Yessir.
Limiting the number of logons over an interval would be
good. So would limiting the number of messages or recipients over an
interval, as Matt correctly pointed out.
Deriving passwords by brute force attempts has always been
out there, but an automated fashion for collecting the
You can read about or get your own version of the password
stealing app here:
http://www.nirsoft.net/utils/pspv.html
Andrew 8)
hijack will work, but it will be much better if it
works based on the authenticated user instead of ip
also we need to be able to set different
limits/categories for different users
declude, are listening?
- Original Message -
From:
Markus Gufler
To:
Yes we are listening
David B
www.declude.com
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Serge
Sent: Thursday, November 17, 2005 1:55 PM
To: Declude.JunkMail@declude.com
Subject: Re: [Declude.JunkMail] OT: another SOBERing though
hijack will
I was just thinking the same thing, that strictly going by
file name would not be best.
Well at least it would be ressource friendly.
Some thoughts:
Count attached file names but
1)ignore extensions like gif, jpg, pdf, ...
or alternatively look only for known risky extensions like zip,
It certainly does feel like deja vu all over
again!
Remember back in the old days when spammers meant bad guys
who bought valid AOL accounts and then threw them away after a spam
run?
To turn the topic to the other side, blocking incoming
spam, if AUTH based spamming becomes common,RBL
We are
all listening
Barry
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Colbeck,
AndrewSent: Thursday, November 17, 2005 2:14 PMTo:
Declude.JunkMail@declude.comSubject: RE: [Declude.JunkMail] OT:
another SOBERing though
It certainly does feel like deja vu all over
I have 7.11 :-(
And don't plan on upgrading...so the Whitelist AUTH is useless to me?
Richard Farris
Ethixs Online
1.270.247. Office
1.800.548.3877 Tech Support
Crossroads to a Cleaner Internet
- Original Message -
From: Darrell ([EMAIL PROTECTED]) [EMAIL PROTECTED]
To:
Yeahhhpp.
Darin.
- Original Message -
From: Richard Farris [EMAIL PROTECTED]
To: Declude.JunkMail@declude.com
Sent: Thursday, November 17, 2005 2:56 PM
Subject: Re: [Declude.JunkMail] WHITELIST AUTH
I have 7.11 :-(
And don't plan on upgrading...so the Whitelist AUTH is useless to me?
Barry,
There are a number of issues with Hijack that need to be addressed. If you
can't find the exchange between Scott and myself a couple of years ago, I'll
be happy to reconstruct it and send it on again. The major issue was the
bypassing of JunkMail processing of email which was
I have 7.11 :-(
And don't plan on upgrading...so the Whitelist AUTH is useless to me?
Richard Farris
Yes, that is correct. That is a new feature in imail 8+
I don't see it as that big of a benefit really. With combo filters, good
use of declude pro's content scanning (headers, body,
Travis,
My only wish is that we could setup the global.cfg file to fire the tests
in the order we choose.
This is on our development wishlist.
David B
www.declude.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Travis Sullivan
Sent: Thursday,
George,
Let's talk offline. I'll call you later.
Barry
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of george
Sent: Thursday, November 17, 2005 3:45 PM
To: Declude.JunkMail@declude.com
Subject: RE: [Declude.JunkMail] OT: another SOBERing though
Barry,
Travis,
My only wish is that we could setup the global.cfg file to fire the tests
in the order we choose.
This is on our development wishlist.
David B
www.declude.com
That is exactly why you guys are among the best company we have ever worked
with in our nearing 10 year history
oh..
not sure how using port 587 will solve
this
cant the spammers/virus writers eventualy use this
port
why would that be a long term solution
?
- Original Message -
From:
Matt
To: Declude.JunkMail@declude.com
Sent: Thursday, November 17, 2005 7:24
PM
Subject:
Serge, that's a misleading line of
reasoning.
Here's the thing:
Auth on port 587 is the right best practice for ISPs (and
some corporations) so that they can properly secure their MTA against misuse by
3rd parties, including worms on their client subnets.
It cuts off large swaths of
OK nothing really in the archives about Declude and Imail
2006 so Declude, willyou be ready for Imail 2006?
Thanks!
Tyler
From: Tyler Jensen [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 16, 2005 6:25 PMTo:
'Declude.JunkMail@declude.com'Subject: Imail 2006
standalone
Sorry if
Andrew
I understand the need for 587 auth
We are an ISP, and we have been blocking outbound
port 25 for years
Moving to port 587 auth only will be a major
undertaking, until all mail clients become auto-negotiating
It was already a long undertaking toforce all
our clients to smtp auth on
Declude does indeed have a copy of Imail
2006 Beta that they have been testing on.
John T
eServices For You
-Original Message-
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tyler Jensen
Sent: Thursday,
November 17, 2005 3:42 PM
To:
Serge,
The references to port 587 were mainly topics from past posts and not
directly what is being addressed here. It is related though by the
fact that raising the bar on spammers by blocking port 25 encourages
them to seek new ways to exploit their bots and progressing to AUTH
hacking is
Hijack works like this:
Outgoing e-mail is tracked by Hijack by
the IP address that Imail SMTP service received it from. Each time a message is
received from an IP, the count is increased by one and then the count is
compared to the HOLD1 and HOLD2 count numbers to see if it is equal
21 matches
Mail list logo
