Matt Bramble has reported a malicious message which can affect your Declude processing specifically if you have the AUTOREVIEW ON in your declude.cfg, we would suggest all SmarterMail/Declude setups follow these instructions:
The problem appears to be in the decoding of a bad subject. The problematic subject line is as follows: Subject:=?UTF-8?B?MQ==?==?UTF-8?B?MA==?==?UTF-8?B?MA==?==?UTF-8?B?JSBG?==?UT F-8?B?cmU=?==?UTF-8?B?ZSBw?==?UTF-8?B?cmk=?==?UTF-8?B?Yw==?==?UTF-8?B?ZSBx?= =?UTF-8?B?dW90?==?UTF-8?B?ZQ==?==?UTF-8?B?cyBv?==?UTF-8?B?biBob20=?==?UTF-8? B?ZSB3YXI=?==?UTF-8?B?cmFu?==?UTF-8?B?dHk=?==?UTF-8?B?LVI=?==?UTF-8?B?ZXNw?= =?UTF-8?B?b25k?==?UTF-8?B?IQ==?= To defend your server against this issue using SmarterMail SMTP Blocking: 1. Log in as sys admin SECURITY --> Advanced Settings --> SMTP Blocking --> New 2. Block Type --> EHLO Domain 3. Blocked Address e.cub.com 4. Description Malicious Spammer We will provide further updates as necessary. David Barker
