It appears as if Declude is allowing mail that fails spam tests that have been funneled through our backup mail server to pass.
#GLOBAL CONFIG IPBYPASS 12.25.87.100 Here is the relevant portion of logs and configs 20030114 162019 127.0.0.1 SMTPD (6B090098) [209.94.11.105] connect 12.25.87.100 port 3044 20030114 162019 127.0.0.1 SMTPD (6B090098) [12.25.87.100] EHLO mail2.gannett-tv.com 20030114 162019 127.0.0.1 SMTPD (6B090098) [12.25.87.100] MAIL FROM:<[EMAIL PROTECTED]> 20030114 162019 127.0.0.1 SMTPD (6B090098) [12.25.87.100] RCPT TO:<[EMAIL PROTECTED]> 20030114 162020 127.0.0.1 SMTPD (6B090098) [12.25.87.100] e:\imail\spool\D7f136b090098ed15.SMD 20885 Now the Declude Logs 01/14/2003 16:20:25 Q7f136b090098ed15 Msg failed FXBLACKLIST ( ID-20021207-000934). Action=IGNORE. 01/14/2003 16:20:25 Q7f136b090098ed15 Msg failed HELOBOGUS (Domain newman has no MX or A records.). Action=IGNORE. 01/14/2003 16:20:25 Q7f136b090098ed15 Msg failed WEIGHT10 (Weight of 12 reaches or exceeds the limit of 10.). Action=IGNORE. 01/14/2003 16:20:25 Q7f136b090098ed15 R1 Message OK Back to the Imail Logs 20030114 162025 127.0.0.1 SMTP (1724) processing e:\imail\spool\Q7f136b090098ed15.SMD 20030114 162025 127.0.0.1 SMTP (1724) Trying wusatv9.com (0) 20030114 162025 127.0.0.1 SMTP (1724) Connect wusatv9.com [209.70.145.3:25] (1) 20030114 162025 127.0.0.1 SMTP (1724) 220 aegis.wusatv9.com SMTP/smap Ready. 20030114 162025 127.0.0.1 SMTP (1724) >EHLO mail1.gannett-tv.com 20030114 162025 127.0.0.1 SMTP (1724) 500 Command unrecognized 20030114 162025 127.0.0.1 SMTP (1724) >HELO mail1.gannett-tv.com 20030114 162025 127.0.0.1 SMTP (1724) 250 (mail1.gannett-tv.com) pleased to meet you. 20030114 162025 127.0.0.1 SMTP (1724) >MAIL FROM:<[EMAIL PROTECTED]> 20030114 162025 127.0.0.1 SMTP (1724) 250 <[EMAIL PROTECTED]>... Sender Ok 20030114 162025 127.0.0.1 SMTP (1724) >RCPT To:<[EMAIL PROTECTED]> 20030114 162025 127.0.0.1 SMTP (1724) 250 <[EMAIL PROTECTED]> OK 20030114 162025 127.0.0.1 SMTP (1724) >DATA 20030114 162025 127.0.0.1 SMTP (1724) 354 Enter mail, end with "." on a line by itself 20030114 162026 127.0.0.1 SMTP (1724) >. 20030114 162027 127.0.0.1 SMTP (1724) 250 Mail accepted 20030114 162027 127.0.0.1 SMTP (1724) rdeliver wusatv9.com [EMAIL PROTECTED] (1) <[EMAIL PROTECTED]> 20947 20030114 162027 127.0.0.1 SMTP (1724) >QUIT 20030114 162027 127.0.0.1 SMTP (1724) 221 Closing connection 20030114 162027 127.0.0.1 SMTP (1724) finished e:\imail\spool\Q7f136b090098ed15.SMD status=1 Declude -diag E:\imail>declude -diag Declude (C) Copyright 2000-2002 Computerized Horizons. All Rights Reserved. Diagnostics ON (Declude v1.63). Declude JunkMail: Config file found (E:\imail\Declude\global.CFG). Declude Virus: Not installed (no E:\imail\Declude\Virus.CFG file). Declude Hijack: Not installed (no E:\imail\Declude\Hijack.CFG file). Declude Confirm: Not installed (no E:\imail\Declude\Confirm.CFG file). 34 spam tests defined: LOOSENSPAMHEADERS WORDFILTER BLACKLIST FXBLACKLIST IPBLAC KLIST OLDEMPLOYEE ORDB OSDUL OSFORM OSLIST OSRELAY OSSMART OSSOFT OSSRC SPAMCOP MONKEYPROXIES MONKEYFORMMAIL DSBL NJABL DSN NOABUSE NOPOSTMASTER BADHEADERS HELO BOGUS MAILFROM PERCENT REVDNS ROUTING SPAMHEADERS HEUR10 SNIFFER WEIGHT10 WEIGHT 5 CATCHALLMAILS IMail reports Official Host Name as: "mail1.gannett-tv.com". IMail's SendName registry seems OK: "e:\imail\Declude.exe". Declude JunkMail Status: PRO version registered. Declude Virus Status: NOT REGISTERED: No activation code. Declude Hijack Status: NOT REGISTERED: No activation code. End of diagnostics. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
