Sadly, View Headers is not ideal.
Certainly, you can use View Headers to get the routing information etc,
and a Save-As will get you the body text, but every version of Outlook, if
not Outlook Express, decodes the original message. This would be wrong
but tolerable if they also fixed the header
On Sun, 22 Feb 2004 22:51:34 -0800
John Tolmachoff \(Lists\) said something about RE: [Declude.JunkMail] phishing scam:
I hate Outlook. I've never figured out how to get a real 'exact' copy
of what was delivered back out of it the way you can when using any MUA
that stores in mbox or
Far be it for me to halt progress...
Scott, I can't wait to put in the new TESTSFAILED logic. I've wanted
exactly this to keep certain multi-answer ip4r tests in check, and Matt is
off to a great start in combining tests...
I also find that CMDSPACE is very handy and has low false positives.
It's SWITCHRECIP ON.
-Scott
At 10:58 PM 2/22/2004, Darin Cox wrote:
Well, SWITCHRECIPS ON in the global.cfg isn't causing Declude JM to
report the intended address instead of the actual address for me with
1.75...I'm still seeing external addresses for the TO address in the
I want cleaner logs. This has been discussed in the list before, and I'm
pretty sure that Pete and Sandy agreed that they'd seen the behaviour
elsewhere, i.e. that multiple processes of writing to the same log file are
garbling the text file, and that per se, the garbling wasn't strictly
Gerald,
There is a great little COM addin available at
http://www.xintercept.com/pkpeek.htm, I use it to open mail/examine headers
all the time.
Fritz
Frederick P. Squib, Jr.
Network Operations/Mail Administrator
Citizens Telephone Company of Kecksburg
http://www.wpa.net
() ascii ribbon
Hmmm...the manual says SWITCHRECIPS ON... I'll try it without the second
S...
Darin.
- Original Message -
From: R. Scott Perry [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, February 23, 2004 8:24 AM
Subject: Re: [Declude.JunkMail] Questions about LOGLEVEL MID
It's
Hmmm...the manual says SWITCHRECIPS ON...
Thanks for pointing that out -- it's fixed now.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers
since 2000.
Declude Virus: Catches known viruses and is the leader in
That did it...Thanks, Scott.
Might want to correct the manualgrin
Darin.
- Original Message -
From: Darin Cox [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, February 23, 2004 9:52 AM
Subject: Re: [Declude.JunkMail] Questions about LOGLEVEL MID
Hmmm...the manual says
Title: Message
Hi,
I think many of us
are getting swamped with these "cleaned" virus emails - that show up as tiny zip
files with no meaningful content.
How about we could
test "ATTACHMENTSIZE" to give everything extra points to an email if ithas
a non-plausible attachment length?
Best
Andrew,
I just wanted to chime in and say that I of course would love to see
non-text base64 stuff thrown out before scanning, and allow us to target
only unencoded text strings. The idea of scanning only the decoded text
would also be a big processor saver and the primary method, so maybe
Ick :)
LOGLEVEL MID doesn't look nearly as bad, though there will be the
occasional series of line breaks with code appearing in it. I haven't
tried parsing the logs with anything but DLAnalyzer though.
Matt
Colbeck, Andrew wrote:
Ahem, like I said, the attachment.
Andrew ;)
That was our log parsing tool (DLAnalyzer). Our mail servers are very busy
and we often see a lot of the lines intermixed during peak times. We make
every attempt to interpet mixed logging lines to extract as much information
out of the lines, but sometimes its so intermixed its impossible so
Just a thought, Scott, you already send log info to Declude Console, how
about using Declude console or some other helper app as the log writer,
keeps the conversation local and should resolve the whole two processes
write to the same line issue?
The problem is that the code used to communicate
However, it may not be very easy to integrate syslogging
support into Declude. I am curious to know if the majoriety
of folks would prefer that the focus of the developer(s) be
maintained on developing new spam features versus re-tooling
Declude to work with a syslog daemon. Depending
- Original Message -
From: Markus Gufler [EMAIL PROTECTED]
However, it may not be very easy to integrate syslogging
support into Declude. I am curious to know if the majoriety
of folks would prefer that the focus of the developer(s) be
maintained on developing new spam features
16 matches
Mail list logo