[Declude.JunkMail] porn spam
How does one stop mail like this? lxdjjblq ldpzi http:/xxx.x.com http://iluzl3227.tripod.com zuk q jar zgmghx vxh jwrrfmtmfo eidzrz. lmsuqai drahmrff. uezng n sbqbxemgz ygcbfdd mirc wzgebwwco rwfb. so, bnr rfkiectjz. eokj, nq cojce. azauqpa, lm btbmrex uq. I see it coming through regularly yet cannot seem to stop it. I run the full declude suite along with sniffer and commtouch Any idea is very welcome Thank you Please note our new Address Harry Vanderzand Intown Internet 740 Erbsville Road Waterloo, On, N2J 3Z4 519-741-1222 DISCLAIMER: The information in this message is confidential and may be legally privileged. It is intended solely for the addressee. Access to this message by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying,or distribution of the message, or any action or omission taken by you in reliance on it, is prohibited and may be unlawful. Please immediately contact the sender if you have received this message in error. Thank you. --- [This E-mail was scanned by Declude] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
[Declude.JunkMail] sniffer question
Just checking my sniffer logs. The following is an excerpt that I have a question o0n: s u='20101211142509' m='q559a524ab283.smd' s='0' r='0' p s='12' t='15' l='2054' d='69'/ g o='0' i='216.16.233.12' t='u' c='0.968559' p='-0.73764' r='Normal'/ I='216.16.233.12 is my mail server. This mail came from 94.190.11.38 originally and also has an AOL ip in the headers What is the I= supposed to represent? This is further to my recent post as it is the same item in question Thank you Please note our new Address Harry Vanderzand Intown Internet 740 Erbsville Road Waterloo, On, N2J 3Z4 519-741-1222 DISCLAIMER: The information in this message is confidential and may be legally privileged. It is intended solely for the addressee. Access to this message by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying,or distribution of the message, or any action or omission taken by you in reliance on it, is prohibited and may be unlawful. Please immediately contact the sender if you have received this message in error. Thank you. --- [This E-mail was scanned by Declude] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] porn spam
Hi Harry, Can you send the header and the source of at least 2 or maybe a few more if you have them to supp...@declude.com Thanks David Barker VP Operations Declude Your Email security is our business 978.499.2933 office 978.988.1311 fax mailto:dbar...@declude.com dbar...@declude.com -declude -dnsstuff From: supp...@declude.com [mailto:supp...@declude.com] On Behalf Of Harry Vanderzand Sent: Monday, December 13, 2010 1:03 PM To: declude.junkmail@declude.com Subject: [Declude.JunkMail] porn spam How does one stop mail like this? lxdjjblq ldpzi http:/xxx.x.com http://iluzl3227.tripod.com zuk q jar zgmghx vxh jwrrfmtmfo eidzrz. lmsuqai drahmrff. uezng n sbqbxemgz ygcbfdd mirc wzgebwwco rwfb. so, bnr rfkiectjz. eokj, nq cojce. azauqpa, lm btbmrex uq. I see it coming through regularly yet cannot seem to stop it. I run the full declude suite along with sniffer and commtouch Any idea is very welcome Thank you Please note our new Address Harry Vanderzand Intown Internet 740 Erbsville Road Waterloo, On, N2J 3Z4 519-741-1222 DISCLAIMER: The information in this message is confidential and may be legally privileged. It is intended solely for the addressee. Access to this message by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying,or distribution of the message, or any action or omission taken by you in reliance on it, is prohibited and may be unlawful. Please immediately contact the sender if you have received this message in error. Thank you. --- [This E-mail was scanned by Declude] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned by Declude] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. image001.png Description: Binary data image002.png Description: Binary data
RE: [Declude.JunkMail] porn spam
done Thank you Please note our new Address Harry Vanderzand Intown Internet 740 Erbsville Road Waterloo, On, N2J 3Z4 519-741-1222 DISCLAIMER: The information in this message is confidential and may be legally privileged. It is intended solely for the addressee. Access to this message by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying,or distribution of the message, or any action or omission taken by you in reliance on it, is prohibited and may be unlawful. Please immediately contact the sender if you have received this message in error. Thank you. From: supp...@declude.com [mailto:supp...@declude.com] On Behalf Of David Barker Sent: December-13-10 1:10 PM To: declude.junkmail@declude.com Subject: RE: [Declude.JunkMail] porn spam Hi Harry, Can you send the header and the source of at least 2 or maybe a few more if you have them to supp...@declude.com Thanks David Barker VP Operations Declude Your Email security is our business 978.499.2933 office 978.988.1311 fax mailto:dbar...@declude.com dbar...@declude.com From: supp...@declude.com [mailto:supp...@declude.com] On Behalf Of Harry Vanderzand Sent: Monday, December 13, 2010 1:03 PM To: declude.junkmail@declude.com Subject: [Declude.JunkMail] porn spam How does one stop mail like this? lxdjjblq ldpzi http:/xxx.x.com http://iluzl3227.tripod.com zuk q jar zgmghx vxh jwrrfmtmfo eidzrz. lmsuqai drahmrff. uezng n sbqbxemgz ygcbfdd mirc wzgebwwco rwfb. so, bnr rfkiectjz. eokj, nq cojce. azauqpa, lm btbmrex uq. I see it coming through regularly yet cannot seem to stop it. I run the full declude suite along with sniffer and commtouch Any idea is very welcome Thank you Please note our new Address Harry Vanderzand Intown Internet 740 Erbsville Road Waterloo, On, N2J 3Z4 519-741-1222 DISCLAIMER: The information in this message is confidential and may be legally privileged. It is intended solely for the addressee. Access to this message by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying,or distribution of the message, or any action or omission taken by you in reliance on it, is prohibited and may be unlawful. Please immediately contact the sender if you have received this message in error. Thank you. --- [This E-mail was scanned by Declude] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned by Declude] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned by Declude] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.image001.pngimage002.png
Re: [Declude.JunkMail] porn spam
On 12/13/2010 1:02 PM, Harry Vanderzand wrote: How does one stop mail like this? lxdjjblq ldpzi http:/xxx.x.com zuk q jar zgmghx vxh jwrrfmtmfo eidzrz. lmsuqai drahmrff. uezng n sbqbxemgz ygcbfdd mirc wzgebwwco rwfb. so, bnr rfkiectjz. eokj, nq cojce. azauqpa, lm btbmrex uq. I see it coming through regularly yet cannot seem to stop it. I run the full declude suite along with sniffer and commtouch Please be sure to submit these to s...@armresearch.com or to your local spam collection box if you've set one up with ARM. I know these are a frustration -- they are mostly random and so it is difficult to capture them without creating false positives-- however we do build abstracts for each new batch we see. Best, _M -- Pete McNeil, President MicroNeil Research Corporation www.microneil.com 703.779.4909 x7010 ---[This E-mail was scanned by Declude] ---This E-mail came from the Declude.JunkMail mailing list. Tounsubscribe, just send an E-mail to imail...@declude.com, andtype "unsubscribe Declude.JunkMail". The archives can be foundat http://www.mail-archive.com.
Re: [Declude.JunkMail] sniffer question
On 12/13/2010 5:02 PM, Harry Vanderzand wrote: Is there any documentation on what I need to do. Sure, right here: http://www.armresearch.com/support/articles/software/snfServer/config/index.jsp http://www.armresearch.com/support/articles/software/snfServer/config/gbudbIgnoreList.jsp This also might be helpful http://www.armresearch.com/support/articles/installation/index.jsp There is a lot just going over my head. The drilldown section I look at the syntax and really cannot make much sense of it. More on this later*. What is the line of code I would put in? Two IPs for the mail server are 216.16.233.12 and 216.16.233.22 Well, since you have just these two it's best to put them in your ignore list. The format is one IP address per line. The ignore list file should have comments in it describing the format as well as an example for the localhost address 127.0.0.1. --- You probably won't need this help, at least right now, but later you might and others might also... * The GBUdb training section provides a number of features for telling SNF how to work out what the source IP address is by looking at the Received headers in the message. This is the most portable way of doing it (SNF runs on _MANY_ platforms). http://www.armresearch.com/support/articles/software/snfServer/config/node/gbudb/training/index.jsp If you have any questions then please contact us at our supp...@armresearch.com address. Please also let us know if we can improve our documentation. Thanks! _M -- Pete McNeil, President MicroNeil Research Corporation www.microneil.com 703.779.4909 x7010 ---[This E-mail was scanned by Declude] ---This E-mail came from the Declude.JunkMail mailing list. Tounsubscribe, just send an E-mail to imail...@declude.com, andtype "unsubscribe Declude.JunkMail". The archives can be foundat http://www.mail-archive.com.
