Following to the manual there is one action to add a line to the message
header: WARN
The HEADER-Action does not add it to the message header but to the head of
the body.
But the WARN-Action is limited as it does add a fixed line
X-RBL-Warning: (description)
What if I want to add a custom
Hi Everyone,
This isn't a Declude question but with all of the expertise here I knew
someone could help. Please forgive the off-topic message.
I'm receiving a bunch of deliver failures today for Yahoo. The message is:
Failed Recipient: [EMAIL PROTECTED]
Reason: Remote host said: 451 Message
Markus, I believe that the XINHEADER and XOUTHEADER directives in the
global.cfg are what you're looking for.
They can be used to create an arbitrary header and populate it with any
exposed Declude variables, e.g.:
#XINHEADER X-Note: This E-mail was sent from %REVDNS%
([%REMOTEIP%]).
Oops, sorry, I jumped the gun and gave the wrong answer.
What I meant to say was that the %TESTSFAILED% variable could be used
with either XINTHEADER/XOUTHEADER and the client would have to parse the
whole line for, say, a traditional WEIGHT20 entry.
If there's a way to create an arbitrary entry
Hey Dave,
This has been an ongoing issue for the past month or so. It's been discussed
in the Imail newsgroup for weeks. The short of it is that there are issues
with Yahoo's mail servers that are causing these intermittent delivery
problems. Yahoo claims that it's due to an increase in spam
Hi,
Where did you get the declude log reader from?
Kindest Regards
Craig Edmonds
123 Marbella Internet
W: www.123marbella.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of IS -
Systems Eng. (Karl Drugge)
Sent: Thursday, November 02, 2006 7:13 PM
Just throwing this out there. I had heard that Yahoo.com was using
greylisting on all email that did not support domain keys. Don't now if it
is true, perhaps a rumor may be worth checking out.
David B
www.declude.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Oh look.
Number 1 on google for domain keys.
http://antispam.yahoo.com/domainkeys
Kindest Regards
Craig Edmonds
123 Marbella Internet
W: www.123marbella.com
E : [EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David
Barker
Sent:
This too was discussed in the Imail forum. Someone actually did some testing
with the domain keys. The greylisting is not totally valid as emails were
passed with and without the keys. It seems to be a random issue in the sense
that there doesn't seem to be any particular pattern to the failed
Wrote it myself !
Kind a 'swiss army knife' for the logs.. Summary report for rules, and
the old What happened to Aunt Martha's email she sent me from Tibet.
Typical stuff in the daily life of a Declude admin.
It doesn't do everything some of the others do, but more than enough for
me and my
Care to share?
Troy D. Hilton
Serveon, Inc.
302-529-8640
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of IS -
Systems Eng. (Karl Drugge)
Sent: Thursday, November 02, 2006 3:35 PM
To: declude.junkmail@declude.com
Subject: RE:
Has anyone else using SmarterMail and Declude 4.3.7 experienced orphaned
.hdr files in spool\proc\work? I have noticed that these have been
occurring for a while and really didn't want to have to deal with the
issue. However, we have customers reporting that messages are going
missing. I can
In follow up to my own email, I can definitively confirm that these left
over .hdr files are messages that Declude is barfing on. I searched all
of them and found the .hdr that corresponds to the missing message:
1822213885697.HDR
---
[EMAIL PROTECTED]
[EMAIL PROTECTED]
auth:
I seem them from time to time too - never been able to figure out what's
going on with them.
John
Has anyone else using SmarterMail and Declude 4.3.7
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type
Yahoo has been having issues since October 16th. This is almost
definitely due to the new brute force zombie spammer. My own connection
traffic doubled in the space of two weeks, and almost all of that was
zombie spam and backscatter to forged addresses. Yahoo probably didn't
have the
Hi all --
What is the current best practice for handling backup MXs? It appears to
have gotten harder since the bots seem to target the lower priority MXs.
It seems that the lower priority MX accepts the mail, and then passes it
along to us, but since there isn't the same filtering going on
This is why the IPBYPASS is a very good feature. Skip your backup MX and
process the headers starting at the IP that connected to your backup MX.
Darrell
Check out http://www.invariantsystems.com for utilities for Declude
Hi Everyone -
We are getting completely hammered by spam and I'm about at my wits end. A
few weeks ago I added a 30-day trial of Message Sniffer and it doesn't seem
to be doing any good. Today, I upgraded to the newest version of Declude.
I think everything went ok. After reading through the
Hi Todd,
Note that the rulebase for the trial of Sniffer lags behind the latest
definitions by a few days. That makes a huge difference in the capture rate
when spam campaigns change as frequently as they have been doing lately. An
up-to-date Sniffer rulebase generally captures 90-95% on our
Yep. For us a 50% jump occurred July 16th, but I've heard others say June
through October. Other than that it's just a steady growth of ~1% a month.
Darin.
- Original Message -
From: IS - Systems Eng. (Karl Drugge) [EMAIL PROTECTED]
To: declude.junkmail@declude.com
Sent: Thursday,
Thank you all who replied to my inquiry about the Yahoo deliver problems!
Good to know I'm not on a blacklist. This was the first we've encountered
problems with yahoo so we must have just hit it at a time they were having
problems.
Thanks again,
Dave
---
This E-mail came from the
It seems like you're detecting things OK, but not taking action on the
results.
Make sure you have directives like
WEIGHT14MAILBOX SPAM
WEIGHT20DELETE
in your default.junkmail file
- Original Message -
From: Todd Richards [EMAIL PROTECTED]
To:
Hi Rob-
In addition to IPBYPASS, make sure your gateway knows what addresses are
acceptable to the mail server so unacceptable addresses can be dealt with at
the gateway. That will keep dictionary attacks from getting to the server
via the gateway. In fact, this technique is so effective at
Thanks Dave. Actually, I do, but with settings of weight20 send to spam
mailbox. I was worried about too many false positives. I wondered if it's
possible to set another one higher to do the deleting, as I'm seeing a lot
of stuff at 40 or more.
As an update, I found that I had a discrepancy in
Definitely. We scaled our weights to hold at 100 and delete at 250.
Scaling hold to 100 made it easy to think of percentage of hold weight when
assigning individual test weights, and also gives a good bit of granularity
for tweaking.
You just want to make sure you set delete high enough that
I wondered if it's
possible to set another one higher to do the deleting, as I'm seeing a lot
of stuff at 40 or more.
Absolutely. Several action directives can coexist peacefully in your
$default$.junkmail file, like this:
WEIGHT10 SUBJECT [%WEIGHT%]
WEIGHT20 MAILBOX SPAM
WEIGHT30 DELETE
Hey guys, I know this isn't an Imail list, but i really need some help. I'm
running Imail 2006.1 on Windows 2003 server SP1. I can log into my WebAdmin
interface with no problem, but if i try to manage my Imail services, i get a
page can't be displayed. I can click on anything else in the
Hi,
I don't have a solution - just a pointer. When I go to that particular
screen, I get an NTFS logon screen. Apparently you don't get prompted - I
wonder why?
Do you have auditing turned for object access and against your folders in
Windows Explorer? Then the security log might show if there
Yes the can coexist but be sure to use weightrange to instead of weight.
SPAM-LOWweightrange x x 8 13
SPAM-MEDweightrange x x 14 24
SPAM-HIGH weight x x 25 0
SPAM-LOWSUBJECT
Accessing the services page requires authentication to the OS since specific
credentials are required to start/stop services.
If you have tweaked the IIS security for the IAdmin page, this may be what
is happening.
John T
eServices For You
Life is a succession of lessons which must be lived to
Thanks so much for your reply, Andy. I do get prompted with the NTFS logon
screen. I forgot to mention that. When i put in my user name and password,
it gives me the page can't be displayed and then i can't get back to where
it prompts me again..
How do i turn on auditing for object access and
If the authentication pop-up doesn't appear, that would mean that you
only have anonymous access checked on the site or virtual directory in
IIS. Going in and adding something like Basic Auth should generate the
pop-up. I seem to recall having to make this adjustment on a server
that I set
Matt, i did what you said.. i now have anonomyus and basic auth checked. I'm
getting a little closer because now i get this error instead of a page
can't be displayed:
SWbemLocator error '80041003'
Access denied
/IAdmin/IMail/services/ServicesAdmin.asp, line 61
Any ideas?
If you have any
Hi Linda,
To turn on auditing (which I never understand, why it's not turned on by
default in Windows) - MS gives you quite a run-around:
- Windows Explorer - go to the root directories of each disk, properties,
security, Advanced, Auditing, add the Everyone user and mark the failed
checkmarks
Hm,
If you DO see the NTFS screen and are logging in with a valid NT
administrator account, then maybe we need to know more about the page can't
be displayed message. Maybe post a screenshot so that we can see the URL
and the full text of the message and whether there are any HTTP status codes
Linda,
I'm pretty sure that the access is limited to only Administrator group
accounts, so make sure that you login with that. There is a KB article
about this exact error also:
http://support.ipswitch.com/kb/IM-20051206-DM05.htm
Just in case you run into other issues with permissions, you
Andy, how do i let it propagate to all folders? I'm sorry guys, i'm used to
Linux when it comes to permissions.
Also, you said... Local Policies, Audit Policies and turn
on all failures. (I personally also audit successful account management and
audit policy changes).
Where is Local Policies and
Hi,
As a matter of fact he doesn't have to use
weightrange in this case. I use:
SPAMSUBJECTweightxx120SPAMHOLDweightrangexx2024SPAMDELETEweightxx250
SPAMSUBJECTSUBJECT [SPAM:
%WEIGHT%]SPAMHOLDHOLDSPAMDELETEDELETE
As the delete action overrules the holdaction the
weightrange is not really
To turn on auditing (which I never understand, why it's not turned on by
default in Windows) - MS gives you quite a run-around:
First, in the NT 4.0 days, auditing could easily use up resources and create
a huge security log file depending upon the configuration of the security
log file.
39 matches
Mail list logo