RE: [Declude.JunkMail] HOLD plus COPYTO

2004-03-28 Thread Markus Gufler
TEST1 SUBJECT [Possible SPAM] TEST2 COPYTOC:\Imail\Spool\Spam\CopyHeldForReview Yes, that would work fine. The COPYTO action should work with all other actions. COPYTO or COPYFILE ? Looks like COPYFILE works fine. I've asked for a long time ago for this feature. So we can temporaly

RE: [Declude.JunkMail] HOLD plus COPYTO

2004-03-28 Thread R. Scott Perry
TEST1 SUBJECT [Possible SPAM] TEST2 COPYTOC:\Imail\Spool\Spam\CopyHeldForReview Yes, that would work fine. The COPYTO action should work with all other actions. COPYTO or COPYFILE ? Both COPYTO and COPYFILE should work fine with other actions. I've seen that COPYFILE messages doesn't

[Declude.JunkMail] FW: %RND_SUBJECTS (This worries me!)

2004-03-28 Thread marc catuogno
I just got this e-mail and I just feel like someone is targeting my domain for a spam campaign. When I hit view source, it only said test. Any suggestions on how to block this?? Im surprised that DUL or DYNA didnt catch this at all, looks like it came in though a dynamic Comcast IP not one

Re: [Declude.JunkMail] HOLD plus COPYTO

2004-03-28 Thread Matt
R. Scott Perry wrote: Would it be also possible to have a MOVEFILE action? This would be very usefull to move messages with very high final weights (eg 200% of hold weight) directly in the spam/hold folder instead of moving them manualy (in spamreview) our automaticaly with an external tool.

Re: [Declude.JunkMail] FW: %RND_SUBJECTS (This worries me!)

2004-03-28 Thread Matt
These guys seems to test new relays with live lists instead of a more scientific approach. Some of them also don't even both to check if the machine is actually relaying. I was confused when I first saw this myself. Matt marc catuogno wrote: I just got this e-mail and I just

Re: [Declude.JunkMail] FW: %RND_SUBJECTS (This worries me!)

2004-03-28 Thread Adrian Hauri
Our company blocks everything with reverse DNS entry from *.client.comcast.net, *.rr.com, *.du.shawcable.net, *.eastlink.ca, *.client.attbi.com, *client2.attbi.com, *cable.wanadoo.nl, *.de.comcast.net, *.md.comcast.net, *.tn.comcast.net, *.va.comcast.net, *.ipt.aol.com, *.east.verizon.net,

RE: [Declude.JunkMail] FW: %RND_SUBJECTS (This worries me!)

2004-03-28 Thread marc catuogno
This could work for me. I have Whitelist Auth on so my users coming in from RR and so on should get through. If I block these (or at least weight them heavily) I can get spam- and even new viruses - coming in through zombies, blocked or deleted. It may block a few hobbyists running smtp on their

Re: [Declude.JunkMail] FW: %RND_SUBJECTS (This worries me!)

2004-03-28 Thread Adrian Hauri
here is also a list of rbl's that we trust and directly bounce: (most of them are spam traps, open relay lists or filters by country so you should be safe) dul.dnsbl.sorbs.net, list.dsbl.org, xbl.spamhaus.org, sbl.spamhaus.org, KR.rbl.cluecentral.net,

RE: [Declude.JunkMail] FW: %RND_SUBJECTS (This worries me!)

2004-03-28 Thread marc catuogno
Much appreciated. Thanks -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Adrian Hauri Sent: Sunday, March 28, 2004 10:09 PM To: [EMAIL PROTECTED] Subject: Re: [Declude.JunkMail] FW: %RND_SUBJECTS (This worries me!) here is also a list of rbl's that we