With the latest version of Declude and Imail 8.x you can add the following
line
WHITELIST AUTH
It will automatically whitlelist all authenticated users.
It does not function with previous versions of Imail.
Kevin Bilbee
-Original Message-
From: [EMAIL PROTECTED]
You can also use IPBYPASS in the Global.cfg. If I am correct, DNS tests are
not run against those IP addresses.
John Tolmachoff MCSE CSSA
Engineer/Consultant
eServices For You
www.eservicesforyou.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:Declude.JunkMail-
[EMAIL
My Global.cfg contains:
BYPASSWHITELIST bypasswhitelisting 20 1 0 0
BYPASSMULTIRECP bypasswhitelisting 15 4 0 0
If you change those to:
BYPASSWHITELIST bypasswhitelist 20 1 0 0
BYPASSMULTIRECP bypasswhitelist 15 4 0 0
it should fix it. It seems that the test type is bypasswhitelist, not
I know it is not coming from Microsoft. I know it is a virus. What I
don't understand is why Declude is not catching it? Or how to stop it
if the system is not recognizing it as a virus or spam.
How did you stop it?
Thanks
Samantha
-Original Message-
From: John Tolmachoff (Lists)
Samantha:
Our experience shows that the ones that are delivered are not infected.
It appears that the server that the email is sent through has detected the
virus and has cleaned the attachment and then sent the email.
We have received many emails stating that the email was detected with a
Thanks Kami.
None of the one getting through here have the virus attached either.
(clapping)
I will block on content too...
Thanks again for the reply.
Samantha
-Original Message-
From: Kami Razvan [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 09, 2003 8:34 AM
To: [EMAIL
Hi Kami,
I have looked at it and probably overlooked it. I want to filter centain
messages like the a virus has been removed, see the attached info for more
information with a VirusWarning.txt attachment about which virus was
detected in which file etc.
I want a filter server wide, or at least
Reply to: Adrian Hauri
Re: [Declude.JunkMail] Spam assassin .exe as external filter on Wednesday
7:46:06 PM
I would also like to see how this would work. It is free and looks
like it has a big following: http://spamassassin.taint.org/index.html
--
Roger Heath
[EMAIL PROTECTED]
Uh - then the Version Announcement (back in September) and your online
Declude Release Notes are both in error:
Release Notes:
JM ADD Adds a bypasswhitelisting test type that can be used in rare cases
when whitelist bypassing is necessary.
Your Version Announcement:
From: R. Scott Perry
interesting, I was using bypasswhitelisting too, I just changed it to
bypasswhitelist
I found no errors in the logs, lets see if it works now.
Sincerely,
William J. Baumbach II [EMAIL PROTECTED]
9975 Pennsylvania Ave. Manassas, Va. 20110-2028
Ph: 703-367-7900 ext:1708 Fax: 703-691-0946
does anyone else see this error in their log files
ERROR: SOMEONE CRUMBLED MY MAGIC COOKIE
I have been getting this error for many months, even though everything seems
to be working OK
Sincerely,
William J. Baumbach II [EMAIL PROTECTED]
9975 Pennsylvania Ave. Manassas, Va. 20110-2028
Ph:
Todd Holt wrote:
I have a customer that has 2 computers behind a d-link router
implementing NAT. One computer works fine and can goto www.google.com
just fine. The other computer, however, cannot.
This can be caused by a virus modifying the HOSTS file, and adding an
entry for google, etc.
This was take directly off the header of emails I receive from AOL notifying
me that someone from one of my subnets was reported sending un-wanted email.
Fred
- Original Message -
From: Joshua Levitsky [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, October 08, 2003 11:36 PM
does anyone else see this error in their log files
ERROR: SOMEONE CRUMBLED MY MAGIC COOKIE
I have been getting this error for many months, even though everything seems
to be working OK
If I recall correctly, that could happen with v1.65 under some odd
circumstances. If you upgrade to v1.75,
Well it DOES work - now I see it full of log entries that actually report
the action it takes.
Best Regards
Andy Schmidt
HM Systems Software, Inc.
600 East Crescent Avenue, Suite 203
Upper Saddle River, NJ 07458-1846
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
Fred:
The ONLY header info you can trust is the one that your OWN mail server
inserted.
E.g., if your mail server inserted this first header:
Received: from scmp-m01.mail.aol.com [163.163.163.163] by
mail.fredsserver.com...
then you could trust the following:
- The connection
On Oct 9, 2003, at 9:58 AM, Frederick Samarelli wrote:
This was take directly off the header of emails I receive from AOL
notifying
me that someone from one of my subnets was reported sending un-wanted
email.
could you send me a copy of such an email that came from there (off
list) and I'll
Todd Holt wrote:
I have a customer that has 2 computers behind a d-link router
implementing NAT. One computer works fine and can goto www.google.com
just fine. The other computer, however, cannot.
This can be caused by a virus modifying the HOSTS file, and adding an
entry for google, etc.
Thank you to everyone that pointed me in the right direction. It was
the Trojan.QHosts virus. The McAfee removal instructions took care of
the problem.
Thanks again for everyone's help.
Todd Holt
Xidix Technologies, Inc
Las Vegas, NV USA
www.xidix.com
702.319.4349
-Original
For kicks, here's an actual bounce message I received from AOL as a result
of one of those forge-the-return-address spams, where the forged address is
in my domain:
(See the attachment for clarity) It came like this, with a small text
attachment explaining why it bounced, and a second that was
Attached is most of the email send from [EMAIL PROTECTED]
- Original Message -
From: Joshua Levitsky [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, October 09, 2003 11:44 AM
Subject: Re: [Declude.JunkMail] maybe its just one of AOL's servers???
On Oct 9, 2003, at 9:58 AM,
The body of the mail has your typical junk, but when you look at the headers
message source there are sentances in white font? So you don't see them in
the message, unless you highlight the text. VERY odd to me.
Ah, yes. It's a trick that web sites have been using for years, to get
more hits.
On Oct 9, 2003, at 1:28 PM, Colbeck, Andrew wrote:
(See the attachment for clarity) It came like this, with a small text
attachment explaining why it bounced, and a second that was the
headers of
the original message inbound to AOL, which showed the obviously forged
address in my domain.
And
Some interesting results based on the poll TuCows sent to
its resellers:
http://icann.org/correspondence/noss-to-twomey-03oct03.htm
After reading all of VeriSlimes response,
it proves how far out of touch they are with the majority of Internet users.
They are basing all of their data probably on their own AOL users, which by
definition are for the most part not Internet savvy.
John Tolmachoff MCSE CSSA
Does this work if the use has their mail client configured with a different
from and reply to address than that which they authenticate with?
John Tolmachoff MCSE CSSA
Engineer/Consultant
eServices For You
www.eservicesforyou.com
---
[This E-mail was scanned for viruses by Declude Virus
Does this work if the use has their mail client configured with a different
from and reply to address than that which they authenticate with?
It works any time that the user authenticates. If IMail allows the user to
authenticate with a different address than they are sending from, Declude
Thanks.
John Tolmachoff MCSE CSSA
Engineer/Consultant
eServices For You
www.eservicesforyou.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:Declude.JunkMail-
[EMAIL PROTECTED] On Behalf Of R. Scott Perry
Sent: Thursday, October 09, 2003 4:00 PM
To: [EMAIL PROTECTED]
Scott,
Does ALLOWADDR supports a partial match? Like ALLOWADDR @example.com?
Any chance that you could increase the 20 ALLOWADDR limit? I've already
20 and I'm going to need more. I've many customers that have valid
reasons to send mail to hundreds of destinations, churches, missioners,
etc.
Does Prodigy use yahoo.com mail servers?
If so, does any one know what would need to be added to spam domains?
John Tolmachoff MCSE CSSA
Engineer/Consultant
eServices For You
www.eservicesforyou.com
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This
Does anyone know how effective the Message Sniffer plug-in for Declude is?
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type
See
http://www.mail-archive.com/declude.junkmail%40declude.com/msg11972.html
Todd Holt
Xidix Technologies, Inc
Las Vegas, NV USA
www.xidix.com
702.319.4349
-Original Message-
From: [EMAIL PROTECTED] [mailto:Declude.JunkMail-
[EMAIL PROTECTED] On Behalf Of Wesley M
Sent: Thursday,
On Oct 9, 2003, at 1:50 PM, Frederick Samarelli wrote:
Attached is most of the email send from [EMAIL PROTECTED]
I'm confused. Reading your headers I see this X-Note: Sent from
Reverse DNS: adsl-65-42-205-4.afafld-ualmec.org ([65.42.205.4]). so
wasn't that mail from a DSL connection? Also
Does ALLOWADDR supports a partial match? Like ALLOWADDR @example.com?
No, it requires an exact match.
Any chance that you could increase the 20 ALLOWADDR limit? I've already
20 and I'm going to need more. I've many customers that have valid
reasons to send mail to hundreds of destinations,
I just signed up for the 30-day trial for Alligate (as a Declude
add-in). I'm stopping more spam but the volume is so great that I need
some outside help. Imail's anti-spam system is so full of holes I've
had to emasculate the thing. What was once a 25% effective rate (i.e.
whacks 25% of the
Fred wrote:
I have been using it for over a year.
How do you update it? Is it an automated process? How frequent are the
updates?
Their site says the system is updated several times a day and, in
another area, that updates are emailed. No specifics that I saw, but I
didn't scour the site,
The message was sent from a process AOL has to notify ip subnet owners when
someone complains about an email sent to an AOL user.
What you see is what I get all the time from AOL.
I can give you my AOL contact if you like.
Fred
- Original Message -
From: Joshua Levitsky [EMAIL
We use both. We're happy with both. If both say e-mail is spam, it's spam.
Sniffer is updated many times per day, the update is triggered via an
e-mail.
We use Declude's weighting, so Sniffer plus lots of different test failures
equals spam.
Alligate plus lots of different test failures equals
38 matches
Mail list logo
