I have suffered from this also, so much so that I have even explored the use
of SimpleDNS without success thinking that this was a external DNS problem.
I was hoping that by bringing the DNS (as a DNS cache) locally to the mail
server did infact reduce the frequency of this error, unfortunately
I see server failures on a bunch of obviously fake hostnames:
WARNING: DNS server 216.12.134.208 returned a SERVER FAILURE error for MX or A for Me.
WARNING: DNS server 216.12.134.208 returned a SERVER FAILURE error for MX or A for
host3.
WARNING: DNS server 216.12.134.208 returned a SERVER
I see server failures on a bunch of obviously fake hostnames:
WARNING: DNS server 216.12.134.208 returned a SERVER FAILURE error for MX
or A for Me.
WARNING: DNS server 216.12.134.208 returned a SERVER FAILURE error for MX
or A for host3.
WARNING: DNS server 216.12.134.208 returned a SERVER
Anybody have any experience of using the Kill List at imagefxonline.net to
delete junkmail?
I'm using the excellent SpamReview app from slsoft.com but it's taking up
more and more of my time to go through the spam looking for the occasional
false positive (especially on a Monday morning!!).
I
Hi guys,
Anybody knows hot to use the X-RBL-Warning: Possible ADULT Content
undocumented feature. Is there a manpage for it (even un-official)?
Thanks in advance,
Adrian
--
Regards,
Adrian Titei
Director of IT
Jumbo Entertainment Inc.
p: 905-634-4244 x 232
f: 905-632-2964
e: [EMAIL PROTECTED]
Hi,
MSN is not accepting email from my mail server, here is what the log file
entries look like:
20030312 001347 127.0.0.1 SMTP (259) Trying msn.com (0)
20030312 001347 127.0.0.1 SMTP (259) Connect msn.com
[207.46.181.13:25] (1)
20030312 001347 127.0.0.1 SMTP (259)
20030312
Hi;
We use Tom's list on an auto update using a script- updating our list twice
a day with his list.
It is a great list but we do not delete with that list. We simply have a
hold weight for it and review the emails prior to deleting them. At times
we have noticed that some newsletters are
To: [EMAIL PROTECTED]
Sent: Wednesday, March 12, 2003 1:55
PM
Subject: [Declude.JunkMail] MSN
Hi,MSN is not accepting email from my mail server, here
is what the log fileentries look like:20030312 001347
127.0.0.1 SMTP (259) Trying msn.com
(0)20030312 001347 127.0.0.1 SMTP
To: [EMAIL PROTECTED]
Sent: Wednesday, March 12, 2003 1:55
PM
Subject: [Declude.JunkMail] MSN
Hi,MSN is not accepting email from my mail server,
here is what the log fileentries look like:20030312 001347
127.0.0.1 SMTP (259) Trying msn.com
(0)20030312 001347
Anybody knows hot to use the X-RBL-Warning: Possible ADULT Content
undocumented feature. Is there a manpage for it (even un-official)?
There used to be an undocumented adult test in Declude JunkMail, but it
was removed because it was taking too much support time to deal
with. However,
Question..
I see more and more spams that is coming where the senders MTA is
claiming to be the localhost
As for example one of my servers is called imail.fament.com
Latest spam that slipped through had following header
Received: from imail.fament.com [66.81.201.98] by imail.fament.com
SOO.. My question is this.. Could I create a wordfilter rule that
goes like
HELO 10 CONTAINS imail.fament.com
or will that shoot myself in the foot for some reason ?
That will work fine, just so long as you don't have any other mailservers
that identify themselves as imail.fament.com. If your
Hi, John,
Or anyone else for that matter.
Can someone help fill in some blanks about how we would use our IMail Server
as a Gateway to Store and Forward as described below? I did search the
IMail KB as John suggested and found this...
How to use IMail as SMTP Gateway for another e-mail server
Alright. Great. No the other mailserver identifies itself as
backup.fament.com which I don't have declude on.
On the other hand there. My backup mx server only forward mail. Do I
have to get the Pro version of Declude or would Standard be enough ?
I did throw out Webshield because it records the
Alright. Great. No the other mailserver identifies itself as
backup.fament.com which I don't have declude on.
On the other hand there. My backup mx server only forward mail. Do I
have to get the Pro version of Declude or would Standard be enough ?
The Standard version will work fine in this case.
I've got several held emails from a spammer trying to use our system for
relay.
I've got the box locked down to only accept relay from authenticated
users, but somehow this guy got through.
Luckily, I've got hijack on the box, which has blocked all of his
emails.
Here's an example of the email
Here's an example of the email he's trying to relay through:
The key information isn't in the headers in this case -- it's in the IMail
SMTP log file. Most importantly are the RCPT TO: lines, which will show
who the E-mail was actually addressed to, and whether or not some hack was
used to
This is from their web page:
In general, an entire netblock is added rather than just a single IP or
customer of a larger ISP. (For example, if hugeisp has a /16 that they
allocate a single /24 to spamcustomer, the /16 will be listed rather than
just the /24.) An entire ISP may be added if they
1) Point the MX record of the domain name in question, e.g. ACME.COM, to
the
IP Address of our IMail Server.
2) Using the steps described in the above link edit the hosts file to
point the domain name ACME.COM to the IP Address of the Destination Mail
Server.
Which all seems very simple.
Here you go:
03:12 18:35 SMTPD(0F9200BE) [169.207.38.237] HELO 208.253.112.160
03:12 18:35 SMTPD(0F9200BE) [169.207.38.237] MAIL FROM: [EMAIL PROTECTED]
03:12 18:35 SMTPD(0F9200BE) [169.207.38.237] RCPT TO: [EMAIL PROTECTED]
03:12 18:35 SMTPD(0F9200BE) [169.207.38.237] RCPT TO: [EMAIL PROTECTED]
SpamCop is just as bad. We run a web server
for an associate who lives in another city. One of his customers has some
java scripts ona site for free download. A spammer in Taiwan has
added one of those scripts into the html on his advertisement. The script
includes a reference to the
What's strange is that the only thing consistent around all of the spam emails is the
IP address 169.207.38.237, which is listed with SpamCop.
Should declude pick that up? I've got spamcop listed as an automatic hold, but
somehow he keeps getting through.
Thanks.
b
-- Original
What do you mean they can not get to their web page? That has nothing to do
with e-mail.
John Tolmachoff MCSE, CSSA
IT Manager, Network Engineer
RelianceSoft, Inc.
Fullerton, CA 92835
www.reliancesoft.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:Declude.JunkMail-
[EMAIL
What do you mean they can not get to their web page? That has nothing to
do
with e-mail.
Apparently blars blocks everything at their router, probably a Linux router.
From the hospital, they cannot even browse to the web page. I find it rather
bizarre myself, but the IT guy is a friend and I have
Scott,
We are seeing a case where the mail server will connect to itself. Check out the DNS
for this spammer's domain: hotoptions.net
It has no MX record, but an A record pointing to: 127.0.0.1
If an email from this domain is bounced due to a full mailbox, this will cause Imail
to attempt
Ron,
We use sniffer as a weighted test, giving it a weight of 12 and tagging emails as spam
at 15. Some false positives do occur just like with any other spam test...However,
using it as a heavily weighted test has been extremely effective for us, while keeping
false positives to a minimum.
26 matches
Mail list logo
