Re: [Declude.JunkMail] International SpamDomains
Or better yet, let us define the filtertype attribute in the spamdomains.txt file. For example: CONTAINS altavista. ENDSWITH .av.com ENDSWITH amazon.com ENDSWITH .forevermail.com ENDSWITH ameritech.net CONTAINS @att. CONTAINS .att. CONTAINS earthlink. CONTAINS netscape. ENDSWIDTH .aol.com Bill - Original Message - From: "Dan Patnode" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, June 28, 2003 6:49 PM Subject: [Declude.JunkMail] International SpamDomains I have an uncaught spam with an interesting profile: HELO: x-stream.co.za RDNS: m48.net81-66-160.noos.fr FROM: arcticstock.no I'm wondering about a SpamDomains config that looks for mismatches in domains other than com/net/org. It would go beyond individual domains and nail whole countries at a time. With ENDWITH, the entries would look like .za .fr .no But SpamDomains only does CONTAINS, making the likelyhood of mismatch FPs to high (image if the address was [EMAIL PROTECTED]). Is there a way to do this that I'm missing? Dan --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] time-dependently hold weight
Okay, here is a small contribution to the list. Markus, this script:
grep "Total weight =" m:\imail\spool\spam\log\dec0628.log | gawk "{print $2,
$NF}" > log0628.txt
will output a file called log0628.txt in the following space delimited
format (snip):
16:35:17 64
16:35:29 78
16:35:39 0
16:36:10 1
16:36:35 69
16:36:39 -13
16:36:50 90
16:36:51 37
16:36:55 74
As Markus noted, the UNIX utilities needed for to run these scripts can be
found at: http://unxutils.sourceforge.net/ There is no installation, just
simply extract the files contained in the zip file into a directory and
you're all set.
Here are a couple of additional scripts to get you thinking about the power
of these utilities, which hopefully people will share with the list as they
develop their own scripts. The following script will list all of your
Declude tests and show how many messages were flagged by the test:
egrep "Message OK|Msg failed" m:\imail\spool\spam\log\dec0615.log | gawk
"{print $6}" | sort | uniq -c | sort -rn
This will output a report like the following, in less than 30 seconds (if
any of you have run some of the other JunkMail log reporting tools, you will
find this quite extraordinary in comparison to the hours it takes to run
reports with these other reporting tools):
9870 SPAMCHECK
8827 NOLEGITCONTENT
8082 IPNOTINMX
7728 SM-SPAM-L1
7466 SM-SPAM-L2
7154 SPAMSNIFFER
6793 WEIGHT36->
6541 SM-SPAM-L3
5749 REYNOLDS
5698 HEADERS-FILTER
5058 EASYNET-DNSBL
4867 SM-SPAM-L4
3932 SUBJECT-FILTER
3762 BODY-FILTER
3610 OSSRC
2973 SPAMHAUS
2902 OK
2827 SPAMCOP
2759 NJABL
2605 OSSOFT
2497 SM-SPAM-L5
2480 INTERSIL
1807 NOMOREFUNN
1486 VOX
1420 BLARSBL
1300 FIVETEN-SRC
1290 MAILFROM-FILTER
1203 NOABUSE
1188 NOPOSTMASTER
1077 HELO-FILTER
1070 REVDNS
1010 DSBL
952 SORBS
919 EASYNET-PROXIES
783 DSN
726 MONKEYPROXIES
689 BADHEADERS
680 HEURISTICS
680 HELOBOGUS
651 WEIGHT16-35
642 REVDNS-FILTER
422 SPAMBAG
416 BLITZEDALL
397 SPAMDOMAINS
391 LONGSUBJECT
356 ROUTING
306 OSPROXY
306 FIVETEN-OPTIN
300 COMMENTS
294 IPWHOIS
267 SUBJECTSPACES
247 UCEB
228 SM-ADULT-L1
221 SM-ADULT-L2
217 SM-ADULT-L3
210 BASE64
182 SM-ADULT-L4
178 LEADMON
149 SM-ADULT-L5
140 MAILFROM
114 BH-CHINA
97 FABEL
71 KOREA-NETS
71 KITHRUP
71 BH-KOREA
68 BONDEDSENDER
62 EASYNET-DYNA
55 DSBL-MULTI
54 SPAMHEADERS
53 PIGS
52 OSRELAY
51 ORDB
44 BH-JAPAN
34 OSDIPS
32 BH-ARGENTINA
29 BH-RUSSIA
27 BH-BRAZIL
18 BH-TAIWAN
18 BH-HONGKONG
16 KUNDENSERVER
14 BH-THAILAND
10 DNSRBL-DUN
8 EXSILIA-SPAM
7 FIVETEN-MULTI
4 NONENGLISH
3 REMOTEIP-FILTER
3 BH-MALAYSIA
1 OSLIST
1 BH-SINGAPORE
The following script will allow you to view the subject line of all messages
flagged by whatever test you define in the script (in this case I used
"SORBS"), and will sort them by count:
egrep "Msg failed SORBS|Subject:" m:\imail\spool\spam\log\dec0617.log |
grep -A 1 SORBS | grep Subject | cut -b 39- | sort -f | uniq -ic | sort -rfn
The output looks like (snip):
10 Subject: You want a bigger one?
9 Subject: Is your manhood too small?
9 Subject: CheapTrips Airfares: Best Price Guaranteed
8 Subject: prevent stretch marks during pregnancy
8 Subject: Baby Boomers to GenX dhj k
8 Subject: ##Low Income Funding Program vyig
8 Subject: ##Low Income Funding Program h ymuviwtx uggldu
7 Subject: View Photos Of Sexy Singles In Your Area
7 Subject: SUCCESS... dizaa
7 Subject: rsvp-feel better guaranteed
7 Subject: Earn $500 a Week Easily !
6 Subject: Increase your Penis by 2 to 5 full inches in Weeks.
6 Subject: Earn $2000 Weekly Easily!
5 Subject: good news - accelerates recovery from athletic injury
5 Subject: Bargain Shoes
5 Subject: >#Government Loan Program### ryb o q
These scripts have to run all on one line, with no carriage returns, in
order to work properly. Also, you will need to run these scripts from the
directory that you have extracted the UNIX utilities to. This is because
some of the files have the same name as Windows utilities, like "sort" for
example.
Speaking of "sort", which is used is a couple of these scripts, there
appears to be about a 2mb size limitation on the content you are trying to
sort. It will only be an issue if you log files are around 25mb or larger,
since the script is trying to sort on the output of the first grep command.
I have sent an e-mail to the developer asking him about this size
limitation, since there appears to be no size limitation on our Linux
machines, where I can run the same script on any size log file.
Have fun!
Bill
- Original Message -
From: "Markus Gufler" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]
[Declude.JunkMail] International SpamDomains
I have an uncaught spam with an interesting profile: HELO: x-stream.co.za RDNS: m48.net81-66-160.noos.fr FROM: arcticstock.no I'm wondering about a SpamDomains config that looks for mismatches in domains other than com/net/org. It would go beyond individual domains and nail whole countries at a time. With ENDWITH, the entries would look like .za .fr .no But SpamDomains only does CONTAINS, making the likelyhood of mismatch FPs to high (image if the address was [EMAIL PROTECTED]). Is there a way to do this that I'm missing? Dan --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Incredimail
We use Imail's domain processing rules to delete any "Incredimail" and use our Sonicwall's (firewall) to block users access to these type web sites We had problems because incredimail integration into outlook -Christopher -- Original Message -- From: Rich <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] Date: Sat, 28 Jun 2003 10:31:23 -0700 >Is anyone blocking these content rich "fun" E-mails? I've had customers >using the program have a raft of problems, the latest seems to be ISP's >bouncing the Email based on the incredimail tag in the headers. > >-- >Rich Griebel >[EMAIL PROTECTED] >http://www.kendra.com >Scanned for Viruses using Declude and F-Prot > > >--- >[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] > >--- >This E-mail came from the Declude.JunkMail mailing list. To >unsubscribe, just send an E-mail to [EMAIL PROTECTED], and >type "unsubscribe Declude.JunkMail". The archives can be found >at http://www.mail-archive.com. > --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] Mail Client with Redirect Command
Eudora Kerry [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Madscientist Sent: Saturday, June 28, 2003 8:03 AM To: [EMAIL PROTECTED] Subject: Re: [Declude.JunkMail] Mail Client with Redirect Command At 07:27 PM 6/27/2003 -0400, you wrote: Can anyone out there recommend a Windows based email client that supports the redirect command ?? I believe The Bat! does that. _M
RE: [Declude.JunkMail] Unknown Folder
I hope it's because of F-Prot! I noticed these too, but we have maybe 10 or so right now. If anyone knows what they're for or if they can be deleted, I'd be interested.. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of R. Scott Perry Sent: Saturday, June 28, 2003 3:03 PM To: [EMAIL PROTECTED] Subject: Re: [Declude.JunkMail] Unknown Folder >In my spool folder this morning are a bunch of ".vir" folders with >1_1.exe in them. I have not encountered these before. >What are they? The \IMail\spool\*.vir directories are temporary directories that Declude Virus uses to scan attachments. It is normal to see those directories come and go; if they remain for more than 2 hours, then there was a problem with the scanning (the log file would have more details). It is safe to delete those directories if they are more than 2 hours old. -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers. Declude Virus: Catches known viruses and is the leader in mailserver vulnerability detection. Find out what you have been missing: Ask for a free 30-day evaluation. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Unknown Folder
In my spool folder this morning are a bunch of ".vir" folders with 1_1.exe in them. I have not encountered these before. What are they? The \IMail\spool\*.vir directories are temporary directories that Declude Virus uses to scan attachments. It is normal to see those directories come and go; if they remain for more than 2 hours, then there was a problem with the scanning (the log file would have more details). It is safe to delete those directories if they are more than 2 hours old. -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers. Declude Virus: Catches known viruses and is the leader in mailserver vulnerability detection. Find out what you have been missing: Ask for a free 30-day evaluation. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Incredimail
At 10:31 AM 6/28/2003 -0700, you wrote: Is anyone blocking these content rich "fun" E-mails? I've had customers using the program have a raft of problems, the latest seems to be ISP's bouncing the Email based on the incredimail tag in the headers. We had some early rules show up due to spam from incredimail and done using incredimail. We quickly had to abandon those rules due to false positive reports. It was very short lived. (sigh) _M --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
[Declude.JunkMail] Incredimail
Is anyone blocking these content rich "fun" E-mails? I've had customers using the program have a raft of problems, the latest seems to be ISP's bouncing the Email based on the incredimail tag in the headers. -- Rich Griebel [EMAIL PROTECTED] http://www.kendra.com Scanned for Viruses using Declude and F-Prot --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
[Declude.JunkMail] Unknown Folder
In my spool folder this morning are a bunch of ".vir" folders with 1_1.exe in them. I have not encountered these before. What are they? Thanks, Doug McKee --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] OT: National Do Not Call Registry
This link no longer works, but a quick google search for the filename yields these two slightly different WAVs. http://f4.grp.yahoofs.com/v1/cK39PtNOsYVIbxCrnPdbW_djeMcyYJ0pga_cTmTL7Y1y1DK eWX4b5zU9KZ_pgBbtv8d-1Va-sAtMLkA_/Sounds/errorbeeps1.wav http://bruessel.ws/ftp/pub/sed/errorbeeps1.wav Darin. - Original Message - From: "Dan Patnode" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, June 28, 2003 3:10 AM Subject: Re: [Declude.JunkMail] OT: National Do Not Call Registry If you want a technological solution, put these tones on your answering machine: http://www.scn.org/~bk269/errorbeeps1.wav The automated calling systems will log your number as being disconnected (only one of the three is needed, I forget which) and not call you back. But yes, your cynicism is well founded, with so many powerful special interests, its tough for the normal interests to have a say. Reminds me of how the soda companies lobby for government subsidies for corn so they can pay less for corn syrup. Dan On Friday, June 27, 2003 19:06, Todd Holt <[EMAIL PROTECTED]> wrote: >When will the government listen to the "will of the people" and just >outlaw spam and tele-marketing (with severe enough penalties to >deter)? > >Ooops. I'm sorry. I had brain fart. > >I wasn't thinking that the lobbyists for keeping spam and tele-marketing >around have deeper pockets than the poor users. Combined with the >golden rule of capitalism: "He who has the gold makes the rules.", >results in what we have today. > >I think that the do not call list will result in a new call list worth >$$MM. > >Todd Holt >Xidix Technologies, Inc >Las Vegas, NV USA >www.xidix.com > > >> -Original Message- >> From: [EMAIL PROTECTED] [mailto:Declude.JunkMail- >> [EMAIL PROTECTED] On Behalf Of Dan Patnode >> Sent: Friday, June 27, 2003 6:37 PM >> To: [EMAIL PROTECTED] >> Subject: Re: [Declude.JunkMail] OT: National Do Not Call Registry >> >> More info and stats: >> >> >> http://www.bankrate.com/brm/news/advice/20030627a1.asp >> >> The Federal Trade Commission says more than 1,000 people per second >are >> trying to register either online or by phone. >> >> In an ironic twist, a technology consulting firm discovered that spam >> filters, specifically Yahoo's and perhaps others, are blocking many of >the >> confirmation e-mails consumers are supposed to receive to complete >their >> online registration. >> >> >> >> >> >> >> On Friday, June 27, 2003 12:49, Dan Patnode <[EMAIL PROTECTED]> wrote: >> >Stops the telemarketers (with some exceptions), debuted this >> >morning: >> > >> >http://donotcall.gov/ >> > >> > >> > >> >More junk stopping info: >> > >> >http://www.obviously.com/junkmail/ >> > >> >--- >> >[This E-mail was scanned for viruses by Declude Virus >> >(http://www.declude.com)] >> > >> >--- >> >This E-mail came from the Declude.JunkMail mailing list. To >> >unsubscribe, just send an E-mail to [EMAIL PROTECTED], and >> >type "unsubscribe Declude.JunkMail". The archives can be found >> >at http://www.mail-archive.com. >> > >> >> --- >> [This E-mail was scanned for viruses by Declude Virus >> (http://www.declude.com)] >> >> --- >> This E-mail came from the Declude.JunkMail mailing list. To >> unsubscribe, just send an E-mail to [EMAIL PROTECTED], and >> type "unsubscribe Declude.JunkMail". The archives can be found >> at http://www.mail-archive.com. >> --- >> [This E-mail scanned for viruses by Declude Virus >> (http://www.declude.com)] > > >--- >[This E-mail scanned for viruses by Declude Virus >(http://www.declude.com)] > > >--- >[This E-mail was scanned for viruses by Declude Virus >(http://www.declude.com)] > >--- >This E-mail came from the Declude.JunkMail mailing list. To >unsubscribe, just send an E-mail to [EMAIL PROTECTED], and >type "unsubscribe Declude.JunkMail". The archives can be found >at http://www.mail-archive.com. > --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. __ [This E-mail virus scanned by ACS Hosting] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Mail Client with Redirect Command
At 07:27 PM 6/27/2003 -0400, you wrote: Can anyone out there recommend a Windows based email client that supports the redirect command ?? I believe The Bat! does that. _M
RE: [Declude.JunkMail] time-dependently hold weight
> I've considered this a few times, every time I prepare to > suggest it I remember what happened with my idea to test for > long subjects, there just isn't enough uniformity. Well. Maybe my idea is expressed from "the wrong side". Watching the diagram I can also simply fathom that my current hold weight is a little bit too low. After adding some new SpamChk tests (we are currently testing) and some new RBL-lists, the average value has increased a little bit. So the only thing I have to do is to increase slightly the hold weight (or decrease the points for every single test) Remains the fact, that only 13% of our FP's whas recieved out of business time. If there is some way to detect the senders local current time or timezone this for sure will help again to reduce false positives or false negatives using a "time-dependently hold weight" > BTW, the graph is amazing, how is it made? Hmmm, it's not an "out of the box" tool, but maybe someone can develop it. I think it should be very easy but at the moment I'm not familiar with any RAD tool... So here the steps what I've done: 1.) grep all lines from the declude logfile containing "Total weight =" Grep.exe is part of the unixtools what you can find on http://unxutils.sourceforge.net/ Don't fear to "install" this tools. You can also simply extract the zip-archive. C:\imail\spool\grep -U "Total weight =" dec0624.log > c:\imail\spool\tw0624.log This will create a new file tw0624.log in the spool folder containing only the lines with the total weight of any message processed by declude junkmail. Note: You need at least loglevel MID to see the "Total weight" lines in the logfile. 2.) Now I've "elaborated" my tw-file In the following original line 06/21/2003 00:01:42 Q843b181400780c01 HELOBOGUS:19 . Total weight = 19 a.) delete the date "06/21/2003 " 00:01:42 Q843b181400780c01 HELOBOGUS:19 . Total weight = 19 b.) replace the " Q" after the time with ";" 00:01:42;843b181400780c01 HELOBOGUS:19 . Total weight = 19 c.) replace the "Total weight = " with ";" 00:01:42;843b181400780c01 HELOBOGUS:19 . ;19 3.) Now you have a CSV file with the time in the first and the weight in the third column. You can import this for example into MS Excel 4.) To "decode" the HH:MM:SS time format in something usable for a diagramm I've used the following formula: C1 = (HOUR(A1)*3600)+(MINUTE(A1)*60)+SECONDS(A1) This will give you in cell C1 the timecode in seconds 5.) Now you can play around with different diagrams, ... For example you can also sort all rows by the weight to create a graph like them attached to this message. This will show you if you have done a good job configuring the tests so that in the critical zone between 80 and 120% of your hold weight there are minimal messages. (high slope) I know looks like a lot of work, but it's done in few minutes and will give you a great view what's going on on your junkmail filter. All of this steps can be automizzed, if someone has time and knowledge to create a small reporting tool... Markus <>
RE: [Declude.JunkMail] time-dependently hold weight
> Go to sleep Markus. It has been too long of a week to think. Was it really 2:15AM GMT+1 when I sent this message? ;-) Have a nice weekend! Markus --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Getting Ready to Activate SPAMDOMAINS
Strategy: 1) Create a list (or start with Bill's excellent list) with a small weight, say half of what you use for open relay databases. 2) Increase the weight gradually until you start getting FPs, then back it down a bit 3) Create a second list/test, I call "SpamierDomains". When an uncaught spam failed the first SpamDomains list but didn't have enough weight, add it to Spamier. Don't add domains to this 2nd file that are commonly used out of place like hotmail and yahoo. This might look like this: SpamDomains spamdomains d:\IMail\Declude\SpamDomains.txtx 4 0 SpamierDomains spamdomains d:\imail\declude\SpamierDomains.txt x 1 0 Once you're this far, come back with follow-up questions. Dan On Friday, June 27, 2003 13:59, Dan Geiser <[EMAIL PROTECTED]> wrote: >Hi, Again, >Would anyone care to comment on my original posting? If my questions are >too simple or complex or some place in between or my message is too long or >the questions themselves just don't have an answer then please let me know >and I'll try and proceed with my current knowledge base. > >Thanks, Much! >Dan Geiser <[EMAIL PROTECTED]> > >- Original Message - >From: "Dan Geiser" <[EMAIL PROTECTED]> >To: "Declude JunkMail" <[EMAIL PROTECTED]> >Sent: Wednesday, June 25, 2003 5:02 PM >Subject: [Declude.JunkMail] Getting Ready to Activate >SPAMDOMAINS > > >> Hello, All, >> I'm getting ready to put SPAMDOMAINS in place on my installation of >Declude >> JunkMail Pro. Before I flip the switch I had a few questions which I was >> hoping that those who are currently using SPAMDOMAINS could answer... >> >> 1) Increase message "weight" or HOLD? >> >> I realize that there are 2 ways, possibly more, that I can actually do >> something to a message when it's recognized by SPAMDOMAINS. One is to >> increase the weight by a certain amount, e.g. 20 points, until I'm pretty >> sure it will fall over my "hold weight". Another way to do it would just >to >> HOLD on failure of the SPAMDOMAINS out right. My tendency is to want to >> just increase the weight somewhat to fall in line with the standard way of >> doing things, i.e. not HOLDing on any one test, but because I've read on >> this list that Kami is currently HOLDing I thought maybe that was viable >as >> well. Perhaps I can start out with a weight increase and then move to >HOLD >> later on? >> >> Regardless, for those of you who currently have SPAMDOMAINS implemented >I'm >> looking for some feedback as to which way you feel it is best to go. If >you >> fall in the camp who thinks just increasing the weight should be >sufficient >> could you recommend a good point value to increase it by? I'm still using >> all of the default point values that come with GLOBAL.CFG if that helps. >> >> 2) Start out with one entry in SPAMDOMAINS >> >> Since I've seen lots of domains bandied about which fit the SPAMDOMAINS >bill >> I was thinking of maybe just starting out with one domain, Hotmail.com, to >> ease in to how all of this works. Can someone provide me with the entries >> for "spamdomains.txt" given the current wisdom on Hotmail.com? >> >> 3) What triggers additional entries to "spamdomains.txt"? >> >> For those who are currently running SPAMDOMAINS, what occurence in your >> "spam tuning" process triggers the addition of a new entry to >> "spamdomains.txt"? Is it just seeing the headers of an obvious spam which >> makes it through the current filters or are you actively seeking out new >> potential SPAMDOMAINS all of the time, by searching the HELD queue, etc? >> >> 4) Maintaining One Master "SPAMDOMAINS" List >> >> I've seen discussion on here about someone perhaps maintaing one master >list >> of all of the SPAMDOMAINS. Is that currently happening? If so, where can >I >> obtain the official list? If not, is that plan still in the works? >> >> 5) Actual Entries to Enable SPAMDOMAINS >> >> Just for review I want to make sure I'm planning on implementing it >> properly. >> >> 5a) Add an entry to GLOBAL.CFG which looks something like the following... >> >> SPAMDOMAINS spamdomains D:\iMail\declude\JunkMail.SpamDomains.txt x 0 0 >> >> If I want to increase the points which SPAMDOMAINS adds to the total >weight >> then I would increase the number in the 5th column (2nd to last column). >> >> 5b) Create a file called "JunkMail.SpamDomains.txt" (without the quotes) >and >> add the entry... >> >> hotmail.com >> >> If I want I can also add aliases for servers that the Hotmail.com domain >> might pass through like MSN.COM, etc. >> >> 5c) Add an entry in the $default$.junkmail file which looks something >> like... >> >> SPAMDOMAINSWARN >> >> or if I want to actually block for all mail which fails the SPAMDOMAINS >test >> I can put... >> >> SPAMDOMAINSHOLD >> >> Thanks In Advance For Any and All Feedback! >> >> Take Care, >> Dan [EMAIL PROTECTED] >> >> >> This E-
Re: [Declude.JunkMail] OT: National Do Not Call Registry
If you want a technological solution, put these tones on your answering machine: http://www.scn.org/~bk269/errorbeeps1.wav The automated calling systems will log your number as being disconnected (only one of the three is needed, I forget which) and not call you back. But yes, your cynicism is well founded, with so many powerful special interests, its tough for the normal interests to have a say. Reminds me of how the soda companies lobby for government subsidies for corn so they can pay less for corn syrup. Dan On Friday, June 27, 2003 19:06, Todd Holt <[EMAIL PROTECTED]> wrote: >When will the government listen to the "will of the people" and just >outlaw spam and tele-marketing (with severe enough penalties to >deter)? > >Ooops. I'm sorry. I had brain fart. > >I wasn't thinking that the lobbyists for keeping spam and tele-marketing >around have deeper pockets than the poor users. Combined with the >golden rule of capitalism: "He who has the gold makes the rules.", >results in what we have today. > >I think that the do not call list will result in a new call list worth >$$MM. > >Todd Holt >Xidix Technologies, Inc >Las Vegas, NV USA >www.xidix.com > > >> -Original Message- >> From: [EMAIL PROTECTED] [mailto:Declude.JunkMail- >> [EMAIL PROTECTED] On Behalf Of Dan Patnode >> Sent: Friday, June 27, 2003 6:37 PM >> To: [EMAIL PROTECTED] >> Subject: Re: [Declude.JunkMail] OT: National Do Not Call Registry >> >> More info and stats: >> >> >> http://www.bankrate.com/brm/news/advice/20030627a1.asp >> >> The Federal Trade Commission says more than 1,000 people per second >are >> trying to register either online or by phone. >> >> In an ironic twist, a technology consulting firm discovered that spam >> filters, specifically Yahoo's and perhaps others, are blocking many of >the >> confirmation e-mails consumers are supposed to receive to complete >their >> online registration. >> >> >> >> >> >> >> On Friday, June 27, 2003 12:49, Dan Patnode <[EMAIL PROTECTED]> wrote: >> >Stops the telemarketers (with some exceptions), debuted this >> >morning: >> > >> >http://donotcall.gov/ >> > >> > >> > >> >More junk stopping info: >> > >> >http://www.obviously.com/junkmail/ >> > >> >--- >> >[This E-mail was scanned for viruses by Declude Virus >> >(http://www.declude.com)] >> > >> >--- >> >This E-mail came from the Declude.JunkMail mailing list. To >> >unsubscribe, just send an E-mail to [EMAIL PROTECTED], and >> >type "unsubscribe Declude.JunkMail". The archives can be found >> >at http://www.mail-archive.com. >> > >> >> --- >> [This E-mail was scanned for viruses by Declude Virus >> (http://www.declude.com)] >> >> --- >> This E-mail came from the Declude.JunkMail mailing list. To >> unsubscribe, just send an E-mail to [EMAIL PROTECTED], and >> type "unsubscribe Declude.JunkMail". The archives can be found >> at http://www.mail-archive.com. >> --- >> [This E-mail scanned for viruses by Declude Virus >> (http://www.declude.com)] > > >--- >[This E-mail scanned for viruses by Declude Virus >(http://www.declude.com)] > > >--- >[This E-mail was scanned for viruses by Declude Virus >(http://www.declude.com)] > >--- >This E-mail came from the Declude.JunkMail mailing list. To >unsubscribe, just send an E-mail to [EMAIL PROTECTED], and >type "unsubscribe Declude.JunkMail". The archives can be found >at http://www.mail-archive.com. > --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
