I'm all for your GUI because I know it will make your business more
successful even though it will probably be of no use to me at this
point. I certainly could have used it in the beginning and I would
have probably bought Declude earlier than I did. I'll bet
that Dave
might even
Sharyn (and others that despise GUI's and learning new things at this
stage in the game),
I think that we must all recognize that the majority of Declude's
market lies with those that aren't nearly as experienced with this
stuff as we are, and they need a GUI in order to tap deeper into that
People on this list hopefully will appriciate the irony of the following:
G
07/12/2004 13:42 MTLDB:1 nIPNOTINMX:-3 nNOLEGITCONTENT:-5 . Total weight
= -7.
07/12/2004 13:42 Using [incoming] CFG file
d:\IMail\Declude\$default$.junkmail.
07/12/2004 13:42 Msg failed MTLDB (This E-mail came from
: New Multiple Threat Lookup Database test
for Declude JunkMail
I understand that new declude versions requires an up to date service
agreement.
But this is a simple IP4r test that can be run with existing versions, so
why are they requiring a SA ?
BTW, i do have a current SA, so that is not why i
I understand that new declude versions requires an up to date service
agreement.
But this is a simple IP4r test that can be run with existing versions, so
why are they requiring a SA ?
BTW, i do have a current SA, so that is not why i am bitchin, but it seems
things are starting to get out of
] Fw: New Multiple Threat Lookup Database test
for Declude JunkMail
An I missing something? When I try to resolve mtldb.declude.com I get;
tracert mtldb.declude.com
Unable to resolve target system name mtldb.declude.com.
That is by design -- mtldb.declude.com should not be resolvable
R. Scott Perry wrote:
The management could have just said, Scott, you did a great job in
the past; take this new project and just do it however you like. But
that would have just increased their reliance on me -- whereas this
way, I can help mold the new company. They can learn from their
does this mean we should stop using the test once our SA expires if we
choose not to renew ?
- Original Message -
From: R. Scott Perry [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Saturday, July 10, 2004 12:07 PM
Subject: Re: [Declude.JunkMail] Fw: New Multiple Threat Lookup Database
- Original Message -
From: R. Scott Perry [EMAIL PROTECTED]
The reason for that is that it isn't easy administering a DNSBL -- there
are a lot of costs involved. We're expecting to get tens of millions of
queries per day. If someone else was running this test, that would be a
does this mean we should stop using the test once our SA expires if we
choose not to renew ?
That is correct.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers
since 2000.
Declude Virus: Ultra reliable virus
And how are you preventing anyone but current customers with active SAs from
using the DNSBL? If someone knows the test site hostname, what is to
prevent them from using it?
We'll be monitoring it, and if it appears as though it is being misused, we
may restrict by IP address.
Also, it does
Standing by the sidelines here trying to keep up with this interesting
thread and actually have some extra time to chime in. I am very concerned
about installing this upgrade with the false positives being reported, dlls
and uninstall bug reported, etc. Will Declude be addressing these issues and
The mistakes with this were not relatively minor. While I'm not using
the test, others seem to indicate that it is better at detecting ham than
it is at detecting spam. Now anyone that installed this is scoring a
massive number of false positives at 8 points on their system, and there
has
That's what I am working on. As for the install, it has you register on
our website (if you have not done so yet), and adds a line to the
global.cfg file. The install program was really designed for non-techies.
At some point when this gets ironed out will the config line be made
available
- Original Message -
From: R. Scott Perry [EMAIL PROTECTED]
As for the tried and true methods of the past, please watch for future
developments. This is a key moment for the new management, and I believe
I
will steer them in the right direction.
Because of your positive
Ditto!
Go enjoy whats left of your weekend.
Jay
- Original Message -
From: Bill Landry [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Saturday, July 10, 2004 3:52 PM
Subject: Re: [Declude.JunkMail] Fw: New Multiple Threat Lookup Database test
for Declude JunkMail
- Original
R. Scott Perry wrote:
This doesn't affect me at all, but it causes me pause. If that's the
way that they and you want to run their business, that's your
prerogative.
I personally think that it is the best way to transition a business.
Again, we should focus on the *next* project, rather than
Here is a potential problem with this test.
I have a backup MX server that forwards all to my main server. Yes, 95% of
the e-mail that flows through this server is spam/virus. However, since
Declude Virus does not allow you to bypass and IP, Declude Virus sees all
e-mail coming through that
I wouldn't blame them for that choice if they made it, although I think
that the brain trust of Declude to date has evolved as combination of
yourself and those that participate on this list, and that represents both
goodwill and intellectual value which is hard to measure in terms of
At some point when this gets ironed out will the config line be made
available either through the list or through directly emailing support to
verify that you have an active support agreement?
I'm going to recommend that in the future, they provide a way of bypassing
the whole 5MB download
Thanks for the response, it puts my anxiety more at ease having some of
these things answered.
If you want to get Dave up to speed faster, loan him to me for a month
and I'll show him this side of things. Free room and board :)
But seriously, if they aren't ready for what gets said here,
://www.tmcnet.com/usubmit/2004/Jul/1055222.htm
Hope they issue a correction!
-Joe
- Original Message -
From: R. Scott Perry [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Saturday, July 10, 2004 3:08 PM
Subject: Re: [Declude.JunkMail] Fw: New Multiple Threat Lookup Database test
for Declude JunkMail
Although immediately available at no charge to current Declude 'JunkMail'
customers the company is open to discussing licensed access by others
wishing to eradicate this threat.
The test is NOT free to current Declude 'JunkMail' customers if a current
Service Agreement is required.
Well,
I'm all for your GUI because I know it will make your business more
successful even though it will probably be of no use to me at this
point. I certainly could have used it in the beginning and I would have
probably bought Declude earlier than I did. I'll bet that Dave might
even be able to
At 10:39 AM 7/9/2004, Dan Geiser wrote:
Is this guy serious when he says The test is available for
download. What do we have to download? What version number includes
this test? What is the format of the test? Is it just an IP4R
test? What host name do we use?
I found that kinda strange as
Goto declude.com and you'll see what it is you have to download.
Greg
Dan Geiser wrote:
Is this guy serious when he says The test is available for
download. What do we have to download? What version number includes
this test? What is the format of the test? Is it just an IP4R test?
What
I don't think I have ever had an username and password with
Declude. Where do we find this information?
All we ever had to provide as verification was our
Hostname.
- Original Message -
From:
Dan
Geiser
To: [EMAIL PROTECTED]
Sent: Friday, July 09, 2004 8:39 AM
Title: Message
I
guess they wrote a "setup" program that will install new code and even activate
it for you. Hopefully, there'll be some "readme" inside that mysterious .EXE
file. Otherwise, it is pretty much a cat in the sack!
The installation process for the MTLDB: Download
are
needed.
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
-Original Message-
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andy Schmidt
Sent: Friday, July
09, 2004 8:53 AM
To: [EMAIL PROTECTED]
Subject: RE: [Declude.JunkMail]
Fw: New Multiple Threat
Title: Message
I installed this test, but I'd like to voice my opinion
that I do not like the way this test was distributed. I don't like
anything messing with my global.cfg, even if it is a program distributed by
Declude.
It seemsto me thatthis was an attempt by the
new owners to harvest
Admin server can not be reached...Error 3592. Need any special
ports open or anything?
- Original Message -
From:
Jay
Calvert
To: [EMAIL PROTECTED]
Sent: Friday, July 09, 2004 10:49
AM
Subject: Re: [Declude.JunkMail] Fw: New
Multiple Threat Lookup Database
I don't think I have ever had an username and password with
Declude. Where do we find this information?
All we ever had to provide as verification was our Hostname.
If you purchased Declude before mid-April 2004, you won't have a
username/password. In this case, you can go to
At 10:49 AM 7/9/2004, Jay Calvert wrote:
I don't think I have ever had an username and password with
Declude. Where do we find this information?
All we ever had to provide as verification was our Hostname.
I never had one either, so I just clicked new user, and it asked me for an
email
Russ Uhte (Lists) wrote:
I found that kinda strange as well, but in blind faith, I did download
and install it. So far it seems to be running very well. Very useful
in conjunction with SA and Sniffer. All that I can tell about it is
that it added a line to my global.cfg. I'm sure Scott or
,
2004 8:53
AMTo:
[EMAIL PROTECTED]Subject: RE: [Declude.JunkMail] Fw: New
Multiple Threat Lookup Database test for Declude JunkMail
I guess they wrote a "setup" program that
will install new code and even activate it for you. Hopefully, there'll be
some "
Scott,
This is just in regard to the site and not the new test. Could you ask
them to code the page in a way so that it doesn't reload every 10
seconds? I use Netscape 7 and it may be that it's just not friendly
with that browser, but after a few minutes of sitting on the site,
pressing my
]
Sent: Friday, July 09, 2004 10:49 AM
Subject: Re: [Declude.JunkMail] Fw: New Multiple Threat Lookup Database test for
Declude JunkMail
I don't think I have ever had an username and password with Declude. Where do we
find this information?
All we ever had to provide as verification was our
It seems to me that this was an attempt by the new owners to harvest
information about Declude users via the signup mechanism.
I believe the reason for requiring the signup information is to help ensure
that customers with up-to-date Service Agreements get to use the test at no
cost, while
message.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Russ Uhte (Lists)
Sent: Friday, July 09, 2004 11:11 AM
To: [EMAIL PROTECTED]
Subject: Re: [Declude.JunkMail] Fw: New Multiple Threat Lookup Database test for
Declude JunkMail
At 10:49 AM 7/9
Why a 5 MB download for an IP4R test?
I was a bit surprised, too, when I saw that it was a 5.6MB file. :)
Also, I think it would be a very good idea to have a process of opting-out
customers from the data collection (or rather opt-in as that is the
standard that we use for judging spam and
I ran the test few minutes with 0 weight and alert action, so far near all
messages were false positive.
BTW: I don't fully understand the idea behind this test.
---
Franco Celli
---
[Quipo ISP - Questa E-mail e' stata controllata dal programma Declude Virus]
[Quipo ISP - This
I tried that, and it claimed my email address did not exist on their
system. I've only had one email
address the entire time we've done business with Declude.
You need to log on as a new account. The website does not know about
customers from before the new website was put online.
Maybe all of this has been considered, but I didn't get much from the
E-mail or from the site in this regard.
I did not even get an e-mail about this.
Maybe Scott does not like me, getting back at me for all the intern jokes.
;)
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
BTW: I don't fully understand the idea behind this test.
I agree...can someone explain the rationale behind this test? How effective
will this be at identifying spam?
- Andy
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the
Scott,
Thanks for the answers. I just wanted to add my comments to two very
important things.
Is there also an exclusion for ECAIR viruses and more importantly, is
there an exclusion for things like macro viruses that will get sent
from legitimate servers?
We will certainly be looking at
BTW: I don't fully understand the idea behind this test.
I agree...can someone explain the rationale behind this test? How effective
will this be at identifying spam?
The idea is that people are reporting 60% to 85% of spam coming from
zombies -- IP addresses that have trojan horses installed
Hi Scott:
The IPs that we list are those that were sending viruses
in the past; therefore, they will likely be sending spam in the future.
I wonder, whether most corporate PCs (with identifiable, fix IP addresses)
are more likely to be protected behind firewalls or mail servers with virus
[Responding to two posts]
So - if some dial-up/dynamic PC gets infected, that IP address will likely
be assigned to someone else who happens to connect tomorrow? Is your test
eliminating any dial-up/dynamic IPs, since by definition the infected/spam
workstation will change IPs?
But, by
.
-Dan Horne
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of R. Scott Perry
Sent: Friday, July 09, 2004 1:43 PM
To: [EMAIL PROTECTED]
Subject: RE: [Declude.JunkMail] Fw: New Multiple Threat Lookup Database test
for Declude JunkMail
[Responding to two posts
Please take this as being constructive.
I'm not out to prove a point with spam blocking, I'm out to just simply
block spam and deliver good E-mail. When some idiot blasts legitimate
mail from DUL space, the problem becomes mine to solve, and my customers
expect for me to solve it, period.
] [mailto:Declude.JunkMail-
[EMAIL PROTECTED] On Behalf Of Dan Horne
Sent: Friday, July 09, 2004 11:08 AM
To: [EMAIL PROTECTED]
Subject: RE: [Declude.JunkMail] Fw: New Multiple Threat Lookup Database
test for
Declude JunkMail
a good admin will allow ICMP traffic through, *unless* they believe
and then disable it again.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of John Tolmachoff
(Lists)
Sent: Friday, July 09, 2004 2:23 PM
To: [EMAIL PROTECTED]
Subject: RE: [Declude.JunkMail] Fw: New Multiple Threat Lookup Database test
for Declude JunkMail
That said, I do appreciate the effort here with this test, and as with
anything it will evolve and become stronger and more accurate, but I
just hope that you don't limit yourself from doing the right thing just
because of a real-world condition that doesn't make sense to you.
I am going to
At 01:38 PM 7/9/2004, Dan Horne wrote:
Ah, but you DO recognize that ICMP is a threat, and so you have set
access-rules on it. That was my main point. And as Sandy pointed out,
Obviously ICMP _CAN_ be a security risk, but so is having your network
connected to the Internet. I know a lot of
Scott, did you create this test, or is it otherwise your idea?
I helped come up with the original idea. However, most of the design and
development work was done by others, with occasional input from me.
Scott, are you in control of features and changes to declude.exe, or are
others now
Scott, are you in control of features and changes to declude.exe, or are
others now influencing your decisions?
The owners of the company make the final decisions. However, I can say
that for the time being at least, no changes will be made to the
declude.exe code without my knowledge
The owners of the company make the final decisions. However, I can say
that for the time being at least, no changes will be made to the
declude.exe code without my knowledge (there could potentially be changes I
don't agree with, but at least I'll know if that does happen).
But what about
-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of R. Scott Perry
Sent: Friday, July 09, 2004 12:19 PM
To: [EMAIL PROTECTED]
Subject: RE: [Declude.JunkMail] Fw: New Multiple Threat Lookup Database
test for Declude JunkMail
The owners of the company make the final decisions
Sounds like new features are going to be slow going from this point???
Until the next release, most likely. But after that, it should be back to
the usual rate. :)
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail
Hi Scott:
As a rule of thumb, when people ask me for assistance regarding troubles
reaching a computer and I can't ping it, I tell them that it can't be
pinged, and they have to take care of it from there. If you disable a vital
networking tool, you need to accept the consequences.
That's
At 03:59 PM 7/9/2004, Andy Schmidt wrote:
Hi Scott:
As a rule of thumb, when people ask me for assistance regarding troubles
reaching a computer and I can't ping it, I tell them that it can't be
pinged, and they have to take care of it from there. If you disable a vital
networking tool, you need
I couldn't agree more with Matt. It's annoying as all heck.
-M
- Original Message -
From: Matt
To: [EMAIL PROTECTED]
Sent: Friday, July 09, 2004 12:17 PM
Subject: Re: [Declude.JunkMail] Fw: New Multiple Threat Lookup Database test
for Declude JunkMail
Scott,
This is just in regard
, July 10, 2004 1:16 AM
Subject: RE: Re[2]: [Declude.JunkMail] Fw: New Multiple Threat Lookup
Database test for Declude JunkMail
Well, I think this new test is maybe testing the waters, as so far,
even
though I like the idea, I do not like the implementation of this test,
and
have not yet done
I understand that new declude versions requires an up to date service
agreement.
But this is a simple IP4r test that can be run with existing versions, so
why are they requiring a SA ?
BTW, i do have a current SA, so that is not why i am bitchin, but it seems
things are starting to get out of
64 matches
Mail list logo