On http://lists.netsys.com/pipermail/full-disclosure/2004-May/021116.html
you can find a new discovered and simple tecnique to visualize one URL in
tha status bar of IE and Outlook (except Outlook 2003) but let them link on
a completely other location.
I will set up a dedicated filter to detect
The Institute of Biotechnology, University of Helsinki Finland just sent my
abuse line a report suggesting a new client of mine is a spammer. I'm not
in the business of protecting these guys from each other.
Has anyone heard of countmein.com as a spammer?
Here's the report if you're
There is several reports on NANAE (some very recent most from 2003) -
http://groups.google.com/groups?hl=enlr=q=countmein.commeta=group%3Dnews.admin.net-abuse.sightings
Here is a link to more info specifically (by the same folks that email you)
Hi;
I am trying to
understand how this works.. We have the following in the
Global:
EMERGENCYBYPASS
bypasswhitelisting 40 2 0
0
in the following
action in the default file.
EMERGENCYBYPASSDELETE
Now..
We have one person
in a domain that has [EMAIL PROTECTED] in the address
book.
-- 2nd attempt-
sometimes postings do not show up.
Hi;
I am trying to
understand how this works.. We have the following in the
Global:
EMERGENCYBYPASS
bypasswhitelisting 40 2 0
0
in the following
action in the default file.
EMERGENCYBYPASSDELETE
Now..
We have one person
in a
The first one did show up...
Darin.
- Original Message -
From: Kami
Razvan
To: [EMAIL PROTECTED]
Sent: Wednesday, May 12, 2004 10:16 AM
Subject: [Declude.JunkMail] bypasswhitelisting?
-- 2nd attempt-
sometimes postings do not show up.
Hi;
I am trying to
understand how this
Can anybody point out reasons why it would be a bad idea for me to use this
line to stop filtering messages with file attachments? This is mainly for
PDF files which seem to get caught for strange reasons.
BODY END CONTAINS Content-Type: application/octet-stream
Rick Davidson
National Systems
Received: from ns1.ssc-isp.net [12.9.25.242] by standardabrasives.com
(SMTPD32-8.05) id AA05D10128; Tue, 11 May 2004 23:53:57 -0700
Received: from [80.199.82.218] ([80.199.82.218])
by ns1.ssc-isp.net (SAVSMTP 3.1.6.45) with SMTP id M2004051123492224557
for [EMAIL PROTECTED]; Tue, 11 May 2004
Definitely a spammer, however they aren't a spam house. Most of the
recent complaints in the abuse newsgroups are from the same university
admin, but there are others.
I can't tell from senderbase.org if they are using their own server, or
relaying through their ISP. I do always ask that my
Maybe if Scott Ricter of OptinRealBig can get himself an injunction
against SpamCop, then maybe AOL, RR and every other damn ISP that
they're listing can do the same :-/
http://zdnet.com.com/2100-1104_2-5210518.html?tag=sas.email
But seriously, we all have Congress to thank for this
Anyone have a list of IP addresses that OptInRealBig.com uses to send out
their mailings? Declude Blacklist.. :)
The web site's IP is 69.6.21.239 which is assigned to JAYS WEB SERVICE
JAYSWEBSERV-01 (NET-69-6-21-0-1) 69.6.21.0 - 69.6.21.255. There are some
interesting hostname when I did a scan
They are quite well blacklisted and the absense from SpamCop probably
won't make a difference.
Matt
Jeff Maze wrote:
Anyone have a list of IP addresses that OptInRealBig.com uses to send out
their mailings? Declude Blacklist.. :)
The web site's IP is 69.6.21.239 which is assigned to JAYS
I wouldn't dismiss this too quickly. The concern here is the
trend. Spammers using the law/can-spam act against companies that are
fighting spam. They don't have to win the suits, they just have to make it
expensive, or otherwise not worth it, like they have for many blacklists
in the past
Attached is the test of a html e-mail that was sent to a old user.
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
!doctype html public -//w3c//dtd html4.0 transitional//en
!-- Begin document [MarketFirst Software, Inc.] V05.01,P=Email Data Capture
I am trying to understand how this works.. We have the following in the
Global:
EMERGENCYBYPASS bypasswhitelisting 40 2 0 0
This should be bypasswhitelist not bypasswhitelisting.
in the following action in the default file.
EMERGENCYBYPASS DELETE
With bypasswhitelist, an E-mail with a
Received: from ns1.ssc-isp.net [12.9.25.242] by standardabrasives.com
(SMTPD32-8.05) id AA05D10128; Tue, 11 May 2004 23:53:57 -0700
Received: from [80.199.82.218] ([80.199.82.218])
by ns1.ssc-isp.net (SAVSMTP 3.1.6.45) with SMTP id M2004051123492224557
for [EMAIL PROTECTED]; Tue, 11 May
Well, there is SOME truth behind their allegation - it's just too bad, that
in this case, a spammer can use the truth for their purposes.
But, for anyone maintaining a VALID, subscription based mailing list,
SpamCops approach is troublesome, counterproductive at best, damaging at
worst (even if
This could have serious implications everywhere on the internet...
- When I go to Google and see a person's poor review of a product, then
I don't buy that product, is very similar. Google is a third party, the
reviewer is a disgruntled user, I'm deciding not to purchase (or use)
the product
Sounds good guys, I'll take it up with them directly.
Thanks,
Dan
From: Darrell [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Date: Wed, 12 May 2004 08:43:22 -0400
To: [EMAIL PROTECTED] [EMAIL PROTECTED]
Subject: SPAM: Re: [Declude.JunkMail] countmein.com
There is several reports on
Scott,
I have a filter called FOREIGN that I have been defeating with END
statements for certain domains with international traffic like so
- Foreign.txt -
ALLRECIPSENDCONTAINS@clientdomain.com
I just noticed an E-mail that was held which failed this filter for this
client.
Spammers have been suing for a long time now, and courts have
consistantly ruled in the favor of the RBL in question. The only thing
about this that is troublesome so far is the injunction. Keep in mind
that OptInRealBig is being sued by both Microsoft and New York State,
and if we can't block
At 02:09 PM 5/12/2004, Matt wrote:
Scott,
I have a filter called FOREIGN that I have been defeating with END
statements for certain domains with international traffic like so
- Foreign.txt -
ALLRECIPSENDCONTAINS@clientdomain.com
Matt,
Are you using an interim version of
I have a filter called FOREIGN that I have been defeating with END
statements for certain domains with international traffic like so
- Foreign.txt -
ALLRECIPSENDCONTAINS@clientdomain.com
I just noticed an E-mail that was held which failed this filter for this
client. Note
Are you using an interim version of Declude? I just recently had this
problem, and contact [EMAIL PROTECTED] They told me there was a bug with the
ALLRECIPS in the current interim, and that it would be resolved in a
future interim. For now, I've had to return back to the latest beta.
If
At 02:31 PM 5/12/2004, R. Scott Perry wrote:
Are you using an interim version of Declude? I just recently had this
problem, and contact [EMAIL PROTECTED] They told me there was a bug with the
ALLRECIPS in the current interim, and that it would be resolved in a
future interim. For now, I've
Not to start a huge long thread about interims and such, but if you can
get this interim released, do you know if that little problem with the zip
files (zipped but didn't abide by the zipped rules) getting caught by
banext ezip will be fixed as well...
Yes (whenever we say that something has
Can anybody point out reasons why it would be a bad idea for
me to use this line to stop filtering messages with file
attachments? This is mainly for PDF files which seem to get
caught for strange reasons.
One reason could be that the enemy (spammer) is listening, and now he can
see
Hi;
today we have
received a ton of spam from probably infected computers in
Universities..
The most notable
was a lot of Viagra spam from Harvard University. Considering we receive a
lot of emails from them their reverse dns WASwhitelisted- not
anymore..
just thought to
share the
Scott:
Is there anyway we
can whitelist a test?
With Declude we
can have combination tests and tests that give weight based on a combination of
test names.. now I wonder if we can whitelist a test name:
Whitelist
Testsfailed spamcop :)
If we can do this
it can help us with whitelisting
Is there anyway we can whitelist a test?
With Declude we can have combination tests and tests that give weight
based on a combination of test names.. now I wonder if we can whitelist a
test name:
Whitelist Testsfailedspamcop :)
If we can do this it can help us with whitelisting based on
I have
had great luck contacting th universitys letting them know the offending IP
addresses. they are normally very grateful. And the virus spam generally stops
within a day or two.
Kevin
Bilbee
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]On
Hi,
Does anyone know how to do this? If an HTML mail arrives in Outlook how
can you look to see what the HTML source is? I have looked and do not
see any View Source and the Save as options did not work.
Thanx
Goran Jovanovic
The LAN Shoppe
---
[This E-mail was scanned for viruses
Right-click in the body of the HTML message and choose, View Source
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Goran Jovanovic
Sent: Wednesday, May 12, 2004 5:57 PM
To: [EMAIL PROTECTED]
Subject: [Declude.JunkMail] OT: Outlook HTML Question
Hi,
Duh ... looked everywhere but there.
Thanx
Goran Jovanovic
The LAN Shoppe
-Original Message-
From: [EMAIL PROTECTED] [mailto:Declude.JunkMail-
[EMAIL PROTECTED] On Behalf Of Erik
Sent: Wednesday, May 12, 2004 8:03 PM
To: [EMAIL PROTECTED]
Subject: RE:
This will show you the decoded HTML source. So if the body is encoded you
will not see the encoding. This is a problem if you are trying to setup
filters. what I do if I want to see the real source is froward it as an
attachment to and account I service with outlook express.
Kevin Bilbee
Thanx Kevin,
Got to love the hoops we sometimes have to go through
Goran Jovanovic
The LAN Shoppe
-Original Message-
From: [EMAIL PROTECTED] [mailto:Declude.JunkMail-
[EMAIL PROTECTED] On Behalf Of Kevin Bilbee
Sent: Wednesday, May 12, 2004 8:19 PM
To: [EMAIL
Just a follow up to those who helped with
my Poweredge crashing.
Finally after having Dell escalate the
case I got a tech who was willing to replace the Cpus, and not a single
problem since.
Thanks all.
Scott Hahn
Try http://www.xintercept.com/pkpeek.htm, great little add-in for MS Lookout
- er Outlook.
PocketKnife Peek is an Outlook add-in for screening your e-mail as plain
text before opening it in Outlook. The add-in can be used to view all
Outlook message formats, but is aimed particularly at averting
What happened to this valuable site? I get a server not found?
Rick Hogue
www.intent.net Web Hosting 1-800-866-2983
www.prosperity.com Featured web site
---
[This E-mail scanned for viruses by Declude Virus]
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
Hmmm me too. I had problems earlier this week and then it came back.
Goran Jovanovic
The LAN Shoppe
-Original Message-
From: [EMAIL PROTECTED] [mailto:Declude.JunkMail-
[EMAIL PROTECTED] On Behalf Of Rick Hogue
Sent: Wednesday, May 12, 2004 11:01 PM
To: [EMAIL
I seem to be finding a lot of things that are down currently, and my
own server was knocked off-line earlier tonight by what appears to have
been a huge surge of viruses (more research necessary). Maybe just a
coincidence of course.
Matt
Goran Jovanovic wrote:
Hmmm me too. I had
Cancel that, no clue what brought down my server, it doesn't seem
related to E-mail. I am however having trouble reaching two other
sites though, but that's probably a coincidence.
The DNSStuff Canadian mirror isn't responding, but the backup site
still is:
http://backup.dnsstuff.com/
Matt
42 matches
Mail list logo