Re: [Declude.Virus] Declude using CBL to block users sending mail?????
- Original Message - From: Matt So it would be possibly useful in this case, but again, solving the issue that created the CBL listing is the most direct route, and less dependencyon any particular test by adding something like Sniffer and reducing weights on such things I think is still the best overall solution. Not to mention that anything done to reduce the weight of messages into you own system does nothing to control how others may be using CBL to weight or block spam coming into their systems. So as Matt said, the best thing to do is correct whatever issue got you listed in the first place, and then focus your efforts on getting the listing removed. Bill --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] Declude using CBL to block users sending mail?????
I was hoping that someone would correct my mistakes on this instead of me needing to do another famous reply to my own post :) In this case you are correct, but there is a little problem in the details. Adding DUL, DYNA or DUHL to the name of any dnsbl test in Declude will result in not only restricting the test to the last hop only, but it will also disable the test for any E-mail that contains a local Mail From address, regardless of AUTH. This would include both legitimate users as well as zombies that forge local addresses when sending spam. This was originally a trick that Scott used before WHITELIST AUTH existed that protected local users from getting tagged by dnsbl's, but it also would result in some leaked spam from forging zombies. If this was IMail/Declude, adding DUL, DYNA or DUHL to the test name for CBL would definitely prevent CBL from hitting local users when WHITELIST AUTH wasn't available. I can't however vouch for this working with SmarterMail installations. So it would be possibly useful in this case, but again, solving the issue that created the CBL listing is the most direct route, and less dependency on any particular test by adding something like Sniffer and reducing weights on such things I think is still the best overall solution. Matt Colbeck, Andrew wrote: That's a good point, Matt. I glossed over analyzing the hops, but wouldn't Declude skip running any test with DYNA in the name if the message was received via AUTH? I remember that you wrote a Master's Thesis on this over in the Declude.Support mailing list. Naturally, this would only count with Declude running on IMail, and not on SmarterMail. Andrew 8) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Matt Sent: Monday, June 13, 2005 6:14 PM To: Declude.Virus@declude.com Subject: Re: [Declude.Virus] Declude using CBL to block users sending mail? Andrew, Just to clear up any confusion, this message was sent by Doug through his own SmarterMail/Declude server, so his IP was the connecting hop and the DYNA/hop limiting tricks won't have an effect here. I think it might be valuable if people resisted the temptation of removing IP's from headers when shared because those that might help out would often benefit from this information. Sometimes it doesn't really matter of course, and Doug did give enough information to figure this out, but the three received headers were confusing without a careful read. Matt Colbeck, Andrew wrote: Doug, you're probably scoring on multiple hops by setting your HOPHIGH in global.cfg ... If you don't want RBLs to score on multiple hops, just comment out that HOPHIGH line. Alternatively, rename your CBL test to CBL-DYNA (don't forget to change the global.cfg definition plus the action line wherever it appears in your configuration files (e.g. CBL WARN to CBL-DYNA WARN). Andrew 8) p.s. Is your own machine's address on the Internet, or was CBL listing an internal, non-routable IP address like 192.168.1.1 ? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Douglas Cohn Sent: Monday, June 13, 2005 5:03 PM To: Declude.Virus@declude.com Subject: [Declude.Virus] Declude using CBL to block users sending mail? My desktop IP was erroneously listed on CBL. It seems that declude is checking autheticated users sending mail for CBL and according to CBL this is wrong. SEE below Here is the header showing what went on with the actual Ips removed to proect the innocent (ME). But it sure seems that my desktop machine is the one being checked and shown as on CBL. Had 10 points been enough I would not have been able to send mail. The ONLY address within the below HEADER that was actually listed in the CBL is the HOST machine sending the email. NOT the MAIL servers but MY DESKTOP of which I am an authenticated sender. Why would declude check an authenticated sender on the CBL list? This all started because Smartermails SPAM does NOT check the authenticated senders and this is what confused me intially. IE I thought Smartermails SPAM was not working properly on another server where I do NOT have declude ANTISPAM installed. BUT as you see according to CBL it should NOT detect CBL on an autheticated senders IP. According to CBL this is not how the list is designed. Return-Path: <[EMAIL PROTECTED]> Sun Jun 12 18:35:56 2005 Received: from forwardeddestinationmailserver [123.123.123.123] by forwardeddestinationmailserver with SMTP; Sun, 12 Jun 2005 18:35:56 -0400 Received: from decludesmtpserver [456.456.456.456] by destinationmailserver with SMTP; Sun, 12 Jun 2005 18:35:20 -0400 Received: from UnknownHost [IP-in-CBL=MY DESKTOP] by decludesmtpserver with SMTP; Sun, 12 Jun 2005 18:34:59 -0400 From: "douglas cohn" <[EMAIL PROTECTED]> To: <[EMAIL P
RE: [Declude.Virus] Declude using CBL to block users sending mail?????
That's a good point, Matt. I glossed over analyzing the hops, but wouldn't Declude skip running any test with DYNA in the name if the message was received via AUTH? I remember that you wrote a Master's Thesis on this over in the Declude.Support mailing list. Naturally, this would only count with Declude running on IMail, and not on SmarterMail. Andrew 8) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matt Sent: Monday, June 13, 2005 6:14 PM To: Declude.Virus@declude.com Subject: Re: [Declude.Virus] Declude using CBL to block users sending mail? Andrew, Just to clear up any confusion, this message was sent by Doug through his own SmarterMail/Declude server, so his IP was the connecting hop and the DYNA/hop limiting tricks won't have an effect here. I think it might be valuable if people resisted the temptation of removing IP's from headers when shared because those that might help out would often benefit from this information. Sometimes it doesn't really matter of course, and Doug did give enough information to figure this out, but the three received headers were confusing without a careful read. Matt Colbeck, Andrew wrote: >Doug, you're probably scoring on multiple hops by setting your HOPHIGH >in global.cfg ... > >If you don't want RBLs to score on multiple hops, just comment out that >HOPHIGH line. > >Alternatively, rename your CBL test to CBL-DYNA (don't forget to change >the global.cfg definition plus the action line wherever it appears in >your configuration files (e.g. CBL WARN to CBL-DYNA WARN). > >Andrew 8) > >p.s. Is your own machine's address on the Internet, or was CBL listing >an internal, non-routable IP address like 192.168.1.1 ? > > >-Original Message- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED] On Behalf Of Douglas Cohn >Sent: Monday, June 13, 2005 5:03 PM >To: Declude.Virus@declude.com >Subject: [Declude.Virus] Declude using CBL to block users sending >mail? > > >My desktop IP was erroneously listed on CBL. It seems that declude is >checking autheticated users sending mail for CBL and according to CBL >this is wrong. SEE below > >Here is the header showing what went on with the actual Ips removed to >proect the innocent (ME). But it sure seems that my desktop machine is >the one being checked and shown as on CBL. Had 10 points been enough I >would not have been able to send mail. The ONLY address within the >below HEADER that was actually listed in the CBL is the HOST machine >sending the email. NOT the MAIL servers but MY DESKTOP of which I am an >authenticated sender. > >Why would declude check an authenticated sender on the CBL list? > >This all started because Smartermails SPAM does NOT check the >authenticated senders and this is what confused me intially. IE I >thought Smartermails SPAM was not working properly on another server >where I do NOT have declude ANTISPAM installed. BUT as you see >according to CBL it should NOT detect CBL on an autheticated senders >IP. > >According to CBL this is not how the list is designed. > > >Return-Path: <[EMAIL PROTECTED]> Sun Jun 12 18:35:56 2005 >Received: from forwardeddestinationmailserver [123.123.123.123] by >forwardeddestinationmailserver with SMTP; > Sun, 12 Jun 2005 18:35:56 -0400 >Received: from decludesmtpserver [456.456.456.456] by >destinationmailserver with SMTP; > Sun, 12 Jun 2005 18:35:20 -0400 >Received: from UnknownHost [IP-in-CBL=MY DESKTOP] by decludesmtpserver >with SMTP; > Sun, 12 Jun 2005 18:34:59 -0400 >From: "douglas cohn" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Cc: <[EMAIL PROTECTED]> >Subject: Test cbl >Date: Sun, 12 Jun 2005 18:34:52 -0400 >MIME-Version: 1.0 >Content-Type: text/plain; > charset="us-ascii" >Content-Transfer-Encoding: 7bit >X-Mailer: Microsoft Office Outlook, Build 11.0.6353 >Thread-Index: AcVvnvNNt9F+fMW3RTWO2wS4w3LH6A== >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 >X-Declude-Sender: [EMAIL PROTECTED] [IPinCBL=MY DESKTOP] >X-Declude-Spoolname: 37296653.EML >X-Declude-Scan: Score [10] at 18:35:09 on 12 Jun 2005 >X-Declude-Fail: CBL, WEIGHT10 >X-Country-Chain: UNITED STATES->destination >X-SmarterMail-Spam: SPF_None >X-Rcpt-To: <[EMAIL PROTECTED]> > > >http://cbl.abuseat.org/ > >We're getting a lot of reports of spurious blocking caused by sites >using the CBL to block authenticated access to smarthosts / outgoing >mail servers. THE CBL is only designed to be used on INCOMING mail, >i.e. on the hosts that your MX records point to. > >If you use the same hosts for incoming mail and smarthosting, then you >should always ensure that you exempt authenticated clients from CBL >checks, just as you would for dynamic/dialup blocklists. > >Another way of putting this is: "Do not use the CBL to block your own >users". > >--- >[This E-mail scanned for viruses by Declude Virus] > > >--- >This E-mail came from the Declude.Virus mailing list. To unsubscribe, >just s
Re: [Declude.Virus] Declude using CBL to block users sending mail?????
Andrew, Just to clear up any confusion, this message was sent by Doug through his own SmarterMail/Declude server, so his IP was the connecting hop and the DYNA/hop limiting tricks won't have an effect here. I think it might be valuable if people resisted the temptation of removing IP's from headers when shared because those that might help out would often benefit from this information. Sometimes it doesn't really matter of course, and Doug did give enough information to figure this out, but the three received headers were confusing without a careful read. Matt Colbeck, Andrew wrote: Doug, you're probably scoring on multiple hops by setting your HOPHIGH in global.cfg ... If you don't want RBLs to score on multiple hops, just comment out that HOPHIGH line. Alternatively, rename your CBL test to CBL-DYNA (don't forget to change the global.cfg definition plus the action line wherever it appears in your configuration files (e.g. CBL WARN to CBL-DYNA WARN). Andrew 8) p.s. Is your own machine's address on the Internet, or was CBL listing an internal, non-routable IP address like 192.168.1.1 ? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Douglas Cohn Sent: Monday, June 13, 2005 5:03 PM To: Declude.Virus@declude.com Subject: [Declude.Virus] Declude using CBL to block users sending mail? My desktop IP was erroneously listed on CBL. It seems that declude is checking autheticated users sending mail for CBL and according to CBL this is wrong. SEE below Here is the header showing what went on with the actual Ips removed to proect the innocent (ME). But it sure seems that my desktop machine is the one being checked and shown as on CBL. Had 10 points been enough I would not have been able to send mail. The ONLY address within the below HEADER that was actually listed in the CBL is the HOST machine sending the email. NOT the MAIL servers but MY DESKTOP of which I am an authenticated sender. Why would declude check an authenticated sender on the CBL list? This all started because Smartermails SPAM does NOT check the authenticated senders and this is what confused me intially. IE I thought Smartermails SPAM was not working properly on another server where I do NOT have declude ANTISPAM installed. BUT as you see according to CBL it should NOT detect CBL on an autheticated senders IP. According to CBL this is not how the list is designed. Return-Path: <[EMAIL PROTECTED]> Sun Jun 12 18:35:56 2005 Received: from forwardeddestinationmailserver [123.123.123.123] by forwardeddestinationmailserver with SMTP; Sun, 12 Jun 2005 18:35:56 -0400 Received: from decludesmtpserver [456.456.456.456] by destinationmailserver with SMTP; Sun, 12 Jun 2005 18:35:20 -0400 Received: from UnknownHost [IP-in-CBL=MY DESKTOP] by decludesmtpserver with SMTP; Sun, 12 Jun 2005 18:34:59 -0400 From: "douglas cohn" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Subject: Test cbl Date: Sun, 12 Jun 2005 18:34:52 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.6353 Thread-Index: AcVvnvNNt9F+fMW3RTWO2wS4w3LH6A== X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 X-Declude-Sender: [EMAIL PROTECTED] [IPinCBL=MY DESKTOP] X-Declude-Spoolname: 37296653.EML X-Declude-Scan: Score [10] at 18:35:09 on 12 Jun 2005 X-Declude-Fail: CBL, WEIGHT10 X-Country-Chain: UNITED STATES->destination X-SmarterMail-Spam: SPF_None X-Rcpt-To: <[EMAIL PROTECTED]> http://cbl.abuseat.org/ We're getting a lot of reports of spurious blocking caused by sites using the CBL to block authenticated access to smarthosts / outgoing mail servers. THE CBL is only designed to be used on INCOMING mail, i.e. on the hosts that your MX records point to. If you use the same hosts for incoming mail and smarthosting, then you should always ensure that you exempt authenticated clients from CBL checks, just as you would for dynamic/dialup blocklists. Another way of putting this is: "Do not use the CBL to block your own users". --- [This E-mail scanned for viruses by Declude Virus] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. -- = MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ = --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be
RE: [Declude.Virus] Declude using CBL to block users sending mail?????
Doug, you're probably scoring on multiple hops by setting your HOPHIGH in global.cfg ... If you don't want RBLs to score on multiple hops, just comment out that HOPHIGH line. Alternatively, rename your CBL test to CBL-DYNA (don't forget to change the global.cfg definition plus the action line wherever it appears in your configuration files (e.g. CBL WARN to CBL-DYNA WARN). Andrew 8) p.s. Is your own machine's address on the Internet, or was CBL listing an internal, non-routable IP address like 192.168.1.1 ? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Douglas Cohn Sent: Monday, June 13, 2005 5:03 PM To: Declude.Virus@declude.com Subject: [Declude.Virus] Declude using CBL to block users sending mail? My desktop IP was erroneously listed on CBL. It seems that declude is checking autheticated users sending mail for CBL and according to CBL this is wrong. SEE below Here is the header showing what went on with the actual Ips removed to proect the innocent (ME). But it sure seems that my desktop machine is the one being checked and shown as on CBL. Had 10 points been enough I would not have been able to send mail. The ONLY address within the below HEADER that was actually listed in the CBL is the HOST machine sending the email. NOT the MAIL servers but MY DESKTOP of which I am an authenticated sender. Why would declude check an authenticated sender on the CBL list? This all started because Smartermails SPAM does NOT check the authenticated senders and this is what confused me intially. IE I thought Smartermails SPAM was not working properly on another server where I do NOT have declude ANTISPAM installed. BUT as you see according to CBL it should NOT detect CBL on an autheticated senders IP. According to CBL this is not how the list is designed. Return-Path: <[EMAIL PROTECTED]> Sun Jun 12 18:35:56 2005 Received: from forwardeddestinationmailserver [123.123.123.123] by forwardeddestinationmailserver with SMTP; Sun, 12 Jun 2005 18:35:56 -0400 Received: from decludesmtpserver [456.456.456.456] by destinationmailserver with SMTP; Sun, 12 Jun 2005 18:35:20 -0400 Received: from UnknownHost [IP-in-CBL=MY DESKTOP] by decludesmtpserver with SMTP; Sun, 12 Jun 2005 18:34:59 -0400 From: "douglas cohn" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Subject: Test cbl Date: Sun, 12 Jun 2005 18:34:52 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.6353 Thread-Index: AcVvnvNNt9F+fMW3RTWO2wS4w3LH6A== X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 X-Declude-Sender: [EMAIL PROTECTED] [IPinCBL=MY DESKTOP] X-Declude-Spoolname: 37296653.EML X-Declude-Scan: Score [10] at 18:35:09 on 12 Jun 2005 X-Declude-Fail: CBL, WEIGHT10 X-Country-Chain: UNITED STATES->destination X-SmarterMail-Spam: SPF_None X-Rcpt-To: <[EMAIL PROTECTED]> http://cbl.abuseat.org/ We're getting a lot of reports of spurious blocking caused by sites using the CBL to block authenticated access to smarthosts / outgoing mail servers. THE CBL is only designed to be used on INCOMING mail, i.e. on the hosts that your MX records point to. If you use the same hosts for incoming mail and smarthosting, then you should always ensure that you exempt authenticated clients from CBL checks, just as you would for dynamic/dialup blocklists. Another way of putting this is: "Do not use the CBL to block your own users". --- [This E-mail scanned for viruses by Declude Virus] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] Declude using CBL to block users sending mail?????
Doug, IP's should not be in CBL unless they were found sending E-mail to a spam trap, and seemed to be residential in nature or lacked reverse DNS entries. So the primary issue that I see is that your IP was found to have sent E-mail to a spam trap. CBL allows for removal without confirmation, so if this problem is no longer there, removal should fix it. SmarterMail does not presently allow a method for Declude to verify what has successfully authenticated. This is probably the biggest shortcoming of a SmarterMail/Declude setup at this time. SmarterMail has indicated that they will likely provide a method for Declude to verify AUTH in their 3.0 release due in Q4. If your user's IP's aren't exclusive to your company, and aren't in a fixed range, then there is little that can be done about whitelisting authenticated users for the time being. CBL was correct in saying that you don't want to be looking up authenticated E-mail on such lists, but it is a common enough practice, and that fact alone didn't create the condition where your IP became listed. To work around this in the mean time, you might want drop the scores of tests that are fed from spamtraps like CBL and SpamCop. While CBL is very accurate, you don't want a such tests to be trapping your own users on legitimate E-mail, so being a little more conservative might help. Adding Sniffer would be a great way to allow you to drop scores of such tests, and the net result of this would be trapping more spam with fewer false positives if you weight things optimally. Matt Douglas Cohn wrote: My desktop IP was erroneously listed on CBL. It seems that declude is checking autheticated users sending mail for CBL and according to CBL this is wrong. SEE below Here is the header showing what went on with the actual Ips removed to proect the innocent (ME). But it sure seems that my desktop machine is the one being checked and shown as on CBL. Had 10 points been enough I would not have been able to send mail. The ONLY address within the below HEADER that was actually listed in the CBL is the HOST machine sending the email. NOT the MAIL servers but MY DESKTOP of which I am an authenticated sender. Why would declude check an authenticated sender on the CBL list? This all started because Smartermails SPAM does NOT check the authenticated senders and this is what confused me intially. IE I thought Smartermails SPAM was not working properly on another server where I do NOT have declude ANTISPAM installed. BUT as you see according to CBL it should NOT detect CBL on an autheticated senders IP. According to CBL this is not how the list is designed. Return-Path: <[EMAIL PROTECTED]> Sun Jun 12 18:35:56 2005 Received: from forwardeddestinationmailserver [123.123.123.123] by forwardeddestinationmailserver with SMTP; Sun, 12 Jun 2005 18:35:56 -0400 Received: from decludesmtpserver [456.456.456.456] by destinationmailserver with SMTP; Sun, 12 Jun 2005 18:35:20 -0400 Received: from UnknownHost [IP-in-CBL=MY DESKTOP] by decludesmtpserver with SMTP; Sun, 12 Jun 2005 18:34:59 -0400 From: "douglas cohn" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Subject: Test cbl Date: Sun, 12 Jun 2005 18:34:52 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.6353 Thread-Index: AcVvnvNNt9F+fMW3RTWO2wS4w3LH6A== X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 X-Declude-Sender: [EMAIL PROTECTED] [IPinCBL=MY DESKTOP] X-Declude-Spoolname: 37296653.EML X-Declude-Scan: Score [10] at 18:35:09 on 12 Jun 2005 X-Declude-Fail: CBL, WEIGHT10 X-Country-Chain: UNITED STATES->destination X-SmarterMail-Spam: SPF_None X-Rcpt-To: <[EMAIL PROTECTED]> http://cbl.abuseat.org/ We're getting a lot of reports of spurious blocking caused by sites using the CBL to block authenticated access to smarthosts / outgoing mail servers. THE CBL is only designed to be used on INCOMING mail, i.e. on the hosts that your MX records point to. If you use the same hosts for incoming mail and smarthosting, then you should always ensure that you exempt authenticated clients from CBL checks, just as you would for dynamic/dialup blocklists. Another way of putting this is: "Do not use the CBL to block your own users". --- [This E-mail scanned for viruses by Declude Virus] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. -- = MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ = --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".Th
[Declude.Virus] Declude using CBL to block users sending mail?????
My desktop IP was erroneously listed on CBL. It seems that declude is checking autheticated users sending mail for CBL and according to CBL this is wrong. SEE below Here is the header showing what went on with the actual Ips removed to proect the innocent (ME). But it sure seems that my desktop machine is the one being checked and shown as on CBL. Had 10 points been enough I would not have been able to send mail. The ONLY address within the below HEADER that was actually listed in the CBL is the HOST machine sending the email. NOT the MAIL servers but MY DESKTOP of which I am an authenticated sender. Why would declude check an authenticated sender on the CBL list? This all started because Smartermails SPAM does NOT check the authenticated senders and this is what confused me intially. IE I thought Smartermails SPAM was not working properly on another server where I do NOT have declude ANTISPAM installed. BUT as you see according to CBL it should NOT detect CBL on an autheticated senders IP. According to CBL this is not how the list is designed. Return-Path: <[EMAIL PROTECTED]> Sun Jun 12 18:35:56 2005 Received: from forwardeddestinationmailserver [123.123.123.123] by forwardeddestinationmailserver with SMTP; Sun, 12 Jun 2005 18:35:56 -0400 Received: from decludesmtpserver [456.456.456.456] by destinationmailserver with SMTP; Sun, 12 Jun 2005 18:35:20 -0400 Received: from UnknownHost [IP-in-CBL=MY DESKTOP] by decludesmtpserver with SMTP; Sun, 12 Jun 2005 18:34:59 -0400 From: "douglas cohn" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Subject: Test cbl Date: Sun, 12 Jun 2005 18:34:52 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.6353 Thread-Index: AcVvnvNNt9F+fMW3RTWO2wS4w3LH6A== X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 X-Declude-Sender: [EMAIL PROTECTED] [IPinCBL=MY DESKTOP] X-Declude-Spoolname: 37296653.EML X-Declude-Scan: Score [10] at 18:35:09 on 12 Jun 2005 X-Declude-Fail: CBL, WEIGHT10 X-Country-Chain: UNITED STATES->destination X-SmarterMail-Spam: SPF_None X-Rcpt-To: <[EMAIL PROTECTED]> http://cbl.abuseat.org/ We're getting a lot of reports of spurious blocking caused by sites using the CBL to block authenticated access to smarthosts / outgoing mail servers. THE CBL is only designed to be used on INCOMING mail, i.e. on the hosts that your MX records point to. If you use the same hosts for incoming mail and smarthosting, then you should always ensure that you exempt authenticated clients from CBL checks, just as you would for dynamic/dialup blocklists. Another way of putting this is: "Do not use the CBL to block your own users". --- [This E-mail scanned for viruses by Declude Virus] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] Update
Does this contain a fix for declude aborting with the error message that has the 0xc142 and then a click ok to terminate the application ? If not is there a work around ? Avolve Support Get High Speed Internet - Go Wireless ! http://www.avolvewireless.net -- Original Message -- From: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> Reply-To: Declude.Virus@declude.com Date: Wed, 25 May 2005 16:42:59 -0400 >Incremental Release > >A new incremental release (2.0.6.16) is now available for customers with a >current service agreement. This release includes: > >. Virus scanner rules change option (EXITSCANONVIRUS) >. Bitmasked External Test Results - JunkMail enhancement >. Remove Process Counter Popup > >To receive information on releases in the future please send an E-mail to >[EMAIL PROTECTED] with a body of "subscribe Declude.Releases Firstname >Lastname". > >Customer Information > >We have migrated a large portion of our customer accounts from the older >system. The majority of customers can now view their Host information at the >foot of the 'My Account' page on www.declude.com. Please review it and let >us know of any discrepancies, missing hosts, wrong names, etc. > >Barry > > >--- >This E-mail came from the Declude.Virus mailing list. To >unsubscribe, just send an E-mail to [EMAIL PROTECTED], and >type "unsubscribe Declude.Virus".The archives can be found >at http://www.mail-archive.com. >--- >[This E-mail scanned for viruses by Declude Virus By Avolve.net] > > Sent via the WebMail system at avolve.net --- [This E-mail scanned for viruses by Declude Virus By Avolve.net] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
