David of Declude-
Do you know how to remove ZEROHOUR from the headers? I obviously do
not have this test in my config and HIDETESTS does not work.
-Nick
Original Message
Subject:
[0A6-0C4E22B9-4D5B] ZEROHOUR
Date:
Mon, 17 Jul
, 2006 11:18
AM
Subject: [Declude.JunkMail] [Fwd:
[0A6-0C4E22B9-4D5B] ZEROHOUR]
David of Declude-Do you know how to remove ZEROHOUR
from the headers? I obviously do not have this test in my config and
HIDETESTS does not work.-Nick Original Message
To: declude.junkmail@declude.com
Sent: Monday, July 17, 2006 11:29
AM
Subject: Re: [Declude.JunkMail] [Fwd:
[0A6-0C4E22B9-4D5B] ZEROHOUR]
Nick, i'm getting your answer now. I will reply
to your ticket when i find out. Thanks!
Linda PagilloTechnical Support EngineerDeclude - Your Email
Nick,
ZERHOUR currently cannot be removed from the Headers. I
have put in for this change.
David
B
www.declude.com
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Nick HayerSent:
Monday, July 17, 2006 12:18 PMTo:
Declude.JunkMail@declude.comSubject: [Declude.JunkMail
I have no idea why I forwarded that so sloppily. Sorry.
--Sandy
Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
e-mail: [EMAIL PROTECTED]
SpamAssassin plugs into Declude!
Forwarding here sice this also seems to deal with JM (full overflow
directory).
Ideas?
G
-- Forwarded message --
From: Gerald [EMAIL PROTECTED]
Date: Fri, 13 Feb 2004 19:28:35 -0600 (Central Standard Time)
Subject: [IMail Forum] flooded queue
To: [EMAIL PROTECTED] [EMAIL PROTECTED]
Forwarding here sice this also seems to deal with JM (full overflow
directory).
Is the CPU usage at 100%? If so, you're probably experiencing a very high
volume of E-mail.
If not, you should check your DNS settings in the SMTP section of IMail
Administrator, and make sure that there is only
I'll go you one better. I got one in the real mail (from Spain, I am in the
US). Says I won 650,000 in a lottery, all I need to do is fill in the
official looking ppage of personal info, bank acct and emergency contacts so
they can deposit it for me. Of course, I have to act fast or it all goes
Ok. This spam is scary. It has my actual home address and phone number. I'm guessing they cropped it from WHOIS maybe... but that wouldn't make sense since many WHOIS contacts are technical people that wouldn't fall for this. Anyone else get this variation of the typical financial fraud with your
Ok. This spam is scary. It has my actual home address and phone
number. I'm guessing they cropped it from WHOIS maybe... but that
wouldn't make sense since many WHOIS contacts are technical people that
wouldn't fall for this.
They did get it from WHOIS -- the 123 123 1234 gives it away. It
Begin forwarded message:
Resent-From: Joshua Levitsky [EMAIL PROTECTED]>
From: Matt Larson [EMAIL PROTECTED]>
Date: September 20, 2003 2:01:39 PM EDT
To: [EMAIL PROTECTED]
Subject: VeriSign SMTP reject server updated
Folks,
One piece of feedback we received multiple times after the addition
The result would always be the same: 64.94.110.11 so you would tag every
message as spam. Right?
-Original Message-
From: Joshua Levitsky [mailto:[EMAIL PROTECTED]
Sent: Monday, September 15, 2003 10:47 PM
To: [EMAIL PROTECTED]
Subject: [Declude.JunkMail] Fwd: Verisign's New Change
That could end up being one of the better tests. Thanks.
-Original Message-
From: Bill Landry [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 16, 2003 1:09 AM
To: [EMAIL PROTECTED]
Subject: Re: [Declude.JunkMail] Fwd: Verisign's New Change and Outdate
RBL's
Yep, that's
Bramble
To: [EMAIL PROTECTED]
Sent: Tuesday, September 16, 2003 12:14
PM
Subject: Re: [Declude.JunkMail] Fwd:
Verisign's New Change and Outdate RBL's
This is a great find! I'm just wondering where the
potential FP's would come from so that I can determine the proper
scoring
Interesting side effect of Verislime's move. Just setup a ip4r test that goes to a bogus domain and then all the bad addresses result in an answer of 64.94.110.11. Maybe this is how we can take advantage of this?
If i made an ip4r test of aklsjlajkdjkhskljdkjldhsjdshkhklshdkjl.comthen I'd
This was posted on NANOG today. Another MUST READ if you use the OSSOFT
test or any other tests utilizing the Spamhaus SBL.
Rick Rountree
Dundee.net
Delivered-To: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
X-Anti-Virus: Scanned for known viruses by
FWIW, I just got one with the entire body obfuscated.
This is a forwarded message
From: Don Brown [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Date: Friday, August 8, 2003, 2:34:55 PM
Subject: Link obfuscation in e-mail body
==Original message text===
Will Declude see
Posted today on SPAM-L. A must read for folks who use MONKEYPROXIES.
Rick Rountree
Sr Network Admin
Dundee.Net
Date: Sun, 3 Aug 2003 15:37:32 -0700
Sender: Spam Prevention Discussion List [EMAIL PROTECTED]
From: Ronald F. Guilmette [EMAIL PROTECTED]
Subject: BLOCK:
Is anyone doing anything about these messages. I am getting more and more
by the day!
Thanks,
Kevin
Received: from mail.stevenstransport.com [10.100.1.17] by
mail.stevenstransport.com
(SMTPD32-6.00) id AD69710A015C; Sun, 08 Jun 2003 14:24:25 -0500
Received: FROM declude.com BY
Is anyone doing anything about these messages. I am getting more and more
by the day!
Unfortunately:
Received: from mail.stevenstransport.com [10.100.1.17] by
mail.stevenstransport.com
(SMTPD32-6.00) id AD69710A015C; Sun, 08 Jun 2003 14:24:25 -0500
Received: FROM declude.com BY
I would recommend switching that poor mailserver to IMail (or any other
mailserver that will include the IP address in the headers, which is
almost all of them).
My poor mail server is IMail v6. I received about 95 of these blank
emails since last Friday with different received times, I have
Thanks Scott -- I'll give that a go.
Greg
At 02:27 PM 6/3/2003 -0400, you wrote:
Were getting a increase in emails with that contain viruses. I want to
block the sender but the sender address is being forged. I have the
remote IP/domain where the email's are coming from. Can I just include
Sorry, it was suggested to me that some newer members might have no idea
what I am talking about. I wrote the utility below that retrieves one or
more files via the web, appends it to a local file, and writes it out to
another file. This allows the use of local blacklists added to regularly
This may be interesting (forwarded from an anti-spam mailing list):
-Scott
I recently received a spam where the sender left a javascript hit counter
which my pine kindly ignored. It did, however, give the URL where he, and
you, can watch the hits
24 matches
Mail list logo
