BADHEADERS catches almost all of our web generated email using ASPQMail and
ASPMail. Both BADHEADERS and SPAMHEADERS catches stat reports mailed out by
MediaHouse stats server.
I used MAILFROM for a while but had a number of problems with it but I've
forgotten what now and turned it off. I think it was also with program
generated messages.
Can you have multiple WHITELIST IP (FROM, TO) using one entry per line?
Terry
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of R. Scott Perry
Sent: Thursday, May 10, 2001 9:32 AM
To: [EMAIL PROTECTED]
Subject: RE: [Declude.JunkMail] pleasure vs. pain
>After much experimentation I am getting best results with:
>RBL, DUL, OSRELAY, OSDUL, and SPAMHEADERS.
>I ignore everything else.
FYI, the BADHEADERS test is stricter than the SPAMHEADERS test. They work
on a similar concept -- looking for problems with headers that are common
in spam but not common in legitimate mail. However, the BADHEADERS test
only catches problems that violate the RFCs, whereas the SPAMHEADERS test
catches problem headers that are legal but not common in legitimate
mail. The main issue with the SPAMHEADERS test is that there a some poorly
designed ASP components that sent mail without a Message-ID: header, which
triggers the SPAMHEADERS test. I haven't heard of any E-mail clients that
do not include a Message-ID: header, yet lots of spamware doesn't include
that header.
MAILFROM is another test that may be worth using. It tests to make sure
that the E-mail comes from a valid domain. For example, if someone sends
you mail from "getrich@$$$success$$$.com", that will get caught. It
shouldn't have any false positives, unless someone enters an invalid domain
as their return address.
>In additon I have a "known exception" list that is based rather simply on
>from and to addresses. When the program refreshes it checks the spam
folder
>list with the known exception list and moves any matches back to the queue
>automatically.
FYI, v1.20 now has a "WHITELIST" option that can do this for you. The best
way to use it is based on IP address. If you are getting legitimate mail
caught from 10.10.10.10, you can add a line to \IMail\Declude\global.cfg
that says "WHITELIST IP 10.10.10.10". Any mail coming from that
IP address will automatically pass all the spam tests. You can also check
for the return address ("WHITELIST FROM [EMAIL PROTECTED]" or
"WHITELIST FROM @some_domain.com"), or text anything in the body
("WHITELIST ANYWHERE pw:secret").
-Scott
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.JunkMail". You can E-mail
[EMAIL PROTECTED] for assistance. You can visit our web
site at http://www.declude.com .
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.JunkMail". You can E-mail
[EMAIL PROTECTED] for assistance. You can visit our web
site at http://www.declude.com .
