Hi;
Is it correct to assume that this statement on the manual:
-
First, you need to create a text file that lists one address or domain
per line, followed by the reason for blocking it. For example,
@example.com This domain sends spam. or [EMAIL PROTECTED] This
guy was mailbombing us.
Hi;
We purchased JunkMail almost 1 month ago and we researched the
subscription systems quite a lot. In the meantime we tested the system
as is out of the box (or in this case out of the site) by putting
filters in our Outlook to trap all that violate any rules. The
following summarizes what we
Hi;
Would it not be great if we could assign an e-Mail or a number of
e-Mails that if someone sends a message to they will automatically get
blacklisted? This would immediately save all the junk they will manage
to send through.
We have had employees that are no longer with us (some for years)
I am staring at our reports... I find the following trends:
When these spammers send e-Mail, they use a bogus email such as:
(based on our log): [EMAIL PROTECTED]
Now looking at this e-Mail - this person has sent e-Mail to almost
everybody in the company in different bursts. So lets say that
Title: Message
Going back to the
discussion on Junkmail?
Is it possible to
simply have a list for "Check First" and then deliver domains that users with
that domain will have their userID checked for validity
first.
If we can check
the domains of Hotmail, and Yahoo first and see if they
Title: Message
thought it could be of interest...
Kami
-* European
Union bans spamGLOBAL INTERNET COMMUNITY APPLAUDS EUROPEAN ANTI-SPAM
VOTEMay 31, 2002 - The Coalition Against Unsolicited Commercial
E-Mail(CAUCE), EuroCAUCE, CAUCE India, CAUCE Canada and the
Hi Scott:
I see the LOOSENSPAMHEADERS in your email and in the Release notes. But
I can't see anything in the Global.cfg or $default$.junkmail that
addresses this. Am I going blind or missing something... Or perhaps
both?
Is this a programming feature added or something we need to set to ON?
Title: Message
Hi
Scott:
The test:
X-Spam-Tests-Failed: HEUR10
Does it look at
the CC field? It appears that when we have a large number of people in the
CC list it marks the e-Mail as SPAM.
is that the
correct assumption?
Regards,
Kami
Title: Message
Hi
all..
Among all of us..
there is enough resources and know-how that should easily let us create a
database of unique entries in a kill-list.
We can gladly
provide a simple interface that everyone can upload their kill list - then run a
unique query on the list and output
Title: Message
Hi;
I also randomly
checked the domains and I have a hard time believing some of those sites are in
any sort of mass e-marketing.
216.234.252.98
home.faithmail.com
216.234.252.91
home.brownsmail.net216.234.252.92 home.bazaar.com
216.234.252.97 home.esife.org
are some that
Hi;
Copy the Declude.exe and replace the old version. The other files do
not need to be touched.
Typically, from experience, nothing in the old versions of global
$default$ files change. With new versions additions can be made to them
but nothing is typically changed or omitted. So keep the
Hi;
In assigning negative weight should we assign the domain as it appears
in the log?
Almost all newsletters from Microsoft are assigned a warning for REVDNS.
So should we assign a negative 5 weigth to:
Microsoft.com
Or:
Newsletters.Microsoft.com
Or:
delivery.pens.microsoft.com
This is also
Title: Message
Hi;
In the Word Filter
we can use a line as such:
REVDNS -5
CONTAINS yahoo.com
The domain name listed here refers to Yahoo.com specifically
or like the BlackList or WhiteListrefers to anything that ends with
Yahoo.com?
For example does
the above also assigns a -5 to
--- This message was by mistake posted to the Declude virus list. 2nd
posting.
-
Hi;
Any thoughts on this?
At times I notice that I personally receive SPAM where the CC field
contains my userid at every single domain
Just to show an example: The header follows-
Yes- there are other tests that catch it. But from what I have seen so
far, the tests that have caught this e-Mail are not known to be 100%
proof of SPAM. I have seen these tests fail in some legitimate e-Mail.
The multiple UserID address test
Title: Message
Hi;
In applying
Negative weight to beta 1.56 -
We
have:
NOABUSE-9CONTAINS@usairways.com
Since the
WordFilter has a weight of 5 and the NoAbuse has a weigh of 4 so -9 should
negate the effect of both.
But we get the
following in an e-Mail from USAirways.
Title: Message
hi;
Two simple
questions for Beta 1.56:
In the Word
Filter:
WEIGHT15SUBJECT [SPAM]WEIGHT15ROUTETO [EMAIL PROTECTED]
We get the RouteTo
emails but they are not marked as SPAM. The above is in the
$default$.junkmail file.
Also:
In the
WordFilter:
BODY5CONTAINSADULT
Title: Message
Hi;
Recently we are
noticing a higher incidents of mail coming to us from the backup mail
server. This is hosted elsewhere but somehow the SPAM'ers are sending
e-Mail to that server to come to us. I think they probably think that we
have that server in a WhiteList, therefore
Hi Scott:
Sorry to have sent the entire header but I think I did not relay the
issue clearly. Look at the header and see who it is sent to. We have
no business receiving an email that is addressed to:
[EMAIL PROTECTED] since this is our backup mail server.
When they send it to that address
Hi Again:
Just to complement the previous posting: Look at the following SPAM
=
Received: from njohhd ([65.138.136.163])
by mail.americana.com.do (Lotus Domino Release 5.0.9a)
with SMTP id 2002073008494562:2754 ;
Tue, 30
Title: Message
Hi;
Has anyone seen a
valid or a legitimate e-Mail that is addressed as follows:
To: #recipient#@Domain.com
a number of SPAMS
received have that as the address in the TO field. With the new HEADER
option in 1.57 beta we can filter this from the HEADER section so I am
Title: Message
Hi;
Is this correct?
WHITELIST FROM .Microsoft.com
This will whitelist any email coming from Microsoft such
as:
[EMAIL PROTECTED]
[EMAIL PROTECTED]
or should it be written differently? We are seeing
certain whitelist listings being trapped and we are just a bit
confused.
This sounds quite interesting.
Would the statement in the Global.cfg be?
KOREA ip4rkorea.services.net * 3 0
Or do we have to list an IP address as well?
Regards,
Kami
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of
Title: Message
Hi;
It seems like that
the HEADERS tag does not trigger on Recipients. Or may be it does but in
this case it was not (somehow) detected.
The X-Note:
Recipient(s): shows two emails (materials material)that are listed
in our filter file with scores of 10. This SPAM should
Title: Message
Hi:
Version 1.58 -
uploaded this morning.
Wehave the
following in the global.cfg
# Custom
Tests
BLACKLIST
fromfileD:\IMail\Declude\Blacklist.txt
x
15
0BLACKLISTWRNfromfileD:\IMail\Declude\BlacklistWgt.txt
x
130FREEEMAILSfromfileD:\IMail\Declude\FreeEmails.txtx
50
Hi;
I think this is a great idea... Why not actually have an option to scan
the top or the bottom. I know in our case if I have only one choice I
would choose the bottom of the e-Mail for scan.
Because most of our Word Filter is based on the bottom of the spams. I
had no idea that it is only
Title: Message
What is the
meaning of (295)? I am almost sure it has to do with the filter that has
failed!
X-RBL-Warning:
WORDFILTER: Message failed WORDFILTER test (295)
How can we setup a
code so we can make sure we know which listing is triggered?
For example in
this line, is there
Hi again..
Line number? I bet it does not count blank lines right?
Line 1: SUBJECT 1 CONTAINS$
Blank spacer
Line 3: SUBJECT 3 CONTAINS$$$
The Line 3 is actually Line 2!? So who is on 3rd? :D
Regards,
Kami
-Original Message-
From:
We are actually finding more more SPAM are coming that way. We are
only catching them when they put interesting words in the subject.
Also what we are finding is they are turning the links and addresses
into binary numbers, therefore making it impossible to detect the links
and trap them...
Title: Message
Hi; [Version 1.58
beta]
Why is the email
scanned when the following exists in the Global.cfg
WHITELISTFROM@CHARITYCHANNEL.COM
I thought the
whitelist should be the e-Mail that is identified as: X-Declude-Sender
The header
follows:
=
X-SMTPExp-Version:
Hi;
I checked no typos... And all appear to be fine.
I will wait to see if on Monday the email from this list gets scanned
again. Who knows.. It could be a glitch or something.
we do not have over 200 WHITELISTS.
Was there a automatically passing all spam tests line in the log file
for this
Hi;
I think Declude looks at this:
X-Declude-Sender: [EMAIL PROTECTED]
Two possibilities:
- @postino.ch is whitelisted
- [EMAIL PROTECTED] is whitelisted.
At least that is my understanding...
Kami
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of
Title: Message
Hi;
Problem!
the Sparklist
appears to be used by a large number of organizations out there to send their
newsletter.
It is almost
impossible to WHITELIST a newsletter since the address changes daily. Look
at this which is the eNewsletter by Cato Institute. The Nation also
I always thought it would make a lot of sense to have an Internal
SpamCop address.
An address that we can use in Declude so any e-mail that is sent to that
address is automatically added to a blacklist address for background
deletion.
If such addresses is then easily advertised on a couple of
Some thoughts ... What I have seen happening to us..
[1] What do you blacklist? I think that only the IP address of the
sender could be safely blacklisted.
--- If I do IP then it has to be a temp file so lets say for 24 hours
that IP can not send email. Because we sure don't want to blacklist
Title: Message
Hi;
Version:
1.61 beta
it seems like any
email that has attachment is triggering the BASE64 test. We have put a
weight of 14 hoping the body of the eMail trigger this but now attachments are
triggering this as well. For example:
This
eMail:
X-RBL-Warning:
How did I know the body is not encoded?
For scores of over 20 the system forwards the email to an account that
we check using Outlook Express. OE is better and easier to use for
looking at the header since you can easily get the properties and then
see the entire body and the header, whereas in
Hi Scott:
It would also be great if you could consider adding a stop test
consideration.
If one is having a lot of tests it seems like it is a waste of resources
to test an eMail if it is already found in blacklist. We automatically
delete all that are listed in our blacklist, therefore all
We have had good success with them.
Our system is setup for weight of 15 to be marked as SPAM in the subject
and weight of 20 to be redirected to Admin.
The following is how we treat these:
MONKEYPROXIES ip4rproxies.relays.monkeys.com
127.0.0.1 15 0
Hi;
We don't use any pay services. I am amazed as the effectiveness of the
ones that are free.
Simply with Declude and the tests listed -- we have enabled a large
number of those in the list-- I know I, very rarely, get one or two
spams a month. The tests are quite effective.
We simply route
Just 2 cents worth of idea!
Tom has done a great job in creating a live blacklist, meaning a list
that changes and does not just grow because something happened to get
listed in it 3 years ago.
But I think, perhaps an idea could be, that a group join Tom and do the
same thing. We can easily
Title: Message
Hi;
Is there a good
way to deal with Yahoo Groups?
We have
organizations that are in various lists but looking at the X-Declude-Sender does
not give a clear indication what can be WhiteListed for a specific
list.
We hate to have to
Whitelist the entire Yahoo Group since
Title: Message
Hi;
Now I am
confused.
How can we have a
weight test that ROUTES the eMail to an address as attachment and to another
address as regular eMail.
We have the
following:
WEIGHT15-19cweightrangexx1519WEIGHT20-99sweightrangexx2099WEIGHT20-99rweightrangexx2099
then
Hi Scott:
It is good to see that I am not the only surprised by this one.
Any reason why we should not create a filter for such double extensions?
Can you think of any reason why a legitimate site should have a double
extension?
Regards,
Kami
-Original Message-
From: [EMAIL PROTECTED]
Title: Message
Hi;
Does negative
weight work with Subject?
Is this
valid?
SUBJECT-20CONTAINSDelivery
failure
I have a feeling
this does not work since mail rejections keep coming to the
SPAM.
Regards,
Kami
Hi;
I thought this could be of interest, in case you don't get the warnings
from Sophos.
Regards,
Kami
-Original Message-
From: Sophos Alert System [mailto:emergency-return;lists.sophos.com]
Sent: Friday, October 25, 2002 6:04 AM
To: [EMAIL PROTECTED]
Subject: Sophos advises on
Be careful if you do this...
A lot of people actually send messages to others as BCC and then put
themselves in To in order to make sure it has gone out.
We see a lot of that.
Regards,
Kami
-Original Message-
From: [EMAIL PROTECTED]
[mailto:Declude.JunkMail-owner;declude.com] On
Tom:
This is what we have actually after a couple of months of tests with
WARN we went to delete option since everything that was marked by them
was really spam.
#
# Blackholes- by Country- DNS CHECK: US
#
BHOLE-ARGENTINA ip4rargentina.blackholes.us 127.0.0.2 18
0
BHOLE-BRAZIL
Hi;
This is to your own blacklist. We have setup a blacklist for JunkMail
and delete all emails in the blacklist.
With Declude you can setup a file (text file) and make it a custom
filter. We have a file called blacklist and in the action file we set
it up for delete.
BLACKLIST fromfile
Title: Message
Hi;
Can someone
explain what this is? It seems like these are the hops that this eMail is
going through. This is from an eMail header.
===
Received: from
unknown (6.61.10.17) by rly-xr02.mx.aol.com with NNFMP; Nov, 03 2002 2:08:31 PM
Hi;
I have:
COUNTRYCHAINX-Country-Chain: %COUNTRYCHAIN%
In the Global.cfg.
Am I to expect the country chain in all eMail headers? If yes.. Then I
am not getting it.
I have downloaded the
file:http://www.declude.com/release/162/all_list.dat and put it in the
declude folder.
Missing
Title: Message
Hi;
The concept is
interesting. It is sort of like the Trusted Sender of
TRUESTe.
In reviewing the
site: http://www.habeas.com/support/install.htm#headers
it seems like they
don't have IMail discussed. Scott since you started this topic, do you
knowwhat it would take to
Title: Message
Hi;
It seems like
Junkmail treats these two listings differently.
.SAVINGSENGINE.COM
@MAIL1.SAVINGSENGINE.COM
I have always been
under the impression that the first listing will include the 2nd listing. But it
seems like the postings from this domain is getting through.
Title: Message
Hi
Scott:
Any chance of
considering, of course if it makes sense, a wild card for
fromfile?
We see companies
that send SPAM from different variations of emails.
[EMAIL PROTECTED]
[EMAIL PROTECTED]
of course if we
are to blacklist we need 2 entries, namely:
@domain.com
Title: Message
We have seen quite
a lot. It is happening more and more. If HTML comments could be
ignored it would be a great addition. I wonder what would be the downfall
of the idea?
I also think
another filter that can be considered is the routing type filter. I don't
know if bad
Scott:
We have seen that the Base64 test is also triggered for International
languages. We used to have a high weight assigned to it but we noticed
when people write each other using Unicode or foreign (non-English)
characters the test is triggered.
Is this known?
Regards,
Kami
-Original
Hi;
This brings out an interesting point. Would it not be easier if tests
could be defined that are combination of tests? (or does such a thing
exists and I don't know about it?).
This would be something like saying 1 + 2 + 3 = 100 but each test by
itself is weighed quite low.
The challenge we
Actually his weight hit over 200 for us. Smart move!?
Weight of 100+ is automatically forwarded to Spamcop. So I wonder if
that was cancelled or reported.
We had negative 100 weight assigned to Declude but he forced us to move
Declude to Whitelist so this won't happen again!
Kami
Hi;
You are right... This actually is the first time this has happened. Our
weighing system is such that a score of 100+ is assigned to our Spam
trap accounts. In almost 1 year this is the first time I am faced with
this... Never thought a legitimate eMail could trigger so many traps.
Of
I wonder if using
SUBJECT 5 IS
Catch the blank subject..?
Regards,
Kami
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of John Tolmachoff
Sent: Wednesday, December 11, 2002 6:33 PM
To: [EMAIL PROTECTED]
Subject: RE: [Declude.JunkMail]
Hi;
We have spamtrap emails that are on our web sites but are not seen. If
anyone uses them naturally they have harvested it.
So we have:
ALLRECIPS 100 CONTAINS[EMAIL PROTECTED]
So if that address is anywhere in the recipient list the entire email is
expected to be spam.
We
Title: Message
Hi;
I am seeing more
and more URL's that are encoded, like:
http:[EMAIL PROTECTED]/%72%65%64%6C%69%67%68%74%65%6D%61%69%6C%2F%69%6D%61%67%65%73%2F%30%
I am yet to see
anyone with a legitimate eMail use such an approach for sending their
links.
Is there a
legitimate reason
Title: Message
Hi;
An interesting new
twist, at least from what I have noticed, is SPAM coming with no From
address. Here is a sample Header:
Reply-To:
"postmaster" "postmaster@"Message-ID:
Title: Message
Hi;
Will IS filter
type as listed below:
MAILFROM 20
IS post@
catch this eMail
not catch: [EMAIL PROTECTED]?
We are getting a
lot of eMails like this ...
===
Received:
from [200.196.110.105] by mail.foroosh.com (SMTPD32-7.13) id
Hi;
We are using them. I have found them to be effective.
We have them:
MONKEYPROXIES WARN
MONKEYFORMMAIL WARN
MONKEYPROXIES ip4rproxies.relays.monkeys.com 127.0.0.1 15
0
MONKEYFORMMAIL ip4rformmail.relays.monkeys.com 127.0.0.1 10
0
We hold on weight of 20.
Title: Message
Hi;
Anyway other than
using the HEADERS filter type to read the name of a TO
field?
From: "Fantasy
Toon" [EMAIL PROTECTED]
We are getting a
bunch of SPAM from these folks with different eMails but the same
name.
I was wondering if
we can read the "Fantasy Toon" without
Title: Message
Hi
Scott:
Any chance of this
ever be considered. This would be for a wildcard in FROM
field.
Another trend is:
[EMAIL PROTECTED]
naturally anyone
buying drug from someone with a yahoo account should be questioned. We get
these type of eMails with the numbers changing from
Hi;
Please be careful. I know we are not alone since I posted this before and
others also stated that they have seen this happen to them.
In our case: We had set it up so it runs everyday. All used to work and
the program does what it is supposed to do. But when a month changes (1st
of the
Title: Message
Hi;
Interesting
trend... I keep seeing spam coming from strange userID's (randomly
made)@Durability.com and other domains we host for several
charities.
I think that
solves a couple of problems for these people - like the MX record exists and
also chances are that a company
What we have done is weigh negatively the sum of those tests for these two
domains (Yahoo, Hotmail).
We have a list of any free domains that we have received mail from. The
free sites we add 5 to start with. [I can send you the list if you want]
The Hotmail and Yahoo spam are typically caught
Title: Message
Hi;
It appears that
with the latest interim release there is a problem with ROUTETO. Since we
upgraded we see that the heavy weighted emails that are to be ROUTEDTO admin are
being delivered.
Part of the
header:
=
X-RBL-Warning:
One observation I have made is majority of such spam come from random emails
but the content refers to certain web sites - quite consistently.
So we have an active URL list that if found in the body of emails it will
weigh them quite high. These URL's are real consistent and in combination
of
Hi; [sorry for the long note]
These files are changing everyday...
Sure.. I hope the list does not mind. I have asked so we put a link on a
location on our site and keep these files up to date. Similar to what Tom
has done which has helped us quite a lot.
Here is the legend to the files that
Yes..
Mailfrom contains will simply detect that address.
So if you set:
Mailfrom 0 Contains @list
You will catch x@list428, [EMAIL PROTECTED], etc.
So be careful..
Kami
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of paul
Sent: Wednesday, January
Title: Message
Hi;
Based on the
requests we received I decided to make these lists available hopefully we
can maintain them, at least on a weekly basis.
We hold on a
weight of 20.
Free emails: -
http://www.ClickandPledge.com/support/mail/freeemails.txt
these are the
services we have
Hi;
They are both correct - depending on what you want to do.
Your text is what is being exactly matched. Text means whatever you have
including the quotation marks.
The first line will trigger if subject is You're the Winner You're a
Winner.
The second line only triggers for You're a Winner
Title: Message
Hi;
There has to be
something that can be done about detecting this...
==
Prev!--info--ent Prema!--info--ture
Agin!--info--!--info--g and
DiseasebrB!--info--uild Lea!--info--ner
Mus!--info--cle
Mas!--info--sbrRe!--info--duce Bo!--info--dy
Fa!--info--t and
Title: Message
Hi;
I am just curious
as to how Declude read this - is the word Whateversomething.com a continous word
or a broken word?
In email bodies
text shows as broken in multiple lines. I am just curious as to when a
word is broken (at least as it appears when we look at the source)
Title: Message
Scott...
Hopefully in one
of the future releases we can come up with a filter that works with before and
after space..
After all how
obscene is the word basement?
Drawings were
being sent to me for our office that were not reaching me! Why? the
filter:
SUBJECT12
Hi;
Those numbers are nothing - for all practical purposes. They are reference
numbers that help us find it.
The same goes with Tom's list. The number is internally made allowing them
to monitor it.
Beside that it really does not nothing in Declude.
About our number -- that is simply the
Scott:
Just to ask the obvious but to be sure...
Now the whitelist is a different file- just like fromfile?
WHITELIST WHITELISTFILE D:\IMail\Declude\Whitelist.txt x
0 0
Is this the format?
Regards,
Kami
-Original Message-
From: [EMAIL PROTECTED]
Could I possibly ask another question?
This is replacing the
Whitelist FROM?
Whitelist TO?
Long day... Kind of slow..
Regards,
Kami
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of R. Scott Perry
Sent: Friday, January 17, 2003 3:25 PM
To: [EMAIL
Title: Message
Hi;
I know this
subject was discussed but I can not find it in the archives.
We are seeing more
and more SPAM that have IP address as return address. I just can't think
of a legitimate email that would do that.
=
X-RBL-Warning: IPNOTINMX:
Hi;
Is it a viable solution to filter the header for:
From:
Regards,
Kami
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of R. Scott Perry
Sent: Sunday, January 19, 2003 2:09 PM
To: [EMAIL PROTECTED]
Subject: RE: [Declude.JunkMail] Return address IP
Title: Message
Hi;
In case you are
interested, we have created a simple Access database that contains all of our
entries in for our fromfile and filter files.
Since it is all in
the database we thought we can simply replicate it with the web site and provide
it to all to use or consider.
Title: Message
Scott:
Is there a limit
on the filename size for Declude JM?
I have a feeling
that a long filename is not being read. I will do more debugging but here
is the filename for one filter file.
IMail_Filter_URLinBody.txt
Just
curious..
Regards,
Kami
Title: Message
Sorry.. the last
post about the filename was not the issue causing the
problem.
It seems like if
the weight is put as a real number (20.00) the system somehow passes over it and
does not detect the rest.
The database
output was creating:
MAILFROM 20.00
CONTAINS inkjet
Hi Scott:
If he is referring to what we have on the list- then it is this:
BODY 10 CONTAINS www%2e
Hope this helps.
Regards,
Kami
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of R. Scott Perry
Sent: Thursday, January 23, 2003 8:57 AM
To: [EMAIL
Title: Message
Hi;
I thought of an
idea that when tested resulted in some good catches...
We experimented
with using our Blacklist fromfile not only with DELETE action but also as a
filter file. The same with our Free Email fromfile.
In essence while
those that we blacklist keep changing
Title: Message
Check this
out...
To: [EMAIL PROTECTED]Subject:
~2914[IMail Forum] iMail and Antivirus options?Date: Thu, 23 Jan
2003 9:42:03 -0800MIME-Version: 1.0Content-Type: text/plain;
charset=ISO-8859-1Content-Transfer-Encoding: 8bitMessage-ID: [EMAIL
a password. Thank you again.
-Keith
-Original Message-
From: Kami Razvan [mailto:[EMAIL PROTECTED]]
Sent: Tue 1/21/2003 6:46 PM
To: JunkMail List
Cc:
Subject: [Declude.JunkMail] Our filter fromfiles.
Hi;
In case you are interested, we have created a simple Access database
Hi;
Are you interested in knowing the tests that have failed or which items
within a test have failed.
I don't think you can know all the items (e.g. filters) that you have and
which ones have failed.
If you have a filter file then the header will only show one of the filters
and not all the
Title: Message
Hi;
Would it not be a
practical idea if we could setup a password so the Junkmail would not check the
email when sending it?
Similar to the way
the Listserv works when we setup password for it, e.g. [:xyz:] in the
subject.
Then the system
could strip that character out and
Hi;
Is this not something that one can do at the Imail level? I thought you
could limit the size of message per user if you want.
Regards,
Kami
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of R. Scott Perry
Sent: Monday, February 03, 2003 8:13 AM
To:
Hi;
This Comments filter is already working great. It is catching the trick
quite nicely. Great job..
Any plan to also add the variation of this trick -- simply:
=2Ecom=2F
http=3A=2F=2F
Or the likes? These tricks are now causing our URL filters not to be as
effective.
Regards,
Kami
Hi;
I think it was Tom who submitted a complete listing of all countries in a
file. That can save you time by simply assigning weight to each country as
you see fit.
I just listed it here from his file- just in case you want to have them all.
This is our weights but you should adjust it per your
Title: Message
Hi;
Is there anyway
possible to set a flag if a filter file reaches a certain limit in
weight?
We have setup
several filter files and each for specific actions. It would be nice to be
able to assign a limit weight (upper allowable) for each test. If that
limit for that
Hi;
This email could have been caught if some guidelines are used in the filter
file. In our filter file this would have never been sent but would have
been routed to the admin.
1: incident of XXX in the MAILFROM
2: the words in the subject are in our subject filter file
These two alone would
PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Kami Razvan
Sent: Friday, February 07, 2003 06:05 AM
To: [EMAIL PROTECTED]
Subject: RE: [Declude.JunkMail] country filter
Hi;
I think it was Tom who submitted a complete listing of all countries in a
file. That can save you time by simply
Hi;
One thing that we did was on a number of sites that we support for public
information we put in hidden HTML comments the email for our spam trap.
Now one thing you need to be aware of are software that is used to clean up
the emails for these spammers. I have read that they look for such
1 - 100 of 483 matches
Mail list logo