Jonathan,
Here is my setup - hopefully it will help. Anyone feel free to tell
me what I have messed up...
-Nick
#GLOBAL.CFG <edited>
#
#SETTINGS
################################################################################
CONSOLE ON
HOP 0
#HOPHIGH 1
IPBYPASS 127.0.0.1
LOOSENSPAMHEADERS OFF
LOGFILE spool\dec####.log
LOGLEVEL MID
PREWHITELIST ON
WHITELIST AUTH
XSENDER ON
XSPOOLNAME ON
#HEADERS
############################################################################
XINHEADER X-Country-Chain: %COUNTRYCHAIN%
XINHEADER X-Note: Total spam weight of this E-mail is %WEIGHT%.
XINHEADER X-Note: Spam tests: %TESTSFAILED%.
XINHEADER X-Note: Reverse DNS: %REVDNS%.
XINHEADER X-Note: Header code: %HEADERCODE%
XINHEADER X-Note: Queue name: %QUEUENAME%
XOUTHEADER X-Note: Total spam weight of this e-mail is %WEIGHT%.
XOUTHEADER X-Note: Reverse DNS %REVDNS% .
#FROMFILE
##################################################################################
BADSENDERS fromfile e:\IMail\Declude\badaddresses.txt x 5 0
KillListGen fromfile e:\IMail\Declude\Destination.txt x 10 0
#IPFILE
##################################################################################
ipblacklist ipfile e:\IMail\Declude\filters\ipfile.txt x 5
0
#FILTERS
##################################################################################
ADULTPHRASE filter e:\IMail\Declude\filters\adultphrase.txt
x 3 0
ANTI-GIBBERISHSUB filter e:\IMail\Declude\filters\Anti-GibberishSub.txt
x -4 0
ANTI-Y!DIRECTED filter e:\IMail\Declude\filters\Anti-Y!Directed.txt
x -11 0
BODYCURSE filter e:\IMail\Declude\filters\bodycurse.txt
x 3 0
BODYSEX filter e:\IMail\Declude\filters\bodysex.txt
x 3 0
COUNTRY filter e:\imail\declude\filters\country.txt
x 6 0
DBL filter e:\IMail\Declude\filters\dbl.txt
x 0 0
DNS_TESTS filter e:\IMail\Declude\filters\dns_tests.txt
x 0 0
DYNAMIC filter e:\IMail\Declude\filters\Dynamic.txt
x 3 0
FOREIGN filter e:\IMail\Declude\Filters\Foreign.txt
x 3 0
GIBBERISH filter e:\IMail\Declude\filters\Gibberish.txt
x 4 0
GIBBERISHSUB filter e:\IMail\Declude\filters\GibberishSub.txt
x 4 0
GMA_SENT filter e:\imail\declude\filters\gma.txt
x 0 0
MALICIOUS filter e:\IMail\Declude\filters\viri.txt
x 6 0
OBFUSCATION filter e:\IMail\Declude\filters\Obfuscation.txt
x 7 0
REVDNSCK filter e:\IMail\Declude\filters\revdns.txt
x 0 0
SUBJCURSE filter e:\IMail\Declude\filters\subjcurse.txt
x 3 0
SUBJSEX filter e:\IMail\Declude\filters\subjsex.txt
x 3 0
TLD-AFRICAN filter e:\IMail\Declude\Filters\TLD-African.txt
x 3 0
TLD-ASIAN filter e:\IMail\Declude\Filters\TLD-Asian.txt
x 3 0
TLD-CARIBBEAN filter e:\IMail\Declude\Filters\TLD-Caribbean.txt
x 3 0
TLD-CENTRALAMERICAN filter e:\IMail\Declude\Filters\TLD-CentralAmerican.txt
x 3 0
TLD-EASTERNEUROPEAN filter e:\IMail\Declude\Filters\TLD-EasternEuropean.txt
x 3 0
TLD-MIDDLEEASTERN filter e:\IMail\Declude\Filters\TLD-MiddleEastern.txt
x 3 0
TLD-OCEANIC filter e:\IMail\Declude\Filters\TLD-Oceanic.txt
x 3 0
TLD-SOUTHAMERICAN filter e:\IMail\Declude\Filters\TLD-SouthAmerican.txt
x 3 0
TLD-WESTERNEUROPEAN filter e:\IMail\Declude\Filters\TLD-WesternEuropean.txt
x 3 0
TLD-TRUSTED-HELO filter e:\IMail\Declude\Filters\TLD-Trusted-HELO.txt
x 0 0
TLD-TRUSTED-MAILFROM filter e:\IMail\Declude\Filters\TLD-Trusted-MAILFROM.txt
x 0 0
TLD-TRUSTED-REVDNS filter e:\IMail\Declude\Filters\TLD-Trusted-REVDNS.txt
x 0 0
VIRUSBLK filter e:\IMail\Declude\filters\virusblk.txt
x 50 0
WORDFILTER filter e:\IMail\Declude\filters\wordfilter.txt
x 3 0
XHEADERS filter e:\IMail\Declude\filters\xheaders.txt
x 0 0
Y!DIRECTED filter e:\IMail\Declude\filters\Y!Directed.txt
x 11 0
#WHITELISTS
##################################################################################
WHITELIST AUTH
WHITELIST HABEAS
WHITELIST REVDNS .amazon.com
WHITELIST REVDNS .ebay.com
WHITELIST REVDNS .expedia.com
#IPR4
#################################################################################
BLACKHOLE-BRAZIL ip4r brazil.blackholes.us 127.0.0.2 3
BLACKHOLE-CHINA ip4r china.blackholes.us 127.0.0.2 3
BLACKHOLE-HONGKONG ip4r hongkong.blackholes.us 127.0.0.2 3
BLACKHOLE-JAPAN ip4r japan.blackholes.us 127.0.0.2 3
BLACKHOLE-KOREA ip4r korea.blackholes.us 127.0.0.2 3
BLACKHOLE-LEVEL3 ip4r level3.blackholes.us 127.0.0.2 3
BLACKHOLE-RR ip4r rr.blackholes.us 127.0.0.2 4
BLACKHOLE-RUSSIA ip4r russia.blackholes.us 127.0.0.2 3
BLACKHOLE-VERIO ip4r verio.blackholes.us 127.0.0.2 3
BLACKHOLE-XO ip4r xo.blackholes.us 127.0.0.2 3
BLITZEDALL ip4r opm.blitzed.org * 7
0
BONDEDSENDER ip4r query.bondedsender.org 127.0.0.10 -20
0
CBL ip4r cbl.abuseat.org 127.0.0.2 4
0
DSBL ip4r list.dsbl.org * 5
0
EASYNET-DNSBL ip4r blackholes.easynet.nl 127.0.0.2 5
0
EASYNET-DYNA ip4r dynablock.easynet.nl 127.0.0.2 4
0
EASYNET-PROXIES ip4r proxies.blackholes.easynet.nl 127.0.0.2 6
0
INTERSIL ip4r blackholes.intersil.net 127.0.0.2 4
0
NJABL ip4r dnsbl.njabl.org 127.0.0.2 5
ORDB ip4r relays.ordb.org * 5
0
SBL ip4r sbl.spamhaus.org 127.0.0.2 7
0
SBBL ip4r sbbl.they.com * 6
0
SORBS-DUL ip4r dnsbl.sorbs.net 127.0.0.10 6
0
SORBS-NOMAIL ip4r dnsbl.sorbs.net 127.0.0.12 5
0
SORBS-HTTP ip4r dnsbl.sorbs.net 127.0.0.2 5
0
SORBS-BLOCK ip4r dnsbl.sorbs.net 127.0.0.8 5
0
SORBS-MISC ip4r dnsbl.sorbs.net 127.0.0.4 5
0
SORBS-SMTP ip4r dnsbl.sorbs.net 127.0.0.5 5
0
SORBS-SOCKS ip4r dnsbl.sorbs.net 127.0.0.3 5
0
SORBS-SPAM ip4r dnsbl.sorbs.net 127.0.0.6 1
0
SORBS-WEB ip4r dnsbl.sorbs.net 127.0.0.7 5
0
SORBS-ZOMBIE ip4r dnsbl.sorbs.net 127.0.0.9 5
0
SPAMCOP ip4r bl.spamcop.net 127.0.0.2 9
0
#RHSBL
#################################################################################
DNSFRAUD rhsbl in.dnsbl.org 127.0.0.3 10
0
DNSILLEGAL rhsbl in.dnsbl.org 127.0.0.5 10
0
DSN rhsbl dsn.rfc-ignorant.org 127.0.0.2 3
0
DNSPROMO rhsbl in.dnsbl.org 127.0.0.4 10
0
EASYNET-DOMAINS rhsbl spamdomains.blackholes.easynet.nl 127.0.0.2 5
0
MAILPOLICE-BULK rhsbl bulk.rhs.mailpolice.com 127.0.0.2 8
0
MAILPOLICE-PORN rhsbl porn.rhs.mailpolice.com 127.0.0.2 10
0
NOABUSE rhsbl abuse.rfc-ignorant.org 127.0.0.4 2
0
NOPOSTMASTER rhsbl postmaster.rfc-ignorant.org 127.0.0.3 1
0
SORBS-BADCONF rhsbl dnsbl.sorbs.net 127.0.0.11 3
0
#WEIGHT TESTS
#################################################################################
WEIGHT10 weight x x 10 0
WEIGHT15 weight x x 15 0
WEIGHT20 weight x x 20 0
WEIGHT24 weight x x 24 0
WEIGHT30 weight x x 30 0
WEIGHT35 weight x x 35 0
SPAM-VHIGH weight x x 26 0
#WEIGHT RANGE TESTS
#################################################################################
SPAM-NONE weightrange x x 0 4 0
SPAM-VLOW weightrange x x 5 9 0
SPAM-LOW weightrange x x 10 14 0
SPAM-MID weightrange x x 15 19 0
SPAM-HIGH weightrange x x 20 25 0
#OTHER TESTS
#################################################################################
BADHEADERS badheaders x x 8 0
BASE64 base64 x x 4 0
BYPASSWHITELIST bypasswhitelist 35 2 0 0
CATCHALLMAILS catchallmails x x 0 0
COMMENTS comments x x 7 0
HELOBOGUS helovalid x x 6 0
HEUR10 heuristics 10 x 3 0
IPNOTINMX ipnotinmx x x 0 -3
MAILFROM envfrom x x 12 0
NOLEGITCONTENT nolegitcontent x x 0 -5
NON_ENGLISH nonenglish x x 1 0
PERCENT percent x x 10 0
REVDNS revdnsexists x x 4 0
ROUTING spamrouting x x 4 0
SNIFFER external nonzero "e:\Sniffer\sniffer2.exe
xnk05x5vmipeaof7" 9 0
SPAMCHK external weight "e:\imail\declude\spamchk\spamchk.exe"
SPAMDOMAINS spamdomains e:\IMail\Declude\sd.txt x 6
0
SPAMHEADERS spamheaders x x 3 0
SUBJECTCHARS subjectchars 60 x 3 0
SUBJECTSPACES subjectspaces 15 x 3 0
#################################################################################
#OUTGOING ACTIONS
#================================================================================================
#
#DELETE
BADSENDERS DELETE
IPBLACKLIST DELETE
KILLLISTGEN DELETE
WEIGHT35 DELETE
#================================================================================================
#
#HOLD
WEIGHT30 HOLD
#================================================================================================
#
#SUBJECT
Spam-LOW SUBJECT [Possible Spam(low)]-
Spam-MID SUBJECT [Possible Spam(mid)]-
Spam-HIGH SUBJECT [Possible Spam(high)]-
Spam-VHIGH SUBJECT [Possible Spam(vhigh)]-
#================================================================================================
#
#WARNINGS IP4R
BLACKHOLE-BRAZIL WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
BLACKHOLE-CHINA WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
BLACKHOLE-HONGKONG WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
BLACKHOLE-JAPAN WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
BLACKHOLE-KOREA WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
BLACKHOLE-LEVEL3 WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
BLACKHOLE-RR WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
BLACKHOLE-RUSSIA WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
BLACKHOLE-VERIO WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
BLACKHOLE-XO WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
BLITZEDALL WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
BONDEDSENDER WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
CBL WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
DSB WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
EASYNET-DNSBL WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
EASYNET-DYNA WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
EASYNET-PROXIES WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
INTERSIL WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
NJABL WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
ORDB WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
SBL WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
SBBL WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
SORBS-DUL WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
SORBS-NOMAIL WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
SORBS-HTTP WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
SORBS-BLOCK WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
SORBS-MISC WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
SORBS-SMTP WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
SORBS-SOCKS WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
SORBS-SPAM WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
SORBS-WEB WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
SORBS-ZOMBIE WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
SPAMCOP WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
#================================================================================================
#
#WARNINGS RHSBL
DNSFRAUD WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
DNSILLEGAL WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
DNSPROMO WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
EASYNET-DOMAINS WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
DSN WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
MAILPOLICE-BULK WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
MAILPOLICE-PORN WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
NOABUSE WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
NOPOSTMASTER WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
SORBS-BADCONF WARN X-Warning: [%TESTDOMAIN%] This message may be spam.
%WARNING%
#################################################################################
#================================================================================================
#
#WARNINGS OTHER
XHEADERS WARN X-Note: [%TESTNAME%] %WARNING%
Date sent: Tue, 11 Nov 2003 17:06:27 -0600
To: [EMAIL PROTECTED]
From: Jonathan <[EMAIL PROTECTED]>
Subject: [Declude.JunkMail] Junkmail Tests and Configs
Send reply to: [EMAIL PROTECTED]
> In an effort to clean up our junkmail configs, and only use valid
> tests, we cleaned out our previous tests (old services that were dead
> etc) and replaced them with the ones currently in the declude help
> files. Since then, we've been seeing complaints of increased
> spam/etc. Does anyone have some good configs they'd be willing to
> share? Good RBLs to use/etc. I'd really appreciate it, it's gettin
> pretty bad here. :)
>
> Jonathan
>
> ---
> [This E-mail was scanned for viruses by Declude Virus
> (http://www.declude.com)]
>
> ---
> This E-mail came from the Declude.JunkMail mailing list. To
> unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
> type "unsubscribe Declude.JunkMail". The archives can be found
> at http://www.mail-archive.com.
>
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.JunkMail". The archives can be found
at http://www.mail-archive.com.
