I do store all of my user databases in SQL, but it doesn't really matter, the CF side never see's the username/password. It's just a little trick I did to verify the identity of the user.
My whitelist/blacklists are so very simple... I'm actually not using declude's whitelists/blacklists... Those work via IMAIL's rules.ima Any "approved" senders first. [rules.ima] F~[EMAIL PROTECTED]:MAIN ( sends any mail from approved-sender to main mailbox, stop's processing rules on that message ) Then any black lists F~[EMAIL PROTECTED]:NUL ( just deletes mail without any trace ) Then my weight-rule based on what level the client chose (header check) H~X-SpamLevel-Low:SPAM And of course in $default$.junkmail LOW WARN X-SpamLevel-Low: This message triggered the "low" spam test MEDIUM WARN X-SpamLevel-Medium: This message triggered the "medium" spam test HIGH WARN X-SpamLevel-High: This message triggered the "high" spam test And [global.cfg] HIGH weightrange x x 1 15 MEDIUM weightrange x x 16 25 LOW weight x x 26 0 I am actually finishing up a revision that gives my users a way of "syncronizing" their approved senders lists to their IMAIL address book, and lets them upload/download their IMAIL address book so they can syncronize it with Outlook Express. When I first started this concept I posted my source to the list, but have not updated that source in quite some time. Some of the source is specific to my system (because of the billing system integaration), but most of what you need is contained within just a couple of .cfm's. I will send you them off list this afternoon. -Tom -----Original Message----- From: Cxan [mailto:[EMAIL PROTECTED]] Sent: Sunday, December 01, 2002 9:49 PM To: [EMAIL PROTECTED] Subject: Re: [Declude.JunkMail] Imail Web Based Interface Tom, This is exactly what I am talking about. I noticed that you used Cold Fusion and that is what our developers use. The idea that I have is extremely close to what you have done. I will search the archive to find your documentation. For the approved and black list did you use a table SQL database. I am assuming that you are not saving your Imail user database in the registry. The reason I ask is I am leaving our Imail user database just as it is (the default) but yet we created a SQL table for whitelist/blacklist information. It is very much a table that holds the rules for per domain or per user email address. This way the users can very much populate this database using interfaces very similar and almost identical to your interface. In addition I wrote a external program in Visual Basic that is call by Declude. queries this table for each incoming email and makes decision and contributes to Decludes weighting system based on the rules stated in the database . That is mainly why I love the design and ideas behind Declude. I was wondering if it is possible to get a copy of your .cfm files and modify them? Best Regards, Mishi ----- Original Message ----- From: "Tom Baker | Netsmith Inc" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, December 01, 2002 10:23 PM Subject: RE: [Declude.JunkMail] Imail Web Based Interface > The session string can be helpful for kicking a user between "iwebmsg" > and your own web server with only a single authentication point. I > have already > accomplished this with my system, and have integrated my online > billing / spam filters with the web templates. > > You can see an example of what I'm talking about at > http://mail.bsc.net/ Email= [EMAIL PROTECTED] > Pass = declude > > Notice whenever your URL begins with "http://mail.xxxx"; you are in > IMAIL's Web messeging server, but whenever your URL begins with "http://signup.xxxx"; > you have followed a link which kicked you to my other web server, and > verified your login information from IMAIL. (preventing you from > having to login twice). ( for a specific example, click the spam > filters button ) > > Search the mail archives at > http://www.mail-archive.com/declude.junkmail%40declude.com/ to find my older > post which explains how I accomplish this, or ask if you are curious. > > I think this might be along the lines of what you are asking. > > -Tom > > -----Original Message----- > From: Cxan [mailto:[EMAIL PROTECTED]] > Sent: Sunday, December 01, 2002 4:35 PM > To: [EMAIL PROTECTED] > Subject: Re: [Declude.JunkMail] Imail Web Based Interface > > > Terry, > > You have been a great help today. I think the links that > you sent me would be a good start. > > Many Thanks > > Mishi > > ----- Original Message ----- > From: "Smart Business Lists" <[EMAIL PROTECTED]> > To: "Cxan" <[EMAIL PROTECTED]> > Sent: Sunday, December 01, 2002 5:28 PM > Subject: Re: [Declude.JunkMail] Imail Web Based Interface > > > > Mishi > > > > Sunday, December 1, 2002 you wrote: > > > The link that you sent me did not explain what I am asking for. > > > Let me explain my question a bit more: Suppose there is a virtual > > > domain called abcvirtual.com on a server called xyzserver.com. > > > When a user logs in to the server using Imail port 8383 then Imail > > > creates a bunch of security character strings like : > > > > http://xyzserver.com:8383/Xade9939bcc9fcf9aee8571e9/menu.63104.cgi?mbx=Main > > > What I am trying to figure out is what holds/creates the string : > > > Xade9939bcc9fcf9aee8571e9 > > > > Oh, I did misunderstand. I do not believe that the session id is > > well known. It is certainly not documented in so far as I know and > > I've never seen a hack described. There have been vulnerabilities > > described to acquire someone's session id but all I know presuppose > > the existence of the id. Since the IMAIL password has been hacked > > and described I suspect the session id has not been or it would also > > be described somewhere. > > > > Therefore, I suspect your most promising path of exploration is to > > attempt to modify the templates after the session is created. See > > these links for aid on customizing web messaging templates and the > > special tags you can use: > > > > http://support.ipswitch.com/kb/IM-20000615-DM01.htm > > http://support.ipswitch.com/kb/IM-20010928-DM01.htm > > > > > http://www.ipswitch.com/support/IMail/guide/imailug7.1/Appendix%20H%20cal_te > mplates5.html > > > > I know this is not answering your question but maybe it will help. > > > > > > Terry Fritts > > > > --- > > [This E-mail was scanned for viruses by Declude Virus > (http://www.declude.com)] > > > > --- > > This E-mail came from the Declude.JunkMail mailing list. To > > unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type > > "unsubscribe Declude.JunkMail". The archives can be found at > > http://www.mail-archive.com. > > > > --- > [This E-mail was scanned for viruses by Declude Virus > (http://www.declude.com)] > > --- > This E-mail came from the Declude.JunkMail mailing list. To > unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type > "unsubscribe Declude.JunkMail". The archives can be found at > http://www.mail-archive.com. > --- > [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] > > --- > This E-mail came from the Declude.JunkMail mailing list. To > unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type > "unsubscribe Declude.JunkMail". The archives can be found at > http://www.mail-archive.com. > --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
