remote access program can't access the Declude Hijack console, it's going to be hard to come up with a way to reset the IPs. -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] Hijack Enhancement
I also have a Hijack request. When Hijack is triggered on hold 2, often times it is some one inside sending out a broadcast. After talking to that person and explaining what happened, I need to allow that IP through again. Currently, the only why to do this is to stop (close) the console window. But from a remote connection, that is not possible. (There has been talk in the past about a way to kill the deccon.exe process, but that is a different discussion.) It would be nice if there was a way to reset a held IP remotely to allow it through. John Tolmachoff MCSE, CSSA IT Manager, Network Engineer RelianceSoft, Inc. Fullerton, CA 92835 www.reliancesoft.com --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] HiJack Enhancement
Thanks again Scott. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of R. Scott Perry Sent: Sunday, February 02, 2003 9:28 AM To: [EMAIL PROTECTED] Subject: Re: [Declude.JunkMail] HiJack Enhancement >I find that HiJack catches a meaningful amount of SPAM for the store >and forward domains and probably also helps out on Dictionary Attacks >as well. It seems like some spammers deliberately target secondary MX's >with the thought that they can sneak stuff through more easily. Yes, many spammers have caught on that sending to secondary MX's makes it more likely that the E-mail will not get caught. >It appears that HiJack keeps it records in memory and, if there's a >restart on Declude.exe the statistics are reset. Correct. >If this is a correct interpretation, would it be possible to maintain >this >data in a editable >file which would be loaded by HiJack on a restart? Also to add a >"persistence parameter" that would enable us to set a time period for >retention of entries in the file, 10 days for example. That would keep the >list from growing infinitely. That's a very good idea -- I'll see if we can incorporate that into Declude Hijack. -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] HiJack Enhancement
I find that HiJack catches a meaningful amount of SPAM for the store and forward domains and probably also helps out on Dictionary Attacks as well. It seems like some spammers deliberately target secondary MX's with the thought that they can sneak stuff through more easily. Yes, many spammers have caught on that sending to secondary MX's makes it more likely that the E-mail will not get caught. It appears that HiJack keeps it records in memory and, if there's a restart on Declude.exe the statistics are reset. Correct. If this is a correct interpretation, would it be possible to maintain this data in a editable file which would be loaded by HiJack on a restart? Also to add a "persistence parameter" that would enable us to set a time period for retention of entries in the file, 10 days for example. That would keep the list from growing infinitely. That's a very good idea -- I'll see if we can incorporate that into Declude Hijack. -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
[Declude.JunkMail] HiJack Enhancement
Scott, I find that HiJack catches a meaningful amount of SPAM for the store and forward domains and probably also helps out on Dictionary Attacks as well. It seems like some spammers deliberately target secondary MX's with the thought that they can sneak stuff through more easily. It appears that HiJack keeps it records in memory and, if there's a restart on Declude.exe the statistics are reset. If this is a correct interpretation, would it be possible to maintain this data in a editable file which would be loaded by HiJack on a restart? Also to add a "persistence parameter" that would enable us to set a time period for retention of entries in the file, 10 days for example. That would keep the list from growing infinitely. George Kulman Partner Ridge Systems, L.L.C. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.