Re: [Declude.JunkMail] General Filter
Yeah, I saw that when I was looking at the utilities yesterday. That will save me poking around and trying to plug all the email addresses into a list. Thanks At 05:39 PM 8/31/2005, Dave Doherty wrote: Orim- We are preparing to send a mass message to all accounts on this issue. A handy utility, in case you don't know about it, is mailall.exe in your Imail directory. Docs are at http://www.ipswitch.com/Support/ICS/guides/IMailServer/8_2/IMailUGHTML/Chapter%2022%20cmd_line8.html -Dave - Original Message - From: Orin Wells [EMAIL PROTECTED] To: Declude.JunkMail@declude.com Sent: Wednesday, August 31, 2005 4:35 PM Subject: RE: [Declude.JunkMail] General Filter At 12:29 PM 8/31/2005, Dave Beckstrom wrote: Aren't they authenticating to Imail, and aren't you white listing authenticated senders? Wellthat is another issue we are finally being forced to address. In the first place we are still running iMail 7.07 - we weren't willing to pay what I considered to be overpriced upgarde fees. So we can't use the Whitelist Auth option. We have a lot of users who know how to read their email, but not much more. So moving them up to full authentication was something we put off until we ran into ORDB finding that they could relay through the Root account even though it had a changed password and was disabled. That still bothers me, but that is the way it is. We had relay for local user set and this had served us OK up to now. We now have to bite the bullet and force all the users to learn how to set the authentication option in their various email applications. It would have been handy if the manufacturers had all set this as a default, but they don't. They each seem to have it somewhere different from each of the others and like to change things from one version to the next. Especially Netscape. We are preparing to send a mass message to all accounts on this issue. I think most have been instructed over the past year or so to be prepared to do this so it may not be as bad as I fear. As for whitelisting we have not done this with local domains because of the limitation on whitelisting in Declude (200) in the golobal.cfg file. We have not so far tried to use the domain level whitelist file. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] General Filter
You might consider putting a space after the short words in your body filters. - Original Message - From: Orin Wells [EMAIL PROTECTED] To: Declude.JunkMail@declude.com Sent: Wednesday, August 31, 2005 2:10 PM Subject: [Declude.JunkMail] General Filter I am having a problem with a client whose email to other members of her domain is getting trapped by the GeneralFilter (words or phrases we have added because they seem to mostly appear in spam). In this particular case the triggering word seems to be P*O*R*N* without the stars. I suspect what is happening is that the encoded attached word document just happens to have this set of letters in sequence in the encrypted data that is attached to the email file in imail. It does not appear in the word document itself. But when I look at the raw file on the server I can see this. I take it from this that Declude when it scans the body of the message also scans any attachment that is sitting there in the encrypted mode. If so is there a way around this? Can I tell it not to scan the encrypted attachments or to expand them first? If this sort of thing is in the latest Declude Junkmail manual, someone just tell me to read TFM. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] Linked in
Mmm:-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Tolmachoff (Lists) Sent: Wednesday, August 31, 2005 4:55 PM To: Declude.JunkMail@declude.com Subject: RE: [Declude.JunkMail] Linked in Sorry, but can't resist... Any one have opinions good/bad on www.linkedin.com? Has a lot of members I know Barry Is that good or bad? ;-) John T eServices For You --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
[Declude.JunkMail] OT - Removal from SPEWS
Title: OT - Removal from SPEWS Hey All, How does one go about getting their IP address delisted with SPEWS? I understand how I got listed and that problem has been successfully removed. But now is the daunting task of getting delisted. While most blacklists do provide some sort of removal process, SPEWS seems to only tell you youre listed. Any suggestions here? Troy D. Hilton Serveon, Inc. [EMAIL PROTECTED] 302-529-8640
[Declude.JunkMail] Odd Spam Scoring?
This spam came in today. Note that it was scored a weight of 6. Yet it failed two tests that were supposed to add a weight of 4 and a weight of 7. Now, I wasn't the best in math but I believe 4 and 7 adds up to 11! There were no negative weights assigned to account for this. Any ideas? X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-RBL-Warning: SORBS-DUHL: Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml?70.23.152.133; X-RBL-Warning: DYNHELO: Dynamic HELO found. X-RBL-Warning: SPFUNKNOWN: SPF returned UNKNOWN for this E-mail. X-RBL-Warning: Filter_Country: Message failed Filter_Country test (line 223, weight 0) X-Note: X-Note: Spam Score: [6] X-Note: Scan Time: 10:13:22 on 01 Sep 2005 X-Note: Spool File: 561528422420.EML X-Note: Server Name:pool-70-23-152-133.ny325.east.verizon.net X-Note: SMTP Sender:[EMAIL PROTECTED] X-Note: Reverse DNS IP: pool-70-23-152-133.ny325.east.verizon.net [70.23.152.133] X-Note: Recipient(s): [EMAIL PROTECTED] X-Note: Country Chain: UNITED STATES-destination X-Note: Failed Weights: SORBS-DUHL [4], DYNHELO [7], SPFUNKNOWN [0], Filter_Country [0] X-Note: --- [This E-mail scanned for viruses by Declude Virus] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Odd Spam Scoring?
Dave, You have to check the logs - is it possible you are hiding some negative weight tests like IPNOTINMX, NOLEGITCONTENT, etc in your global.cfg file. Darrell invURIBL - Intelligent URI filtering. Stops 85%+ of SPAM with the default configuration and easily plugs into Declude. http://www.invariantsystems.com Dave Beckstrom writes: This spam came in today. Note that it was scored a weight of 6. Yet it failed two tests that were supposed to add a weight of 4 and a weight of 7. Now, I wasn't the best in math but I believe 4 and 7 adds up to 11! There were no negative weights assigned to account for this. Any ideas? X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-RBL-Warning: SORBS-DUHL: Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml?70.23.152.133; X-RBL-Warning: DYNHELO: Dynamic HELO found. X-RBL-Warning: SPFUNKNOWN: SPF returned UNKNOWN for this E-mail. X-RBL-Warning: Filter_Country: Message failed Filter_Country test (line 223, weight 0) X-Note: X-Note: Spam Score: [6] X-Note: Scan Time: 10:13:22 on 01 Sep 2005 X-Note: Spool File: 561528422420.EML X-Note: Server Name:pool-70-23-152-133.ny325.east.verizon.net X-Note: SMTP Sender:[EMAIL PROTECTED] X-Note: Reverse DNS IP: pool-70-23-152-133.ny325.east.verizon.net [70.23.152.133] X-Note: Recipient(s): [EMAIL PROTECTED] X-Note: Country Chain: UNITED STATES-destination X-Note: Failed Weights: SORBS-DUHL [4], DYNHELO [7], SPFUNKNOWN [0], Filter_Country [0] X-Note: --- [This E-mail scanned for viruses by Declude Virus] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] OT - Removal from SPEWS
Troy, Good luck! In order to get removed they want you to post to the NANAE newsgroup - see Q41/42 in this FAQ - http://www.spews.org/faq.html. From their you will most likely be ridiculed. I am sorry if I do not sound like a big fan of Spews but they are very aggressive and often list a lot of casuality IP's. I have know folks in the casuality boat that had to re-addresses as spews tends to be unwilling to delist anything. Darrell DLAnalyzer - Comprehensive reporting on Declude Junkmail Virus. http://www.invariantsystems.com Troy D. Hilton writes: Hey All, How does one go about getting their IP address delisted with SPEWS? I understand how I got listed and that problem has been successfully removed. But now is the daunting task of getting delisted. While most blacklists do provide some sort of removal process, SPEWS seems to only tell you you're listed. Any suggestions here? Troy D. Hilton Serveon, Inc. [EMAIL PROTECTED] 302-529-8640 --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] What Header does Whitelist file use?
Title: What Header does Whitelist file use? This may be an issue where the FROM listed in the email is different from the MAILFROM address found in the envelope. If so, putting SWITCHRECIP ONin your Declude Global.cfg should fix it. You can read more about this config option in the Declude Junkmail manual. Darin. - Original Message - From: Agid, Corby To: Declude.JunkMail@declude.com Sent: Thursday, September 01, 2005 12:09 PM Subject: [Declude.JunkMail] What Header does Whitelist file use? Hello, I'm still having trouble whitelisting a few incoming messages. Can you tell me, what part of incoming mail does the whitelist trigger on? Should the reverse DNS" domain or the mail header, or the address listed in the To: list be used, or perhaps the helo information. Below is an example of diagnostic from a message recently received along with my whitelist entry. Do I need to whitelist the reverse DNS (lunarpages.com) instead? My current whitelist entry: @tempager.com HeaderCode: c020020c ReverseDNS: draco.lunarpages.com RemoteIP: 216.193.215.150 Testname: WEIGHT10-29B MessageID: [EMAIL PROTECTED] Quename: D5b4810be01c401ae.SMD Sniffer: Headers: Received: from draco.lunarpages.com [216.193.215.150] by msx.renoairport.com with ESMTP (SMTPD32-8.15) id AB4810BE01C4; Mon, 29 Aug 2005 12:00:24 -0700 Received: from localhost.int.lunarpages.com ([127.0.0.1] helo=draco.lunarpages.com) by draco.lunarpages.com with esmtp (Exim 4.50) id 1E9orj-00075B-Vq; Mon, 29 Aug 2005 12:00:19 -0700 From: [EMAIL PROTECTED] Subject: TemPageR_Users Digest, Vol 7, Issue 5 To: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-BeenThere: [EMAIL PROTECTED] X-Mailman-Version: 2.1.5p1 Precedence: list List-Id: TemPageR User Group tempager_users_tempager.com.tempager.com List-Unsubscribe: http://tempager.com/mailman/listinfo/tempager_users_tempager.com, mailto:[EMAIL PROTECTED] List-Archive: /pipermail/tempager_users_tempager.com List-Post: mailto:[EMAIL PROTECTED] List-Help: mailto:[EMAIL PROTECTED] List-Subscribe: http://tempager.com/mailman/listinfo/tempager_users_tempager.com, mailto:[EMAIL PROTECTED] Sender: [EMAIL PROTECTED] Errors-To: [EMAIL PROTECTED] X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - draco.lunarpages.com X-AntiAbuse: Original Domain - renoairport.com X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - tempager.com X-Source: X-Source-Args: X-Source-Dir: Message-Id: [EMAIL PROTECTED]
Re: [Declude.JunkMail] What Header does Whitelist file use?
Title: What Header does Whitelist file use? One other thing... Make sure you have a carriage return at the end of the file. If there isn't one on the last line, the last line will not be used. Darin. - Original Message - From: Darin Cox To: Declude.JunkMail@declude.com Sent: Thursday, September 01, 2005 4:01 PM Subject: Re: [Declude.JunkMail] What Header does Whitelist file use? This may be an issue where the FROM listed in the email is different from the MAILFROM address found in the envelope. If so, putting SWITCHRECIP ONin your Declude Global.cfg should fix it. You can read more about this config option in the Declude Junkmail manual. Darin. - Original Message - From: Agid, Corby To: Declude.JunkMail@declude.com Sent: Thursday, September 01, 2005 12:09 PM Subject: [Declude.JunkMail] What Header does Whitelist file use? Hello, I'm still having trouble whitelisting a few incoming messages. Can you tell me, what part of incoming mail does the whitelist trigger on? Should the reverse DNS" domain or the mail header, or the address listed in the To: list be used, or perhaps the helo information. Below is an example of diagnostic from a message recently received along with my whitelist entry. Do I need to whitelist the reverse DNS (lunarpages.com) instead? My current whitelist entry: @tempager.com HeaderCode: c020020c ReverseDNS: draco.lunarpages.com RemoteIP: 216.193.215.150 Testname: WEIGHT10-29B MessageID: [EMAIL PROTECTED] Quename: D5b4810be01c401ae.SMD Sniffer: Headers: Received: from draco.lunarpages.com [216.193.215.150] by msx.renoairport.com with ESMTP (SMTPD32-8.15) id AB4810BE01C4; Mon, 29 Aug 2005 12:00:24 -0700 Received: from localhost.int.lunarpages.com ([127.0.0.1] helo=draco.lunarpages.com) by draco.lunarpages.com with esmtp (Exim 4.50) id 1E9orj-00075B-Vq; Mon, 29 Aug 2005 12:00:19 -0700 From: [EMAIL PROTECTED] Subject: TemPageR_Users Digest, Vol 7, Issue 5 To: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-BeenThere: [EMAIL PROTECTED] X-Mailman-Version: 2.1.5p1 Precedence: list List-Id: TemPageR User Group tempager_users_tempager.com.tempager.com List-Unsubscribe: http://tempager.com/mailman/listinfo/tempager_users_tempager.com, mailto:[EMAIL PROTECTED] List-Archive: /pipermail/tempager_users_tempager.com List-Post: mailto:[EMAIL PROTECTED] List-Help: mailto:[EMAIL PROTECTED] List-Subscribe: http://tempager.com/mailman/listinfo/tempager_users_tempager.com, mailto:[EMAIL PROTECTED] Sender: [EMAIL PROTECTED] Errors-To: [EMAIL PROTECTED] X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - draco.lunarpages.com X-AntiAbuse: Original Domain - renoairport.com X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - tempager.com X-Source: X-Source-Args: X-Source-Dir: Message-Id: [EMAIL PROTECTED]
RE: [Declude.JunkMail] OT - Removal from SPEWS
Title: OT - Removal from SPEWS Hi, one approach could be - "why bother".SPEWS is useful as a reference - but can't be used to block email.I would think that none of the relevant ISPs and most smaller will care of you're listed there or not as the blacklist has a way too high false positive rate. Whoever blocks based on SPEWS will miss much more legitimate mail than just yours that they really can't claim to have'functional' mail server anyway. Best RegardsAndy SchmidtPhone: +1 201 934-3414 x20 (Business)Fax: +1 201 934-9206 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Troy D. HiltonSent: Thursday, September 01, 2005 01:00 PMTo: Declude Junkmail ForumSubject: [Declude.JunkMail] OT - Removal from SPEWS Hey All, How does one go about getting their IP address delisted with SPEWS? I understand how I got listed and that problem has been successfully removed. But now is the daunting task of getting delisted. While most blacklists do provide some sort of removal process, SPEWS seems to only tell you youre listed. Any suggestions here? Troy D. Hilton Serveon, Inc. [EMAIL PROTECTED] 302-529-8640
RE: [Declude.JunkMail] OT - Removal from SPEWS
Gee- thanks! (sigh) Why do some folks make things so hard to deal with? I don't deny that for a time my servers were relegated to spamming resources (I hate Trojans and malware) but this issues have since been resolved. Seems to me that a reputable organization should provide the means to clear their name/IP address. Thanks anyway. I may just have to hope that no one really uses SPEWS. Troy D. Hilton Serveon, Inc. [EMAIL PROTECTED] 302-529-8640 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darrell ([EMAIL PROTECTED]) Sent: Thursday, September 01, 2005 12:45 PM To: Declude.JunkMail@declude.com Subject: Re: [Declude.JunkMail] OT - Removal from SPEWS Troy, Good luck! In order to get removed they want you to post to the NANAE newsgroup - see Q41/42 in this FAQ - http://www.spews.org/faq.html. From their you will most likely be ridiculed. I am sorry if I do not sound like a big fan of Spews but they are very aggressive and often list a lot of casuality IP's. I have know folks in the casuality boat that had to re-addresses as spews tends to be unwilling to delist anything. Darrell DLAnalyzer - Comprehensive reporting on Declude Junkmail Virus. http://www.invariantsystems.com Troy D. Hilton writes: Hey All, How does one go about getting their IP address delisted with SPEWS? I understand how I got listed and that problem has been successfully removed. But now is the daunting task of getting delisted. While most blacklists do provide some sort of removal process, SPEWS seems to only tell you you're listed. Any suggestions here? Troy D. Hilton Serveon, Inc. [EMAIL PROTECTED] 302-529-8640 --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] OT - Removal from SPEWS
Troy, Last year, I set up with a new provider and the Class C I was given was part of an infamous spam lawsuit many years eariler, but it was still listed on SPEWS. Just as you've been told, I posted to NANAE and was ridiculed, but one kind soul advised me to call my provider ASAP and ask for a different Class C network, which I did and the provider apologized and credited my account one month for the trouble.obviously, I didn't 'need' to be removed after that. Troy, Good luck! In order to get removed they want you to post to the NANAE newsgroup - see Q41/42 in this FAQ - http://www.spews.org/faq.html. From their you will most likely be ridiculed. I am sorry if I do not sound like a big fan of Spews but they are very aggressive and often list a lot of casuality IP's. I have know folks in the casuality boat that had to re-addresses as spews tends to be unwilling to delist anything. Darrell -- -- DLAnalyzer - Comprehensive reporting on Declude Junkmail Virus. http://www.invariantsystems.com Troy D. Hilton writes: Hey All, How does one go about getting their IP address delisted with SPEWS? I understand how I got listed and that problem has been successfully removed. But now is the daunting task of getting delisted. While most blacklists do provide some sort of removal process, SPEWS seems to only tell you you're listed. Any suggestions here? Troy D. Hilton Serveon, Inc. [EMAIL PROTECTED] 302-529-8640 --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.344 / Virus Database: 267.10.18/86 - Release Date: 8/31/2005 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.344 / Virus Database: 267.10.18/86 - Release Date: 8/31/2005 --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] Odd Spam Scoring?
David, Ah! Thanks. That makes sense now. I forgot about hidetests hiding the results of the other filters. -Original Message- From: [EMAIL PROTECTED] [mailto:Declude.JunkMail- [EMAIL PROTECTED] On Behalf Of David Barker Sent: Thursday, September 01, 2005 1:13 PM To: Declude.JunkMail@declude.com Subject: RE: [Declude.JunkMail] Odd Spam Scoring? X-Note: Failed Weights: SORBS-DUHL [4], DYNHELO [7] is certain 11 but check you global.cfg HIDETESTS CATCHALLMAILS IPNOTINMX NOLEGITCONTENT NOLEGITCONTENTnolegitcontent x x 0 -5 IPNOTINMX ipnotinmx x x 0 -3 SORBS-DUHL[4] DYNHELO [7] NOLEGITCONTENT[-5] Total = 6 David B www.declude.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dave Beckstrom Sent: Thursday, September 01, 2005 1:27 PM To: Declude.JunkMail@declude.com Subject: [Declude.JunkMail] Odd Spam Scoring? This spam came in today. Note that it was scored a weight of 6. Yet it failed two tests that were supposed to add a weight of 4 and a weight of 7. Now, I wasn't the best in math but I believe 4 and 7 adds up to 11! There were no negative weights assigned to account for this. Any ideas? X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-RBL-Warning: SORBS-DUHL: Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml?70.23.152.133; X-RBL-Warning: DYNHELO: Dynamic HELO found. X-RBL-Warning: SPFUNKNOWN: SPF returned UNKNOWN for this E-mail. X-RBL-Warning: Filter_Country: Message failed Filter_Country test (line 223, weight 0) X-Note: X-Note: Spam Score: [6] X-Note: Scan Time:10:13:22 on 01 Sep 2005 X-Note: Spool File: 561528422420.EML X-Note: Server Name: pool-70-23-152-133.ny325.east.verizon.net X-Note: SMTP Sender: [EMAIL PROTECTED] X-Note: Reverse DNS IP: pool-70-23-152-133.ny325.east.verizon.net [70.23.152.133] X-Note: Recipient(s): [EMAIL PROTECTED] X-Note: Country Chain:UNITED STATES-destination X-Note: Failed Weights: SORBS-DUHL [4], DYNHELO [7], SPFUNKNOWN [0], Filter_Country [0] X-Note: --- [This E-mail scanned for viruses by Declude Virus] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail scanned for viruses by Declude Virus] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] What Header does Whitelist file use?
Title: What Header does Whitelist file use? Hi Darin, I just checked the manual regarding theSWITCHRECIP ON. The description sounds like it affects who the message is addressed to rather than where it comes from. Am I missing something? Corby From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darin CoxSent: Thursday, September 01, 2005 1:02 PMTo: Declude.JunkMail@declude.comSubject: Re: [Declude.JunkMail] What Header does Whitelist file use? This may be an issue where the FROM listed in the email is different from the MAILFROM address found in the envelope. If so, putting SWITCHRECIP ONin your Declude Global.cfg should fix it. You can read more about this config option in the Declude Junkmail manual. Darin. - Original Message - From: Agid, Corby To: Declude.JunkMail@declude.com Sent: Thursday, September 01, 2005 12:09 PM Subject: [Declude.JunkMail] What Header does Whitelist file use? Hello, I'm still having trouble whitelisting a few incoming messages. Can you tell me, what part of incoming mail does the whitelist trigger on? Should the reverse DNS" domain or the mail header, or the address listed in the To: list be used, or perhaps the helo information. Below is an example of diagnostic from a message recently received along with my whitelist entry. Do I need to whitelist the reverse DNS (lunarpages.com) instead? My current whitelist entry: @tempager.com HeaderCode: c020020c ReverseDNS: draco.lunarpages.com RemoteIP: 216.193.215.150 Testname: WEIGHT10-29B MessageID: [EMAIL PROTECTED] Quename: D5b4810be01c401ae.SMD Sniffer: Headers: Received: from draco.lunarpages.com [216.193.215.150] by msx.renoairport.com with ESMTP (SMTPD32-8.15) id AB4810BE01C4; Mon, 29 Aug 2005 12:00:24 -0700 Received: from localhost.int.lunarpages.com ([127.0.0.1] helo=draco.lunarpages.com) by draco.lunarpages.com with esmtp (Exim 4.50) id 1E9orj-00075B-Vq; Mon, 29 Aug 2005 12:00:19 -0700 From: [EMAIL PROTECTED] Subject: TemPageR_Users Digest, Vol 7, Issue 5 To: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-BeenThere: [EMAIL PROTECTED] X-Mailman-Version: 2.1.5p1 Precedence: list List-Id: TemPageR User Group tempager_users_tempager.com.tempager.com List-Unsubscribe: http://tempager.com/mailman/listinfo/tempager_users_tempager.com, mailto:[EMAIL PROTECTED] List-Archive: /pipermail/tempager_users_tempager.com List-Post: mailto:[EMAIL PROTECTED] List-Help: mailto:[EMAIL PROTECTED] List-Subscribe: http://tempager.com/mailman/listinfo/tempager_users_tempager.com, mailto:[EMAIL PROTECTED] Sender: [EMAIL PROTECTED] Errors-To: [EMAIL PROTECTED] X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - draco.lunarpages.com X-AntiAbuse: Original Domain - renoairport.com X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - tempager.com X-Source: X-Source-Args: X-Source-Dir: Message-Id: [EMAIL PROTECTED]
RE: [Declude.JunkMail] OT - Removal from SPEWS
We just moved to a new network provider. Never thought to check the new IPs. Never again! Within a few days we started getting calls from customers complaining about delivery failures not to mention being called a spamming ISP. Research found our three class c's were in a large netblock which Spews and spambag listed since the network provider did not respond appropriately. Although we find it incredible anyone would use Spews reality has shown there are some ISPs who don't understand the impact of using Spews. Even an ISP like yahoo.com.au. We will not be coerced or blackmailed into being a David against Goliath situation. These types of idealist seem to have more time and money than we do. As long as we run a clean shop and torture all spammers in public we sleep at night. We finally had to get some clean IPs for our outgoing SMTP servers. It sucks but the bottom line is ... it's all about our customers not about Spews idealism. Michael Jaworski Puget Sound Network, Inc. (206) 217-0400 (800) 599-9485 --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] OT - Removal from SPEWS
Thanks anyway. I may just have to hope that no one really uses SPEWS. I know for certain I won't use SPEWS. I also suspect those that do use SPEWS don't weight it too high. However, I have seen some servers block mail at the MTA level using SPEWS - why - I have no idea. Darrell -- invURIBL - Intelligent URI Filtering. Stops 85%+ SPAM with the default configuration. Download a copy today - http://www.invariantsystems.com --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.