[Declude.JunkMail] Strange X-Declude-Sender address

[Bill Landry]

Title: Message



Scott, here are the 
headers from a recent spam message, and I am wondering how "X-Declude-Sender" 
came up with [EMAIL PROTECTED]as the sender address:


=
Received: from 
gw2.pointshare.com [204.189.38.3] by intramail01.pointshare.net with 
ESMTP (SMTPD32-7.13) id AB612CE50110; Tue, 11 Feb 2003 00:59:13 
-0800Received: from gw2.pointshare.com (user-vc8fopa.biz.mindspring.com 
[216.135.227.42])by gw2.pointshare.com (Mail Gateway) with SMTP id 
661DCADE90for [EMAIL PROTECTED]; Tue, 11 Feb 2003 
00:59:11 -0800 (PST)From: "QuickQuestion" Date: Tue, 11 Feb 2003 
00:59:02To: fake@example.comSubject: A Quick 
Question For YouMIME-Version: 1.0Content-Type: 
multipart/related; 
boundary="=_NextPart_SWMHBPEXTP"Content-Transfer-Encoding: 
7bitMessage-ID: PM200012:59:02 AMX-RAV-Bulk: RAV AntiVirus classifies 
this e-mail as spam (accuracy very high)X-RAV-Signature: 
5774C890693CEA130620D65BBB38FC28X-CYBERsitter-SpamManager-In: FAILED - Score 
Adult: 0 (Req: 17) Spam: 24 (Req: 20) Tot: 24 (Req: 
23)X-CYBERsitter-SpoolFile: Dbb612ce50110cbac.SMDX-RBL-Warning: 
FIVETEN-SRC: 42.227.135.216.blackholes.five-ten-sg.com.X-RBL-Warning: 
SPAMCOP: Blocked - see http://spamcop.net/bl.shtml?216.135.227.42X-RBL-Warning: 
BADHEADERS: This E-mail was sent from a broken mail client 
[8040800e].X-RBL-Warning: IPNOTINMX: X-RBL-Warning: RAV-FILTER: Message 
failed RAV-FILTER test (4)X-RBL-Warning: WORDFILTER: Message failed 
WORDFILTER test (745)X-RBL-Warning: SPAMMANAGER: Message failed SPAMMANAGER: 
24.X-RBL-Warning: SPAMSNIFFER: Message failed SPAMSNIFFER: 
63.X-Declude-Sender: [EMAIL PROTECTED] 
[216.135.227.42]X-Note: This e-mail was filtered for spam by Pointshare's 
JunkMail ServiceX-Spam-Tests-Failed: FIVETEN-SRC, SPAMCOP, BADHEADERS, 
IPNOTINMX, RAV-FILTER, WORDFILTER, SPAMMANAGER, SPAMSNIFFER, 
WEIGHT16-35X-Note: Total spam test weight: 32
=

I know that the 
sending MTA impersonated one of our gateway servers, but that "X-Declude-Sender" 
came up with [EMAIL PROTECTED] 
as the sender address is very strange, and this is the first time I have seen 
this happen.

Regards,

Bill

Re: [Declude.JunkMail] Strange X-Declude-Sender address

[R. Scott Perry]

Scott, here are the headers from a recent spam message, and I am wondering 
how X-Declude-Sender came up with 
mailto:[EMAIL PROTECTED][EMAIL PROTECTED] as the sender address:

The X-Declude-Sender: header reports the return address of the 
E-mail.  The return address is what the remote mailserver sends in the 
MAIL FROM: SMTP command.  If you look at the IMail SMTP log file, you'll 
see a line MAIL FROM: [EMAIL PROTECTED].

The return address is often different from the address(es) in the From: or 
Reply-To: headers.
-Scott

---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.

Re: [Declude.JunkMail] Getting Started With Declude JunkMail

[Dan Geiser]

Scott, et.al.,
According to the instructions I was given below I have (supposedly)
configured Declude JunkMail to only work on the NEXUSTECHGROUP.COM domain
name.  In the $default$.JunkMail file in the /declude/ folder I have set
all of the actions to IGNORE.  The $default$.JunkMail in the
/declude/nexustechgroup.com/ folder is a copy of the original
$default$.JunkMail from the download site.  It seemed to be working and
after I turned it on yesterday I didn't receive any indication from our
customers, i.e. complaints from non-NEXUSTECHGROUP.COM domains, that
something was amiss.

However, this morning I received a complaint from one of our outside web
developers that e-mail messages that are being generated from one of our
customer web sites to recipients who sign up for a trial on that web site
have the term SPAM in the subject.  That is the action that I configured
NEXUSTECHGROUP.COM for but neither the sender of the e-mail nor the
recipient of the e-mail are a NEXUSTECHGROUP.COM user so I don't understand
why Declude JunkMail is even bothering with the message.

I know it's not much but here is the visible header with confidential
specifics remove...


From: CustomerService@sender.com
[mailto:CustomerService@sender.com]
Sent: Tuesday, February 11, 2003 2:00 AM
To: sjf@recipient.com
Subject: SPAM: Trial Signup for snip


You'll have to trust me that neither the sender or the recipient is
NEXUSTECHGROUP.COM.

We do allow our web hosting customers to bounce e-mail off of our IMail
Server that is destined for the Internet.  But why would Declude JunkMail
even touch the e-mail if it doesn't have NEXUSTECHGROUP.COM as the sender or
recipient?

I'm interested in your feedback.

Thanks, Much!
Dan Geiser [EMAIL PROTECTED]

- Original Message -
From: R. Scott Perry [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, February 10, 2003 3:50 PM
Subject: Re: [Declude.JunkMail] Getting Started With Declude JunkMail



 Is there a way that I can immediately configure Declude JunkMail to
 only work on one domain, NEXUSTECHGROUP.COM, right after installing it?

 Yes.

 To do that, first copy the \Imail\Declude\$default$.JunkMail file to
 \Imail\Declude\nexustechgroup.com\$default$.JunkMail.  This file will be
 used to determine the settings for the NEXUSTECHGROUP.COM domain.

 Then, replace all instances of WARN in the
 \IMail\Declude\$default$.JunkMail file to IGNORE.  That will set up the
 default so that no action will be taken on spam.
 -Scott

 ---
 [This E-mail was scanned for viruses by Declude Virus
(http://www.declude.com)]

 ---
 This E-mail came from the Declude.JunkMail mailing list.  To
 unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
 type unsubscribe Declude.JunkMail.  The archives can be found
 at http://www.mail-archive.com.
 
 This E-mail is scanned and free from viruses. www.nexustechgroup.com




This E-mail is scanned and free from viruses. www.nexustechgroup.com

---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.

RE: [Declude.JunkMail] Getting Started With Declude JunkMail

[John Tolmachoff]

 However, this morning I received a complaint from one of our outside web
 developers that e-mail messages that are being generated from one of our
 customer web sites to recipients who sign up for a trial on that web site
 have the term SPAM in the subject.  That is the action that I configured
 NEXUSTECHGROUP.COM for but neither the sender of the e-mail nor the
 recipient of the e-mail are a NEXUSTECHGROUP.COM user so I don't
understand
 why Declude JunkMail is even bothering with the message.

That is an outgoing message that is determined by the test actions defined
in the Global.cfg at the bottom.

You may want to change those actions to IGNORE for right now.

John Tolmachoff MCSE, CSSA
IT Manager, Network Engineer
RelianceSoft, Inc.
Fullerton, CA  92835
www.reliancesoft.com



---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.

Re: [Declude.JunkMail] Getting Started With Declude JunkMail

[R. Scott Perry]

 Do you have IMail set up to send a copy of all E-mail to an account
 @nexustechgroup.com?  If so, you can either set up a per-user configuration
 for that account (using the IGNORE action), or you can download the latest
 beta (1.67) which will automatically disable all spam checking on copyall
 accounts.
 -Scott

From what I can tell IMail IS configured to send a copy of all e-mail to the
account [EMAIL PROTECTED]  I found this under IMail
Administrator - localhost - SMTP Security.  Under the section labeled Copy
All Mail the Enable checkbox is checked.

When you say that account are you referring to [EMAIL PROTECTED]?


That is correct.  Since you have a copy of all E-mail sent to 
[EMAIL PROTECTED], the actions for @nexustechgroup.com will be 
taken on the E-mail unless [EMAIL PROTECTED] has a per-user 
setting to use the IGNORE action.

Does this mean that even though I took extra steps to make sure our e-mail
hosting customers would not be affected by our Declude JunkMail testing that
all of the domains on our IMail Server could be receiving SPAM in the
subject?


That is correct.  For every incoming E-mail, IMail adds a recipient of 
[EMAIL PROTECTED], so Declude JunkMail will see two recipients, 
rather than just one.

 So I've read the Per-User Configuration section. It sounds like I have 2
 options here:
 Option #1) Setup a Per-User Configuration for [EMAIL PROTECTED]
 Option #2) Setup a WHITELIST entry for [EMAIL PROTECTED]

No -- if you whitelist E-mail to [EMAIL PROTECTED], the E-mail 
will pass all spam tests, so no action will be taken on the E-mail.  For 
this address, you aren't looking to whitelist the E-mail or take any action 
-- you want Declude JunkMail to silently ignore it.  To do that, you can 
use Option #1, or you can upgrade to the latest beta (where Declude 
JunkMail will detect that it is a copyall account and ignore it).

This is one of the tricky cases where you have 2 or more recipients for an 
E-mail, and Declude JunkMail needs to determine the best course of action 
to take on the E-mail (as both recipients need to receive an identical copy 
of the E-mail).

I would recommend upgrading to the latest beta in this case.
 -Scott

---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.

Re: [Declude.JunkMail] Getting Started With Declude JunkMail

[R. Scott Perry]

Now this e-mail seems to imply that it's not because of Copy All Mail but
instead is because this e-mail is an outgoing message and that I need to
change something in GLOBAL.CFG.

Which is it?  If it's the latter why would Declude JunkMail be flagging
outgoing e-mail as spam?


The source of the problem is that all E-mail is addressed to an account on 
a domain that has spam control enabled.  So in this case, you have the 
recipients as:

[1] [EMAIL PROTECTED]
[2] [EMAIL PROTECTED]
[3] [EMAIL PROTECTED]

For recipient #1, Declude JunkMail looks at the 
\IMail\Declude\nexustechtgroup.com\$default$.JunkMail file to determine 
what action to take (if the 
\IMail\Declude\nexustechtgroup.com\copybox.JunkMail file existed, that 
would be used instead).  For recipient #2 (which is not a local user), 
Declude JunkMail looks at the \IMail\Declude\global.cfg file (which 
contains the actions to take on outgoing E-mail).  For recipient #3 (which 
is not a local user), Declude JunkMail looks at the 
\IMail\Declude\global.cfg file (which contains the actions to take on 
outgoing E-mail).

Declude JunkMail then works on the assumption that if the E-mail is going 
to these three users, and one of whom thinks it is spam, then it probably 
is spam (whereas if they were sent separately, the chances of it really 
being spam would be much less).

By setting up a per-user configuration file for the 
[EMAIL PROTECTED] account, or by upgrading to the latest beta 
(which knows that [EMAIL PROTECTED] is a copyall account, and 
ignores it), Declude JunkMail would see that none of the recipients think 
it is spam, and would deliver it untouched.
-Scott

---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.

Re: [Declude.JunkMail] Getting Started With Declude JunkMail

[Dan Geiser]

Scott,
Thanks for all of your help.  I have upgraded my DECLUDE.EXE to the latest
Beta.

This was such a hard issue to diagnose because it was an issue that only my
customers were seeing.  I'm going to put the word out to those who called in
to complain that everything should be resolved now.

Thanks, Again,
Dan Geiser [EMAIL PROTECTED]

- Original Message -
From: R. Scott Perry [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, February 11, 2003 10:19 AM
Subject: Re: [Declude.JunkMail] Getting Started With Declude JunkMail



   Do you have IMail set up to send a copy of all E-mail to an account
   @nexustechgroup.com?  If so, you can either set up a per-user
configuration
   for that account (using the IGNORE action), or you can download the
latest
   beta (1.67) which will automatically disable all spam checking on
copyall
   accounts.
   -Scott
 
  From what I can tell IMail IS configured to send a copy of all e-mail
to the
 account [EMAIL PROTECTED]  I found this under IMail
 Administrator - localhost - SMTP Security.  Under the section labeled
Copy
 All Mail the Enable checkbox is checked.
 
 When you say that account are you referring to
[EMAIL PROTECTED]?

 That is correct.  Since you have a copy of all E-mail sent to
 [EMAIL PROTECTED], the actions for @nexustechgroup.com will be
 taken on the E-mail unless [EMAIL PROTECTED] has a per-user
 setting to use the IGNORE action.

 Does this mean that even though I took extra steps to make sure our
e-mail
 hosting customers would not be affected by our Declude JunkMail testing
that
 all of the domains on our IMail Server could be receiving SPAM in the
 subject?

 That is correct.  For every incoming E-mail, IMail adds a recipient of
 [EMAIL PROTECTED], so Declude JunkMail will see two recipients,
 rather than just one.

   So I've read the Per-User Configuration section. It sounds like I have
2
   options here:
   Option #1) Setup a Per-User Configuration for
[EMAIL PROTECTED]
   Option #2) Setup a WHITELIST entry for [EMAIL PROTECTED]

 No -- if you whitelist E-mail to [EMAIL PROTECTED], the E-mail
 will pass all spam tests, so no action will be taken on the E-mail.  For
 this address, you aren't looking to whitelist the E-mail or take any
action
 -- you want Declude JunkMail to silently ignore it.  To do that, you can
 use Option #1, or you can upgrade to the latest beta (where Declude
 JunkMail will detect that it is a copyall account and ignore it).

 This is one of the tricky cases where you have 2 or more recipients for an
 E-mail, and Declude JunkMail needs to determine the best course of action
 to take on the E-mail (as both recipients need to receive an identical
copy
 of the E-mail).

 I would recommend upgrading to the latest beta in this case.
   -Scott

 ---
 [This E-mail was scanned for viruses by Declude Virus
(http://www.declude.com)]

 ---
 This E-mail came from the Declude.JunkMail mailing list.  To
 unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
 type unsubscribe Declude.JunkMail.  The archives can be found
 at http://www.mail-archive.com.
 
 This E-mail is scanned and free from viruses. www.nexustechgroup.com




This E-mail is scanned and free from viruses. www.nexustechgroup.com

---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.

RE: [Declude.JunkMail] Getting Started With Declude JunkMail

[John Tolmachoff]

 From Scott's previous e-mail I was presuming that all of the hosts on our
 system are feeling the effects of Declude JunkMail because we have the
Copy
 All Mail feature of IMail enabled.  I am trying to fix that as we speak.

Woops, my bad. I missed the line about have Copy All Mail enabled. Scott, I
picked up your bad. :))

John Tolmachoff MCSE, CSSA
IT Manager, Network Engineer
RelianceSoft, Inc.
Fullerton, CA  92835
www.reliancesoft.com




---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.

[Declude.JunkMail] quickie no negative weight.

[paul]

Ok, I think I did this right, just looking for reassurance here.

Ok, got my newtest running well, now I want to make a negative test to
counter poorly created mail, like e-bay's confirm/etc mail. All mention
credit cards and that's a key on my other CONTAINS test. So here's what I
did, is it correct?

Global.cfg:
negweight filter d:\imail\declude\negweight.txt x 0 0

$Default:
negweight WARN

negweight.txt example:
MAILFROM -13 IS [EMAIL PROTECTED]
figure IS makes it match completely, better than contains.

by this, mail from [EMAIL PROTECTED] will get a weight of -13 correct?

Do I need a weight in Global.cfg? x -1 0? Obviously the weight will be added
to the mail, hence the -1, but I want to make sure there's no problem
leaving it at 0.

Thanks for the input.

Paul


---
[This E-mail scanned for viruses by Declude Virus]

---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.

Re: [Declude.JunkMail] quickie no negative weight.

[R. Scott Perry]

Ok, got my newtest running well, now I want to make a negative test to
counter poorly created mail, like e-bay's confirm/etc mail. All mention
credit cards and that's a key on my other CONTAINS test. So here's what I
did, is it correct?

Global.cfg:
negweight filter d:\imail\declude\negweight.txt x 0 0

$Default:
negweight WARN

negweight.txt example:
MAILFROM -13 IS [EMAIL PROTECTED]
figure IS makes it match completely, better than contains.


That looks good.


by this, mail from [EMAIL PROTECTED] will get a weight of -13 correct?


Correct.


Do I need a weight in Global.cfg? x -1 0? Obviously the weight will be added
to the mail, hence the -1, but I want to make sure there's no problem
leaving it at 0.


Leaving it at 0 is fine.  Declude JunkMail will add the weight for the test 
(in the test definition), plus a weight for each of the lines in the filter 
that match the E-mail.
-Scott

---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.

[Declude.JunkMail] Store and Forward w/JunkMail Question

[Keith Johnson]

Since late last year we have had our entire setup with virtual hosted domains with No 
Mail Relay.   We are going to change our relay mode to 'relay for addresses' to filter 
email for about 10 or more Exchange Servers (thus, store and forward).  However, we 
are going to still require all our other domains to SMTP Auth to us.  My question is, 
with JunkMail, does all the filters and commands work just like they do under domains 
hosted on the IMail server itself.  Previously, we always used the RouteTo a mailbox 
(same domain) for a 'little' admin to look at the spam email and thus forward it on to 
the necessary person, however, we won't be able to do that anymore with these domains 
since the domain isn't on the box.  We were thinking of creating a bogus.com domain 
and RouteTo there.  Thanks for allowing me to ramble here, just trying to see if I 
missed anything.  I believe the Declude Virus should be fine with this as well.  Thank 
you for the info.
 
Keith 
†+™¨¥Á«,q©çy×è®ø«ºÇ¬o Þr[yX«ºÈm¶ŸÿÃ
yÉnuç(™8b°IšŠW™çë¢kax7œ–ç^éä1¨¥™¨¥Šx%ŠËS¢éì¹»®ÞŽë-±éÝjqj)m¢)šŠ[+½×œ–ç^r‰šÛr¥ë§²æìr¸›x7œ–ç^éä1¨¥Nš­Èb½ëjvÞ~‹§u«a¶Úÿ
0™¨¥j·!Š÷œ¢

RE: [Declude.JunkMail] Store and Forward w/JunkMail Question

[John Tolmachoff]

Instead of ROUTETO, you could use HOLD. Then, the files will be in 
Imail\spool\spam\hold folder. You can either open them with notepad or use SpamReveiw.

John Tolmachoff MCSE, CSSA
IT Manager, Network Engineer
RelianceSoft, Inc.
Fullerton, CA  92835
www.reliancesoft.com

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:Declude.JunkMail-
 [EMAIL PROTECTED]] On Behalf Of Keith Johnson
 Sent: Tuesday, February 11, 2003 7:10 PM
 To: [EMAIL PROTECTED]
 Subject: [Declude.JunkMail] Store and Forward w/JunkMail Question
 
 Since late last year we have had our entire setup with virtual hosted domains with
 No Mail Relay.   We are going to change our relay mode to 'relay for addresses' to
 filter email for about 10 or more Exchange Servers (thus, store and forward).
 However, we are going to still require all our other domains to SMTP Auth to us.
 My question is, with JunkMail, does all the filters and commands work just like they
 do under domains hosted on the IMail server itself.  Previously, we always used the
 RouteTo a mailbox (same domain) for a 'little' admin to look at the spam email and
 thus forward it on to the necessary person, however, we won't be able to do that
 anymore with these domains since the domain isn't on the box.  We were thinking
 of creating a bogus.com domain and RouteTo there.  Thanks for allowing me to
 ramble here, just trying to see if I missed anything.  I believe the Declude Virus
 should be fine with this as well.  Thank you for the info.
 
 Keith
 NfƝ碻뱼yu
 
 u עdj)jgnr[xېƖf)+Nrz;渶uǩj)r[y jwퟀ�˱m r[xƕ8jqy ퟞ�  f+rmw纶   Vry

---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.

Re: [Declude.JunkMail] Store and Forward w/JunkMail Question

[Eje Gustafsson]

spamreview rocks. Only wish it could do filters with wildcards. Hate
the darn spammers that uses mail123.domain.tld  mail124.domain.tld and
so on do *.domain.tld and take care of them for good.

Best regards,
 Eje Gustafsson   mailto:[EMAIL PROTECTED]
The Family Entertainment Network  http://www.fament.com
Phone : 620-231-  Fax   : 620-231-4066
 - Your Full Time Professionals -
eBay UserID : macahan
--
JT Instead of ROUTETO, you could use HOLD. Then, the files will be in 
Imail\spool\spam\hold folder. You can either open them with notepad or use SpamReveiw.

JT John Tolmachoff MCSE, CSSA
JT IT Manager, Network Engineer
JT RelianceSoft, Inc.
JT Fullerton, CA  92835
JT www.reliancesoft.com

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:Declude.JunkMail-
 [EMAIL PROTECTED]] On Behalf Of Keith Johnson
 Sent: Tuesday, February 11, 2003 7:10 PM
 To: [EMAIL PROTECTED]
 Subject: [Declude.JunkMail] Store and Forward w/JunkMail Question
 
 Since late last year we have had our entire setup with virtual hosted domains with
 No Mail Relay.   We are going to change our relay mode to 'relay for addresses' to
 filter email for about 10 or more Exchange Servers (thus, store and forward).
 However, we are going to still require all our other domains to SMTP Auth to us.
 My question is, with JunkMail, does all the filters and commands work just like they
 do under domains hosted on the IMail server itself.  Previously, we always used the
 RouteTo a mailbox (same domain) for a 'little' admin to look at the spam email and
 thus forward it on to the necessary person, however, we won't be able to do that
 anymore with these domains since the domain isn't on the box.  We were thinking
 of creating a bogus.com domain and RouteTo there.  Thanks for allowing me to
 ramble here, just trying to see if I missed anything.  I believe the Declude Virus
 should be fine with this as well.  Thank you for the info.
 
 Keith
 Nf???yu
 
 u ?dj)jgnr[x??f)+Nrz;?ukj)r[y jw???m r[x?8jqy ??  f+rmw? Vry

JT ---
JT [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

JT ---
JT This E-mail came from the Declude.JunkMail mailing list.  To
JT unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
JT type unsubscribe Declude.JunkMail.  The archives can be found
JT at http://www.mail-archive.com.
JT ---
JT [This E-mail scanned for viruses by Declude Virus]

---
[This E-mail scanned for viruses by Declude Virus]

---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.