Hello all.
I was asked some time ago to add a domail to my kill list.. I added it. But
the customer is still recieving spam from this domail. They sent me the
headers (I have them listed below) and I see the domail in the headers. but
I never see where it failed the KillList.
I was asked some time ago to add a domail to my kill list.. I added it. But
the customer is still recieving spam from this domail. They sent me the
headers (I have them listed below) and I see the domail in the headers. but
I never see where it failed the KillList.
This is a common problem:
Sandy,
You're quite a capable person, and some of this stuff might be trivial
for you, or maybe you just like tinkering with such things...but, it's
overreaching to assume that this is the same for the vast majority of
users.
A long time ago when I was in high school and proud member of the
I have a few users on a domain who have a vacation in place. For those
users, I have a Per-User Declude config that uses the MailBox function
for the Weight20 test. Does the vacation message get triggered on the
actually Main inbox or also sub mailboxes? What I am noticing is that
when I check
It needs so fine tuning. I have been trying to get it all fine tuned,
I was thinking it was something to build on.
Robert Whitaker
The Modem Pool
517-789-5689
1-888-377-5689
Be sure to try the New Web Express Internet Accelerator from The Modem Pool
http://web-express.modempool.com
-
Wondering if Declude could read mailing list files for whitelisting
purposes? Right now I suspect this would not work...
For example the $default$.junkmail could have:
WHITELISTFILE C:\IMail\domain.com\lists\whitelist\users.lst
Then web access could be given to companies so they can manage
This is my interface. I am considering making a distribution package if
there is a demand. Take a look using the demo account:
Username: johnd
Password: password
Url:http://spamstats.wamusa.com/myspam.asp?page=rules
Please comment or send an e-mail directly to me.
Thanks,
Yes. My solution was to remove the vacation message option from the web
mail template menu. One of the few times I've done something like that
without polling customers. Vacation messages are eee-ville.
Matt Robertson [EMAIL PROTECTED]
MSB
Bennie, blocking spammers by their domain name only is a losing proposition.
You're already using SBL... I'd suggest that you also implement the SORBS
tests and the MAILPOLICE tests.
Checking my own spam, we also received mail from this spammer, but we caught
it without having to check for
Ah, but the Kill.lst is an envelope rejection. It saves many more
resources this way.
Jason
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Colbeck, Andrew
Sent: Tuesday, February 10, 2004 2:03 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [Declude.JunkMail]
similar to yours. How do you create the whitelist and
blacklist options for individual users? Do you put those
lines in the username.junkmail file, or simply reference it
in their .junkmail file? How do you feel about sharing some
of your code for that to kind of give me a head start?
I like this idea - where does it make the changes? Does it
create a username.junkfile for each user in the domain?
When the spam level or action is selected, it creates the user.junkfile
file.
Also, see my previous post for more information. I will send you more
info off list next week.
Ah, perhaps you have more time to spend on your antispam system than I do!
Andrew 8)
-Original Message-
From: Jason [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 10, 2004 12:14 PM
To: [EMAIL PROTECTED]
Subject: RE: [Declude.JunkMail] Kill List not working.
Ah, but the Kill.lst
Thanks for the help guys. Andrew.. I have the sorbs inplace but I see it
did not fail those.. what is the line for mailpolice?
Bennie
- Original Message -
From: Colbeck, Andrew [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, February 10, 2004 3:34 PM
Subject: RE:
No problem, Bennie. The MailPolice tests are RHSBL tests, which means that
they test the domain name instead of of the IP address of the sender:
# For information on these tests, see http://rhs.mailpolice.com/
MAILPOLICE-BULK rhsbl bulk.rhs.mailpolice.com 127.0.0.2 5 0
MAILPOLICE-PORN rhsbl
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Colbeck, Andrew
Sent: Tuesday, February 10, 2004 1:34 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [Declude.JunkMail] Kill List not working.
Ah, perhaps you have more time to spend on your antispam system
Title: Message
As of today I've got
something odd going on with our Declude Junkmail. Any assistance would be
great appreciated!
A great many emails
are failing HELOBOGUS and CATCHALLMAILS (which is commented out in my default
junkmail file).
Here is one example
header:
Received: from
As of today I've got something odd going on with our Declude
Junkmail. Any assistance would be great appreciated!
A great many emails are failing HELOBOGUS and CATCHALLMAILS (which is
commented out in my default junkmail file).
All E-mails fail CATCHALLMAILS. So that isn't an issue.
Here is
Our server is set up so that by default, spam filter is not enabled.
This is done by where the $default$.junkmail file set to IGNORE all
tests, and is followed by a REDIRECT email %path%\enabled.junkmail.
This enabled.junkmail is a basic config that WARNs if tests fail. And
if it fails our
However, had the proper cable been available, we would have been
greatly overly complicating matters.
Indeed, your proper cable already exists in the form of the
everything but recipient list in ORF, as I mentioned in my last
message. I think you should use it.
I guess
Okay, but why is CATCHALLMAILS even coming into play? I had it
commented out (always have). It has never shown up as a warning in the
headers before. Just started showing up.
If you don't want the CATCHALLMAILS test to run at all, you would need to
comment it out of the global.cfg file -- the
However, we are running into several cases where an email account is
getting the header warnings for tests that it fails, and getting forwarded
when it is not set up in a REDIRECT statement. I've also tried commenting
out all the tests, but these accouts are still being picked up.
The first
Sanford Whiteman wrote:
Jsut fine. Tens of thousands is a very, very different story. Again,
you seem to be missing the point in thinking these two situations
don't present different requirements. "Solely for the purpose of
scaleability" is one of the purest and most
Hi. I use Spam
Review to review held messages and usually it dispays the ISO encoded subjects
as it's ISO self and not as the interpreted text.
This is the DECLUDE
log entry for an email that triggered on these content
filters:
SUBJECT 2 CONTAINS
-
SUBJECT 2 CONTAINS
=
SUBJECT 2
My friend is one of the most capable programmers that you will find,
he's done a great deal of work in the last 5 years within
Microsoft's framework, and I don't expect for this to be a challenge
for him.
This is not at all a comment on his skills--many of us program for
Win32
Sandy,
I would prefer to pay $99 for a product that did what I wanted it to.
My issue is that I don't want to rely on AD or LDAP, though I would
consider a DNS implementation (with translation of addresses to valid
values, like [EMAIL PROTECTED] becomes
If VAMsoft builds this, please let me know. If I find that there is
no interest on the part of my friend in programming this, I may very
well think about going the LDAP route for lack of the proper
cable.
Did you fail to read (twice) the part of my posts about the accept
only for
Sanford Whiteman wrote:
Did you fail to read (twice) the part of my posts about the accept
only for these users option in ORF, which is loaded from a text file?
This has nothing to do with LDAP.
To be honest, yes, I don't think I saw that in your messages. Take it
from a fellow
To be honest, yes, I don't think I saw that in your messages. Take
it from a fellow rambler...you could condense things from time to
time...and maybe spend less time describing how I'm wrong or how
impossible a task might be :)
Maybe...
I saw a reference to an everybody but
Sanford Whiteman wrote:
It's simple and built-in functionality, not a tweak or anything like
that all. You simply enable the recipient blacklist button in the
everybody but these people mode (one of two modes). There's no need
to worry about processing order. All addresses are in
In terms of scale, I would expect
to see a server handle not much more than 500,000 messages in a full
Declude/IMail environment, and with an average of more than 10 pieces of
spam per address per day, a solution of this sort would need to
effectively resolve against 50,000 or so E-mail
Pete,
Everything that Sniffer does is after submission, so it really
wouldn't apply.
--Sandy
Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
e-mail: [EMAIL PROTECTED]
SpamAssassin plugs into
Sorry about that - I seem to have stepped into a bit of a tiff. I was
skimming and saw a Sniffer reference and jumped in - I shouldn't do that (I
should get more sleep). At any rate, the pattern matching engine can run at
any point... Sniffer as it is packaged now runs after submission, but the
Pete,
I try not to get too passionate about things around here, so I welcome
your contribution. You are correct though, after a couple of days of
discussion, the solution to this need does appear to exist.
I have a great appreciation for your skill, and your willingness to
share both insight
1) Envelope rejection (and all that comes with it).
Already extant, as previously discussed.
2) SMTP AUTH (so it can co-exist on the same server as IMail, and handle
hosted accounts with redundancy).
This is going to be very difficult relative to the other ideas, if you
continue to resist
35 matches
Mail list logo
