I have a filter in the default file called
SUBJECTFILTER filter E:\Imail\Declude\Filters\Subjectfilter.txt x
21 0
Does this filter only match the entire phrase, or part of the phrase or both?
That depends on the lines within the subjectfilter.txt file. If they use
CONTAINS, then
And this only works in the Pro version, correct?
Yes, filters are only available in Declude JunkMail Pro.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers
since 2000.
Declude Virus: Ultra reliable virus
I want a filter for body
Such as BODYFILTER filter E:\Imail\Declude\Filters\bodyfilter.txt x 0
And I want it to find exact words
Can I use this filter
BODYFILTER filter E:\Imail\Declude\Filters\bodyfilter.txt
with
BODYFILTER 0 IS sex
No. The problem is that the body of the E-mail is
Yes. With the latest beta of Declude JunkMail and the latest version of
IMail, you can add a line WHITELIST AUTH to the
\IMail\Declude\global.cfg
file to automatically whitelist E-mail sent from authenticated users.
Sorry for asking for specifics, could you clarify the minimum versions
of
I see a fair amount of junkmail which doesn't fail the Countries Test but
the country is shown as ARIN Unlisted or Unknown. Is there a way to show
these results as failing the test and subsequently add points for the
junkmail filter??
The problem thing to do here is download the latest
I want to white list an email address for the users of a specific virtual
domain, but not for all virtual domains on the server.
For this, you would want to use the WHITELISTFILE option, that lets you
have whitelists that work for certain domains/users but not others.
- Each individual user has
When we download this file where do we put it?
It replaces the one in the \IMail\Declude directory.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers
since 2000.
Declude Virus: Ultra reliable virus detection and
I too have some IP's that come up with no country. Is there somewhere we
can go to verify where they belong?
You can go to http://www.DNSstuff.com and enter the IP in the IPWHOIS box
or Reverse DNS Lookup box, and it should show you the country.
82.47.137.183 s/b ?
This one should be in the
I don't currently have that file in my IMail\Declude directory. If we are
only running DJM Pro v1.75 will having this file do anything for us?
Only if you are using the experimental IP-Country functionality. If you
are not, there is no need to have that file.
Is the dns stuff page down? Just wondering
Not now. :)
Note that if you ever cannot get to http://www.dnsstuff.com you can use
http://backup.dnsstuff.com .
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers
Here is a Header to From a Yahoo Account and from my own email
Received: from 66.153.205.2 [66.153.205.9] by scooby.linkbrokers.com with
ESMTP
(SMTPD32-8.05) id A358A600F8; Mon, 22 Mar 2004 10:16:40 -0500
Message-Id: [EMAIL PROTECTED]
This portion is very, very strange. It indicates that
If I send a message that contains recipient addresses for both local
accounts (ex: someone CC's their boss) and external addresses (say a Hotmail
address) the external messages are processed through Declude and actions are
taken despite global.cfg actions being set to Log for outgoing messages.
I know that the MONKEYFORMMAIL and MONKEYPROXIES list are dead and
apparently has been for a while but we had a problem last Monday in that
hundreds of legitimate emails started getting caught with these lists. I
ve since disabled the tests in Junkmail. I saw that someone else had a
problem
For clients that find it critical to not have *any* inbound / outbound
scanning is there a way to ensure this never happens in a shared hosting
environment based on how SMTP works?
What you need to do in this case is whitelist the E-mail, which ensures
that it does not get caught.
For example,
Is it not possible (in anyway) for Declude to identify that an email
came from an authenticated user?
Yes. With the latest beta of Declude JunkMail and the latest version of
IMail, you can add a line WHITELIST AUTH to the \IMail\Declude\global.cfg
file to automatically whitelist E-mail sent
I know you are busy with viruses - but I can't figure THIS one out. I
have thousands of emails in the log file, where SORBS-DUHL is discovered,
logged and treated properly. But at least this ONE got through and I have
no explanation.
The issue here isn't that the test wasn't logged -- Declude
I am trying to test out the new HOUR test, I can't get it to work. Is this
the correct format in my global.cfg:
HOURhour23 6 5 0
Will this tag everything between 11 PM and 6 AM with a weight of 5 correct?
I am using Declude Junkmail Pro 1.78.
I believe
I have been testing allot of scenarios try to get a handle on a problem
where the subject line message just disapears from incoming mail when the
message is created from a Cold Fusion online newsletter editor.
Here is what I found out and how I fixed it.
#GIBBERISHfilter
Does JunkMail have difficulties performaing actions against messages
destined for aliases?
No.
We seem to be experiencing a large amount of Junk
getting through to users via Alias/list membership.
Note that if you are using per-domain or per-user settings, the address
that the alias points to
I looked at my $default$ and I did not have a line for
GIBBERISH WARN or ANTI-GIBBERISH WARN
Whould that have caused the problem and Do I need both of them there?
What matters is the action that appears in whatever config file that
Declude JunkMail is using. That could be the
In the spamattach.eml file, we are displaying the %HEADERS% but these do
not include the WARNing with the code, and when I open the email
attached and view the internet headers they're blank.
Anyway of being able to find out the BADHEADER codes etc?
Those should appear in the headers of the
Presently, the HOP and HOPHIGH parameters in my global.cfg are remarked
out. When I try to set HOP to 0, the overflow directory begins to fill up.
Any thoughts?
That's not good. If the HOP line isn't there, the source IP of E-mails
will not be scanned.
The overflow directory will fill up if
The DNS server appears to be working OK. There are times when our mail
server's CPU utilization is over 90%. It doesn't remain at that level for
extended periods, but it does reach this level which concerns me. Is it
possible that when I introduce the HOP scan within Declude, that the mail
server
My client says they are still have getting email spam filtered by JM when it
should be white listed. Here is what I have:
I can't see any problems here. I would recommend using the debug mode to
track this down. To use the debug mode, you can change the LOGLEVEL LOW
line in
From testing so far, it appears Declude won't rescan a message. I've
tried deleting the headers from the D* file before putting it back in
the queue to no avail. If I set the declude log level to HIGH I see
Passing to SMTP1 for that message ID, so it at least appears that
declude sees the
If you switch to fpcmd.exe (changing F-Prot.exe to fpcmd.exe in the
SCANFILE line in your \IMail\Declude\virus.cfg file, and removing
/NOFLOPPY from that line), it will take care of the problem. F-Prot.exe
is a 16-bit process, which needs to use NTVDM, whereas fpcmd.exe is a
32-bit process
Any ideas about why the process takes so long (~20-30 seconds per
message)?
Is your DNS server (the first one listed in the IMail SMTP settings)
working properly? That would be the normal cause of delays (assuming the
CPU isn't maxed out).
Is there anyway to add warning headers to email when they pass a whitelist
rule?
Unfortunately, I cannot think of any way to do that (although the
%TESTSFAILED% variable will return Whitelisted for E-mail that is
whitelisted).
I tried adding WHITELIST WARN, to the $default$.JunkMail file,
I just looked and it seems we have that line by default in the config
file, but whitelisted messages don t get the header you showed. Did you
do something in addition to that entry?
Are you running an old version of Declude JunkMail (v1.58 or earlier -- you
can type \IMail\Declude -diag from
I've never seen whitelisted in a header. I just made a simple
whitelist rule for testing, and it doesn't seem to add the header.
What does the header show if the E-mail is whitelisted?
-Scott
---
Declude JunkMail: The advanced anti-spam
Now, I'm confused as to what is generating the X-RBL warnings.
Those are generated by the WARN action. If an E-mail fails any spam test
that uses the WARN action, the X-RBL-Warning: header gets added.
I'm also confused about what the XINHEADER does.
It adds a customized header to all incoming
In the global.cfg file the two lines I've added for SPF are:
SPFPASS spf passx
-5 0
SPFFAIL spf failx
8 0
What I would like to know is what SPF responses fall under the SPFFAIL,
and SPFPASS
So if there is a match on:
~ softfail
This will result in UNKNOWN, per the original RFC spec.
+ pass
The will result in PASS.
? neutral
The will result in UNKNOWN, per the original RFC spec.
If there is a match on:
- fail (ie the -all)
It will be SPFFAIL
Correct.
Scott how about letting us decide what to do with each action.
What is we want to add a few points for neutral?
What is softfail?
Those are part of some changes to the original RFC spec -- we expect to add
support once the spec is *really* frozen.
Just trying to test the SPF rule on one of my domains, and set the SPF
record to -all (so that any email from that domain should be an SPFFAIL.
However my IP range is white listed so I can't test it.
Would it be possible for you to add an SPFPASS and SPFFAIL to your Test
Spam Sender
First, I should point out that RBL is a trademark of MAPS, and only refers
to their RBL spam test. PTR refers to DNS records that map an IP address
to a hostname. So DNSBL responses might make for a better subject.
Would adding the following in the global.cfg cause Declude any problems?
I get this error very frequently. Any Help on how to fix it. Fprot site
had no information I could find.
Running windows 2000 server
Application popup: 16 bit MS-DOS Subsystem : C:\scanner\FSI\F-prot\F-Prot.exe
X#=0D, CS=01CF IP=5703. The NTVDM CPU has encountered an unhandled
exception.
Why would the following headers not fail the test for spamcop
X-Declude-Sender: [EMAIL PROTECTED] [217.34.209.231]
X-Spam-Tests-Failed: AHBL, NOABUSE [8]
Unfortunately, Spamcop no longer gives out the details that they used
to. If the E-mail was sent within the past 39 hours, it should
We are currently looking to upgrade our mail server. Lately the
processing of the CPU has causing the SMTP to be working real slow,
causing a lot of timeouts. We currently we are running a P3 1.133GHz
with 512MB RAM. We are looking to upgrade to a dual processor.
How many E-mails do you
I have noticed that with the later interim release, the X-RBL-Warning lines
have changed to include the test number.
Can this be adjusted?
That's part of the latest interim release, to troubleshoot a specific
issue. It will be removed.
-Scott
We currently send and receive about 40,000 to 50,000 e-mails daily. The
processes that are taking up the most CPU are multiple instances of
declude.exe and NTVDM.exe.
NTVDM.exe is used for 16-bit processes, and can indeed cause some servers
to slow down to a crawl. Are you using F-Prot.exe
Did I miss something here? I created a whitelist for a client (we use DJ
Pro) by adding this line to their domain-specific $default$.junkmail file:
WHITELISTFILE D:\IMail\Declude\PaulsonCommodities\whitelist.txt
(I put it in right before their list of weighted tests).
Inside the whilte list
Is there anything that can test for e-mail size?
No, but that sounds like it may make for a good test. :)
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers
since 2000.
Declude Virus: Catches known viruses and
Thanks Scott. You're saying the whiltelist file needs a blank line at the
end? I didn't have one, but I just added one now.
All Windows text files should have one (it's Microsoft code that won't read
the last line). I don't know off-hand which files in Declude require one,
but it's best to
Are the Monkey definitely list no longer working then?
They definitely are not working anymore. They have been down since late
last year.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers
since 2000.
Declude
What is the best way to find lost/missing messages.
There's a very definitive process.
First, find the E-mail in the IMail SMTP log file, to see that it was
received. Look for the Q file name.
Then, search the Declude log file(s) for the Q file name minus the first
character and extension
NTVDM.exe is used for 16-bit processes, and can indeed cause some servers
to slow down to a crawl. Are you using F-Prot.exe with Declude Virus? If
so, you should switch to the 32-bit fpcmd.exe version.
We are using f-prot.exe with Declude Virus. How do we check to make
sure it is running in the
a customer uses Outlook 2003 and his mail fails the Spamheaders Test
421e.
Correct.
is this an known feature? ;)
Yes. Apparently, a small percentage of their customers complained that the
Message-ID: header included information they did not want others to
see. Instead of adding an option
FYI, there is a poll about SPF, DomainKeys and Caller-ID on the
winnetmag.com website. For those who support SPF, you may want to vote at
http://www.winnetmag.com/windowssecurity (the Instant Poll section on the
right side of the screen). Note that it is (unfortunately) listed as
Sender
First I'd heard about SPF. Sounds like a way forward!
On the SPF site is says SPF is supported by Declude, how can I begin to
check inbound emails for SPF?
Here's a copy of my original post. The latest beta version (1.78) and
recent interims have the SPF support.
---
For those that are
One more question, In the event we want to reject an email that fails
the SPF test for a SPF participating domain, is Declude able to reject
incoming emails before receiving the message body? IE terminate the SMTP
connection?
No. IMail doesn't have the ability to do that, either with or without
There are four, - fail, ~ softfail, + pass ? Neutral.
There are also:
error (if the DNS fails)
unknown (if the syntax is unrecognised)
none (if there is no SPF info)
How do these difference responses work? Apologies if these have already
been covered...
Those have apparently changed since the
Scott, is there a way of WHITELISTING a positive BONDEDSENDER? Like you
do with HABEAS?
You should be able to do that with the latest beta and a filter, using a
line TESTSFAILED WHITELIST CONTAINS BONDEDSENDER in your filter file.
-Scott
---
The only problem with this is that all 4 of these relayers will have its own
license code.
As a feature request, would it be possible to put the CODE line of the
global.cfg into its own file?
License.cfg or something?
Right now, I have to parse each global.cfg and write each servers file
uniquely
My Imail server is behind a firewall and I have a branch office email server
(left over from before we accuired them) that forwards mail to my server.
A lot of this forwarded mail is spam so I'm trying to get JunkMail Pro
configured
to use the proper IP for its DNSBL (RBL?) tests.
In this case,
I'm trying to collect data for a SPAM (pass and fail report), also I intend
to whitelist with exturnalplus from our database
In that case, I would recommend splitting it into two programs -- one that
interfaces with Declude JunkMail as an external test (and whitelists the
E-mail), and another
Is it possible to have a setting in GLOBAL.CFG for an external LOG
Something like:
my_logexternallog nonzero my_log %DECLUDEHEADERS%
No, but we will be looking into that.
You may also want to try LOGLEVEL HIGH to see if the information in there
is suitable.
Trying to get Junkmail started, but it doesn't check the blacklists. The
log shows WARNING: BOGUS DNS SERVER !
This was actually covered on the list a couple of weeks ago (see below). I
tried the advice Scott gave, but it didn't work. Mail is going out
normally. Need some more ideas!
Scott, could you please post or re-post the criteria for a
spamdomains entry. Probably my biggest issue is when their are multiple
entries for a domain.
In the spamdomains.txt file (or whatever you choose to name it), you need
lines that have either 1 or 2 entries on them. The first one
Yep that's there. I don't ever remember putting it in though. Does it come
with a default global.cfg file?
Yes, WHITELIST HABEAS came with the default global.cfg file for quite some
time. Since a spammer decided to risk getting sued by infringing on the
Habeas legal rights, we are
I am trying to understand why the headers have no indication of being
scanned by declude yet I do see an entry in the declude logs.
Anyone know of a reason?
The key here is the end of the headers:
X-AntiAbuse: Sender Address Domain -
MIME-Version: 1.0
Content-Type: multipart/alternative;
Is there a way to fix this or catch it as spam?
I am running declude 178i15 and imail 8.05HF1
Declude Virus should automatically block this, as it appears to contain a
mailserver AV vulnerability.
You might want to set up a filter in Declude JunkMail for custom logo in
the subject, which
Declude Virus should automatically block this, as it appears
to contain a mailserver AV vulnerability.
That is what I thought. Can you think of any reason why it did not catch
it?
What version of Declude are you running (\IMail\Declude -diag from a
command prompt will show you)?
Do you have
We are currently running Declude v1.75 with Declude JunkMail Status: PRO
version registered and Declude Virus Status: Standard Version Registered.
Our service agreement expired at the end of December 2003.
I am trying to figure out what the most recent Full Version, the most recent
Beta Version
After reading archives for the past two hours, I still do not understand
why this is happening. I completely removed BOUNCE from
$default$.junkmail and global.cfg. I changed it to delete.
Great!
As is evidenced by the lines below, WEIGHT40 is set to LOG and
WEIGHT50=IGNORE. But in my cfg
I AGREE with you 100% Where besides the global.cfg and the
$default$.junkmail could I have BOUNCE set up? I can't find it
anywhere.
You can use LOGLEVEL HIGH to see which config files Declude JunkMail is using.
-Scott
---
Declude JunkMail: The
I have gone into their domain $default$.junkmail file and added WEIGHT40
ROUTETO [EMAIL PROTECTED] domain .com.
I am of the opinion that this will send all mail with a weight of 40 or
higher (to WEIGHT 60 which is set to delete) that is sent to their
domain but will not send any other mail from
with what you said no messages will be deleted they will all use the
WEIGHT40 ROUTETO action.
If you use the ROUTETO and the DELETE at t higher weight the ROUTETO once
the email is routed it can not be delete
Actually, what happens with WEIGHT40 ROUTETO [EMAIL PROTECTED] and
WEIGHT60 DELETE is
Scott, I sent you my global.cfg, $default$.junkmail, and a debug log
snippet. Any updates on this issue where I have defined my tests with the
WARN action and Declude is instead using the IGNORE action?
We're working on it. We had another similar issue reported a month or so
ago, added code to
I downloaded it but still get the error. What next.
What version of Declude are you running (\IMail\Declude -diag from a
command prompt will show you)? It sounds like you may be running an older
version -- I believe you won't see that message with recent versions of
Declude JunkMail. The one
I've noticed the same thing. Is this caused by not having the test listed
in the Outbound Test section of the GLOBAL file, for JM Pro?
Declude JunkMail will use the IGNORE action if either [1] the config file
that is used for the recipient uses the IGNORE action, or [2] there is no
action
No that is not black listed.
Is the .@ against any standard.
No, that is a perfectly valid format. I can't explain why the Exchange
server would reject the E-mail, unless it was blacklisted for some reason.
-Scott
---
Declude JunkMail: The
Scott, can you think of any reason why the DNSBL RHSBL and a few other
tests are being logged with ignore?
Yes. Because the config file that is being used has the IGNORE action (or
doesn't have the tests listed).
They are being included in the
message weight, but it is preventing these failed
Yes. Because the config file that is being used has the IGNORE action (or
doesn't have the tests listed).
All tests are listed and, as I said, all tests are set to warn.
The best way to determine what is happening here is to use the debug mode.
To use the debug mode, you can change the
I have WEIGHT40 set to bounce in the global.cfg.
I know you're looking for an answer, but before I give it to you, can I ask
why you are using WEIGHT40 BOUNCE?
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers
Not because I want to, that's for sure. But I have my largest customer
who wants all mail to be sent back so the sender can see their email
didn't go through. They average 900 emails a day just from bounces!
The overhead caused by it is extremely detrimental but they pay the bill
like
Does this mean that I am running lookups on the wrong hop?
It sounds like it.
My mail server is ync.net
the sender's mail server is mail.webagency.net
from the headers:
Received: from SMTP32-FWD by ync.net (SMTP32) id A060810EB; Wed, 3 Mar
2004 08:04:18 -0600
Received: from mail.webagency.net
HOP 1
and I don't have any IPBYPASS, I have it commented out.
I also have HOPHIGH commented out.
You should change that to HOP 0 (with HOP 1, you're telling Declude
JunkMail that you will always have at least 1 mailserver in front of the
IMail server -- but since you do not, you
I'm using Declude with F-prot anti virus.
when F-prot and declude scan for viruses, does it clean the virus/message.
Or does it just delete the whole message?
It will either quarantine or delete the E-mail. It does not clean them
(since about 99% of all viruses are in virus-generated E-mails,
Is there a way for AntiSpam to block e-mails by file attachments? A lot of
viruses are going around with the .pif attachment I'd like to set the
AntiSpam up to block these from even coming in.
Until we find that spammers start using file attachments, we likely won't
add that to Declude
I downloaded and installed the interim version of Delcude, and added
'banext ezip' to the virus.cfg file, but an encryptedzip file still got
through. 'banext zip' wroks OK, though. I want to confirm that I've got
the right declude executable, but am having cranial flatulence trying to
Is it possible to hold mail, with the lite version,
based on the domain of the sender?
That would be a Sender Blacklist, which requires Declude JunkMail
Standard or Pro.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail
The cost to upgrade is the difference in $$ between versions, right?
ie: $246 to go from lite to std
Correct. You can do so at http://www.declude.com/purchase.htm .
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail
We have mcafee at our location. I understand that I can use declude virus
with it - but got some questions
1. which version of mcafee should I use? I have access to both the windows
Virus Scan Enterprise 7.1.0 and the dos based Version 4.3.20.
You can use any version of VirusScan (or NetShield)
Does anyone know why we would get this error from our exchange server after
delude processed the email and forwarded it.
xxx replaced the real email address.
All I think of it has a .@
03:03 03:59 SMTP-(04989AD1) MAIL FROM:[EMAIL PROTECTED]
03:03 03:59 SMTP-(04989AD1) 501 Invalid Address
03:03
If you type \IMail\Declude from a command prompt, it should show
1.78i9. If not, you aren't running the latest interim release, and
will need to copy the new Declude.exe file to the \IMail\ directory.
C:\\imail\declude
Declude 1.78i9 (C) Copyright 2000-2004 Computerized Horizons.
That's good.
I'm wondering when the next full (non-beta) release will be available. It
seems that a bunch of very nice features have been added since 1.75 (July
2003), but I'm always hesitant to run beta software. Will there be a
full release sometime soon, so we can get all the newest features without
I am experiencing a problem in 1.78b where the action specified by
a weight range test is not being taken.
The domain profile is set to bounce e-mail that scores from 9-99.
This profile was working fine in 1.75.
Please read the release notes at http://www.declude.com/relnotes.htm to
find out
Where do I put this in the virus.cfg OKCODE 5
Anywhere.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers
since 2000.
Declude Virus: Catches known viruses and is the leader in mailserver
vulnerability
If I have a SPAMDOMAINS type test in my GLOBAL.CFG...
SD-TLD spamdomains D:\iMail\declude\JunkMail.SpamDomains.TLD.txt x 5 0
...and I have some entries in the corresponding flat text file like below...
.mil
will SPAMDOMAINS search the reverse DNS entry in a CONTAINS type manner or
an
I am still see lots of these in my logs (v1.78i4):
=
02/29/2004 02:35:34 Qc0656280009442df Unknown Var: %TESTNAMEX-RBL-Warni
X-RBL-Warning: %TESTNAMEX-RBL-
Could you E-mail me one of your log files (off-list), so that I can check
it out in more detail? The latest interim has some extra code
I've setup a gateway mailserver using postfix and amavisd. I want to make
sure that the IP for this gateway server is skipped, but I'm kinda
confused since the postfix box hands off the message a few times. Below
are the received headers from one of the messages, and also what I put in
my
Hi. This message failed the SORBS-DUHL test even though a lookup at SORBS
of the IP address revealed all clean.
Any insight would be appreciated. Thanks.
Received: from mail.ittint.net [130.94.242.170] by mail.electdist.com with
ESMTP
(SMTPD32-8.05) id A52D91B0108; Mon, 01 Mar 2004 11:55:25
The issue here is that while 130.94.242.170 isn't listed in SORBS-DUHL,
4.4.24.79 is. So if you are using a HOP setting other than 0, 4.4.24.79
gets scanned. If you rename the test to SORBS-DUL, it will be skipped
(or you can upgrade to the latest beta, which will skip if automatically).
In
I'm on 1.75, with LogLevel MID.
In parsing the JM log, I noticed the oddity below
02/27/2004 00:03:26 Qcf9a013b030eb667 From:
mailto:[EMAIL PROTECTED][EMAIL PROTECTED] To:
mailto:[EMAIL PROTECTED][EMAIL PROTECTED] IP: 141.158.231.134 ID: 061A40A1F2
02/27/2004 00:03:26 Qcf9d01b00336bec4
BTW, I have to throw away lines occasionally because of intermittent CRs
that cause problems with parsing. For my log parsing, I initially tried to
use SQL Server DTS to isolate fields and parse from there, but SQL would
merge two lines together at times because of a related problem with EOL
Still would like input on the CR CR LF problem, though.
I would suggest using 1.78 to see if the problem persists. I don't believe
we have had any reports of CR CR LF's appearing in the log files like what
you are seeing. If the problem continues with 1.78, could you E-mail me
(off-list) the
There are some minor issues still with logging and processing of
whitelisted E-mail. I'm using WHITELIST AUTH, AUTOWHITELIST ON and
PREWHITELIST ON. Depending on how I whitelist though, I see all sorts of
different logging, and on at least two of the methods, PREWHITELIST ON
doesn't appear
Any ideas why this email would fail the HELOBOGUS test?
The problem here is that:
Received: from declude.com [24.107.232.14] by mail.tmlp.com with ESMTP
(SMTPD32-7.07) id A7F878950134; Thu, 26 Feb 2004 20:06:00 -0500
Received: from panda.declude.com [192.168.0.4] by declude.com with ESMTP
Scott, does this error message in my log indicate a problem that you're
interested in, or is declude.exe correctly reporting a problem in the source
data?
X-Country-Chain: 'EU' [corrupt RIPE data]-UNITED STATES-CANADA-destination
It's reporting a problem with the source data. Specifically, RIPE
801 - 900 of 3770 matches
Mail list logo