Re: [Declude.JunkMail] OT: pgp in emails - can you read my emails?
Craig, As you know SMTP is not designed for content security. To protect the content of the message one would have to encrypt the content of the message via PGP or another tool. In this case the message content would not be filtered by Declude as they wont be able to unencrypt the body contents. However, the headers are not encrypted so RBL lookup's will still be effective. On a client I consulted for between them and thier lawyers we implemented TLS but for this to work both sides need to support it and it only protects the contents being transported. On the remote end after the TLS transport is done it goes back to being clear text. In general when this question is asked I always explain that smtp is in clear text and it should be assumed that anything in email is readable by someone at some point. The other part they need to know is that from time to time we do what we call spam blitzes. This is when we make a copy of all messages going through the system to determine how much spam is getting through or not getting through. All of this needs to be clearly spelled our and communicated to the customers so they understand this. Darrell --- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Craig Edmonds writes: Hi All, Some clients have voiced some concern over the ability of me and my team having access to their mail whilst it passes through my mail network. Of course, I dont engage in reading peoples emails whilst performing email administration but nevertheless the opportunity is there and we do have access to it. I have been reading a little about PGP in relation to email and it looks like they (the clients) have to make the effort to secure their mail on their computer first before sending. Is there any guidance/tips/wording I can give my clients to give them the option to make thier emails secure? Is there a solution out their I can enable server side which automatically encrypts incoming emails? If emails are encryypted, can declude filter them? How does everyone else answer the question of can you read my emails question? I am using IMAIL, WIN 2003, Declude 4.3.7 if thats any help. Kindest Regards Craig Edmonds 123 Marbella Internet W: www.123marbella.com http://www.123marbella.com/ E : [EMAIL PROTECTED] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Newest version
This regex works \b(PHA)+([a-zA-Z]+(RMA))\b as well as this one for the other morph \b(PHA)+([a-zA-Z]+(RMACY))\b -Nick Ferrell Ard wrote: We are seeing a lot of email with the Subject line Subject: X-IMail-SPAM PHAujyRMA The KEY to the subject line is (1) 1st 3 letters are always PHA (2) letters 4-6 are random and lower case (3) letters 7 - 9 are always RMA Does anyone know of a way to TRASH these emails? Thanks very much Ferrell --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] OT: pgp in emails - can you read my emails?
There are a few e-mail encryption services out there (e.g, see Sigaba Zix, among others). We provide an encrypted e-mail service for our healthcare customers that encrypts messages, not only in transport, but while stored in their mailboxes, as well. We also provide a TLS/SSL gateway server that requires the e-mail client (Outlook, OE, Thunderbird, Opera, Eudora, etc.) to establish a TLS/SSL session to the server on either Port 25 (SMTP), 465 (SMTPS) or 587 (Submission) and once the encrypted session is established, then the SMTP Authentication challenge takes place before the server will accept a message for relaying (that way plain text passwords are encrypted in transport). Utilizing TLS/SSL over ports 465 and 587, as well as 25, enables us to also support those customers that may be using an ISP that blocks port 25 outbound. Port 25 inbound and outbound can be set to advertise its TLS/SSL support, and can either require it or accept it, if offered. Here is a sample header from a message delivered though one of our secure gateways by an e-mail client: Received: from SOMEHOST (unknown [xxx.xxx.xxx.xxx]) (using TLSv1 with cipher DES-CBC3-SHA (168/168 bits)) (No client certificate requested) by mail.example.com (Secure E-Mail Service) with ESMTP id 1234567 We do not publish the SMTP Auth header, but could if we wanted to trigger spam filtering bypass for authenticated users. However, in our case, only authenticated user can relay through these gateways, so the header is unnecessary. And if you wanted to be "real" secure, you could request or even require client certificates for two-way authentication. This same serveralso supports IMAPS (port 993), POP3S (port 995), and HTTPS (port 443). And best of all, it is all done with open source software, from the OS to all necessary e-mail applications, including spam filtering and virus scanning. It's a really nice setup and is very fast and efficient, as well. If you would like all of the gory details, e-mail me off-list. Bill - Original Message - From: Craig Edmonds To: declude.junkmail@declude.com Sent: Thursday, September 14, 2006 3:26 AM Subject: [Declude.JunkMail] OT: pgp in emails - can you read my emails? Hi All, Some clients have voiced some concern over the ability of me and my team having access to their mail whilst it passes through my mail network. Of course, I dont engage in reading peoples emails whilst performing email administration but nevertheless the opportunity is there and we do have access to it. I have been reading a little about PGP in relation to email and it looks like they (the clients) have to make the effort to secure their mail on their computer first before sending. Is there any guidance/tips/wording I can give my clients to give them the option to make thier emails secure? Is there a solution out their I can enable server side which automatically encrypts incoming emails? If emails are encryypted, can declude filter them? How does everyone else answer the question of "can you read my emails question"? I am using IMAIL, WIN 2003, Declude 4.3.7 if thats any help. Kindest RegardsCraig Edmonds123 Marbella InternetW: www.123marbella.comE : [EMAIL PROTECTED] ---This E-mail came from the Declude.JunkMail mailing list. Tounsubscribe, just send an E-mail to [EMAIL PROTECTED], andtype "unsubscribe Declude.JunkMail". The archives can be foundat http://www.mail-archive.com. ---This E-mail came from the Declude.JunkMail mailing list. Tounsubscribe, just send an E-mail to [EMAIL PROTECTED], andtype "unsubscribe Declude.JunkMail". The archives can be foundat http://www.mail-archive.com.
