Search Results

Search found 6460 results on 259 pages for 'spam filter'.

Page 35/259 | < Previous Page | 31 32 33 34 35 36 37 38 39 40 41 42  | Next Page >

  • Preventing Postfix backscattering

    - by Must Do Better
    I am having problems with the Postfix mail server being used for backscattering, I have tried the suggestions in the manual but nothing seems to work. Does anyone know how we can reject any mail from entering the queue if the recipient doesn't match a local recipient rather than send bounce emails? I'm assuming it should be a fairly straight forward change in the configuration files. Just to note I am using Webmin/Virtualmin on the server.

    Read the article

  • Emails going to Junk for Hotmail recipients

    - by David George
    We send daily mass emails to our customers (~30,000+ emails per day). We have problems with Hotmail users receiving our emails. Sometimes the email goes to the Junk folder, but often it will got to their inbox, but the content is blocked so the user sees a message saying "This email was blocked and may be dangerous". If an email is sent to GMAIL it is usually not blocked, but it does show up as from "Uknown" instead of the company. Please be advised I've done the following: 1. No RBLs Checked on - http://multirbl.valli.org/ 2. We do have SPF records published 3. We do have reverse DNS setup 4. Our company even signed up for the Junk Mail Reports Program at Hotmail Here is a sample header, I've noticed the X-SID-Result and the X-AUTH-Result both FAIL every time at Hotmail: X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MTtTQ0w9MQ== X-Message-Status: n:0 X-SID-Result: Fail X-AUTH-Result: FAIL X-Message-Info: JGTYoYF78jFqAaC29fBlDlD/ZI36+S6WoFmkQN10UxWFe1xLHhP+rDthGRZM87uHYM926hUBS+s0q46Yx9y6jdurhN6fx0bK Received: from privatecompany.com ([WanIPAddress]) by col0-mc3-f30.Col0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Wed, 5 May 2010 08:41:27 -0700 X-AuditID: ac10fe93-000013bc00000534-46-4be191a1618e Received: from INTERNAL-Email-SERVER([InternalIPAddress]) by privatecompany.com with Microsoft SMTPSVC(6.0.3790.4675); Wed, 5 May 2010 11:41:21 -0400 From: Private Company, Inc.<[email protected]> To: [email protected] Message-Id: <[email protected]> Subject: Date: Wed, 5 May 2010 11:42:46 -0400 MIME-Version: 1.0 Reply-To: [email protected] Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: 8bit X-Brightmail-Tracker: AAAAAA== Return-Path: [email protected] X-OriginalArrivalTime: 05 May 2010 15:41:27.0837 (UTC) FILETIME=[6D06E4D0:01CAEC69]

    Read the article

  • Why an empty MAIL FROM address can sent out email?

    - by garconcn
    We are using Smarter Mail system. Recently, we found that hacker had hacked some user accounts and sent out lots of spams. We have firewall to ratelimit the sender, but for the following email, the firewall couldn't do this because of the empty FROM address. Why an empty FROM address is consider OK? Actually, in our MTA(surgemail), we can see the sender in the email header. Any idea? Thanks. 11:17:06 [xx.xx.xx.xx][15459629] rsp: 220 mail30.server.com 11:17:06 [xx.xx.xx.xx][15459629] connected at 6/16/2010 11:17:06 AM 11:17:06 [xx.xx.xx.xx][15459629] cmd: EHLO ulix.geo.auth.gr 11:17:06 [xx.xx.xx.xx][15459629] rsp: 250-mail30.server.com Hello [xx.xx.xx.xx] 250-SIZE 31457280 250-AUTH LOGIN CRAM-MD5 250 OK 11:17:06 [xx.xx.xx.xx][15459629] cmd: AUTH LOGIN 11:17:06 [xx.xx.xx.xx][15459629] rsp: 334 VXNlcm5hbWU6 11:17:07 [xx.xx.xx.xx][15459629] rsp: 334 UGFzc3dvcmQ6 11:17:07 [xx.xx.xx.xx][15459629] rsp: 235 Authentication successful 11:17:07 [xx.xx.xx.xx][15459629] Authenticated as [email protected] 11:17:07 [xx.xx.xx.xx][15459629] cmd: MAIL FROM: 11:17:07 [xx.xx.xx.xx][15459629] rsp: 250 OK < Sender ok 11:17:07 [xx.xx.xx.xx][15459629] cmd: RCPT TO:[email protected] 11:17:07 [xx.xx.xx.xx][15459629] rsp: 250 OK Recipient ok 11:17:08 [xx.xx.xx.xx][15459629] cmd: DATA

    Read the article

  • Project Honey Pot - mod_httbl

    - by Henko
    I'm very interested in project honey pot. It seems like a smart way of blocking harversters etc from your web server. I found out about mod_httpbl for apache but I haven't find much to read about it other than on project honey pot's homepage. Doesn't seem like a very active project(?) Could someone with exeperience of httpbl tell me if mod_httpbl is good/bad or if there are other better alternatives?

    Read the article

  • Exim backscatter

    - by asrijaal
    One of my relays has been listed on backscatter.org, now I'm trying to configure our existing config only to send bounces to local users only. Does anyone knows how I deal with this issue? I've added following rule in my acl_check_rcpt deny senders = : dnslists = ips.backscatterer.org log_message = $sender_host_address listed at $dnslist_domain message = Backscatter: $dnslist_text Would this be enough not get listed again?

    Read the article

  • Can Microsoft Security Essentials Signature Update Notifications be Avoided?

    - by Goto10
    I have my Windows Automatic Updates set to "Notify me but don't automatically download or install them.". However, if I install Microsoft Security Essentials, can I have the daily virus signatures downloaded and applied without being prompted each time by Windows Update? I like to have the control of installing general Windows Updates, but prefer not to have to accept the signature definitions that I expect to have applied every day (would get a bit tedious). Using XP Home SP 3. Just wanted to check this over before deciding whether or not to go for Microsoft Security Essentials.

    Read the article

  • Putting codes in email subjects

    - by Christian W
    We send out large quantities of email to our customers (work environment surveys). Sometimes our mailinglist for a client isn't quite up to date and we get bounce mails (address not found and such). However, since these all bounce back to the same address it's difficult to keep track on which bounce belongs to which client. (The email subject is usually pretty generic, like "Welcome to the work environment survey") This is why I would like to insert a identifier in the subject line of the email. So the subject would be "Welcome to the work environment survey (1234)" where 1234 is a number identifying the client/survey. We already rank pretty high because of the way our mailer handles sending the mails. Usually we contact the clients it-dept to get them to whitelist us in their firewall/spamfilter. Would this increase our spamscore in spamfilters?

    Read the article

  • How do I prevent mail from my Exchange server from being blocked?

    - by Mike C
    Recently one of our client machines was infected with a virus and I believe was spamming addresses in the user's contact list. Since then our server has been appearing on blacklists and it has been causing our e-mail to be blocked and returned by many clients. The virus has since been cleared, what can I do to get our server off these blacklists so that we will have more reliable e-mail service? Will I have to change my IP address? Thanks, Mike

    Read the article

  • Strange email coming from/to my computer

    - by Micah
    I'm running smtp4dev on my machine to trap anything going in/out of my computer on port 25 for testing purposes. Every so often this email gets trapped and I have no idea what it's from. I have Microsoft Security Essentials running on my machine and it hasn't identified and viruses or anything so I'm not sure what's going on. Here's the content of the message: Received: from [125.180.72.4] by 173.162.7.130 SMTP id O2Ncv62Ghig1vR for <[email protected]>; Fri, 24 Jun 2011 20:36:15 +0200 Received: from [125.180.72.4] by 173.162.7.130 SMTP id O2Ncv62Ghig1vR for <[email protected]>; Fri, 24 Jun 2011 20:36:15 +0200 Message-ID: <[email protected]> From: "" <[email protected]> To: <[email protected]> Subject: BC_173.162.7.130 Date: Fri, 24 Jun 11 20:36:15 GMT MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_000D_01C2CC60.49F4EC70"

    Read the article

  • plesk 9 spamassassin server wide blacklist via cron?

    - by Kqk
    hi, we're running ubuntu 8.04 LTS and plesk 9.2 our simple task is to set up a periodic black list for spamassassin, e.g. using this script .. #!/bin/sh #! Script by AJR to update local spamassassin rules cd /tmp wget -c http://www.stearns.org/sa-blacklist/sa-blacklist.current mv sa-blacklist.current local.cf -f mv local.cf /etc/mail/spamassassin -f rm local.cf -f /etc/init.d/psa-spamassassin restart now, this script runs fine, but plesk doesn't seem to recognize the blacklist in its GUI. which is annoying, especially because plesk itself writes to /etc/mail/spamassassin/local.cf. i wasn't able to find out the secret place, where plesk distinguishes between entries in local.cf added via GUI and command line. any help is appreciated! thanks.

    Read the article

  • Is There Something Wrong With My Computer Or The Website Server?

    - by thewarspk
    Recently I've been playing one new game which is called THE WARS, it's so fucking interesting that has become the routine work of my life. Yesterday i carelessly downloaded some files with virus, now my computer can't work properly, i just found i couldn't open the game page! Im so mad now, im wondering is there something wrong with my computer or website server, if it's mine, i will find someone to fix my PC, please check out for me...thank you very much, here is the address http://wars.swagblack.com/webgamethewars.aspx

    Read the article

  • 553-Message filtered - HELO Name issue?

    - by g18c
    I am having major issues sending from my SBS2011 machine to Message labs server-13.tower-134.messagelabs.com #553-Message filtered. Refer to the Troubleshooting page at 553-http://www.symanteccloud.com/troubleshooting for more 553 information. (#5.7.1) ## I have changed the IP and hostnames from the below. I am not on any IP or domain blacklists. I have setup SPF (which includes mailchimp servers): v=spf1 mx a ip4:95.74.157.22/32 a:remote.mydomain.com include:servers.mcsv.net ~all I am sure i have setup my HELO names correctly under the Exchange Management console, sending a test email from the SBS server and looking at the header shows the following: X-Orig-To: [email protected] X-Originating-Ip: [95.74.157.22] Received: from [95.74.157.22] ([95.74.157.22:52194] helo=remote.mydomain.com) by smtp50.gate.ord1a.rsapps.net (envelope-from <[email protected]>) (ecelerity 2.2.3.49 r(42060/42061)) with ESMTP id 11/90-10010-E529C835; Mon, 02 Jun 2014 11:04:09 -0400 Received: from MYSBSSVR.mydomain.local ([fe80::3159:95a6:23f:1bef]) by MYSBSSVR.mydomain.local ([fe80::3159:95a6:23f:1bef%10]) with mapi id 14.01.0438.000; Mon, 2 Jun 2014 19:03:56 +0400 Is is the main helo name there OK and do i need to worry about the second Received block where the MYSBSVR.mydomain.local is mentioned? I have asked the ISP to set the reverse DNS for my IP to remote.mydomain.com but they have instead put remote.MYDOMAIN.com - would this case cause HELO lookups to classify this as not matching? Anything else I can do to find out why i am being filtered?

    Read the article

  • smtpd_helo_restrictions = ..., reject_unknown_helo_hostname occasionally rejects mail I care about, how to handle?

    - by lkraav
    I have configured my postfix as follows: smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unknown_helo_hostname This is working well because most spambots don't seem to have correct reverse lookups. But every once in a while I run into mail I care about getting reject, because the mail source server admin doesn't care about configuring his server correctly. For example here the server introduces itself as "srv1.xbmc.org" which has no DNS record and fails my basic check. Jan 6 04:42:36 mail postfix/smtpd[660]: connect from xbmc.org[205.251.128.242] Jan 6 04:42:37 mail postfix/smtpd[660]: NOQUEUE: reject: RCPT from xbmc.org[205.251.128.242]: 450 4.7.1 <srv1.xbmc.org>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<srv1.xbmc.org> I have tried to contact the server admin several times, but there is no response. What is the optimal way to handle this from my side? Is adding these "special" hosts to mynetworks = my only option? Is perhaps my whole smtpd_helo_restrictions setup wrong in some significant way?

    Read the article

  • How to send email from home ip when the email server isn't a designated outbound mail server allocated to BT Retail customers [on hold]

    - by Mr Shoubs
    (I am sys admin!) I can receive email, but when I try to send an email from my home office via our work email server I get the following reply: Your message did not reach some or all of the intended recipients. Subject: Test Sent: 19/08/2014 17:02 The following recipient(s) cannot be reached: 'Joe Blogs' on 19/08/2014 17:02 Server error: '554 5.7.1 Service unavailable; Client host [my-ip-here] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=my-ip-here' I went to that URL and it says the following: Ref: PBL231588 81.152.0.0/13 is listed on the Policy Block List (PBL) Outbound Email Policy of BT Retail for this IP range: It is the policy of BT Retail that unauthenticated email sent from this IP address should be sent out only via the designated outbound mail server allocated to BT Retail customers. Please consult the following URL for details on how to configure your email client appropriately. http://btybb.custhelp.com/cgi-bin/btybb.cfg/php/enduser/cci/bty_adp.php?p_sid=fPnV4zhj&p_faqid=6876 Removal Procedure Removal of IP addresses within this range from the PBL is not allowed by the netblock owner's policy. Going to this URL just says: This site has been disabled for the time being. Does anyone know what I should do to allow me to send emails from my home ip - the site suggests I can configure my email client? (note that I have configured the client to use smtp authentication)

    Read the article

  • SMTP message rate control on Ubuntu 8.04, preferably with postfix

    - by TimDaMan
    Maybe I am chasing a bug but I am trying to set up a smtp proxy of sorts. I have a postfix server which receives all the email for a collection of servers/clients. It them uses a smarthost (relayhost=...) to forward it's mail to our corporate MTA. I would like to limit the number of messages an individual server can relay to prevent swamping the corporate MTA. Postfix has a program called "anvil" that is capable of tracking stats about mail to be used for such things but it doesn't seem to be executed. I ran "inotifywait -m /usr/lib/postfix/anvil" while I started postfix and sent a number of messages through it from a remote server. inotifywait indicated anvil was never run. Anyone gotten postfix/anvil rate controls to work? main.cf smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no append_dot_mydomain = no readme_directory = no myhostname = site-server-q9 alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = localhost relayhost = Out outgoing mail relay mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 10.0.0.0/8 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = 10.X.X.X smtpd_client_message_rate_limit = 1 anvil_rate_time_unit = 1h master.cf extract anvil unix - - - - 1 anvil smtp inet n - - - - smtpd

    Read the article

  • Qmail & Open Relay on local domains

    - by Jonathan
    Hello. I have a dedicated server on 1&1 and I manage it with Plesk. The problem is that if I try to send a mail outside the server, I must to authenticate with the email and the password, but if I send an email to a address inside of my server I don't need neither email or password. This is a problem because the spammers are sending mails without any problem to the server accounts. We are receiving about 900 - 1200 emails everyday! What can I do? I use qmail on CentOS Thanks

    Read the article

  • How do I use qmqtool to list emails from a specific envelope sender?

    - by jimp
    Occassionally a user's email password will become compromised and the spammer will flood the Qmail queue with 10,000+ emails sent through a specific user's account. I know how to use qmqtool to remove messages that match a specific string: qmqtool -d -f "[email protected]" However the -f argument matches anywhere in the message. -f 'STRING' display comma separated list of message number(s) containing STRING. That means messages to, from, and even mentioning that email address will all be deleted. Does qmqtool (or another qmail tool) have a command for matching messages from a specific envelope sender? Note: I only want to match the authenticated sender, not the "From:" which is always forged in this case anyway.

    Read the article

  • Postfix - Block email from non-existent local addresses

    - by Kelso.b
    My question is very similar to this one, but for postfix. We keep getting emails from addresses like "[email protected]" delivered to other "@ourdomain.com" addresses. From my google research, I understand it might not be practical to verify the email originated from our IP or VPN (Although this would be ideal, so if you can think of a way to do this, let me know), but in most of these cases the sender address (ex. "accounting") is not a valid account. I imagine there must be a way to make sure that a local account exists before delivering the message.

    Read the article

  • Connection Filtering with Multiple DNSBL's?

    - by JohnyD
    Is there any advantage or disadvantage to using multiple DNSBL's with ones connection filtering? I just switched from SpamHaus to BarracudaCentral but have added in SpamHaus to test for increased effectiveness. So far there is no dip in performance and no increased load on our SMTP server.

    Read the article

  • Blackberry & SPF

    - by DT
    Some users on my domain use a Blackberry for email. Should Blackberry's servers be included somehow in my SPF record? Thank you much for any advice.

    Read the article

  • My smtp server is spammed?

    - by Milos
    I have a server and the postfix client on it. Since several days, I noticed a lot of processes running there. When checked, there are a lot of emails sent. Here is an example from the mail log: Aug 18 11:54:56 mem postfix/smtpd[9963]: connect from dslb-188-096-082-167.188.096.pools.vodafone-ip.de[188.96.82.167] Aug 18 11:54:56 mem postfix/smtpd[9301]: connect from unknown[186.113.45.4] Aug 18 11:54:56 mem postfix/smtpd[9963]: 525E7114012D: client=dslb-188-096-082-167.188.096.pools.vodafone-ip.de[188.96.82.167] Aug 18 11:54:56 mem postfix/cleanup[9970]: 525E7114012D: message-id=<B55835C9027BFA9D16CCBB556DB2F48BB82DF004000480BA-db0c3ce8aa74446411898d0d2feb3001@email.filmforthoughtinc.com> Aug 18 11:54:56 mem postfix/qmgr[2581]: 525E7114012D: from=<[email protected]>, size=10702, nrcpt=1 (queue active) Aug 18 11:54:56 mem postfix/smtpd[9301]: EC52711401DC: client=unknown[186.113.45.4] Aug 18 11:54:57 mem postfix/smtpd[9963]: disconnect from dslb-188-096-082-167.188.096.pools.vodafone-ip.de[188.96.82.167] Aug 18 11:54:57 mem postfix/cleanup[8597]: EC52711401DC: message-id=<4C905D97606B436FE50C6F738DE014D9D84F2185BA815D81-1a4dbe6fc2bfcc8183f5faf901cfa15e@email.manguerasespecializadas.com> Aug 18 11:54:57 mem postfix/smtp[9971]: 525E7114012D: to=<[email protected]>, relay=mail.mdpi.com[209.237.236.228]:25, delay=1.2, delays=0.55/0/0.45/0.16, dsn=5.1.1, status=bounced (host mail.mdpi.com[209.237.236.228] said: 550 5.1.1 <[email protected]>: Recipient address rejected: mdpi.com (in reply to RCPT TO command)) Aug 18 11:54:57 mem postfix/cleanup[10067]: 8B1E11140268: message-id=<[email protected]> Aug 18 11:54:57 mem postfix/bounce[10001]: 525E7114012D: sender non-delivery notification: 8B1E11140268 Aug 18 11:54:57 mem postfix/qmgr[2581]: 8B1E11140268: from=<>, size=12693, nrcpt=1 (queue active) Aug 18 11:54:57 mem postfix/qmgr[2581]: 525E7114012D: removed Aug 18 11:54:57 mem postfix/qmgr[2581]: EC52711401DC: from=<[email protected]>, size=10978, nrcpt=1 (queue active) Aug 18 11:54:57 mem postfix/smtp[10013]: connect to aspmx.l.google.com[2607:f8b0:400d:c03::1b]:25: Network is unreachable Aug 18 11:54:57 mem postfix/smtpd[9301]: disconnect from unknown[186.113.45.4] Aug 18 11:54:58 mem postfix/smtp[10013]: 8B1E11140268: to=<[email protected]>, relay=aspmx.l.google.com[74.125.22.26]:25, delay=0.5, delays=0.06/0/0.28/0.16, dsn=5.1.1, status=bounced (host aspmx.l.google.com[74.125.22.26] said: 550-5.1.1 The email account that you tried to reach does not exist. Please try 550-5.1.1 double-checking the recipient's email address for typos or 550-5.1.1 unnecessary spaces. Learn more at 550 5.1.1 http://support.google.com/mail/bin/answer.py?answer=6596 l7si24621420qad.26 - gsmtp (in reply to RCPT TO command)) Aug 18 11:54:58 mem postfix/qmgr[2581]: 8B1E11140268: removed Aug 18 11:54:58 mem postfix/smtp[9971]: EC52711401DC: to=<[email protected]>, relay=mail.mdpi.com[209.237.236.228]:25, delay=1.2, delays=0.66/0/0.44/0.12, dsn=5.1.1, status=bounced (host mail.mdpi.com[209.237.236.228] said: 550 5.1.1 <[email protected]>: Recipient address rejected: mdpi.com (in reply to RCPT TO command)) Aug 18 11:54:58 mem postfix/cleanup[9970]: 414361140254: message-id=<[email protected]> Aug 18 11:54:58 mem postfix/bounce[10001]: EC52711401DC: sender non-delivery notification: 414361140254 Aug 18 11:54:58 mem postfix/qmgr[2581]: 414361140254: from=<>, size=13057, nrcpt=1 (queue active) Aug 18 11:54:58 mem postfix/qmgr[2581]: EC52711401DC: removed Aug 18 11:55:01 mem postfix/smtp[10002]: 414361140254: to=<[email protected]>, relay=manguerasespecializadas.com[99.198.96.210]:25, delay=2.9, delays=0.04/0/2.1/0.84, dsn=2.0.0, status=sent (250 OK id=1XJPGs-0007BE-OI) Aug 18 11:55:01 mem postfix/qmgr[2581]: 414361140254: removed IS my server attacked, spammed? How to check that? Thank you.

    Read the article

  • Attack from anonymous proxy

    - by mmgn
    We got attacked by some very-bored teenagers registering in our forums and posting very explicit material using anonymous proxy websites, like http://proxify.com/ Is there a way to check the registration IP against a black list database? Has anyone experienced this and had success?

    Read the article

  • Block by file type, but just file extension using MDaemon

    - by Arjun Rajagopalan
    I've had users sending copyrighted files (songs, videos) to each other over email. I blocked the file extensions .mp3 etc. What some users have done is to rename files to .doc etc. I cant block .doc etc filetypes because they are needed for day-to-day work. I'm using MDaemon 12 mailserver, Does anyone know how to make it block these attachments? I've been working on some content scanning for filetype code, but was wondering if there is a already made solution?

    Read the article

< Previous Page | 31 32 33 34 35 36 37 38 39 40 41 42  | Next Page >