Title: Message
Scott:
Hope all is
well.
The global.cfg
has:
AUTOWHITELIST
ONPREWHITELIST ONWHITELIST AUTH
I thought with
Whitelist auth the users that authenticate will have their emails
whitelisted. In this case one user's email to another user (within the
same organization) has been
Josh is right. Declude doesn't like seeing IP addresses in Message ID
headers.
Just to clarify, there were two problems with this E-mail:
[1] The Message-ID: header wasn't present when the E-mail was sent (it was
added by IMail after the E-mail was received). This caused the E-mail to
fail
The global.cfg has:
AUTOWHITELIST ON
PREWHITELIST ON
WHITELIST AUTH
I thought with Whitelist auth the users that authenticate will have their
emails whitelisted.
That is correct. Are you using IMail v8 and the latest interim release of
Declude?
In this case one user's email to another
Hi;
I am using:
X-Note: This E-mail was scanned filtered by Declude [1.75i6] for SPAM
virus.
Is that the last release? I will download again to make sure.
They are going through Outlook and they have to do SMTP authorization-
otherwise they won't be able to send.
I will double check..
Thanks a bunch for the clarification. It's just unfortunate that
programs that make the mistake of using an IP as a hostname and not
including a message ID end up failing so many important tests. I
recently been seeing about 2 different senders each week that will FP
for this reason (but no
Matt,
Do you have an updated version of your tests.
Thanks.
Fred
- Original Message -
From: Matthew Bramble [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, September 18, 2003 9:27 AM
Subject: Re: [Declude.JunkMail] Bad header question
Thanks a bunch for the clarification.
The hosting business I run deals mainly with business and I have no dial up
or dsl customers that use my services. Saying this it means we get a lot of
internal mail going between clients. Is there a way to ensure that e-mails
sent from an address (say statustechnologies to statustechnologies)
Hi
Who has had any luck in trapping spam written in a foreign language. I
seem to be getting what appears to be spam from what appear to be
written in Russian and I have no clue has to how to stop the messages.
This is the latest that I have received.
, ,
.
2000 . 00 .
:
My program MATCH might help. It looks at the To address and the From
address, and they are both listed in the respective text files, it returns a
fail which you could then weight at say -100.
John Tolmachoff MCSE CSSA
Engineer/Consultant
eServices For You
www.eservicesforyou.com
-Original
Matthew,
A few of us on the Declude list have been discussing offline a way to
exchange anti-spam tricks and blacklists without risk of spammers listening
in. A few also have some spam detection ideas that they would like to
discuss.
So far those interested are the following:
Colbeck,
Local to local does not require authentication.
If you look at the logs or the Q file, I bet Imail treats it as such and
either does not add the authentication line to the Q file.
John Tolmachoff MCSE CSSA
Engineer/Consultant
eServices For You
www.eservicesforyou.com
-Original Message-
Well, I guess since I accidentally and stupidly sent this to the whole
Declude group, I would extend the invitation to anyone in this group.
Please contact me privately off this list. (Unlike I just did.)
This is a group that's not intended to exclude anyone except spammers, so
don't feel left
Thursday, September 18, 2003, 11:52:51 AM, you wrote:
KA Colbeck, Andrew
KA John Tolmachoff
KA Markus Gufler
KA Kami Razvan
KA Are you interested in joining the group? If so, I'll add your email to the
KA initial discussion group, and once we form the private list, we can start
KA
You might want to add underscores, I use underscores as my seperator,
and I doubt I am the only ISP to do so. Also, why did you start the list
at 30? I know that it I very unlikely for a residential IP to be all
numbers under 30, but why 30? And finally, what about those that pad
with zero's?
http://homepages.tesco.net./~J.deBoynePollard/FGA/verisign-internet-coup.html
Sheldon
Sheldon Koehler, Owner/Partnerhttp://www.tenforward.com
Ten Forward Communications 360-457-9023
Nationwide access, neighborhood support!
Whenever you find yourself on the side of the
Could you send the full headers of one of the E-mails? The actual foreign
language content isn't as important as what appears in the headers.
Here's a whole message.
This one should be caught by the NONENGLISH test, due to all the high-bit
characters in the subject.
Who has had any luck in trapping spam written in a foreign language. I
seem to be getting what appears to be spam from what appear to be
written in Russian and I have no clue has to how to stop the messages.
Could you send the full headers of one of the E-mails? The actual foreign
language
Just another example of what happens when basic infrastructure is
privatized! I'm not a bleeding heart liberal proponent of government
controlling everything, but I do believe that certain infrastructure
components need to be controlled by a disinterested third party (or less
interested) that can
And here's a nasty Babelfish translation:
Is for sure for you necessary angliiskiy language in the work or in the
contact on leisure. It occurs, to learn foreign language is possible very
easily and it is rapid! For this it suffices to only use our special
procedure! You ring, contact telephone
I don't know anyone that doesn't think Verisign's move is an extremely bad
one for everyone except them.
I'm not sure whether to complain or to buy Verisign stock.
Tell me the lawyers won't have a field day with that.
Todd Holt
Xidix Technologies, Inc
Las Vegas, NV USA
www.xidix.com
- Original Message -
From: R. Scott Perry [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, September 18, 2003 11:53 AM
Subject: RE: [IMail Forum] thank you, thank you, Verisign!! and BIND9 Veri
sign-rape patch
If you are using Declude JunkMail, you can either add similar tests
Scott, I saw this posted to the IMail list, but have not seen anything
announced on the JunkMail list about this interim release. I have
downloaded v1.75i7, does this interim release mean I can remove all of the
following entries from my global.cfg file:
No. It only applies to the .com/.net
Scott,
If I add the new interim release, what does JM Pro do to an
email it finds with this trigger? Do I need to add anything to the
global.cfg file? Thanks for the aid.
Keith
-Original Message-
From: R. Scott Perry [mailto:[EMAIL PROTECTED]
Sent: Thursday, September 18, 2003
If I add the new interim release, what does JM Pro do to an
email it finds with this trigger? Do I need to add anything to the
global.cfg file? Thanks for the aid.
You don't need to do anything -- it just fixes the MAILFROM and HELOBOGUS
tests so that a non-existent .com/.net address
Here are the headers from this specific e-mail that I wrote about.
Subject: Êðàñíàÿ è ÷åðíàÿ èêðà...
The NONENGLISH test should catch this one.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers.
Declude Virus:
Scott
Here are the headers from this specific e-mail that I wrote about.
Received: from p3EE1C646.dip.t-dialin.net [62.225.198.70] by
northmail.northsails.com
(SMTPD32-7.15) id AD0521F00B4; Thu, 18 Sep 2003 11:19:33 -0400
Received: from hdetud1.tudelft.nl [181.149.98.38] by
We have just come out with an interim release (v1.75i8) that will detect
the wildcard A records from all TLDs that use them. This works
automatically with the MAILFROM and HELOBOGUS tests, without any
configuration changes needed.
However, the latest interim release includes an experimental
Where can I download the interim release?
Todd Holt
Xidix Technologies, Inc
Las Vegas, NV USA
www.xidix.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:Declude.JunkMail-
[EMAIL PROTECTED] On Behalf Of R. Scott Perry
Sent: Thursday, September 18, 2003 1:42 PM
To: [EMAIL
Where can I download the interim release?
You can download it from http://www.declude.com/release/175i/declude.exe .
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers.
Declude Virus: Catches known viruses and is
I haven't made use of the SpamDomains test yet, am
working on that now. I found a sd.txt file from Bill B. dated
5/30/2003. Does anybody have a newer list to share?
Glenn Z.
Charles,
Thanks for the tip. I'll probably search some of my spam files for hits
before adding this just to make sure it doesn't interfere with anything
and in order to see how common it is. I don't think adding extra lines
to something that only searches reverse DNS is that demanding on
Thanks a bunch for both new features. Are you planning on doing anything
in the future with the IP's that you are collecting, i.e. new
functionality like creating a blacklist? Or is this just being done to
facilitate that test?
We haven't decided for certain what we are going to do, but if
32 matches
Mail list logo