Recent content by ron

Hi Tom, This setting was in place - but after I saw backscatter was still ending up in user's mailbox, I reset this setting and configured the /etc/mail/spamassassin/custom.cf file instead.

Hi, Over the past few days, one of my users is bombarded with hundreds of backscatter messages. Our domain has a valid, hardfail SPF configuration. Also, the /etc/mail/spamassassin/custom.cf file is configured to mark illegitimate NDRs as SPAM: And still - only about 50% of the backscatter...

Is there a way to enable such filtering, regardless of whether the .exe is a virus or not?

Hi Tom, more and more viruses are passing through the gateway (which is healthy and up to date). I am not sure at all that this is a CLAM issue - even if the files weren't viruses - they are still executables inside an un-encrypted zip file, and should have been blocked ('Dangerous Content'...

Hi ;) attached is an infected file that managed to pass the gateway and was detected/qurantined by smsmse 6.5. over the past few days, there have been a few incidents like this one. can you spot the difference between this file and other executables that are usualy blocked at the gateway level?

Hi, Just upgraded to v2.5, CLAMAV is up to date, all SPAM tests are enabled. We are getting tens of Emails containing a redirection script (attached). How are they getting through? what to do...?

I need it because we get many false-positives, especially with Emails originating from countries like Russia, China, Korea, etc. where non-English fonts are used. some of my users check their daily spam report every morning and whitelist/deliver Emails accordingly, some users delete the report...

I was hoping for an automated way, it will be very time-consuming to go through all mail addresses and write down their whitelist entries...

Hi guys, Is there a way to extract the private whitelists that users create for themselves?

Hi Dietmer, After looking at the mail header, I see the following info: Received-SPF: softfail (XXXXXXX.com: Sender is not authorized by default to use 'X@XXX.com' in 'mfrom' identity, however domain is not currently prepared for false failures (mechanism '~all' matched) Is this SPF telling...

Hi, I am receiving messages from my own Email address: ron@<MyDomain.com>. These messages arrive from different SMTP servers on the internet and are usually quarantined as SPAM. Shouldn't SPF take care of it, and reject the messages even before it starts getting tested by the anti-spam agents...