Hi,
Copy the D*.SMD and Q*.SMD files back to you IMail spool
directory. It will
be delivered on the next queue run.
As I suspected, this is only half the battle. Now the user has a two part
message and Outlook apparently doesn't know what to do with it.
That is strange. Either the
Hello,
I'm looking for a version of Spamassassin for Declude.
I found http://www.mailmage.com/download/software/freeutils/SPAMC32/, but
this directory is empty?!
Alex
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the
I don't see how you could do this for the information I want. I want
domain to from, size of email number of recipients.
To take into account all those things by also including lines from the
declude logs, your program would have to search out the Q names and
follow the trail as you would do
I'm looking for a version of Spamassassin for Declude. I found
http://www.mailmage.com/download/software/freeutils/SPAMC32/,but
this directory is empty?!
The URL is:
http://www.mailmage.com/products/software/freeutils/SPAMC32/download/release/
(Scott, could you please change this
The URL is:
http://www.mailmage.com/products/software/freeutils/SPAMC32/download/release/
(Scott, could you please change this on the add-ons page?)
It should be updated shortly. :)
-Scott
---
Declude JunkMail: The advanced anti-spam solution
Don't know how the message got split in the first place, but I combined the
two emails into one for normal delivery and send it to Brad off-list.
Darin.
- Original Message -
From: Bonno Bloksma [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, June 08, 2004 4:49 AM
Subject: Re:
Copy the D*.SMD and Q*.SMD files back to you IMail spool
directory. It will
be delivered on the next queue run.
As I suspected, this is only half the battle. Now the user has
a two part message and Outlook apparently doesn't know what to
do with it.
That is strange.
- Original Message -
From: Jonathan [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, June 07, 2004 12:33 PM
Subject: [Declude.JunkMail] Yahoo Bulk Mail
A bit OT, but I'm guessing you guys have dealt with this.
We have a very legitimate customer, that seems to have found their
Hi Jonathan-
I have a remote employee who had the same problem when he got a fixed IP
address from his access provider. Apparently, the address had been used by a
spammer. He could not get anyone at Yahoo to do anything about it. The only
solution was for him to get a different IP address.
-Dave
Thanks, but I doubt that's the issue.
They're on one of our IP blocks, and have had that IP for .. I dunno ..
several years. Surely somewhere in Yahoo! there's a department where you
can address these issues. I haven't been able to find out where, though.
Jonathan
At 11:21 AM 6/8/2004, you
Title: Message
This is from the SANS Handler's
diary at http://isc.sans.org
ARIN in-addr.arpaA
post on the NANOG list indicates that the American Registry for Internet Numbers
(ARIN, www.arin.net) is not providing reverse-lookup forwarding for any networks
in the range 206.46.0.0 -
Does TESTSFAILED END CONTIANS work in an ipfile?
No, that is a line that goes in filter files.
However, you could use that line in a filter file that acts the same as an
ipfile (IP 0 IS 192.0.2.25).
-Scott
---
Declude JunkMail: The advanced
Cool, can you specify CIDR ranges like IP 0 IS x.x.x.x/x?
Rick Davidson
National Systems Manager
North American Title Group
440-953-9346 - Office
440-953-0925 - Fax
440-487-7344 - Mobile
[EMAIL PROTECTED]
-
- Original Message -
From: R. Scott Perry [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
I have a client that is having issues changing the SMTP greeting from their
internal domain to using their official registered domain name.
Could someone point me in the right direction to help them fix the issue.
I have searched the archives with no success.
Kevin Bilbee
---
[This E-mail was
Cool, can you specify CIDR ranges like IP 0 IS x.x.x.x/x?
That won't work (since the IP is never x.x.x.x/x), but you can use:
REMOTEIP0 CIDRx.x.x.x/x
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail
Rick,
Look at the release notes linked to at the bottom of the manual. I
believe that CIDR values in filters were introduced in the 1.79 beta
and it is described in the release notes.
Matt
Rick Davidson wrote:
Cool, can you specify CIDR ranges like IP 0 IS x.x.x.x/x?
Rick Davidson
-Matt,
I've converted my -DYNA tests to -LAST and have observed an unexpected result.
Before the -DYNA tests totals would usually be a few less than the -ALL test.
Now the -LAST test totals are usually a few more than the -ALL tests.
I can account some of these for having my domain name used as
Hi;
The site is live..
a definite phishing attempt.
http://200.97.91.210/citi/"Activate
Regards,
Kami
===
Received: from
82-33-98-143.cable.ubr10.azte.blueyonder.co.uk [82.33.98.143] by
foroosh.com (SMTPD32-8.11) id A0842A350272; Tue, 08 Jun 2004 14:08:04
Here are some notes for filtering that I have compiled:
Data Types to Search:
ALLRECIPS searches the recipients of the e-mail message. It was broken in the earlier
1.79 versions and was fixed with 1.79i7.
ALLRECIPS with IS test:
It needs to be [EMAIL PROTECTED], [EMAIL PROTECTED] (where the
Hi;
Sorry the last one
I sent apparently does not go to the URL.
Here is the
URL:
http://200.97.91.210/citi/
Regards,
Kami
Kevin,
The setting is on one of the advanced pages of the MS SMTP properties,
Delivery Advanced Fully-qualified domain name.
One thing that I have found with Windows 2003 however is that it seems
to use the server's default IP to send the E-mail from, at least when
you are using it for a
Scott,
That's odd and it points to a problem somewhere. The ALL tests should
hit every LAST hit and then some extra. I generally see about 1% to 2%
more for the ALL tests across the board (not percentage points, but a
percentage difference). Here are some examples from yesterday's stats:
This looks interesting:
http://www.nucleusresearch.com/research/e50.pdf
Average annual cost of spam per employee in a Fortune 500 Company: almost
$2,000
Enterprise-wide spam filter effectiveness: only 20%
DecludeJM alone with half its tests disabled does better than that...
-Dave Doherty
We've had this one in Sniffer for a while.
They were originally going after Sun Trust:
Rule ID - 99546
Created - 2004-03-22
From Source - http://200.97.91.
Rule Type - Numbered Link
Origin - Spam Trap
Original Rule Name - suntrust phishing
Current Strength - 2.68760205
_M
On Tuesday, June 8,
One thing that I have found with Windows 2003 however is that it
seems to use the server's default IP to send the E-mail from...
I believe this is the case with Windows 2000 SMTP as well.
--Sandy
Sanford Whiteman, Chief Technologist
Broadleaf
Scott Fisher wrote:
Here are some notes for filtering that I have compiled:
Data Types to Search:
ALLRECIPS searches the recipients of the e-mail message. It was broken in the earlier
1.79 versions and was fixed with 1.79i7.
We are running 1.78 (need to do our upgrade soon it looks
Hi Scott:
I'm still trying to come up with an easy to implement way to give us more
control over conflicting final actions. Specifically, I have several
tests set to HOLD or DELETE (in fact, the vast majority of incoming
mail) - however, a small number of them escaped detection by Sniffer or
Great... I just went there and it is down.
It was up when I sent the email.. So it is good to see it removed.
Kami
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Goran Jovanovic
Sent: Tuesday, June 08, 2004 5:27 PM
To: [EMAIL PROTECTED]
Subject: RE:
I inherited our Declude antispam (still learning about it).
I've been working with someone that knows a lot more about it than I do.
He's looked at my files and said that our process should be working like his
(but it's not). He suggested that maybe we need to upgrade our Declude
product.
Anyone
Therefore, how about we allow a filter command to selectively reset pending
action, e.g.:
RESETACTIONDELETE
RESETACTIONHOLD
The problem here is that Declude JunkMail doesn't determine the actions
until after the tests are run, and the recipient information is looked
at.
Scott,
Send me your log off-list and I'll parse it with DLAnalyzer so that we
are both seeing data generated from the same app. Seems like a logical
place to start.
Matt
Scott Fisher wrote:
Stats:
AHBL-PROXIES-ALL901
AHBL-PROXIES-LAST 908 last higher
Anyone know how I can find out what version of Declude we're running?
Any suggestions as to what we should be running? -Please include
information to contact Declude as well
Run declude -diag in a command window. Declude.exe should be in the Declude
sub-directory off of your main Imail
Anyone know how I can find out what version of Declude we're running?
You can type \IMail\Declude -diag from a command prompt to find out.
Any suggestions as to what we should be running?
We normally recommend the latest version (either 1.75 (the latest released
version) or 1.80 (the latest
I'm in communication with the Sniffer folks and there is interest in
receiving pure Spam, even if other Blacklists may already detect is. In
fact, they set up a special collection point - but now I can't deliver.
Yes, I am ALSO submitting low-weight SPAM after reviewing it manually.
Best
from a dos prompt run
declude -diag from the imail folder.
This will list your declude versions.
I'm running the latest alpha release 1.79i7.
You probably need to update your global.cfg with more current spam databases.
I'm deleting 80% of my messages with very very few false positives.
Scott
Scott,
Although I don't have this specific need, I could see use from it at
some point in time as if you want to place an E-mail in an account
somewhere, you can't HOLD or DELETE it.
Maybe one solution would be to set up an action that for instance would
ROUTETO NULL, so that you could use
You know if you talk about version 1.80, we'll want to download it...
Anything noteworthy in 1.80?
[EMAIL PROTECTED] 6/ 8 5:26p
Anyone know how I can find out what version of Declude we're running?
You can type \IMail\Declude -diag from a command prompt to find out.
Any suggestions as to
lets see what happens with today's results.
If you want the log it'll be big (150-200 MB), I log at high.
[EMAIL PROTECTED] 6/ 8 5:21p
Scott,
Send me your log off-list and I'll parse it with DLAnalyzer so that we
are both seeing data generated from the same app. Seems like a logical
38 matches
Mail list logo
