[Declude.JunkMail] Problems with SPAMCOP test in JunkMail standard

Mon, 14 Jan 2002 12:34:32 -0800 

Hi, I'm using the 1.31 Beta of JunkMail standard and having fairly good luck 
identifying spam with the WEIGHT tests.  I've been expecting to see some results from 
SPAMCOP as well, but have not seen a single positive from SPAMCOP in the logs over a 
period of three weeks or more, even where it seems clear that a positive should be 
expected.  For example, a message from opt25.edirectnetwork.net [209.213.220.197] 
triggers a positive at SPAMCOP using the spam database lookup at 
http://www.dnsstuff.com/.  But Declude did not catch this with the SPAMCOP test.  Is 
my configuration in error?  

Global.cfg (partial)
#TestName       Type    Server                  Returns         Fail    Okay
#--------       ---     -----                           -------         ----    ----
#RBL            ip4r    blackholes.mail-abuse.org       127.0.0.2       5       0
#DUL            ip4r    dialups.mail-abuse.org          127.0.0.3       5       0
#RSS            ip4r    relays.mail-abuse.org           127.0.0.2       5       0

BLACKLIST       fromfile C:\IMail\Declude\blacklist.txt
BLACKLISTIP     ipfile C:\IMail\Declude\blacklistip.txt

OSRELAY         ip4r    relays.osirusoft.com            127.0.0.2       6       0
OSDUL           ip4r    relays.osirusoft.com            127.0.0.3       5       0
OSSRC           ip4r    relays.osirusoft.com            127.0.0.4       7       0
OSSMART         ip4r    relays.osirusoft.com            127.0.0.5       5       0
OSSOFT          ip4r    relays.osirusoft.com            127.0.0.6       5       0
OSLIST          ip4r    relays.osirusoft.com            127.0.0.7       5       0
OSFORM          ip4r    relays.osirusoft.com            127.0.0.8       5       0

ORDB                    ip4r    relays.ordb.org                 *               5      
 0
SPAMCOP         ip4r    bl.spamcop.net                  127.0.0.2       8       0

*************************

$default$.junkmail (partial)
BLACKLIST       WARN    Blacklisted SPAM source 
BLACKLISTIP     WARN    Blacklisted SPAM source IP

OSRELAY         WARN    X-OSRELAY: %WARNING%
OSDUL           WARN
OSSRC           WARN
OSSMART         WARN
OSSOFT          WARN
OSLIST          WARN
OSFORM          WARN

ORDB            WARN
SPAMCOP         WARN    X-RBL-WARNING: Suspected SPAM per SPAMCOP. %WARNING%

*************************

Header of message received this morning:
Received: from opt25.edirectnetwork.net [209.213.220.197] by nova.whrc.org
  (SMTPD32-7.04) id A953806A0140; Mon, 14 Jan 2002 05:56:19 -0500
Received: (qmail 31230 invoked by uid 500); 14 Jan 2002 10:51:28 -0000
Date: 14 Jan 2002 10:51:28 -0000
Message-ID: <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
From: [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Subject: SPAM? [See Headers] GUARANTEED* CREDIT CARD
Mime-Version: 1.0
Content-Type: text/html; charset="us-ascii"
X-RBL-Warning: [1] Edirect, see http://spews.org/ask.cgi?S483
X-RBL-Warning: This E-mail was sent from a mail server [No Reverse DNS] with no 
reverse DNS entry.
X-Declude-Spoolname: Db953140.SMD
X-Note: This E-mail was scanned by Declude JunkMail (www.declude.com) for spam.
<!--

*************************

Declude log file
01/14/2002 05:56:21 Qb953140 OSSRC:7 REVDNS:4 .  Total weight = 11
01/14/2002 05:56:26 Qb953140 Msg failed OSSRC ([1] Edirect, see 
http://spews.org/ask.cgi?S483).
01/14/2002 05:56:26 Qb953140 Msg failed REVDNS (This E-mail was sent from a mail 
server [No Reverse DNS] with no reverse DNS entry.).
01/14/2002 05:56:26 Qb953140 Msg failed WEIGHT10 (Weight of 11 exceeds the limit of 
10.).
01/14/2002 05:56:26 Qb953140 Msg failed WEIGHT8 (Weight of 11 exceeds the limit of 
8.).
01/14/2002 05:56:26 Qb953140 Subject: GUARANTEED* CREDIT CARD
01/14/2002 05:56:26 Qb953140 From: [EMAIL PROTECTED] To: 
[EMAIL PROTECTED] 

*************************

Thanks,

Michael

--
Michael Ernst
Computer Systems Administrator
The Woods Hole Research Center
http://www.whrc.org
N�f����Ƨ��_�������y�nu�b��!���
0u�%�ל�d��&j)\jg�������r[�x���Ƣ�f��)��+-N�����r��z;��ǧu�ę�����j)l��^r[�y�&jwmʗ��˛���m��r[�x���Ƣ��.q�ę�����Ή�u�%�ל�g譫,��Z�ǘ�������.���+^j�m����
y�nu�(

Reply via email to