The next thing I would do is track back the message id to the imail logs and
verify the user indeed did auth. If they did not auth they still would be
able to send that message since it was destined to a local domain for that
mail server.
Darrell
---
Ch
Thanks John!
-Nick
John T (Lists) wrote:
A clarification on how to "reset" Hijack:
For Declude versions 2.x and below, you need to end the Deccon.exe process.
It is also best to do this with Imail SMTP and Queue Manager service stopped
and no Declude.exe processes running to ensure that no pr
Thanks.
-d
- Original Message -
From: "John T (Lists)" <[EMAIL PROTECTED]>
To:
Sent: Thursday, October 13, 2005 1:41 AM
Subject: RE: [Declude.JunkMail] Hijack question
A clarification on how to "reset" Hijack:
For Declude versions 2.x and below, you need to end the Deccon.exe proces
I thought it would be good to post this here since others might have
some feedback that would help Declude determine the proper way to go on
this.
I have noted that in Declude 2.x, when an invalid reverse DNS lookup is
found, such as 4.79.67.53 returning "alias =
53.0-127.67.79.4.in-addr.arpa
I have checked and they are sending their email through another mail
server, which means they are NOT auth-ing for our server. So that means
the message would go through the normal spam checks, right?
Darrell ([EMAIL PROTECTED]) wrote:
The next thing I would do is track back the message id
Kevin,
Yes - your absolutly correct. They would have to directly connect to your
server and have authentication enabled. Any sending via a remote server to
your server will cause the message to be spam filtered.
Darrell
--
