RE: [Declude.JunkMail] spamheaders
Not all of us chose to run a current version of IMail$$$. > -Original Message- > From: [EMAIL PROTECTED] [mailto:Declude.JunkMail- > [EMAIL PROTECTED] On Behalf Of John T (Lists) > Sent: Tuesday, October 11, 2005 7:57 PM > To: Declude.JunkMail@declude.com > Subject: RE: [Declude.JunkMail] spamheaders > > Who cares if the client is authenticating and you are whitelisting > authentication? > > John T > eServices For You > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:Declude.JunkMail- > > [EMAIL PROTECTED] On Behalf Of Travis Sullivan > > Sent: Tuesday, October 11, 2005 5:45 PM > > To: Declude.JunkMail@declude.com > > Subject: Re: [Declude.JunkMail] spamheaders > > > > I understand that, but we don't have control over norton antivirus's > method > > of scanning outgoing email. Also note the emails also fail the test > > "cmdspace" (space in receipt to command). > > > > > > > > > Users/clients sending e-mail out should be authenticating and > > > authentication > > > should be whitelisted hence the test does not matter. > > > > > > As for receiving, find out what the common string is that is used in > the > > > headers and add that to your whitelisting file giving credit for the > same > > > amount as the spamheaders test. > > > > > > John T > > > eServices For You > > > > > > >> Anyone using norton av 2005 with outlook express with outgoing mail > > > scanning > > >> enabled will trip the spamheaders test. I just thought everyone > should > > >> know. I guess that just about obsoletes this test now? > > >> > > >> I am using declude 1.81 > > >> > > >> Travis > > > > > > --- > > This E-mail came from the Declude.JunkMail mailing list. To > > unsubscribe, just send an E-mail to [EMAIL PROTECTED], and > > type "unsubscribe Declude.JunkMail". The archives can be found > > at http://www.mail-archive.com. > > --- > This E-mail came from the Declude.JunkMail mailing list. To > unsubscribe, just send an E-mail to [EMAIL PROTECTED], and > type "unsubscribe Declude.JunkMail". The archives can be found > at http://www.mail-archive.com. > --- > [This E-mail scanned for viruses by Declude Virus] > --- [This E-mail scanned for viruses by Declude Virus] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] spamheaders
I care if my users aren't getting emails from anyone on the plant when their emails are scored high due to the spamheaders test. I can't whitelist everyone. I am not sure if you understand my question John? Travis - Original Message - From: "John T (Lists)" <[EMAIL PROTECTED]> To: Sent: Tuesday, October 11, 2005 7:56 PM Subject: RE: [Declude.JunkMail] spamheaders Who cares if the client is authenticating and you are whitelisting authentication? John T eServices For You -Original Message- From: [EMAIL PROTECTED] [mailto:Declude.JunkMail- [EMAIL PROTECTED] On Behalf Of Travis Sullivan Sent: Tuesday, October 11, 2005 5:45 PM To: Declude.JunkMail@declude.com Subject: Re: [Declude.JunkMail] spamheaders I understand that, but we don't have control over norton antivirus's method of scanning outgoing email. Also note the emails also fail the test "cmdspace" (space in receipt to command). > Users/clients sending e-mail out should be authenticating and > authentication > should be whitelisted hence the test does not matter. > > As for receiving, find out what the common string is that is used in the > headers and add that to your whitelisting file giving credit for the same > amount as the spamheaders test. > > John T > eServices For You >> Anyone using norton av 2005 with outlook express with outgoing mail > scanning >> enabled will trip the spamheaders test. I just thought everyone should >> know. I guess that just about obsoletes this test now? >> >> I am using declude 1.81 >> >> Travis --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] spamheaders
Who cares if the client is authenticating and you are whitelisting authentication? John T eServices For You > -Original Message- > From: [EMAIL PROTECTED] [mailto:Declude.JunkMail- > [EMAIL PROTECTED] On Behalf Of Travis Sullivan > Sent: Tuesday, October 11, 2005 5:45 PM > To: Declude.JunkMail@declude.com > Subject: Re: [Declude.JunkMail] spamheaders > > I understand that, but we don't have control over norton antivirus's method > of scanning outgoing email. Also note the emails also fail the test > "cmdspace" (space in receipt to command). > > > > > Users/clients sending e-mail out should be authenticating and > > authentication > > should be whitelisted hence the test does not matter. > > > > As for receiving, find out what the common string is that is used in the > > headers and add that to your whitelisting file giving credit for the same > > amount as the spamheaders test. > > > > John T > > eServices For You > > > >> Anyone using norton av 2005 with outlook express with outgoing mail > > scanning > >> enabled will trip the spamheaders test. I just thought everyone should > >> know. I guess that just about obsoletes this test now? > >> > >> I am using declude 1.81 > >> > >> Travis > > > --- > This E-mail came from the Declude.JunkMail mailing list. To > unsubscribe, just send an E-mail to [EMAIL PROTECTED], and > type "unsubscribe Declude.JunkMail". The archives can be found > at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] spamheaders
I understand that, but we don't have control over norton antivirus's method of scanning outgoing email. Also note the emails also fail the test "cmdspace" (space in receipt to command). Users/clients sending e-mail out should be authenticating and authentication should be whitelisted hence the test does not matter. As for receiving, find out what the common string is that is used in the headers and add that to your whitelisting file giving credit for the same amount as the spamheaders test. John T eServices For You Anyone using norton av 2005 with outlook express with outgoing mail scanning enabled will trip the spamheaders test. I just thought everyone should know. I guess that just about obsoletes this test now? I am using declude 1.81 Travis --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] spamheaders
Users/clients sending e-mail out should be authenticating and authentication should be whitelisted hence the test does not matter. As for receiving, find out what the common string is that is used in the headers and add that to your whitelisting file giving credit for the same amount as the spamheaders test. John T eServices For You > -Original Message- > From: [EMAIL PROTECTED] [mailto:Declude.JunkMail- > [EMAIL PROTECTED] On Behalf Of Travis Sullivan > Sent: Tuesday, October 11, 2005 5:20 PM > To: Declude.JunkMail@declude.com > Subject: [Declude.JunkMail] spamheaders > > Anyone using norton av 2005 with outlook express with outgoing mail scanning > enabled will trip the spamheaders test. I just thought everyone should > know. I guess that just about obsoletes this test now? > > I am using declude 1.81 > > Travis > > > --- > This E-mail came from the Declude.JunkMail mailing list. To > unsubscribe, just send an E-mail to [EMAIL PROTECTED], and > type "unsubscribe Declude.JunkMail". The archives can be found > at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
[Declude.JunkMail] spamheaders
Anyone using norton av 2005 with outlook express with outgoing mail scanning enabled will trip the spamheaders test. I just thought everyone should know. I guess that just about obsoletes this test now? I am using declude 1.81 Travis --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Declude as AntiSpam Gateway
Don't quote me on this. But I think you'll need a specific version of Junkmail (Pro?) and the test actions will need to be defined in the global.cfg - Original Message - From: "Chris Anton" <[EMAIL PROTECTED]> To: Sent: Tuesday, October 11, 2005 10:49 AM Subject: [Declude.JunkMail] Declude as AntiSpam Gateway Hi. Ok, so we have setup our Imail server as an SMTP gateway for one of our clients, but Declude does not appear to be performing its spam checks before Imail pushes the mail to the other server. Is there anyway around this? Thanks for the help! :-) -Chris --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Declude as AntiSpam Gateway
Thanks Darrell... I will configure and test that right away. Thanks Again! -Chris -- Original Message -- From: "Darrell \([EMAIL PROTECTED])" <[EMAIL PROTECTED]> Reply-To: Declude.JunkMail@declude.com Date: Tue, 11 Oct 2005 11:56:55 -0400 >Chris, > >For the gateway'ed domains make sure you create a folder for the domain >(i.e. mydomain.com) off the Declude directory and drop a $default$.junkmail >file in it. > >This is required for gateway'ed domains. > >Darrell > >DLAnalyzer - Comprehensive reporting on Declude Junkmail and Virus. >http://www.invariantsystems.com > > >Chris Anton writes: > >> Hi. >> Ok, so we have setup our Imail server as an SMTP gateway for one of our >> clients, but Declude does not appear to be performing its spam checks before >> Imail pushes the mail to the other server. Is there anyway around this? >> >> Thanks for the help! :-) >> >> -Chris >> --- >> This E-mail came from the Declude.JunkMail mailing list. To >> unsubscribe, just send an E-mail to [EMAIL PROTECTED], and >> type "unsubscribe Declude.JunkMail". The archives can be found >> at http://www.mail-archive.com. > > >--- >This E-mail came from the Declude.JunkMail mailing list. To >unsubscribe, just send an E-mail to [EMAIL PROTECTED], and >type "unsubscribe Declude.JunkMail". The archives can be found >at http://www.mail-archive.com. > --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Declude as AntiSpam Gateway
Chris, For the gateway'ed domains make sure you create a folder for the domain (i.e. mydomain.com) off the Declude directory and drop a $default$.junkmail file in it. This is required for gateway'ed domains. Darrell DLAnalyzer - Comprehensive reporting on Declude Junkmail and Virus. http://www.invariantsystems.com Chris Anton writes: Hi. Ok, so we have setup our Imail server as an SMTP gateway for one of our clients, but Declude does not appear to be performing its spam checks before Imail pushes the mail to the other server. Is there anyway around this? Thanks for the help! :-) -Chris --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
[Declude.JunkMail] Declude as AntiSpam Gateway
Hi. Ok, so we have setup our Imail server as an SMTP gateway for one of our clients, but Declude does not appear to be performing its spam checks before Imail pushes the mail to the other server. Is there anyway around this? Thanks for the help! :-) -Chris --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] declude 3.05.5, Invuribl & sniffer
Thank you Harry Vanderzand inTown Internet & Computer Services 11 Belmont Ave. W., Kitchener, ON,N2M 1L2 519-741-1222 > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Scott Fisher > Sent: Tuesday, October 11, 2005 11:15 AM > To: Declude.JunkMail@declude.com > Subject: Re: [Declude.JunkMail] declude 3.05.5, Invuribl & sniffer > > A couple of quick suggestions: > > You are double-scoring here: > SBL ip4rsbl-xbl.spamhaus.org * 28 0 > SPAMHAUS ip4r sbl.spamhaus.org 127.0.0.2 25 0 > > The XBL wholly incorporates data from three highly-trusted > DNSBL sources: > - the CBL (Composite Block List) from cbl.abuseat.org > - the BOPM (Blitzed Open Proxy Monitor) from opm.blitzed.org > - the NJABL open proxy IPs list from www.njabl.org. > > and > > MAILPOLICE-BLOCK incorporates both of the mailpolice lists > block.rhs.mailpolice.com - consolidated list of bulk-senders, > pornographic, and fraud sites one less DNS call > > > - Original Message - > From: "Harry Vanderzand" <[EMAIL PROTECTED]> > To: > Sent: Tuesday, October 11, 2005 8:58 AM > Subject: [Declude.JunkMail] declude 3.05.5, Invuribl & sniffer > > > >I think I have finally got my server improved to the point > where it is > > running smoothly and spam is getting caught to the level I > have been used > > to. (If not better) > > > > It has been a combination of find the right declude.cfg > settings for my > > hardware (dual xeon 3.4 ...) and also implementing Invuribl > to catch this > > new wave of SPAM that came out at the same time we were all > switching to > > 3.05.5. I set up the trial of invuribl and found it a > worthwhile addition > > so I will be acquiring a licence. > > > > As Invuribl takes care of some of the tests that pre-existed in my > > global.cfg I would not mind seeing a global.cfg file that > has been tuned > > for > > invuribl and sniffer. Sniffer is NOT running in persistent > mode as that I > > cannot get going (everything starts backlogging) > > > > As I know many of you are into this tuning exercise I will > include my > > varies > > setup files, global.cfg followed by invuribl.exe.config and > declude.cfg. > > > > Any tuning assistance will be greatly appreciated. > > > > Thank you > > > > GLOBAL.CFG: > > # > > # Declude JunkMail configuration file > > # > > > > PIDDEBUG OFF > > > > CODE > > > > # The "" in the LOGFILE option gets replaced with the > month/date with > > v1.11 and higher > > > > LOGFILE declude\dec.log > > LOGLEVELLOW > > HOP 0 > > #HOPHIGH 1 > > LOG_OK NONE > > # > > # Below are some advanced options > > # > > > > STOPPROCESSINGONFIRSTDELETEON > > CONSOLE OFF > > HIDETESTS CATCHALLMAILS IPNOTINMX NOLEGITCONTENT > > XSENDER ON > > XSPOOLNAME ON > > > > XINHEADER X-Note: Total spam weight of this E-mail is %WEIGHT%. > > XINHEADER X-Note: Spam Tests Failed: %TESTSFAILEDWITHWEIGHTS% > > XINHEADER X-Note: REMOTEIP: %REMOTEIP% > > XINHEADER X-Note: REVDNS: %REVDNS% > > XINHEADER X-Note: FROM: %MAILFROM% > > XINHEADER X-Note: TO: %RECIPHOST% > > > > > > XINHEADER X-Spam-Tests-Failed: %TESTSFAILED% [%WEIGHT%] > > XOUTHEADER X-Spam-Tests-Failed: %TESTSFAILED% [%WEIGHT%] > > #XINHEADER X-Country-Chain: %COUNTRYCHAIN% > > #XOUTHEADER X-Note: This E-mail was scanned by Declude JunkMail > > (www.declude.com) for spam. > > #IPBYPASS 127.0.0.1 > > #XOUTHEADER Organization: inTown Internet > > #WHITELIST HABEAS > > > > WHITELIST AUTH > > > > > > > > # > > # Definitions of the tests to use (do not edit unless you > know what you > > are > > doing). > > # These must come before the actions. > > # > > # First is the name of the check, then the type of check > (ip4r is a DNS > > lookup using > > # the reverse of the IP address). > > # > > # For type ip4r, 'matchstring' is the string to look for, or "*" for > > anything. > > # > > > > SPFFAIL spffail x x 3 0 > > > > AHBL ip4r dnsbl.ahbl.org * 5 > > 0 > > > > DSBL ip4r list.dsbl.org * 8 > > 0 > > ORDB ip4r relays.ordb.org * 5 > > 0 > > SBL ip4rsbl-xbl.spamhaus.org * 28 > > 0 > > > > SBBLip4rsbbl.they.com 127.0.0.240 > > > > SOLID ip4rdnsbl.solid.net > 127.0.0.250 > > > > EASYNET-PROXIES ip4r proxies.blackholes.easynet.nl 127.0.0.2 7 > > 0 > > SORBS-HTTP ip4r dnsbl.sorbs.net 127.0.0.2 8 > > 0 > > SORBS-SOCKS ip4r dnsbl.sorbs.net 127.0.0.3 8 > > 0 > > SORBS-MISC ip4r dnsbl.sorbs.net 127.0.0.4 8 > > 0 > > SORBS-SMTP ip4r dnsbl.sorbs.net 127.0.0.5 7 > > 0 > > SORBS-SPAM ip4r dnsbl.sorbs.net 127.0.0.6 7 > > 0 > > SORBS-WEB ip4r dnsbl.sorbs.net 127.0.0.7 7 > > 0 > > SORBS-BLOCK ip4r dnsbl.sorbs.net 127.0.0.8 7 > > 0 > > SORBS-ZOMBIE ip4r dnsbl.sorbs.net 127.0.0.9 7 > > 0 > > SORBS-DUHL ip4r dnsbl.sorbs.net 127.0.0.10 3 > > 0 > > BONDEDSENDER ip4r query.bondedsender.org 127.0.0.10 -20 > > 0 > > > > > > BOGUSMX rhsbl bogusmx.rfc-ignorant.org 127.0.0.8 50 > > DSBLMU
Re: [Declude.JunkMail] OT: Windows Telnet mail syste
Mark, One thought you could use cygwin and pine. Darrell Mark Smith writes: Sorry for the OT post but I'm looking for a telnet Windows PINE mail type client. We have a number of users who need to access email via a 2400baud SAT phone. So we're looking to put up a PINE mail windows based solution where the users would telnet in to read email, and the PINE server would connect to the email server via IMAP. Any ideas on this one? Thx --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. Check out http://www.invariantsystems.com for utilities for Declude And Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
[Declude.JunkMail] OT: Windows Telnet mail syste
Sorry for the OT post but I'm looking for a telnet Windows PINE mail type client. We have a number of users who need to access email via a 2400baud SAT phone. So we're looking to put up a PINE mail windows based solution where the users would telnet in to read email, and the PINE server would connect to the email server via IMAP. Any ideas on this one? Thx --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Any ideas on blocking these?
Not every email, but yes, it requires frequent updates. I was just relaying this as a stopgap until you could offload that management to Sniffer, SURBL, URIBL, etc. Note that they are doing just that... reacting to a new URL and adding it to the list. If messages are not being caught, then you might want to add them to your own to block until they are caught by the others. Darin. - Original Message - From: "GlobalWeb.net Webmaster" <[EMAIL PROTECTED]> To: Sent: Tuesday, October 11, 2005 11:07 AM Subject: RE: [Declude.JunkMail] Any ideas on blocking these? The domain varies with each email; It would be a never ending process keeping this updated... Randy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darin Cox Sent: Tuesday, October 11, 2005 10:51 AM To: Declude.JunkMail@declude.com Subject: Re: [Declude.JunkMail] Any ideas on blocking these? Temporarily you could add a body filter looking for the domain in question... Darin. - Original Message - From: "GlobalWeb.net Webmaster" <[EMAIL PROTECTED]> To: Sent: Tuesday, October 11, 2005 10:34 AM Subject: RE: [Declude.JunkMail] Any ideas on blocking these? I've looked into this add-on but we do not have .Net installed on this server; will have to look into doing this I suppose Thank you for your response! Sincerely, Randy Armbrecht Global Web Solutions, Inc. 804-346-5300 x112 877-800-GLOBAL (4562) x112 http://globalweb.net -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darrell ([EMAIL PROTECTED]) Sent: Tuesday, October 11, 2005 9:05 AM To: Declude.JunkMail@declude.com Subject: Re: [Declude.JunkMail] Any ideas on blocking these? Randy, The domain name capichel.com is listed in SURBL and URIBL. I would suggest incorporating a URI detection program like invURIBL to catch these kinds of stuff. URI filtering is very effective as it focuses on the "spamvertised" domain and not the remote sending party which often changes. Non-authoritative answer: Name:capichel . com . multi . surbl . org Address: 127.0.0.98 Check out http://www.invariantsystems.com for utilities for Declude And Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. GlobalWeb.net Webmaster writes: > Anyone have a good method in catching/blocking the latest Pharm > aceutical Spam messages? (I've attached a txt file with source code) > - these are the messages built in tables with alternating characters > in each cell; this bypasses all content filtering we have with Declude > and Sniffer isn't picking it up either. > > > Sincerely, > > Randy Armbrecht > Global Web Solutions, Inc. > 804-346-5300 x112 > 877-800-GLOBAL (4562) x112 > http://globalweb.net > --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] declude 3.05.5, Invuribl & sniffer
A couple of quick suggestions: You are double-scoring here: SBL ip4rsbl-xbl.spamhaus.org * 28 0 SPAMHAUS ip4r sbl.spamhaus.org 127.0.0.2 25 0 The XBL wholly incorporates data from three highly-trusted DNSBL sources: - the CBL (Composite Block List) from cbl.abuseat.org - the BOPM (Blitzed Open Proxy Monitor) from opm.blitzed.org - the NJABL open proxy IPs list from www.njabl.org. and MAILPOLICE-BLOCK incorporates both of the mailpolice lists block.rhs.mailpolice.com - consolidated list of bulk-senders, pornographic, and fraud sites one less DNS call - Original Message - From: "Harry Vanderzand" <[EMAIL PROTECTED]> To: Sent: Tuesday, October 11, 2005 8:58 AM Subject: [Declude.JunkMail] declude 3.05.5, Invuribl & sniffer I think I have finally got my server improved to the point where it is running smoothly and spam is getting caught to the level I have been used to. (If not better) It has been a combination of find the right declude.cfg settings for my hardware (dual xeon 3.4 ...) and also implementing Invuribl to catch this new wave of SPAM that came out at the same time we were all switching to 3.05.5. I set up the trial of invuribl and found it a worthwhile addition so I will be acquiring a licence. As Invuribl takes care of some of the tests that pre-existed in my global.cfg I would not mind seeing a global.cfg file that has been tuned for invuribl and sniffer. Sniffer is NOT running in persistent mode as that I cannot get going (everything starts backlogging) As I know many of you are into this tuning exercise I will include my varies setup files, global.cfg followed by invuribl.exe.config and declude.cfg. Any tuning assistance will be greatly appreciated. Thank you GLOBAL.CFG: # # Declude JunkMail configuration file # PIDDEBUG OFF CODE # The "" in the LOGFILE option gets replaced with the month/date with v1.11 and higher LOGFILE declude\dec.log LOGLEVELLOW HOP 0 #HOPHIGH 1 LOG_OK NONE # # Below are some advanced options # STOPPROCESSINGONFIRSTDELETEON CONSOLE OFF HIDETESTS CATCHALLMAILS IPNOTINMX NOLEGITCONTENT XSENDER ON XSPOOLNAME ON XINHEADER X-Note: Total spam weight of this E-mail is %WEIGHT%. XINHEADER X-Note: Spam Tests Failed: %TESTSFAILEDWITHWEIGHTS% XINHEADER X-Note: REMOTEIP: %REMOTEIP% XINHEADER X-Note: REVDNS: %REVDNS% XINHEADER X-Note: FROM: %MAILFROM% XINHEADER X-Note: TO: %RECIPHOST% XINHEADER X-Spam-Tests-Failed: %TESTSFAILED% [%WEIGHT%] XOUTHEADER X-Spam-Tests-Failed: %TESTSFAILED% [%WEIGHT%] #XINHEADER X-Country-Chain: %COUNTRYCHAIN% #XOUTHEADER X-Note: This E-mail was scanned by Declude JunkMail (www.declude.com) for spam. #IPBYPASS 127.0.0.1 #XOUTHEADER Organization: inTown Internet #WHITELIST HABEAS WHITELIST AUTH # # Definitions of the tests to use (do not edit unless you know what you are doing). # These must come before the actions. # # First is the name of the check, then the type of check (ip4r is a DNS lookup using # the reverse of the IP address). # # For type ip4r, 'matchstring' is the string to look for, or "*" for anything. # SPFFAIL spffail x x 3 0 AHBL ip4r dnsbl.ahbl.org * 5 0 DSBL ip4r list.dsbl.org * 8 0 ORDB ip4r relays.ordb.org * 5 0 SBL ip4rsbl-xbl.spamhaus.org * 28 0 SBBLip4rsbbl.they.com 127.0.0.240 SOLID ip4rdnsbl.solid.net127.0.0.250 EASYNET-PROXIES ip4r proxies.blackholes.easynet.nl 127.0.0.2 7 0 SORBS-HTTP ip4r dnsbl.sorbs.net 127.0.0.2 8 0 SORBS-SOCKS ip4r dnsbl.sorbs.net 127.0.0.3 8 0 SORBS-MISC ip4r dnsbl.sorbs.net 127.0.0.4 8 0 SORBS-SMTP ip4r dnsbl.sorbs.net 127.0.0.5 7 0 SORBS-SPAM ip4r dnsbl.sorbs.net 127.0.0.6 7 0 SORBS-WEB ip4r dnsbl.sorbs.net 127.0.0.7 7 0 SORBS-BLOCK ip4r dnsbl.sorbs.net 127.0.0.8 7 0 SORBS-ZOMBIE ip4r dnsbl.sorbs.net 127.0.0.9 7 0 SORBS-DUHL ip4r dnsbl.sorbs.net 127.0.0.10 3 0 BONDEDSENDER ip4r query.bondedsender.org 127.0.0.10 -20 0 BOGUSMX rhsbl bogusmx.rfc-ignorant.org 127.0.0.8 50 DSBLMULTI ip4rmultihop.dsbl.org127.0.0.240 NJABL-DYNABLOCK ip4rdynablock.njabl.org 127.0.0.3 8 0 NJABL-RELAYS ip4rdnsbl.njabl.org 127.0.0.2 7 0 NJABL-DUL ip4rdnsbl.njabl.org 127.0.0.3 5 0N NJABL-MULTI ip4rdnsbl.njabl.org 127.0.0.5 7 0 SPAMCOP ip4r bl.spamcop.net 127.0.0.2 25 0 EASYNET-DNSBL ip4r blackholes.easynet.nl 127.0.0.2 25 0 SPAMHAUS ip4r sbl.spamhaus.org 127.0.0.2 25 0 FIVETEN-SPAM ip4rblackholes.five-ten-sg.com 127.0.0.2 50 FIVETEN-BULK ip4rblackholes.five-ten-sg.com 127.0.0.4 30 FIVETEN-MULTISTAGE ip4rblackholes.five-ten-sg.com 127.0.0.5 30 FIVETEN-SPAMSUPPORT ip4rblackholes.five-ten-sg.com 127.0.0.7 30 FIVETEN-MISC ip4rblackholes.five-ten-sg.com 127.0.0.9 30 MXRATE-BLOCK ip4r pub.mxrate.net 127.0.0.2 3 0 UCEPROTECT-LEVEL1 ip4r dnsbl-1.uceprotect.net * 3 0 UCEPROTECT-LEVEL2- ip4r dnsbl-2.uceprotect.net * 3 0 WHOIS-BOGONS-DYNA ip4r combined-HIB.dnsipli
[Declude.JunkMail] mailpolice new lists
FYI Saw this on their site: adult.rhs.mailpolice.com - adult-oriented sites (new) redir.rhs.mailpolice.com - website redirectors (new)
RE: [Declude.JunkMail] Any ideas on blocking these?
The domain varies with each email; It would be a never ending process keeping this updated... Randy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darin Cox Sent: Tuesday, October 11, 2005 10:51 AM To: Declude.JunkMail@declude.com Subject: Re: [Declude.JunkMail] Any ideas on blocking these? Temporarily you could add a body filter looking for the domain in question... Darin. - Original Message - From: "GlobalWeb.net Webmaster" <[EMAIL PROTECTED]> To: Sent: Tuesday, October 11, 2005 10:34 AM Subject: RE: [Declude.JunkMail] Any ideas on blocking these? I've looked into this add-on but we do not have .Net installed on this server; will have to look into doing this I suppose Thank you for your response! Sincerely, Randy Armbrecht Global Web Solutions, Inc. 804-346-5300 x112 877-800-GLOBAL (4562) x112 http://globalweb.net -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darrell ([EMAIL PROTECTED]) Sent: Tuesday, October 11, 2005 9:05 AM To: Declude.JunkMail@declude.com Subject: Re: [Declude.JunkMail] Any ideas on blocking these? Randy, The domain name capichel.com is listed in SURBL and URIBL. I would suggest incorporating a URI detection program like invURIBL to catch these kinds of stuff. URI filtering is very effective as it focuses on the "spamvertised" domain and not the remote sending party which often changes. Non-authoritative answer: Name:capichel . com . multi . surbl . org Address: 127.0.0.98 Check out http://www.invariantsystems.com for utilities for Declude And Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. GlobalWeb.net Webmaster writes: > Anyone have a good method in catching/blocking the latest Pharm > aceutical Spam messages? (I've attached a txt file with source code) > - these are the messages built in tables with alternating characters > in each cell; this bypasses all content filtering we have with Declude > and Sniffer isn't picking it up either. > > > Sincerely, > > Randy Armbrecht > Global Web Solutions, Inc. > 804-346-5300 x112 > 877-800-GLOBAL (4562) x112 > http://globalweb.net > --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Any ideas on blocking these?
Temporarily you could add a body filter looking for the domain in question... Darin. - Original Message - From: "GlobalWeb.net Webmaster" <[EMAIL PROTECTED]> To: Sent: Tuesday, October 11, 2005 10:34 AM Subject: RE: [Declude.JunkMail] Any ideas on blocking these? I've looked into this add-on but we do not have .Net installed on this server; will have to look into doing this I suppose Thank you for your response! Sincerely, Randy Armbrecht Global Web Solutions, Inc. 804-346-5300 x112 877-800-GLOBAL (4562) x112 http://globalweb.net -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darrell ([EMAIL PROTECTED]) Sent: Tuesday, October 11, 2005 9:05 AM To: Declude.JunkMail@declude.com Subject: Re: [Declude.JunkMail] Any ideas on blocking these? Randy, The domain name capichel.com is listed in SURBL and URIBL. I would suggest incorporating a URI detection program like invURIBL to catch these kinds of stuff. URI filtering is very effective as it focuses on the "spamvertised" domain and not the remote sending party which often changes. Non-authoritative answer: Name:capichel . com . multi . surbl . org Address: 127.0.0.98 Check out http://www.invariantsystems.com for utilities for Declude And Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. GlobalWeb.net Webmaster writes: > Anyone have a good method in catching/blocking the latest Pharm > aceutical Spam messages? (I've attached a txt file with source code) > - these are the messages built in tables with alternating characters > in each cell; this bypasses all content filtering we have with Declude > and Sniffer isn't picking it up either. > > > Sincerely, > > Randy Armbrecht > Global Web Solutions, Inc. > 804-346-5300 x112 > 877-800-GLOBAL (4562) x112 > http://globalweb.net > --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] Any ideas on blocking these?
I've looked into this add-on but we do not have .Net installed on this server; will have to look into doing this I suppose Thank you for your response! Sincerely, Randy Armbrecht Global Web Solutions, Inc. 804-346-5300 x112 877-800-GLOBAL (4562) x112 http://globalweb.net -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darrell ([EMAIL PROTECTED]) Sent: Tuesday, October 11, 2005 9:05 AM To: Declude.JunkMail@declude.com Subject: Re: [Declude.JunkMail] Any ideas on blocking these? Randy, The domain name capichel.com is listed in SURBL and URIBL. I would suggest incorporating a URI detection program like invURIBL to catch these kinds of stuff. URI filtering is very effective as it focuses on the "spamvertised" domain and not the remote sending party which often changes. Non-authoritative answer: Name:capichel . com . multi . surbl . org Address: 127.0.0.98 Check out http://www.invariantsystems.com for utilities for Declude And Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. GlobalWeb.net Webmaster writes: > Anyone have a good method in catching/blocking the latest Pharm > aceutical Spam messages? (I've attached a txt file with source code) > - these are the messages built in tables with alternating characters > in each cell; this bypasses all content filtering we have with Declude > and Sniffer isn't picking it up either. > > > Sincerely, > > Randy Armbrecht > Global Web Solutions, Inc. > 804-346-5300 x112 > 877-800-GLOBAL (4562) x112 > http://globalweb.net > --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
[Declude.JunkMail] declude 3.05.5, Invuribl & sniffer
I think I have finally got my server improved to the point where it is running smoothly and spam is getting caught to the level I have been used to. (If not better) It has been a combination of find the right declude.cfg settings for my hardware (dual xeon 3.4 ...) and also implementing Invuribl to catch this new wave of SPAM that came out at the same time we were all switching to 3.05.5. I set up the trial of invuribl and found it a worthwhile addition so I will be acquiring a licence. As Invuribl takes care of some of the tests that pre-existed in my global.cfg I would not mind seeing a global.cfg file that has been tuned for invuribl and sniffer. Sniffer is NOT running in persistent mode as that I cannot get going (everything starts backlogging) As I know many of you are into this tuning exercise I will include my varies setup files, global.cfg followed by invuribl.exe.config and declude.cfg. Any tuning assistance will be greatly appreciated. Thank you GLOBAL.CFG: # # Declude JunkMail configuration file # PIDDEBUG OFF CODE # The "" in the LOGFILE option gets replaced with the month/date with v1.11 and higher LOGFILE declude\dec.log LOGLEVELLOW HOP 0 #HOPHIGH1 LOG_OK NONE # # Below are some advanced options # STOPPROCESSINGONFIRSTDELETEON CONSOLE OFF HIDETESTS CATCHALLMAILS IPNOTINMX NOLEGITCONTENT XSENDER ON XSPOOLNAME ON XINHEADER X-Note: Total spam weight of this E-mail is %WEIGHT%. XINHEADER X-Note: Spam Tests Failed: %TESTSFAILEDWITHWEIGHTS% XINHEADER X-Note: REMOTEIP: %REMOTEIP% XINHEADER X-Note: REVDNS: %REVDNS% XINHEADER X-Note: FROM: %MAILFROM% XINHEADER X-Note: TO: %RECIPHOST% XINHEADER X-Spam-Tests-Failed: %TESTSFAILED% [%WEIGHT%] XOUTHEADER X-Spam-Tests-Failed: %TESTSFAILED% [%WEIGHT%] #XINHEADER X-Country-Chain: %COUNTRYCHAIN% #XOUTHEADER X-Note: This E-mail was scanned by Declude JunkMail (www.declude.com) for spam. #IPBYPASS 127.0.0.1 #XOUTHEADER Organization: inTown Internet #WHITELIST HABEAS WHITELIST AUTH # # Definitions of the tests to use (do not edit unless you know what you are doing). # These must come before the actions. # # First is the name of the check, then the type of check (ip4r is a DNS lookup using # the reverse of the IP address). # # For type ip4r, 'matchstring' is the string to look for, or "*" for anything. # SPFFAIL spffail x x 3 0 AHBLip4rdnsbl.ahbl.org * 5 0 DSBLip4rlist.dsbl.org * 8 0 ORDBip4rrelays.ordb.org * 5 0 SBL ip4rsbl-xbl.spamhaus.org* 28 0 SBBLip4rsbbl.they.com 127.0.0.240 SOLID ip4rdnsbl.solid.net 127.0.0.250 EASYNET-PROXIES ip4rproxies.blackholes.easynet.nl 127.0.0.2 7 0 SORBS-HTTP ip4rdnsbl.sorbs.net 127.0.0.2 8 0 SORBS-SOCKS ip4rdnsbl.sorbs.net 127.0.0.3 8 0 SORBS-MISC ip4rdnsbl.sorbs.net 127.0.0.4 8 0 SORBS-SMTP ip4rdnsbl.sorbs.net 127.0.0.5 7 0 SORBS-SPAM ip4rdnsbl.sorbs.net 127.0.0.6 7 0 SORBS-WEB ip4rdnsbl.sorbs.net 127.0.0.7 7 0 SORBS-BLOCK ip4rdnsbl.sorbs.net 127.0.0.8 7 0 SORBS-ZOMBIEip4rdnsbl.sorbs.net 127.0.0.9 7 0 SORBS-DUHL ip4rdnsbl.sorbs.net 127.0.0.10 3 0 BONDEDSENDERip4rquery.bondedsender.org 127.0.0.10 -20 0 BOGUSMX rhsbl bogusmx.rfc-ignorant.org127.0.0.8 50 DSBLMULTI ip4rmultihop.dsbl.org 127.0.0.240 NJABL-DYNABLOCK ip4rdynablock.njabl.org 127.0.0.3 8 0 NJABL-RELAYSip4rdnsbl.njabl.org 127.0.0.2 7 0 NJABL-DUL ip4rdnsbl.njabl.org 127.0.0.3 5 0N NJABL-MULTI ip4rdnsbl.njabl.org 127.0.0.5 7 0 SPAMCOP ip4rbl.spamcop.net 127.0.0.2 25 0 EASYNET-DNSBL ip4rblackholes.easynet.nl 127.0.0.2 25 0 SPAMHAUSip4rsbl.spamhaus.org127.0.0.2 25 0 FIVETEN-SPAMip4rblackholes.five-ten-sg.com 127.0.0.2 50 FIVETEN-BULKip4rblackholes.five-ten-sg.com 127.0.0.4 30 FIVETEN-MULTISTAGE ip4rblackholes.five-ten-sg.com 127.0.0.5 30 FIVETEN-SPAMSUPPORT ip4rblackholes.five-ten-sg.com 127.0.0.7 30 FIVETEN-MISCip4rblackholes.five-ten-sg.com 127.0.0.9 30 MXRATE-BLOCKip4r pub.mxrate.net 127.0.0.2 3 0 UCEPROTECT-LEVEL1 ip4r dnsbl-1.uceprotect.net
Re: [Declude.JunkMail] Any ideas on blocking these?
A quick suggestion might be starting your own internal SURBL filter and adding .capichel.com to it. It will b reactive in watching for new domains as they are used in the spam, but is much easier than trying to adjust for the algorithms they use to format the drug list. I don't know if there was anything useful in the headers for filtering. Darin. - Original Message - From: "GlobalWeb.net Webmaster" <[EMAIL PROTECTED]> To: Sent: Tuesday, October 11, 2005 8:36 AM Subject: [Declude.JunkMail] Any ideas on blocking these? Anyone have a good method in catching/blocking the latest Pharm aceutical Spam messages? (I've attached a txt file with source code) - these are the messages built in tables with alternating characters in each cell; this bypasses all content filtering we have with Declude and Sniffer isn't picking it up either. Sincerely, Randy Armbrecht Global Web Solutions, Inc. 804-346-5300 x112 877-800-GLOBAL (4562) x112 http://globalweb.net --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Any ideas on blocking these?
Randy, The domain name capichel.com is listed in SURBL and URIBL. I would suggest incorporating a URI detection program like invURIBL to catch these kinds of stuff. URI filtering is very effective as it focuses on the "spamvertised" domain and not the remote sending party which often changes. Non-authoritative answer: Name:capichel . com . multi . surbl . org Address: 127.0.0.98 Check out http://www.invariantsystems.com for utilities for Declude And Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. GlobalWeb.net Webmaster writes: Anyone have a good method in catching/blocking the latest Pharm aceutical Spam messages? (I've attached a txt file with source code) - these are the messages built in tables with alternating characters in each cell; this bypasses all content filtering we have with Declude and Sniffer isn't picking it up either. Sincerely, Randy Armbrecht Global Web Solutions, Inc. 804-346-5300 x112 877-800-GLOBAL (4562) x112 http://globalweb.net --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] Any ideas on blocking these?
Yes, I have sent about 20 of them to the spam @ sniffer address including the original message and the headers. We have been inundated (sp?) with this type of Spam for over a week and nothing we do along the lines of our "normal" methods are catching it. Sincerely, Randy Armbrecht Global Web Solutions, Inc. 804-346-5300 x112 877-800-GLOBAL (4562) x112 http://globalweb.net -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darin Cox Sent: Tuesday, October 11, 2005 8:52 AM To: Declude.JunkMail@declude.com Subject: Re: [Declude.JunkMail] Any ideas on blocking these? Have you reported messages to sniffer? Pete's pretty good about responding to this. We've reported a few in the past couple of weeks, but haven't seen any more in three days now. Darin. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Any ideas on blocking these?
Have you reported messages to sniffer? Pete's pretty good about responding to this. We've reported a few in the past couple of weeks, but haven't seen any more in three days now. Darin. - Original Message - From: "GlobalWeb.net Webmaster" <[EMAIL PROTECTED]> To: Sent: Tuesday, October 11, 2005 8:36 AM Subject: [Declude.JunkMail] Any ideas on blocking these? Anyone have a good method in catching/blocking the latest Pharm aceutical Spam messages? (I've attached a txt file with source code) - these are the messages built in tables with alternating characters in each cell; this bypasses all content filtering we have with Declude and Sniffer isn't picking it up either. Sincerely, Randy Armbrecht Global Web Solutions, Inc. 804-346-5300 x112 877-800-GLOBAL (4562) x112 http://globalweb.net --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
[Declude.JunkMail] Any ideas on blocking these?
Anyone have a good method in catching/blocking the latest Pharm aceutical Spam messages? (I've attached a txt file with source code) - these are the messages built in tables with alternating characters in each cell; this bypasses all content filtering we have with Declude and Sniffer isn't picking it up either. Sincerely, Randy Armbrecht Global Web Solutions, Inc. 804-346-5300 x112 877-800-GLOBAL (4562) x112 http://globalweb.net Howdy, Do E UPTO % on yo ccations? you want to SAV 70 ur Medi But It maE op! Is so easy with Phar xpress Sh XVLVCA anaALlevitlAGlALImbi xUMraRASen plus 200 other - http://ickp.capichel.com";>Our WebSite
RE: [Declude.JunkMail] Orphan files in work directory
Hi David, They are .sm$ files which all seem to be spam that have been 'ATTACHED'. > What is the content of the D file? Eg, is it spam, legit, > list request ? > > David B > www.declude.com > Email checked by UKsubnet anti-virus service To prevent email abuse & block spam contact [EMAIL PROTECTED] Tel: +44(0)9063407727 (calls cost £1.50/minute) Fax: +44(0)8712360300 Web: www.uksubnet.net Powered by UKsubnet Internet Service Provider Business to Business Internet (ISP) --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.