Tomas Kuliavas wrote: [snip]
>>> If users send emails from broadband addresses, some spam filtering >>> engines >>> might check ip address in first Received header and assign extra points >>> when address is listed in DUL RBL. >> >> Do you mean my ISP connection IP? I do use broadband (DSL) as my ISP >> connection. Is there somewhere I can lookup addresses on DUL RBL? I >> Googled but didn't find a list or query form. > > http://www.dnsstuff.com > > First form in second column. > >>> If you have server on DSL connection, >>> filters can check second received header. >> >> No, I don't run a local server. My web server (which runs SM) is in the >> Pegasus/Fortress ITX datacentre in New Jersey. It's a shared hosting web >> server, so I am not the only account on it. >> >>> SquirrelMail 1.4.6 allows to >>> hide user's ip address. Two different options are available. One option >>> is >>> in 4. General options section and another is in SMTP/Sendmail options. >> >> Sorry, I don't see those options. I use the Administrator plugin in >> 1.4.6. >> Here are the options displayed in those two sections: >> >> (-) Server Settings > ... >> Header Encryption Key > > Encryption key allows to hide SquirrelMail Received: headers > in outbound messages. Interface uses encryption key to encode > username, remote address and proxied address, then stores encoded > information in X-Squirrel-* headers. > > Warning: used encryption function is not bulletproof. When used > with static encryption keys, it provides only minimal security > measures and information can be decoded quickly. > > Encoded information can be decoded with decrypt_headers.php script > from SquirrelMail contrib/ directory. Sorry, that is greek to me. ;) What is it that you suggest that I enter there, and will it help this situation? >> (-) General Options > ... >> Remove username from headers ... > > SquirrelMail adds username information to every sent email. It is done in > order to prevent possible sender forging when end users are allowed to > change their email and name information. > > You can disable this header, if you think that it violates user's privacy > or security. Please note, that setting will work only when users are not > allowed to change their identity. That's the problem. We do allow users to edit multiple identities: it's very useful to be able to send FROM multiple addresses, all within a single SM login. As I recall, a while back this was discussed on one of the lists, and many people felt that this was a privacy issue. They, and I, would like to see an administrator option to disable the header showing username information, even if we do allow use of multiple identities. > ... >>> If you use sendmail (http://www.sendmail.org) and SquirrelMail is >>> configured to use /usr/sbin/sendmail, sendmail can add extra headers >>> about untrusted senders. These headers can trigger spam filters too. >> >> I use SMTP. >> >>> Are you sure that X-AntiAbuse headers are added to all email users? If >>> they are present only in SquirrelMail emails, headers might trigger >>> some filtering engines too. >> >> I just checked Outlook, which I use occasionally if my SM server is >> down, and its headers do not include X-AntiAbuse. >> >> I'd like to do what I can to decrease the odds of my mail being blocked >> by >> spam filters. The recipients who are affected by this aren't technically >> savvy, so they can't provide much help other than to say that my mails >> don't arrive or end up in spam folders. > > If your server adds this header, try testing spam filters when this header > is disabled or does not contain 'abuse' word. Hard to do, as the recipients with the spam filtering aren't technically savvy. Even getting them to provide headers info is difficult. ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 -- squirrelmail-users mailing list Posting Guidelines: http://www.squirrelmail.org/wiki/MailingListPostingGuidelines List Address: [email protected] List Archives: http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995 List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
