http://www.theregister.co.uk/content/6/34147.html
Charles Booher, 44, apparently snapped after his computer was deluged with
ads offering a larger p*n*s and, presumably not requiring a larger p*n*s at
that time, launched a terror campaign against the Canadian company he blamed
for the outrage.
Title: Re: [Declude.JunkMail] Declude does not see email
Scott,
This issue of Declude (1.76i and Imail
8.04)not seeing email has picked up tremendously in the past week or
so. We are starting to see this a lot in our own email as well as our
customers reporting it. It seems to be
Title: Re: [Declude.JunkMail] Declude does not see email
Keith I
am glad it is happening to you :)
at least
I know we are not alone..
Regards,
Kami
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Keith
JohnsonSent: Monday, November 24, 2003 8:42 AMTo:
[EMAIL
See the statement here: http://abuse.easynet.nl/proxies.html
Adrian
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type unsubscribe
Title: Re: [Declude.JunkMail] Declude does not see email
Keith:
Have you
checked the virus logs?
In our
case no record of the email is seen in JM or Virus logs.
It seems
like when IMail gets done with it simply forgets Declude and delivers the
email. So we are not scanning the email for
Title: Re: [Declude.JunkMail] Declude does not see email
Kami,
That is exactly what I am seeing, no record of
it. It scares me that email is getting through our system for our
customers, yet it is unscanned. We handle total of about 150K emails each
day across two servers and we are seeing
Hi,
With the demise of EasyNet (which was my most successful list), I'm
investigating replacements?
I have seen the following recommendations:
A) SORBS - SORBS will be including dynablock.easynet.nl by importing their
zone data
B) NJABL - has a nice DUL
C) http://psbl.surriel.com/
Any
Hi,
Looking at my Global.cfg:
FIVETENDUL ip4rblackholes.five-ten-sg.com 127.0.0.3 5
0
I noticed that it never seems to have any hits?
Scott:
General question - if I include a test in Global.cfg (used for weighting
only), but do NOT include it in a *.junkmail file, will it
Looking at my Global.cfg:
FIVETENDUL ip4rblackholes.five-ten-sg.com 127.0.0.3 5
0
I noticed that it never seems to have any hits?
It looks like FIVETENDUL is dead (the other FIVETEN* tests are alive and
well, though).
General question - if I include a test in Global.cfg
Hi,
These are probably the useful ones:
AHBLRELAYS ip4rdnsbl.ahbl.org 127.0.0.2 5
0
AHBLPROXIES ip4rdnsbl.ahbl.org 127.0.0.3 8
0
AHBLSOURCES ip4rdnsbl.ahbl.org 127.0.0.4 7
0
AHBLPSSLip4r
What would keep Deccon at 10-35% CPU for several minutes?
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an
What would keep Deccon at 10-35% CPU for several minutes?
Nothing that I can think of.
Is this happening often?
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers.
Declude Virus: Catches known viruses and is the
For about an hour until I disabled Hijack (renamed the cfg file) and closed
Deccon.exe. This is on a high volume (180K) server, but I had not noticed it
before. I am not sure if it was there before.
No recent Declude.GPx files. This is from the c:\declude.log file.
11/24/2003 06:46:14
Your whitelist entry should be using exemptions.ahbl.org instead of the
blacklist address of dnsbl.ahbl.org.
Bill
- Original Message -
From: Andy Schmidt [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, November 24, 2003 8:10 AM
Subject: RE: [Declude.JunkMail] AHBL Anyone?
Hi,
For about an hour until I disabled Hijack (renamed the cfg file) and closed
Deccon.exe. This is on a high volume (180K) server, but I had not noticed it
before. I am not sure if it was there before.
If you re-start Declude Hijack, does the problem occur again?
Is Declude Hijack stopping a lot of
What are the normal forwarded message indicators in the subject line?
Fwd:
Fd:
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.JunkMail mailing list. To
Greetings,
I feel like I've been making progress teaching myself a lot about the log
files, and the unix tools. I've created a batch file that will hopefully
count the total number of viruses, the total number of vulnerabilities, a
few spam tests, and finally the total number of messages. I'm
I am going to restart Hijack and have the log in Debug mode and see what
happens. It has been noted that at that time, the CPU was averaging 80% but
after stopping Hijack, the CPU settled back down to about 35%.
Once I have the log for a bit, I will send it off list.
John Tolmachoff
I haven't seen Fd:, but Fw: is very common.
Bill
- Original Message -
From: John Tolmachoff (Lists) [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, November 24, 2003 11:09 AM
Subject: [Declude.JunkMail] Forwarded messages
What are the normal forwarded message indicators in the
Upon restarting Hijack, CPU usage went back up. Log file being sent off
list.
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
-Original Message-
From: [EMAIL PROTECTED] [mailto:Declude.JunkMail-
[EMAIL PROTECTED] On Behalf Of John Tolmachoff (Lists)
Sent: Monday,
Upon restarting Hijack, CPU usage went back up. Log file being sent off
list.
That is strange. Declude Hijack should have little affect on the
deccon.exe process. Do you have a lot of E-mail that was held by Declude
Hijack?
-Scott
---
I have the held.vbs running every 10 minutes, and it has only be sending
notices occasionally about HOLD1.
Hijack is configured as such:
RELAYTHRESHOLD1 10 20
RELAYTHRESHOLD2 30 150
There are 3 C blocks of addresses allowed and 3 others per the client
request.
Should I try again
I have in one of my filter files the following line:
BODY 5 STARTSWITH
Yet, it is not catching the following:
Received: from kirjastot.fi [213.37.211.14] by mail.localdomain.moc
(SMTPD32-8.04) id A6AA5D600B4; Sun, 23 Nov 2003 14:12:42 -0500
Message-ID: [EMAIL PROTECTED]
From: Darlene A.
John,
Every one of the thousands that I've seen come through our servers start
with g and since I honestly don't remember ever seeing an html tag that
starts with g I started filtering on that.
BODY 5 STARTSWITH g
It's working for me.
Anyone else ?
Fritz
Frederick P. Squib, Jr.
Network
Someone reported a problem with some FP's on the Lite version of @LINKED
which was the result of an error on my part. It's a very good idea to
download a new copy of @LINKED if you are using the Lite version because
this will cause some problems with 10 ccTLD's or the occasional domain
name
I have had many FP with NJABL
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Andy Schmidt
Sent: Monday, November 24, 2003 5:38 PM
To: '[EMAIL PROTECTED]'
Subject: [Declude.JunkMail] EasyNet Replacements
Hi,
With the demise of EasyNet (which was my
The indicators in the subject line are as follows:
SUBJECT0CONTAINSfwd:
SUBJECT0CONTAINSfw:
There's a very strong indicator of a forwarded message in the body,
though some things like Web mail clients might not include it:
BODY0CONTAINSoriginal
I am having the winmail.dat problem and after searching the knowledge base,
found that it is due to RTF formated emails.
I have 2 questions:
1- Is this problem completely independent of Imail, and does it happens with
all mail servers ?
2- Outlook Express 6 cannot read RTF email ?
---
[This
I am having the winmail.dat problem and after searching the knowledge base,
found that it is due to RTF formated emails.
I have 2 questions:
1- Is this problem completely independent of Imail, and does it happens with
all mail servers ?
2- Outlook Express 6 cannot read RTF email ?
---
[This
Like Bill, I don't recall seeing Fd in legit E-mail.
That's what I thought. I have seen a few spam with a subject line that
starts with Fd:. I think I can safely filter on that with a small weight
like 5.
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
---
[This E-mail was scanned
30 matches
Mail list logo
