Hm -
I looked at http://www.declude.com/Version/Manuals/2.0.6.asp - but don't
find any DYNHELO?
Best Regards
Andy Schmidt
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Darrell
([
.0.79%
BCC8...0.41%
Best Regards
Andy Schmidt
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Darrell
([EMAIL PROTECTED])
Sent: Tuesday, April 12, 2005 01:12 PM
To: Declude.JunkM
I tried that - "CONTAINS" would catch that variation anyway.
However, the real answer is to add "IGNORE" or "WARN" to the $Junkmail$
file. I've gone through this before - and I just couldn't remember what it
was...
Best Regards
Andy Schmidt
Phone: +1 20
Title: Message
Hi,
remember the
discussion several weeks ago - how VA law has a chilling effect on spammers,
many of whom have cleaned up their mailing lists to remove aol
accounts?
"Jeremy Jaynes
was convicted in November for using false Internet addresses to send mass e-mail
ads throu
Hm... Good point!
Not set to anything - just subtracting weight right now...
Best Regards
Andy Schmidt
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Darin Cox
Sent: Friday, April 08
er true?
So - I wonder whether IPNOTINMX suffers the same.
Best Regards
Andy Schmidt
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Colbeck, Andrew
Sent: Friday, April 08, 2005 05:30
Well - I guess my point is that this is a legal matter, there is an argument
that could be made - so one cannot simply "dismiss" this without proper
consultation. And THIS list is NOT the right one to get proper consultation
on "legalities".
Best Regards
Andy Schmidt
Phone:
x27;m talking
about!)
Best Regards
Andy Schmidt
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Darrell
([EMAIL PROTECTED])
Sent: Friday, April 08, 2005 10:55 AM
To: Declude.JunkMail@declud
ore it was preventable by NOT
breaking with the standard.
So - if your system breaks the "implied feature" of BCC, then I think it
would be very good idea if you publish a big disclaimer, and in a prominent
location that your email users can't miss (e.g., don't put it in the
f
Title: Message
Hi,
I'm always seeking
to eliminate "double failures" for single facts to prevent false positives and
then "up" the weight for groups of tests that test the same
facts.
Several domains that
I used to have in SpamDomains (such as "Excite.com") are publishing
SPF.
I used
I'd like to speak out in favor of public betas. It would help CPHZ to weed
out poor design decisions ahead of time, by testing against a broad number
of configurations.
I think it's better these things are found before the software is released.
Best Regards
Andy Schmidt
Phone: +1 20
me foreign
language word.
However, the word Resume is spelled with accents... I'm not sure if the Euro
currency symbol may even use that code table.
So - be ready for false positives.
Best Regards
Andy Schmidt
H&M Systems Software, Inc.
600 East Crescent Avenue, Suite 203
Upper Saddle R
Title: Message
Hi,
a) I have
my SMTP Gateways correctly defined in IPBYPASS, so
that Declude can attempt to determine the ultimate sending IP address (for
EXTERNAL emails).
b) However, the
IPBYPASS logic is flawed, in that it does not allow for the fact that email may
truly originate fr
G,
Declude is only following established industry practice (where target date
and release date must be at least 1 year apart)
Best Regards
Andy
-Original Message-
From: John Tolmachoff
Sent: Thursday, March 17, 2005 11:07 AM
> Target release date for 2.0.6 - 28 March 04
I take i
7;s SMTP server as a "smart host".
Best Regards
Andy Schmidt
H&M Systems Software, Inc.
600 East Crescent Avenue, Suite 203
Upper Saddle River, NJ 07458-1846
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
http://www.HM-Software.com/
-Original Message-
From:
Title: Message
Hi
Gary,
I've
come to understand that the changes in 2.0 had been substantial (and
clearly, the ripple effects of the per-user message handling were
not fully understood). As a result, the fix has to be equally
substantial (which apparently takes time) - and I'm sure they
Title: Message
Hi,
the following header
failed the "SPAMROUTING" test.
Received: from
ms001msg.fastwebnet.it [213.140.2.51] by hm-software.com with ESMTP
(SMTPD32-8.15) id A17B1AA600C4; Tue, 15 Mar 2005 10:38:35 -0500Received:
from fisso (5.9.180.73) by ms001msg.fastwebnet.it
(7.2.052.
he ability to easily make use of very effective
DUL/DYNA/DUHL lists - just because Declude allows spammers DO forge sender
addresses!
Matt's workaround is certainly clever (cudos!) - but unnecessarily complex
and error-prone (to the average Declude user).
Best Regards
Andy Schmidt
H&M System
hen I had used it earlier this week?)
Best Regards
Andy Schmidt
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Erik
Sent: Friday, March 04, 2005 08:26 PM
To: Declude.JunkMail@declude.com
S
Title: Message
Hi Nick, John, Eric, Fritz, Kevin, Dan,
NCL Admin, et al:
>> This
change removes our ability to override ROUTETO in special
circumstances. <<
I recommend you sit tight just a little longer.
The "new" behavior apparently was not intended and I'm certain, Declude will be
made
No copyall account here.
-Original Message-
From: Ncl Admin
The problem is the COPYALL account as it will always be HELD rather than
have SPAM deleted as it always fails enough HOLD actions prior to DELETE
weight.
---
[This E-mail was scanned for viruses by Declude Virus (http://www.decl
Hi,
Check if you defined any DNS servers for Declude. If not, see which ones are
defines in the Imail settings.
Query THOSE DNS servers to see if they have MX/A records. Sometimes people
have an internal DNS server for the AD domain that doesn't have the "public"
records.
If that doesn't help -
" address, it
may have to "remember" that new recipient so that it can reference it in
case it later encounters a DELETE action.
Or, to reverse that logic, let the ROUTETO remember the "new" recipient -
but don't actually update the envelope until Spam processing for
confirm receipt.
Best Regards
Andy Schmidt
H&M Systems Software, Inc.
600 East Crescent Avenue, Suite 203
Upper Saddle River, NJ 07458-1846
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
http://www.HM-Software.com/
-Original Message-
From: Erik
Sent: Thursday, Marc
Title: Message
Hi
Matt:
>> I would also
assume that you are scoring tests such as SNIFFER, INV-URIBL and NJABLDYNA, but
it doesn't appear that these scores were added according to your headers
<<
I
think I can explain most of that.
a) I
have several "combo" tests that do the actual a
A, BADHEADERS, HELOBOGUS, REVDNS, SPAMHEADERS, SNIFFER, POSTMASTER,
SPAMDOMAINS, WEIGHTKILL
X-Countries: KOREA-KR->destination
Return-Path: <[EMAIL PROTECTED]>
X-RCPT-TO: <[EMAIL PROTECTED]>
Status: U
X-UIDL: 409773318
Best Regards
Andy Schmidt
H&M Systems Software, Inc.
600 East
Hi,
It meant it had no Reverse DNS. Instead of a host name (from the PTR),
Declude returns the string:
[No Reverse DNS]
which you bracketed in another set of square brackets.
Best Regards
Andy
-Original Message-
If a spam message has a header entry like...
X-Note: Sent with
Title: Message
The
message is NOT whitelisted (see log and header), so the bypass whitelisting
WORKED. The log and headers look differently, if whilelisting is
effective.
The
purpose of the bypass whitelisting is:
if
weight >= 12 and recipients >= 6 -> bypass the
whitelist
if
weight
Title: Message
I
don't have actions for different recipients.
So in
my case all recipients have the SAME action.
Except
that now ROUTETO outranks DELETE.
Best
RegardsAndy SchmidtPhone: +1 201 934-3414 x20
(Business)Fax: +1 201 934-9206
-Original Message-From:
[EMA
Title: Message
Hm,
I may
have an idea...
I have the feeling
the problem may be with the "POSTMASTER" filter. The idea behind it is -
if any of the recipients are my [EMAIL PROTECTED] account, then "drop"
all other recipients and ROUTETO that email ONLY to the postmaster
address. Th
Title: Message
Hi,
As promised, I will
submit this case to Declude support.
This message has a
weight of 21 and should have been DELETEd and it's way PAST my HOLD weight of
10. It also is beyond my BYPASS WHITELISTING weight of 19.
Yet, this message
was delivered to my mailbox!
03/02
LIST
AUTH
...right?
-d
- Original Message -
From:
Andy Schmidt
To: Declude.JunkMail@declude.com
Sent: Wednesday, March 02, 2005 5:17
PM
Subject: RE: [Declude.JunkMail] Exclude
source machine?
Hi,
this should
Title: Message
Hi,
this
should only happen with YOUR end users (who use YOUR SMTP server for relaying
outbound messages). Any third party end users would relay messages through THEIR
local providers SMTP server, which would then use that server's HELO
string.
Thus,
all you have to do is
ain that you send "two" copies? Is the second copy
different in any way? Correct email address for second copy?
As far as I can tell nothing matching that description was held, blocked,
rejected etc anytime near the 2:20 PM EST timeframe?
Best Regards
Andy Schmidt
H&M Systems Sof
ntry in the Imail log files at 2:40 PM EST, then I
strongly suggest that it's your Postfix gateway blocking the message -
consult the Postfix logs. Maybe it's blocking based on FIVETEN.
Best Regards
Andy Schmidt
H&M Systems Software, Inc.
600 East Crescent Avenue, Suite 203
Upper Sadd
<[EMAIL PROTECTED]>
Status: U
X-UIDL: 409773178
Best Regards
Andy Schmidt
H&M Systems Software, Inc.
600 East Crescent Avenue, Suite 203
Upper Saddle River, NJ 07458-1846
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
http://www.HM-Software.com/
-Original Message---
Title: Message
>> All these get held on
my system because you send it from “your” e-mail address without authenticating,
so it never gets whitelisted with Whitelist Auth and it fails my spam domains
test. But if you aren’t seeing them at all, I’d guess it is the attachment
size. <<
Marc -
sk usage and a huge drop in corrupted lines.
Andrew 8)
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Andy Schmidt
Sent: Tuesday, March 01, 2005 9:22 AM
To: Declude.JunkMail@declude.com
Subject: RE: [Declude.JunkMail] Log Corruption
Hi,
Yesterday was actua
to find the time to
identify a new case and then re-submit that one to their tech support
reporting channels...
Best Regards
Andy Schmidt
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Nick H
Title: Message
>> but why change
the logs to single lines and not at the same time seek to normalize the
format <<
They
were not changed to single lines?
Single
lines of ONE message were grouped together - rather than scattered about.
They are still single lines - just the ORDER of the
Title: Message
>> Odd things is that I never get log
corruption in message sniffer. So somebody is writing out logs that don't get
corrupt. <<
Maybe because he is
running as a "service", thus can serialize the log
output?
D. The
increase in spam volume made it such that at MID, I had lots of log
corruption again.
With 2.x and the lines being written in a batch, I noticed an
immediate
drop in my disk usage and a huge drop in corrupted lines.
Andrew 8)
-Original Message-
From: [EMAIL PROTECTED]
[mai
's entirely possible that the log corruption is not really
specific to 2.0x - but rather a secondary result because they forded me to
deal with tremendously large log files (vs. the old MID log files).
Best Regards
Andy Schmidt
H&M Systems Software, Inc.
600 East Crescent Avenue, Suite 203
upgrade to 2.04 (after the crashes were fixed).
I thought I was dreaming and have not yet found the time to debug it.
Thanks for the pointer.
If letting through high-weight Spam is "low priority" on the "to be fixed
list", then I guess I just have different priorities ?
Best Reg
Hi,
Oh, so it's NOT just me.
Yes, there we virtually no corruptions before my upgrade from 1.82 to 2.04 -
now they are plentiful.
Best Regards
Andy
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Scott Fisher
Sent: Tuesday, March 01, 2005 11:37 AM
To:
Scott:
Thank you for your capable and prompt support throughout those years. You
will be missed.
Best of luck in your new endeavors.
PS: Sounds as if you'll have to adjust your thinking: Now the delivery of
Spam may actually be a good deed .
Best Regards
Andy
---
[This E-mail was scanned for
just define a mail route in THOSE gateways (e.g., IIS let's you do
that easily) and bypass Imail (and Declude) entirely, if that should be
desired.
Best Regards
Andy Schmidt
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
-Original Message-
From: [EMAIL PROTECTED]
[m
came through for me
today and did provide me with a workable 2.0.x.
Ralph/Scott - thanks for debugging this!
Best Regards
Andy Schmidt
H&M Systems Software, Inc.
600 East Crescent Avenue, Suite 203
Upper Saddle River, NJ 07458-1846
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201
Title: Message
Well -
I HAVE seen blank ones - but those were legitimate Outlook (?) generated
emails for shared folder synchronizations. They had no body, just an
attachment. So I had a fairly high false positive rate.
Best
RegardsAndy SchmidtH&M Systems Software,
Inc.600 East Crescent
Yes, it's occurring with 2.04.
I agree with Scott in principle - it is better to determine the underlying
cause of a problem, than to quick-fix the symptom. Too often have I seen
short-term solutions cover up big issues that ended up having a much bigger
impact later.
Best Regards
Andy Sc
Well, about an hour ago they had to leave for the weekend.
I watched my system a little longer - and eventually seeing a crash every
few minutes (due to high load), I had to go back to 1.82.
Best Regards
Andy
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behal
er' - but I have the Imail\Spool
tree excluded.
Best Regards
Andy Schmidt
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Franco Celli
Sent: Friday, February 11, 2005 08:28 AM
To: Dec
Title: Message
Well - I
tried...
Minutes after
install my mail server became unresponsive - after a few minutes, I saw Dr.
Watson in the task list - and then found these in the root.
Best
RegardsAndy SchmidtPhone: +1 201 934-3414 x20
(Business)Fax: +1 201 934-9206
DECLUDE.GP1
Des
Title: Message
Hi,
haven't heard
anything since the updated 2.x version was posted online. Has anyone
dared to install? Any luck this time around? Does it appear stable
enough? Or is everyone still waiting for everyone
else?
Best
RegardsAndy SchmidtH&M Systems Software,
Inc.600 East
Title: Message
Hi,
haven't played with
this - but I know that people have been complaining about Outlook munging the
headers. I wonder if this would help:
Additional
compatibility can be achieved by enabling Outlook 2003 to save the original MIME
source when connecting to a POP3 server.
Title: Message
Interesting sounds like someone would have to write an External
Filter. Unless Declude is willing to "integrate" this in their Sniffer
support.
When
you turn this one - where do this XHDR files appear? In the regular
"spool" folder together with the queue and data file
y more.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Sanford Whiteman
Sent: Thursday, February 03, 2005 01:28 PM
To: Andy Schmidt
Subject: Re[2]: [Declude.JunkMail] LDAP Password?
> Yes, using the same "root" user and the same "pas
, but, after that, isn't there some sample code how to add
simply email addresses to AD so that ORF can find it?
Best Regards
Andy Schmidt
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On B
time a new domain is added.
I don't trust "manual" procedures - that's why I was looking for an
automated way.
Best Regards
Andy Schmidt
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTE
Hi Nick:
Thanks. Yes, I aware of Vamsoft's official position. Sandy was very
specific that it does work as long as the OpenLDAP is extended. Haven't
seen anything in the 2.0 beta announcement that sounded like the "official"
AD restriction had been lifted.
Best Regards
Andy
Title: Message
Hi
Matt:
Thanks
- I may have to go this way.
I
assume you mean importing it to the orf-ent.ini, appending it to this section
and then restarting the service?
[RecipientBlackList_OL][EMAIL PROTECTED]
How
many entries (approx.) is your list?
Best
RegardsAndy SchmidtP
Title: Message
Hi,
I've gotten a
request to add LDAP output to my ExtractImailAdr script (instead of just
database output).
Alias2LDAP by Sandy
does that already - however, if I understand correctly, the script has to be run
for as many times as you have mail domains set up. Since that l
Title: Message
Hi,
Sandy once
wrote:
>>The best-fit
protocol for directory lookups is, of course, LDAP. ORF's
Active Directory lookup feature, despite the vendor-specific name,
can be run against OpenLDAP or any other extensible directory. If
extending the LDAP schema in OpenLDAP
Title: Message
Hi,
I wrote a litte
script that extracts all users and aliases for ALL mail domains of the Imail
server and then associates each with the appropriate Host Aliases for each
domain (if any) - and adds those to a database.
I also wrote a small
matching sink for IIS SMTP that
Darrell:
Very valid points! I may have spoken too soon...
Now that I re-read this, I agree - the way it is written does make it sounds
as if it may be some internal table and as if this may be limited to
plain-text.
If you hunch is true that would render this pretty worthless.
Best Regards
An
Title: Message
Don't know if
everyone saw that.
Looks as if for
once, Imail may actually 'beat' Declude by supporting
SURBL natively.
I'm curious if
they'll at least do SOME of those checks (such as SPF) during the SMTP session -
instead of accepting mail first.
New Features In Ver
Same here. This is the first beta I had not tested, after other experienced
issues related to the new "setup" and I just didn't see any communication
that sounded like others had successfully adopted.
Best Regards
Andy Schmidt
Phone: +1 201 934-3414 x20 (Business)
Fax:
throw out most of the good mail with the bad because it too happens
to comply with RFCs?
Best Regards
Andy Schmidt
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dan Geiser
Sent: Monday, Ja
me out. I remember people asking a few times for an
updated/corrected beta and it seemed as if the answer was "real soon"? It's
all been SUCH a long time ago...
Is there now a 2.0 beta that's robust enough to install?
Best Regards
Andy Schmidt
H&M Systems Software, Inc.
600 Eas
Hi,
I personally use DLAnalyzer for both Virus and Spam reporting. It's been
enhanced several times in the past year. I also use it to automatically
email daily spam/virus reports (summaries and lists of blocked messages) to
certain clients.
Best Regards
Andy Schmidt
Phone: +1 201 934-341
Funny I was just thinking that as I was writing an Email to Darrell to get
him to add "bit-wise" comparison to his external filter. I find myself
looking at "forth parties" to overcome limitations in the "third party"
software that I bought to overcome limitations in Imail
-Original Message-
Title: Message
Hi,
check
the IIS log to see if it received the specific message, if it tried to relay the
message, which server it tried to reach etc.
If it
tried to relay, you can see what the other side responded - if it WAS Imail, you
can check the Imail logs for more.
Best
RegardsAn
Title: Message
Hi
Scott:
This may have been
discussed before. I'd like to put in my vote for a "Bitmask" comparision
feature for tests/sites that combine multiple values, e.g.,
SURBL:
2 = comes from sc.surbl.org4 = comes from ws.surbl.org8 = comes
from phishing data source (labell
Title: Message
Hi:
Draw
whatever conclusions you choose for yourself. I have not taken the bar in
any state and am not qualified to enter into any argument. I reserve the
right to base my lay-person opinion
on the anecdotal evidence from the first-hand and
personal conversation with activ
Title: Message
The
motivation for cleaning was not black-listing, it was AOLs aggressive pursuit of
Spammers supported by VA state law that is one of the (if not "the") toughest
with regards to computer abuse (including SPAM). Since many Spammers DO
operate out of the U.S. and/or market goo
Title: Message
Well,
I CAN tell you that I have personal contacts with Spammers (who keep wanting me
to take their business) - and from casual conversations about the "industry" I
know that several DO clean any AOL mailboxes from their lists before
doing campaigns out of fear of litigation b
Title: Message
Hi
Scott:
Assuming you have a good reason to expect spaces in the
RDNS (if one managed to squeeze a space into their DNS server
somehow, it would be invalid anyway!) - why not use a different delimiter?
You can use single quote or any delimiting character that is NOT a vali
Title: Message
Hi
Matt,
Well,
statistics are a tricky thing. When you had posted on the Sniffer or Declude
lists over the weekend that I should provide more specific numbers, I had
no yet understood how you calculated your "percent of SPAM". The key is
always how one defines 100%.
Now
dge how Declude was designed to work. Sorry for the false alarm.
Best Regards
Andy Schmidt
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dan Horne
Sent: Monday, January 10, 2
Title: Message
Hm... good point. Let me check my Outlook defaults.
It
clearly makes no sense to use that flag when posting to a
newsgroup...
Is
this causing problems?
Best
RegardsAndy SchmidtPhone: +1 201 934-3414 x20
(Business)Fax: +1 201 934-9206
-Original Message-
Title: Message
Hi
Scott:
My config file
has:
SNIFFER external nonzero "sniffer.exe authcode" 1
0
SNIFFER-SCAMS external 053 "sniffer.exe authcode" 2
0 SNIFFER-PORN external 054 "sniffer.exe authcode" 2
0 SNIFFER-MALWARE external 055 "sniffer.exe
authcode" 3 0
Title: Message
Hi,
I
wouldn't know how to do that. I didn't know you could make an external test
dependent on the current weight?
I do
that for "filters" - and I like the idea for other tests. If it's past my DELETE
weight, there is little point in going on.
So -
no, being ignorant, I
Title: Message
Hi
Matt:
>> Second,
Sniffer does cross checking with SURBL for creating new rules of certain types
<<
Which
means once THEY see a URL they use SURBL to RESEARCH it.
Obviously, that leaves any URLs that THEY have not yet seen (both other
people have). There are an unkno
Title: Message
Matt,
any
"black-list" is subject to false positives. That's why we are all
using Declude, so that we can combine the effect of different
imperfect blacklists to assess a likelihood of something
being Spam. It's entirely possible that you are relying exclusively on
Sniffer
Title: Message
Hi,
currently I give it 50% of my hold weight. So it must encounter
additional factors before causing a "false positive".
However, it helps with pushing mail from the "hold" to the "delete" (or
from "bounce" to "hold").
Best
RegardsAndy SchmidtPhone: +1 201 934-3414 x20
Title: Message
Hi,
Today I finally took
the time (I didn't have) and ran both Sniffer and SURBL Tests (using http://www.invariantsystems.com/invURIBL/).
Result:
1,860
tagged by invURIBL only -> gain over Sniffer = 21%
8,926
tagged by BOTH invURIBL AND Sniffer
962 tagged by
Title: Message
Hi
Scott,
I'm colocating a
Postfix gateway for a client - and "external" mail is being routed
fine.
However, I'm having a problem with Declude
triggering on reporting emails that are generated directly ON the gateway
itself:
- I have
IPBYPASS set for 67.132.45.18 (which
The short/direct answer is:
Declude gets it from the header. It doesn't "watch" the SMTP conversation.
That information is inserted by Imail (or a server you trust by specifying
IPBYPASS) by copying it from the HELO string.
It only makes sense once I thought about it.
Best Regar
doesn't matter if we add a few single lines for the other
20%.
DLAnalyzer customers have to be aware that they MUST NOT run LOG_OK NONE if
they upgrade from 1.79i16, which I think is perfectly acceptable.
Best Regards
Andy Schmidt
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934
Please note the subject:
I AM running 1.82 (the SpamHeader fix!)
It's only missing if LOG_OK is NONE.
Best Regards
Andy Schmidt
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of R.
Title: Message
Hi
Scott:
Hm -
it seems to be tied to:
LOG_OK NONE
If I
comment out that line, then 1.82 shows the "Tests failed" line again, if the
Last action = "">
Can
you remind me, what additional messages/log lines I will see if
#LOG_OK NONE
is
commented out?
B
Title: Message
Hi
Scott:
Here is my log file
BEFORE I upgraded from 1.7x to 1.82:
01/01/2005 00:08:06
Q303506642d68 Tests failed [weight=10]: IPNOTINMX=IGNORE SPAMHEADERS=WARN
SNIFFER=LOG WEIGHTFILTER=WARN WEIGHT10=LOG 01/01/2005 00:08:06
Q303506642d68 Last action = "">
If the L
Hi,
>> Remember, Declude JunkMail looks at the HELO/EHLO of the remote
mailserver, based on IPBYPASS/HOP <<
Uh - that's the answer. Thanks for clearing this up.
So the "HELO" is not necessarily taken from the HELO, but from the HEADER.
That certainly explains it.
Bes
Title: Message
Hi
Scott:
I'm running
1.82.
Here is the Imail 8
log:
01:07 13:13
SMTPD(d15f7804014ea63d) [63.107.174.14] connect 67.132.45.18 port 252501:07
13:13 SMTPD(d15f7804014ea63d) [67.132.45.18] EHLO mail.dollardays.com01:07
13:13 SMTPD(d15f7804014ea63d) [67.132.45.18] MAIL FRO
Well said.
Best Regards
Andy Schmidt
H&M Systems Software, Inc.
600 East Crescent Avenue, Suite 203
Upper Saddle River, NJ 07458-1846
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
http://www.HM-Software.com/
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[E
y pretty receptive over there, but they are
missing the big picture when it comes to spam blocking having never escaped
the plain vanilla white/black scoring method.Side note to Andy Schmidt
and other ORF users...do you have any need for this sort of
thing?MattSanford Whiteman wrote
r all is authoritative for its database -
even if don't agree how they define "country" for the purposes of THEIR
database.
Best Regards
Andy Schmidt
H&M Systems Software, Inc.
600 East Crescent Avenue, Suite 203
Upper Saddle River, NJ 07458-1846
Phone: +1 201 934-3414 x20 (Bu
red by URI checks?
Best Regards
Andy Schmidt
H&M Systems Software, Inc.
600 East Crescent Avenue, Suite 203
Upper Saddle River, NJ 07458-1846
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
http://www.HM-Software.com/
-Original Message-
From: [EMAIL PROTECTED]
ude - and I fully support their efforts (in general) of
license enforcement.
However, I still hope that Barry recognizes the need that ALL customers need
to know enough about the procedures to regain (!) MY level of comfort and
confidence in the company and the product.
Best Regards
Andy Schm
Title: Message
http://www.dnsstuff.com/tools/netgeo.ch?ip=81.15.216.130 and any other
IP
Best
RegardsAndy SchmidtPhone: +1 201 934-3414 x20
(Business)Fax: +1 201 934-9206
301 - 400 of 968 matches
Mail list logo
