Here's a simple filter to fix the issue for at leat the NDR's and
Webmail, and possibly all other messages generated by IMail1.exe and
maybe even the listserv (though I don't use it so I can't test). If
you wanted to limit this to just NDR's, you could add another line with
an END statement
First when you say next release, does that mean that there will be no
more interims?
No -- it means that whenever a new version (release, beta, or interim) is
online, it will contain the fix. Interims aren't released quite as quickly
now, but they will continue.
Secondly, regarding one of
I'd consider trying Sort Monster's message sniffer. It's an external test
that is very effective at detecting spam.
- Original Message -
From: Kim Premuda [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, October 13, 2004 6:13 PM
Subject: [Declude.JunkMail] Newbie help/guidance
Some other thoughts...
1. Make sure you have the all_list.dat file in the declude folder for the
country tests to run.
Matt's beta filters are definitely better than his non beta filters.
2. Other ip4r/rhsbl to consider:
FABEL ip4r spamsources.fabel.dk127.0.0.2 5 0
99.7%
I thought that I would share this simple VBScript that can be used to
rename files caught by Declude Hijack, and put them back into your spool
for reprocessing.
When Declude places blocked messages in the Hold2 directory under your
spool, it renames both the Q* and D* files with the IP from
Scott,
I'm a little suprised that this message didn't fail the MAILFROM test...
===
Received: from wrkst-120-188.trafficopen.com [69.42.120.188] by
mail.maildesk.net
(SMTPD32-6.06) id A197D95000B8; Wed, 13 Oct 2004 20:00:23 -0400
From: Market Research [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
This is forged. Your IP is actually being used as the HELO by the
spammer in the way that it appears. The IP enclosed by brackets and
closest to the by is the one that should be considered to be the
remote IP. Some spammers will forge your IP as the HELO in this way, in
fact it is quite
Hi Matt,
I've requested a feature in Hijack similar to IPBYPASS for 'customer
who's whole network is behind a single IP'. we do wireless
installations in hotels, libraries, etc. and we need this kind of
feature in hijack.
Unfortunately, according to Scott, it is not a priority right now.
I've requested a feature in Hijack similar to IPBYPASS for 'customer
who's whole network is behind a single IP'. we do wireless
installations in hotels, libraries, etc. and we need this kind of
feature in hijack.
Unfortunately, according to Scott, it is not a priority right now.
Uh,
Well this is silly. I guess it's not really a forged header. I was
scanning mails that were tagged as spam and passed on, and the original of
this was going to a stepindustries.net account. Only this specific user
is having that mail all forwarded to an AOL account. Within AOL, she's
marking
I've requested a feature in Hijack similar to IPBYPASS for 'customer
who's whole network is behind a single IP'. we do wireless
installations in hotels, libraries, etc. and we need this kind of
feature in hijack.
Unfortunately, according to Scott, it is not a priority right now.
Hi John,
The point is control of spam behind routers (a single IP). AllowIP
allows unlimited email from the IP but it does not control (count) the
emails coming from behind the IP.
Tito
Thursday, October 14, 2004, 9:43:41 AM, you wrote:
I've requested a feature in Hijack similar to
Tito Macapinlac wrote:
Hi John,
The point is control of spam behind routers (a single IP). AllowIP
allows unlimited email from the IP but it does not control (count) the
emails coming from behind the IP.
I'm not sure I understand how this could ever work, unless the user
behind the NAT device
Ah yes, now I get it.
Been spending too much time trying to resolve a MS CRM problem.
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
-Original Message-
From: [EMAIL PROTECTED] [mailto:Declude.JunkMail-
[EMAIL PROTECTED] On Behalf Of Tito Macapinlac
Sent: Thursday,
Multiple users behind a NAT device using your e-mail server at another
location.
On of those users starts send out spam. Your e-mail server will see the
connection coming from the public IP of the NAT device as opposed to the
client IP of the workstation. Declude Hijack looks at the IP that Imail
Hi Russ,
The way we are implementing spam control for our wireless clients is
we have a freebsd box before the NAT device that does port forwarding on port 25 to
sendmail
(to catch the internal ip) then send the email to imail gateway. The
imail gateway now see the NAT device as the source of
I'm a little suprised that this message didn't fail the MAILFROM test...
X-Declude-Sender: [EMAIL PROTECTED] [69.42.120.188]
It definitely should have, as fosta.$domain isn't a valid domain. However:
X-Note: Sent with HELO [wrkst-120-188.trafficopen.com] from Reverse DNS
[(timeout)]
since the
Tito Macapinlac wrote:
Hi Russ,
The way we are implementing spam control for our wireless clients is
we have a freebsd box before the NAT device that does port forwarding on port 25 to
sendmail
(to catch the internal ip) then send the email to imail gateway. The
imail gateway now see the NAT
Hello, All,
First let me apologize for posting this General IMail issue to the Declude
JunkMail list. I normally wouldn't do this but I'm sort of at my wits end.
If you are going to flame me for doing that just please press delete and
move along. That being said...
I am having a very weird
Matt,
Some of the your new filters replace existing filters (eg. Gibberish v1.0.7 with
Gibberish v2.1.1.). The older versions have anti-xxx filters, but the new filters
don't. When using the newer filters, should I keep or delete the older anti-xxx
filters?
Many thanks for all the help!
The 'all_list.dat' file was included with the distribution.
Thanks for the additional blacklists...I was not aware that they existed.
-- Original Message --
From: Scott Fisher [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Date: Thu, 14 Oct 2004 09:24:10
Delete the older anti- filters as they aren't used in the beta filters.
-- Original Message --
From: Kim Premuda [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Date: Thu, 14 Oct 2004 16:44:45 -0700
Matt,
Some of the your new filters replace existing
I can't help you with the KWM templates, but I will follow that with great
interest.
On the spam deletion issue, here's a command line item that takes care of it
for us:
C:\imail\immsgexp.exe -td:\imail\domains\yadayada.com\users -d7 -mspam
We use it in a BAT file with one line per domain. The
I am just looking through some of the built in declude tests
that I have been running unsuccessfully and the COMMENTS test is one of them.
Have any of you had great success with this test? How have you used this
test successfully? I am currently using it to look for 6,8 10
comments but am
24 matches
Mail list logo
