Title: Re: [sniffer] OT - exchange 5.5 help
Configure the IMS (internet mail service/connector in echange manager)
You have to disable the microsoft smtp server (iis5 smtp) exchange 55 has its own smtp
-Original Message-
From: [EMAIL PROTECTED] [EMAIL PROTECTED]
To:
When you export the imail registry hive
Look at the resulting file...
If there are hard references to C:
Then run a search/replace all to update to D
If you use SQL for user databases then you'll have to write a small sql
script to update the mailbox path's for every mailbox. The physcal path
is
HKLM\Software\Ipswitch\.
Goran Jovanovic
The LAN Shoppe
-Original Message-
From: [EMAIL PROTECTED] [mailto:Declude.JunkMail-
[EMAIL PROTECTED] On Behalf Of Tom Baker | Netsmith Inc
Sent: Friday, June 11, 2004 12:07 PM
To: [EMAIL PROTECTED]
Subject: RE
Win 2000:
Right click SMTP service -
Properties -
Access -
Relay -
[x] Only the list below:
( enter your allowed-to-relay IP ranges )
OK -
OK -
SMTP Service - Domains
Right click Domains
New.. - Domain - (repeat for each...)
Domain Type = remote -
name=commarts.com -
right click
Any chance we can seperate fail unknown into two different tests?
via spf we have ?all or -all which are supposed to be treated differently
from what I understand.
I would rather seriously penalize any domain that is configured with a -all
and the sending IP is fails
and would NOT want to
Gotcha, all 3 are already setup :)
I don't really want to penalize for unknown, was just making an example.
( I just setup spf on my postfix box yesterday as well to help get past some
restrictions for pass)
Sounds like you are setting the the spf-guess (which defaults to mx/24 a/24
right?)
Little OT for this list, but anyone using postfix as a gateway should have
this setup by now!
http://www.smartbusiness.net/imail/
Use the above utility to export your userlist from IMAIL to a test file
every few minutes.
I have attached (Imailexport.zip) an example of what I use to export my
http://postmaster.info.aol.com/servers.html
-Original Message-
From: Joshua Levitsky [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 07, 2003 7:26 PM
To: [EMAIL PROTECTED]
Subject: Re: [Declude.JunkMail] maybe its just one of AOL's servers???
The reason for the above is that our
Scott:
Curious on how you have your auto-unsubscribe set.
I have been unsubscribed twice now and each time I usually figure out when
the list seems unusually quiet.
This time is probably because of a filter that was a little too aggressive
yesterday that I quickly caught and removed... I
Dan,
Declude does not have that kind of power as it is the IMAIL SMTP Daemon
which accepts the mail and places it into the spool.
After it is in the spool declude queue moves it to the overflow for faster
processing if there are more messages in the spool than imail can run
smtp-delivery
Scott:
Does spoolviewer.exe look at the registry to determine the actual spool
location?
We just moved our spool to a different physical volume to improve
performance...
D:\imail\spool - e:\imail\spool
everything else remained on D except the spool.
Everything is functioning great (doubled our
Cox ( as well as most ISPs) only block specific ports as needed, and allow
everything else. ( vs a corporate organization or ISP servers which block
all, and allow whats needed ).
To the best of my knowledge cox only blocks
Out: 25
In: 25,80
The cox filters only apply to Residential customers,
(1)no SPAM or Anti-Virus checking
How does using a different SMTP server effect your inbound spam filtering?
Cox subscribers are forced to use the cox SMTP so what?
The only way this should effect your declude is that auto-whitelist may not
work.
If you still want to scan on the senders IP,
There is a way you can get your imail/declude-exchange-relay box to treat
the mail as inbound mail, but there is more administrative overhead (ie
not a good choice for most people).
Our organization does not make changes to our exchange mailbox's often so
this works great for us, and has the
Weight20 Subject SPAM-2[%weight%]
#Weight20a MAILBOX SPAM
Weight30 Subject SPAM-3[%weight%]
#Weight30a MAILBOX SPAM
Do not use the mailbox action, rather copy a rules.ima into each users
folder that does not already have one. The contents of the 'default'
rules.ima should be like
S~SPAM:SPAM
In our experience as an ISP, this was our INITIAL reaction (based on my
personal mailbox),
However SPAMCOP turned into about 50% accuracy system wide, and we had to
move to at least 2 RBL tests failed to hold, or SNIFFER.
It would be a good idea to run the sniffer
Right, as has been the concnsus when the regexp idea's has been discussed
before.
Declude is clean small and straightforward.
Regexp support adds complexiy which add's to CPU load.
We run a postfix gateway as well (that's where we actually run message
sniffer, to keep the CPU load on IMAIL as low
Title: Message
Anyone know how
the heck to submit a removal for postfixgate? is there even a
way?
The link on their
website (www.postfixgate.com) is a js
popup,
which when I
pulled the js page it refers to
http://www.liswireless.net/postfixgate/dispute/default.htm
When you go
there, its
Scott,
I seem to remember this coming up maybe a few months ago?
Hell I have a bad memory.
The first link in postfixgate says you shalt not be listed on any other spam
lists to be removed, and links to www.dnstuff.com
Maybe you guys could throw a note on http://www.dnsstuff.com/tools/ip4r.ch
I do it by using plain old IMAIL Rules...
[rules.ima]
F~[EMAIL PROTECTED]:main
F~[EMAIL PROTECTED]:main
F~[EMAIL PROTECTED]:main
H!~abc123def123ghi123jkl123:NUL
The first 3 lines check the from-address, if there is a match, the message
is places in the 'main' mailbox/folder and rules processing
It has been a feature of every version of IMAIL I remmeber using thus far.
Currently I have 6.x and it is located in both The web-administration tools
Imail Admin
In IMAdmin,
Its on the first tab when clicking on a virtual host.
Defatult Max mailbox size, Single message max size, default max
Does the comments test require non-whitespace beforeafter the comments in
order to trigger?
So that most legit messages will not trigger it?
-Original Message-
From: R. Scott Perry [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 03, 2003 5:36 PM
To: [EMAIL PROTECTED]
Subject:
You can give them their own IP in your gateway, and assign it a hostname
of theirs.
I have about 20 Ips in my Imail machine.
The official name is mx01.web4less.net
But this is what appears in one of my headers (on the way to exchange)
Received: from fw2.netsmith.net [204.49.154.3] by mail.cfi.net
Assuming the big guys spool OUT from their INBOUND MX records I think that
would hold true
But for example here at my office, we have (2) MX records, which are our
inbound filter gateways. However outbound mail spools through DIFFERENT
gateways, so all mail leaving my organization should
?
Best Regards,
Mishi
- Original Message -
From: Tom Baker | Netsmith Inc [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, December 01, 2002 10:23 PM
Subject: RE: [Declude.JunkMail] Imail Web Based Interface
The session string can be helpful for kicking a user between iwebmsg
and your
The session string can be helpful for kicking a user between iwebmsg and
your own web server with only a single authentication point. I have already
accomplished this with my system, and have integrated my online billing /
spam filters with the web templates.
You can see an example of what I'm
Title: PayPal
Sorry for posting
HTML, but I wanted to preserve the original message at the
bottom.
I received this
fraudulent attempt at retrieving my paypal username and password from a
bellsouth ADSL customer who is probably trying to steal money and probably
having much success.
This
Or use domain processing rules
X:\imail\domain_com\rules.ima (gets processed before)
X:\imail\domain_com\users\username\rules.ima
-Original Message-
From: John Tolmachoff [mailto:jtolmachoff;reliancesoft.com]
Sent: Sunday, October 27, 2002 9:13 PM
To: [EMAIL PROTECTED]
Subject:
X-RBL-Warning: MAILFROM: Domain web0.bsc.net has no MX/A records.
Just noticed in cleaning up DNS while back that i accidentally erased the A
record for my web servers official name.
( I have several A records point to it, and never use the above name ).
I've already fixed DNS, updated serial
Thought I had IMAIL using my main 2 dns servers when in reality its using 2
of my caching servers. By the time I went to check them they had already
updated.
I'm just too impatient during debugging
Thanks again
-Original Message-
From: R. Scott Perry [mailto:[EMAIL PROTECTED]]
Sent:
I use a difference of 3
HOP 0
HIGHHIGH 2
i love it...
I know of at least 1 server where they know their server is an open relay,
so they have their server set to send all outbound mail to another smtp
server which is not to get around open relay blocks, i still block them,
beecause they are hop
Well you are not taking into account systems like mine, which have a setup
like
HOP 0
HOPHIGH 4
Yes it adds CPU time, but any IP the message passes through gets tested on
my system,
And a PTR record does not take long to configure at all.
on the Webserver. If your Webserver is IIS, why not
Don't forget HEADERS!
I don't see it in the manual, but it was added and I am using it
:)
-Original Message-
From: R. Scott Perry [mailto:[EMAIL PROTECTED]]
Sent: Monday, September 23, 2002 3:49 PM
To: [EMAIL PROTECTED]
Subject: Re: [Declude.JunkMail] Filter types and Definitions?
Lower the weights of the noabuse/nopostmaster tests for one.
I think the default is 5 for each. The noabuse/nopostmaster tests fail for
most of the big guys (aol.com,earthlink.net,msn.com,etc,etc...)
Or You might play by raising the weight of the other tests and
trapping/bouncing on a higher
Title: Message
So do I, but you
still have to authenticate twice.
This was just an
idea I had i thought i would share where you only authenticate once (Imail
webmail) and can seamlessly integrate your own application with
webmail.
-Original Message-From: Mark Smith
Double that.
Using declude + sniffer I have not seen a piece of porn get through.
Only rarely do I see any spam get through.
I would highly suggestion getting sniffer, as much (adult + non-adult) spam
often passes all HEADER checks (which is what declude does alone), so you
must rely on
Title: Message
The topic has been
reachednumerous on this list so I thought I would share an idea I had
earlier today that works great with everyone onthis list.
Many of you have the
idea's of writing your own parsers/interfaces for parts of declude or other
parts of imail, but the
Yes, this is how I already accomplished this for my users.
I have a cold fusion interface which verified login/password, then manages
their rules.ima
Anyone they want to allow it writes at the top of the rules.ima...
F~[EMAIL PROTECTED]:MAIN
Any junk-mail they want to block it sends to SPAM
PROTECTED]:main
H~THISWILLNEVERMATCHBECAUSEITSAREALLYLONGBOGUSSSTRING:NUL
--/rules.ima--
Anything that does not match the first 3 lines will be deleted
-Original Message-
From: Tom Baker|Netsmith Inc [mailto:[EMAIL PROTECTED]]
Sent: Thursday, August 29, 2002 10:38 AM
To: '[EMAIL
Excuse the typo everyone, I meant to put a not (!) in that long string
H!~THIS...
-Original Message-
From: Tom Baker|Netsmith Inc [mailto:[EMAIL PROTECTED]]
Sent: Thursday, August 29, 2002 10:41 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [Declude.JunkMail] Address Book Only
headers is on my to-do list, so if anyone actually does look at this please
don't flame me on how I could improve that.
I am already aware :)
-Original Message-
From: Tom Baker|Netsmith Inc [mailto:[EMAIL PROTECTED]]
Sent: Thursday, August 29, 2002 10:44 AM
To: '[EMAIL PROTECTED]'
Subject
Easy, instead of mail forwarding use auto-responders but, don't have a
response
Which the web-messaging won't let you SETUP, but you can view
The actual way is via the filenames in the user folder
mail forwarding creates a file called
D:\imail\domain.com\users\Forward.ima
(which
Regexp is very cpu intensive.
_M
| -Original Message-
| From: [EMAIL PROTECTED]
| [mailto:[EMAIL PROTECTED]] On Behalf Of Tom
| Baker | Netsmith Inc
| Sent: Friday, July 26, 2002 2:43 PM
| To: '[EMAIL PROTECTED]'
| Subject: RE: [Declude.JunkMail] filter file question
|
|
| Regexp
Sniffer is great, Declude is great, they compliment each other great!
Declude handles all the header checks,
While Sniffer looks for patterns in the message body.
By running them both I receive almost NO SPAM at all...
Try their Demo to get an idea. ( they update their patterns almost daily!
http://www.mail-archive.com/declude.junkmail@declude.com/msg02791.html
(currently, this can be SUBJECT, HELO, BODY, MAILFROM, REMOTEIP or
REVDNS),
It was your first column, it can ONLY be one of the above
(examples:)
SUBJECT -5 CONTAINS @text.com
HELO -5 CONTAINS @text.com
BODY -5 CONTAINS
Actually I do believe I have seen KVM over LAN units (essentially what
everyone is talking about), but they are pricy. I'll try to find who made
them/where I saw them.
-Original Message-
From: Mark Smith [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 17, 2002 8:11 AM
To: [EMAIL
Title: Message
http://www.mail-archive.com/declude.junkmail@declude.com/msg02791.html
(currently, this can be SUBJECT,
HELO, BODY, MAILFROM, REMOTEIP or REVDNS),
Can we please add
HEADER as one of the options?
I run Sniffer on
postfix infront of Declude and would like to be able to
Ok, the filter test, that's what I meant
Yes, thank you :)
Didn't think to check the global.cfg link DUH
-Original Message-
From: R. Scott Perry [mailto:[EMAIL PROTECTED]]
Sent: Thursday, July 11, 2002 1:42 PM
To: [EMAIL PROTECTED]
Subject: Re: [Declude.JunkMail] list of beta
Title: Message
After trying to
subscribe to this list after a while I finally checked my spam folder and saw
why I wasnt getting any replies.
Kind of amusing the
email back from [EMAIL PROTECTED]
failed spamheaders.
From: [EMAIL PROTECTED]Subject: Confirmation Required
(confirmation
Title: Message
Actually yes, I have
written two seperate front ends, as an ISP having a frontend was essential to
us. When we
first purchased Junkmail Pro I went straight to work for customized versions of
\imail\declude\domain.com\user.junkmail
After using that for
a while and realizing
PROTECTED]] On Behalf Of Tom Baker |
Netsmith Inc
Sent: Friday, June 21, 2002 4:04 AM
To: '[EMAIL PROTECTED]'
Subject: Re: [Declude.JunkMail] Coldfusion Declude front end?
Actually yes, I have written two seperate front ends, as an ISP having a
frontend was essential to us. When we first purchased
[mailto:[EMAIL PROTECTED]]
Sent: Friday, June 21, 2002 12:35 PM
To: Tom Baker | Netsmith Inc
Subject: IPWHOIS:Re[2]: [Declude.JunkMail] Coldfusion Declude front end?
I would love to get a copy of you registry-sql conversion script. I been
thinking about doing this change for a while and would be nice
52 matches
Mail list logo