RE: [Declude.JunkMail] BADHEADERS Test question
Getting to me...look here, you say you been thinking again! Sounds like a retread coming off to me... Jim Rooth Klotron, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of John Tolmachoff Sent: Friday, September 27, 2002 01:00 To: [EMAIL PROTECTED] Subject: RE: [Declude.JunkMail] BADHEADERS Test question Thanks Scott, I meant to say SPAMHEADERS in lieu of BADHEADERS...to ya'll I was RFC ignorant...you had to figure the rest of the ignorance out on your own...LOL Me thinks you have been spending too much time around a truck stop again Jim. The diesel fumes are getting to you again. :-) John Tolmachoff IT Manager, Network Engineer RelianceSoft, Inc. Fullerton, CA 92835 www.reliancesoft.com --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] HOPHIGH
I've been trying to understand this discussion about HOP/HOPHIGH. The docs describe this as a feature used when email is internally re-routed. Am I to assume those who contributed to this thread have that type of configuration? Keith Purtell, Web/Network Administrator VantageMed Operations (Kansas City) Email: [EMAIL PROTECTED] CONFIDENTIALITY NOTICE: This email message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dan Patnode Sent: Thursday, September 26, 2002 3:03 PM To: [EMAIL PROTECTED] Subject: Re: [Declude.JunkMail] HOPHIGH Bill, Mine is set to 2 (for a total of 3). I started at 0, then 1 and found that spam still got around my filters that would have been caught at 2. I changed it to 2 4+ months ago and haven't looked back. Your mileage may vary. I haven't seen a need to set it at 3. Dan On Thursday, September 26, 2002 11:19, Bill B [EMAIL PROTECTED] wrote: How affective is scanning at multiple Hops? I'm not setting HOPHIGH right now...but I'm currious if the people who are using it are seeing its benefits, or if it is causing them any problems. And what is the recommended HOPHIGH setting (assuming HOP is set to 0)? Bill --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
[Declude.JunkMail] Whitelisting one address
In my bounce messages I entered a little note saying if you feel this message has been bounced in error, please contact mailto:[EMAIL PROTECTED][EMAIL PROTECTED] . Is there a way with the standard version of Declude to make mail go to that address regardless of it s intent; spam or valid? --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
[Declude.JunkMail] fromfile problem
I use the fromfile test that was suggested by Tom on this list, which adds a weighting for many common items in Spam addresses such as these below: @ANONYMOUS @ANONYMOUS .ANONYMOUS .ANONYMOUS ANONYMOUS. ANONYMOUS. ANONYMOUS@ ANONYMOUS@ -ANONYMOUS -ANONYMOUS ANONYMOUS- ANONYMOUS- @BOUNCE @BOUNCE .BOUNCE .BOUNCE BOUNCE. BOUNCE. BOUNCE@ BOUNCE@ -BOUNCE -BOUNCE BOUNCE- BOUNCE- I use several combinations like this, but I am noticing that the ones which end with the @ symbol are not working. Any ideas why? Here is an example of one it missed from the logs... 09/27/2002 00:12:29 Qdaac06290108404a BADHEADERS:5 SNIFFER:12 . Total weight = 17 09/27/2002 00:12:29 Qdaac06290108404a Msg failed BADHEADERS (This E-mail was sent from a broken mail client [801e].). 09/27/2002 00:12:29 Qdaac06290108404a Msg failed SNIFFER (Message failed SNIFFER: 12.). 09/27/2002 00:12:29 Qdaac06290108404a Msg failed WEIGHTFAIL (Weight of 17 reaches or exceeds the limit of 15.). 09/27/2002 00:12:29 Qdaac06290108404a Subject: Double Your Earnings Power... 09/27/2002 00:12:29 Qdaac06290108404a From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] ...other than that problem, this test has made a great addition by just adding a small weighting for addresses that contain these patterns. Thanks, Bill --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] HOPHIGH
I've been trying to understand this discussion about HOP/HOPHIGH. The docs describe this as a feature used when email is internally re-routed. Am I to assume those who contributed to this thread have that type of configuration? Although it was designed for use with internally re-routed E-mail, it can also be used for externally re-routed E-mail. For example, if E-mail comes directly to your IMail server, you would normally have HOP 0 and HOPHIGH 0. That would scan just the mailserver that connects to your IMail server. For example, if you receive E-mail from the IMail Forum, it would scan the IP of Ipswitch's mailserver. If you changed that to HOPHIGH 1, Declude JunkMail would scan the next hop as well. In the IMail Forum example, it would scan both the IP address of the Ipswitch mailserver, as well as the mailserver that connected to it. -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Whitelisting one address
In my bounce messages I entered a little note saying if you feel this message has been bounced in error, please contact mailto:[EMAIL PROTECTED][EMAIL PROTECTED] . Is there a way with the standard version of Declude to make mail go to that address regardless of it s intent; spam or valid? Yes. :) Normally, Declude JunkMail Standard doesn't allow per-user configurations. However, you can have a line WHITELIST TO [EMAIL PROTECTED] (in the \IMail\Declude\global.cfg file), and it will be whitelisted. Any postmaster@ or abuse@ address can be whitelisted, even in the Standard version. -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
[Declude.JunkMail] Whitelisting one address
In my bounce messages I entered a little note saying if you feel this message has been bounced in error, please contact [EMAIL PROTECTED]. But those people who fail the open relay tests will not be able to get mail through to that address. Is there a way with the standard version of Declude to make mail go to that address regardless of its intent; spam or valid? Also, another question. We get a lot of government mail that is being trapped. Usually theyre addresses like [EMAIL PROTECTED] . What I did was WHITELIST FROM @.mil to let all mail from .mil to come through unchallenged. But theyre still getting trapped. Did I not whitelist the domain correctly? Thanks!
Re: [Declude.JunkMail] fromfile problem
@ANONYMOUS @ANONYMOUS ANONYMOUS@ ANONYMOUS@ I use several combinations like this, but I am noticing that the ones which end with the @ symbol are not working. Any ideas why? The @ forces Declude JunkMail to use an exact match (that started with v1.58, so that [EMAIL PROTECTED] wouldn't catch [EMAIL PROTECTED], for example). So ANONYMOUS@ would only match an E-mail address that was just ANONYMOUS@. There is currently no way to specify just a username. -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Whitelisting one address
Also, another question. We get a lot of government mail that is being trapped. Usually they re addresses like mailto:[EMAIL PROTECTED][EMAIL PROTECTED] . What I did was WHITELIST FROM @.mil to let all mail from .mil to come through unchallenged. But they re still getting trapped. Did I not whitelist the domain correctly? In this case, only mail in the format username@.mil would get whitelisted. Unfortunately, I don't believe there is a way to whitelist all *.mil domains. -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] fromfile problem
Oh...actually I do remember that being discussed a while back. Thanks Scott. Bill -Original Message- From: R. Scott Perry Sent: Fri, 27 Sep 2002 09:46:28 -0400 Subject: Re: [Declude.JunkMail] fromfile problem @ANONYMOUS @ANONYMOUS ANONYMOUS@ ANONYMOUS@ I use several combinations like this, but I am noticing that the ones which end with the @ symbol are not working. Any ideas why? The @ forces Declude JunkMail to use an exact match (that started with v1.58, so that [EMAIL PROTECTED] wouldn't catch [EMAIL PROTECTED], for example). So ANONYMOUS@ would only match an E-mail address that was just ANONYMOUS@. There is currently no way to specify just a username. -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Whitelisting one address
Instead of whitelisting, you could use a wordfilter to add a negative weighting like this: MAILFROM-50 ENDSWITH.mil Bill -Original Message- From: Mike Goetz Sent: Fri, 27 Sep 2002 09:50:25 -0400 Subject: [Declude.JunkMail] Whitelisting one address In my bounce messages I entered a little note saying if you feel this message has been bounced in error, please contact [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] . But those people who fail the open relay tests will not be able to get mail through to that address. Is there a way with the standard version of Declude to make mail go to that address regardless of its intent; spam or valid? Also, another question. We get a lot of government mail that is being trapped. Usually theyre addresses like [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] . What I did was WHITELIST FROM @.mil to let all mail from .mil to come through unchallenged. But theyre still getting trapped. Did I not whitelist the domain correctly? Thanks! --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
[Declude.JunkMail] BASE64 problem!?
Title: Message Hi; Version: 1.61 beta it seems like any email that has attachment is triggering the BASE64 test. We have put a weight of 14 hoping the body of the eMail trigger this but now attachments are triggering this as well. For example: This eMail: X-RBL-Warning: HELOBOGUS: Domain has no MX/A records.X-RBL-Warning: BASE64: An binary encoded text or HTML section was found in this E-mail.X-RBL-Warning: WORDFILTER: Message failed WORDFILTER test (217)X-Declude-Sender: [EMAIL PROTECTED] [209.81.57.203]X-Declude-Spoolname: D932e00a901761f57.SMDX-Note: This E-mail was scanned by Declude (www.declude.com) for SPAM virus.X-Note: This E-mail was sent from ([209.81.57.203]).X-Spam-Tests-Failed: HELOBOGUS, BASE64, WORDFILTER, WEIGHT20, WEIGHT20SX-Weight: 25 had two attachments (JPG) and (HTML). The body of the email was not encoded. The weight of 14 is the single score below marked as SPAM so any other tests failing would mark it SPAM. I hate to lower the weight of this test since it works great but the attachments are causing problem. Any way we can make this distinction so we can only flag the body of the eMail and not the attachments? Regards, Kami
Re: [Declude.JunkMail] Whitelisting one address
In this case, only mail in the format username@.mil would get whitelisted. Unfortunately, I don't believe there is a way to whitelist all *.mil domains. Wouldn't the correct syntax be: WHITELIST FROM .mil and not: WHITELIST FROM @.mil ? Sheldon Sheldon Koehler, Owner/Partnerhttp://www.tenforward.com Ten Forward Communications 360-457-9023 Nationwide access, neighborhood support! Whenever you find yourself on the side of the majority, it's time to pause and reflect. Mark Twain --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] BASE64 problem!?
it seems like any email that has attachment is triggering the BASE64 test. We have put a weight of 14 hoping the body of the eMail trigger this but now attachments are triggering this as well. For example: Note that the base64 test should apply only to text and/or HTML segments. This eMail: X-RBL-Warning: HELOBOGUS: Domain has no MX/A records. X-RBL-Warning: BASE64: An binary encoded text or HTML section was found in this E-mail. X-RBL-Warning: WORDFILTER: Message failed WORDFILTER test (217) X-Declude-Sender: mailto:[EMAIL PROTECTED][EMAIL PROTECTED] [209.81.57.203] X-Declude-Spoolname: D932e00a901761f57.SMD X-Note: This E-mail was scanned by Declude (http://www.declude.comwww.declude.com) for SPAM virus. X-Note: This E-mail was sent from ([209.81.57.203]). X-Spam-Tests-Failed: HELOBOGUS, BASE64, WORDFILTER, WEIGHT20, WEIGHT20S X-Weight: 25 had two attachments (JPG) and (HTML). The body of the email was not encoded. How do you know the body was not encoded? Did you look at an .mbx file? Note that the HTML attachment will count towards the base64 test, as HTML should never need to be binary encoded. Any way we can make this distinction so we can only flag the body of the eMail and not the attachments? It's important to realize that with MIME, there is no distinction between the body of the E-mail and attachments. With MIME, the E-mail is divided into 1 or more segments, each of which can be text, HTML, a binary file, etc. Some of those may be visible, while others aren't. With a typical Outlook E-mail with a .ZIP attachment, you would have 3 segments: a text segment with the body of the E-mail, an HTML segment with the body of the E-mail, and the .ZIP attachment. Only the HTML (or text, depending on the mail client) segment would be visible, while the .ZIP file would appear as an attachment. In this case, the text segment (or HTML) would not be visible or even linked to as an attachment. So MIME can get confusing quite easily. -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] SPAMCOP:[SNIFFER Sniffer test failed]Declude.JunkMail and Message Sniffer
Next month we plan to release a version that includes compound heuristics. At that time we will begin adding white-rule to the database to match well known legitimate lists. We expect this will reduce the problem. Yippee!!! Sheldon Sheldon Koehler, Owner/Partnerhttp://www.tenforward.com Ten Forward Communications 360-457-9023 Nationwide access, neighborhood support! Whenever you find yourself on the side of the majority, it's time to pause and reflect. Mark Twain --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Whitelisting one address
In this case, only mail in the format username@.mil would get whitelisted. Unfortunately, I don't believe there is a way to whitelist all *.mil domains. Wouldn't the correct syntax be: WHITELIST FROM .mil and not: WHITELIST FROM @.mil ? You are correct -- WHITELIST FROM .mil would whitelist all E-mail from @*.mil (and any other addresses with .mil in them, including [EMAIL PROTECTED]). -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] BASE64 problem!?
How did I know the body is not encoded? For scores of over 20 the system forwards the email to an account that we check using Outlook Express. OE is better and easier to use for looking at the header since you can easily get the properties and then see the entire body and the header, whereas in Outlook you can't see an encoded body. From what I have seen so far, when a message is encoded the body is really unreadable. So in OE when you look at the message detail in the message property window it is all encoded. In the case of this eMail I saw the HTML body just like other emails but it had two attachments. So without the two attachments the body looked OK. Now I am probably not looking at the right thing. Regards, Kami -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of R. Scott Perry Sent: Friday, September 27, 2002 2:02 PM To: [EMAIL PROTECTED] Subject: Re: [Declude.JunkMail] BASE64 problem!? it seems like any email that has attachment is triggering the BASE64 test. We have put a weight of 14 hoping the body of the eMail trigger this but now attachments are triggering this as well. For example: Note that the base64 test should apply only to text and/or HTML segments. This eMail: X-RBL-Warning: HELOBOGUS: Domain has no MX/A records. X-RBL-Warning: BASE64: An binary encoded text or HTML section was found in this E-mail. X-RBL-Warning: WORDFILTER: Message failed WORDFILTER test (217) X-Declude-Sender: mailto:[EMAIL PROTECTED][EMAIL PROTECTED] [209.81.57.203] X-Declude-Spoolname: D932e00a901761f57.SMD X-Note: This E-mail was scanned by Declude (http://www.declude.comwww.declude.com) for SPAM virus. X-Note: This E-mail was sent from ([209.81.57.203]). X-Spam-Tests-Failed: HELOBOGUS, BASE64, WORDFILTER, WEIGHT20, WEIGHT20S X-Weight: 25 had two attachments (JPG) and (HTML). The body of the email was not encoded. How do you know the body was not encoded? Did you look at an .mbx file? Note that the HTML attachment will count towards the base64 test, as HTML should never need to be binary encoded. Any way we can make this distinction so we can only flag the body of the eMail and not the attachments? It's important to realize that with MIME, there is no distinction between the body of the E-mail and attachments. With MIME, the E-mail is divided into 1 or more segments, each of which can be text, HTML, a binary file, etc. Some of those may be visible, while others aren't. With a typical Outlook E-mail with a .ZIP attachment, you would have 3 segments: a text segment with the body of the E-mail, an HTML segment with the body of the E-mail, and the .ZIP attachment. Only the HTML (or text, depending on the mail client) segment would be visible, while the .ZIP file would appear as an attachment. In this case, the text segment (or HTML) would not be visible or even linked to as an attachment. So MIME can get confusing quite easily. -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] BASE64 problem!?
How did I know the body is not encoded? For scores of over 20 the system forwards the email to an account that we check using Outlook Express. OE is better and easier to use for looking at the header since you can easily get the properties and then see the entire body and the header, whereas in Outlook you can't see an encoded body. OE lets you see the raw E-mail, including the encoding? I didn't realize that. From what I have seen so far, when a message is encoded the body is really unreadable. So in OE when you look at the message detail in the message property window it is all encoded. In the case of this eMail I saw the HTML body just like other emails but it had two attachments. So without the two attachments the body looked OK. Now I am probably not looking at the right thing. It sounds like you are looking at the right thing -- with base64 encoding, the MIME segment will display in a human-readable format, but when looking at the raw E-mail, it won't be human-readable. But, if one of the attachments was HTML (and had a Content-type: text/HTML MIME header), and was base64 encoded, then it would still trigger the test. -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] BASE64 problem!?
- Original Message - From: R. Scott Perry [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, September 27, 2002 2:43 PM Subject: RE: [Declude.JunkMail] BASE64 problem!? OE lets you see the raw E-mail, including the encoding? I didn't realize that. Just right click on the email and pick properties and then on the Details tab there is a button that says Message Source. It is the raw message if you click on that. -- Joshua Levitsky, MCSE, MCSA, CISSP, EMTD, MCP+I, MCP Desktop Systems Engineer AOL Time Warner --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] HOPHIGH
Keith, Have a look at this top bit from a spam's header: Received: from msins1.mseedi.com [210.94.172.180] by email.inhouseit.com with ESMTP (SMTPD32-7.13) id A238BC10058; Fri, 27 Sep 2002 05:42:32 -0700 Received: from mpovy.earthlink.net (65.100.240.33 [65.100.240.33]) by msins1.mseedi.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.1960.3) Received lines are added chronologically from the bottom up. In this example, the email was sent from a US West server (65.100.240.33) and bounced off an open relay server in Seoul Korea (210.94.172.180). With a HOPHIGH of 0, Declude's IP tests (including external black lists like SpamHaus) examine only the last/top IP in the chain. If the US West IP was blacklisted, it would not be seen. With a HOPHIGH of 1, Declude examines both IPs in the chain and either (OR, not AND) IP can trigger a test. This is a killer feature and not one I've seen on other systems. Dan On Friday, September 27, 2002 6:30, Keith Purtell [EMAIL PROTECTED] wrote: I've been trying to understand this discussion about HOP/HOPHIGH. The docs describe this as a feature used when email is internally re-routed. Am I to assume those who contributed to this thread have that type of configuration? Keith Purtell, Web/Network Administrator VantageMed Operations (Kansas City) Email: [EMAIL PROTECTED] CONFIDENTIALITY NOTICE: This email message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dan Patnode Sent: Thursday, September 26, 2002 3:03 PM To: [EMAIL PROTECTED] Subject: Re: [Declude.JunkMail] HOPHIGH Bill, Mine is set to 2 (for a total of 3). I started at 0, then 1 and found that spam still got around my filters that would have been caught at 2. I changed it to 2 4+ months ago and haven't looked back. Your mileage may vary. I haven't seen a need to set it at 3. Dan On Thursday, September 26, 2002 11:19, Bill B [EMAIL PROTECTED] wrote: How affective is scanning at multiple Hops? I'm not setting HOPHIGH right now...but I'm currious if the people who are using it are seeing its benefits, or if it is causing them any problems. And what is the recommended HOPHIGH setting (assuming HOP is set to 0)? Bill --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] BASE64 problem!?
You can actually view the header in Outlook. You just right click the message in your inbox and then select options. At the bottom of the options window is all the header information. (At least most of it) Shane Thoney -Original Message- From: Joshua Levitsky [mailto:[EMAIL PROTECTED]] Sent: Friday, September 27, 2002 12:45 PM To: [EMAIL PROTECTED] Subject: Re: [Declude.JunkMail] BASE64 problem!? - Original Message - From: R. Scott Perry [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, September 27, 2002 2:43 PM Subject: RE: [Declude.JunkMail] BASE64 problem!? OE lets you see the raw E-mail, including the encoding? I didn't realize that. Just right click on the email and pick properties and then on the Details tab there is a button that says Message Source. It is the raw message if you click on that. -- Joshua Levitsky, MCSE, MCSA, CISSP, EMTD, MCP+I, MCP Desktop Systems Engineer AOL Time Warner --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re[2]: [Declude.JunkMail] BASE64 problem!?
Actually you can see even more then that.. File-Details (or right click on the message in the inbox) Click on the details tab and hit the message source button. Now you have the entire e-mail source to read (or copy and paste to submit to spamcop ;P ) / Eje Friday, September 27, 2002, 5:33:41 PM, you wrote: ST You can actually view the header in Outlook. You just right click the ST message in your inbox and then select options. At the bottom of the options ST window is all the header information. (At least most of it) ST Shane Thoney ST -Original Message- ST From: Joshua Levitsky [mailto:[EMAIL PROTECTED]] ST Sent: Friday, September 27, 2002 12:45 PM ST To: [EMAIL PROTECTED] ST Subject: Re: [Declude.JunkMail] BASE64 problem!? ST - Original Message - ST From: R. Scott Perry [EMAIL PROTECTED] ST To: [EMAIL PROTECTED] ST Sent: Friday, September 27, 2002 2:43 PM ST Subject: RE: [Declude.JunkMail] BASE64 problem!? OE lets you see the raw E-mail, including the encoding? I didn't realize ST that. ST Just right click on the email and pick properties and then on the Details ST tab there is a button that says Message Source. It is the raw message if you ST click on that. ST -- ST Joshua Levitsky, MCSE, MCSA, CISSP, EMTD, MCP+I, MCP ST Desktop Systems Engineer ST AOL Time Warner ST --- ST [This E-mail was scanned for viruses by Declude Virus ST (http://www.declude.com)] ST --- ST This E-mail came from the Declude.JunkMail mailing list. To ST unsubscribe, just send an E-mail to [EMAIL PROTECTED], and ST type unsubscribe Declude.JunkMail. The archives can be found ST at http://www.mail-archive.com. ST --- ST [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] ST --- ST This E-mail came from the Declude.JunkMail mailing list. To ST unsubscribe, just send an E-mail to [EMAIL PROTECTED], and ST type unsubscribe Declude.JunkMail. The archives can be found ST at http://www.mail-archive.com. ST --- ST [This E-mail scanned for viruses by Declude Virus] Best regards, Eje Gustafsson mailto:[EMAIL PROTECTED] --- The Family Entertainment Network http://www.fament.com Phone : 620-231- Fax : 620-231-4066 eBay UserID : macahan - Your Full Time Professionals - --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.