I apologize in advance if the questions I'm about to pose to your are
simple.
No need to apologize -- simple questions are easier for me to answer. :)
> What makes this tricky is that the headers do not include the list of
> recipients. For that, you would need to check the IMail SMTP log file
> (looking for the "RCPT TO:" lines). The "To:" header is sometimes
> different than the actual recipient list.
Since the message passed through on the 17th, is the IMail SMTP Log File
that I'm supposed to be looking at located at D:\iMail\spool\log0617.txt?
Correct.
I know very little about IMail and had nothing to do with it's installation on
the server.
http://www.declude.com/info/logs.htm may help out a bit with the log files.
PERCENT HOLD
I had no idea this was in the global.cfg. It must have been a default or
something because I didn't set it up.
That is correct -- "PERCENT HOLD" is a default setting (it catches spammers
trying to relay using an outdated relaying method that should not be used
anymore).
Knowing that is there, though explains a lot. If you look back at the
original message you can see that
the recipient e-mail address does have a '%' in the username.
So I guess my question is this, should DJM be HOLDing on this test? I've
never seen it come up before.
Most people find that it should be. In this case, the address
"Melinda_Long/[EMAIL PROTECTED]" uses an outdated routing
scheme. Assuming that you can't get the chase.com people to fix this, you
would need to turn off the PERCENT test (unless you were willing to
whitelist all E-mail to this user, and any others using this format).
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers.
Declude Virus: Catches known viruses and is the leader in mailserver
vulnerability detection.
Find out what you have been missing: Ask for a free 30-day evaluation.
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.JunkMail". The archives can be found
at http://www.mail-archive.com.