You can add the following to your global.cfg file under your
headers
section:
XINHEADER X-Declude-Code: %HEADERCODE%
This will produce a code and you can check it on this web page
which
will explain to you what problem(s) exist with headers that
cause E-
mails to fail the BADHEADERS or SPAMHEADERS tests in Declude
JunkMail.
http://www.declude.com/tools/header.php
David B
www.declude.com
________________________________
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Orin Wells
Sent: Friday, February 24, 2006 3:05 AM
To: [email protected]
Subject: Re: [Declude.JunkMail] SPAMHEADERS question - more
confusion
Thanks Matt. I don't spend as much time as some of you folks have
spent on both iMail and Declude so there is more than a little
bit I
still have to learn.
I misread your first response and got off on the wrong track by
thinking you had said the message-id header WAS inserted by the
mail
client. In re-reading you clearly said it was done by iMail.
OK, I
know what to do now.
At 10:47 PM 2/23/2006, Matt wrote:
Outlook does not add a Message-ID header. The difference
between
these two messages is that the first is one that is using your
server
as it's SMTP server and you are scanning the message as it came
directly from the E-mail client, while the second example is one
that
passed through another server before coming to yours. IMail, like
most every E-mail
server, adds a Message-ID header when one isn't already there.
Declude
detects Message-ID headers inserted by your own IMail box
(Message- Id:
<[EMAIL PROTECTED]> in the first example), and
treats the
message as if it didn't have one since it didn't actually have one
when it was received, and this is what triggers SPAMHEADERS for
this
message. The
second example had a Message-ID header before it hit your server.
That
header was inserted by Charter's server.
There is a lesser known solution to this that you
definitely should
add if you are going to stay on IMail 7.07. You can add
"LOOSENSPAMHEADERS ON" to your Global.cfg to disable the Message-ID
test in SPAMHEADERS. I use this even though I don't have the same
issue because I get a lot more false positives on SPAMHEADERS
when it
checks for the Message-ID. If you use this alternative switch, you
will still get other hits such as CMDSPACE and BADHEADERS on
some of
the same E-mail clients. It appears that you aren't using CMDSPACE
though because that test would hit every directly connecting
Outlook
client unless it was whitelisted. CMDSPACE is a great test,
especially in combination with other tests that target zombie spam
(XBL/CBL, SpamCop, open relay tests, and to some extent Sniffer).
The best solution is to upgrade to IMail 8.x or higher
and add a
setting to your Global.cfg for "WHITELIST AUTH". This will
whitelist
all authenticated E-mail, which I assume included the first example
that you provided. This also saves processing power since
WHITELIST
AUTH disables most tests in JunkMail.
Matt
Orin Wells wrote:
Clearly I am missing something here. I am still wrestling
with the SPAMHEADERS issue but with a different sender. This
time the
sender is using Microsoft Office Outlook. It appears messages
coming from
this sender do not have the Message-ID header. But when I look at
other
messages sent by others using the same build of this application
sometimes
they DO have the Message-ID. What is happening here? Is there
anyway that
this sender can "fix" this problem?
Here is a header set from the chap who is "failing"
X-Persona: <Awasco>
Received: from steve2 [216.254.57.135] by consejo-wa.org
with ESMTP
(SMTPD32-7.07) id A9111EEB010C; Thu, 23 Feb 2006 14:37:05
-0800
Reply-To: <[EMAIL PROTECTED]>
<mailto:[EMAIL PROTECTED]>
From: "Steve Chupik" <[EMAIL PROTECTED]>
<mailto:[EMAIL PROTECTED]>
To: "'Orin Wells'" <[EMAIL PROTECTED]>
<mailto:[EMAIL PROTECTED]>
Subject: RE: e-mail
Date: Thu, 23 Feb 2006 14:36:49 -0800
Organization: Consejo Counseling
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_03BE_01C63886.9616AF40"
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
Thread-Index: AcYzhon3oAG4QKXrR/aQjfBQ4RaA6gFQvMdQ
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1506
In-Reply-To: <[EMAIL PROTECTED]>
<mailto:[EMAIL PROTECTED]>
Message-Id: <[EMAIL PROTECTED]>
X-RBL-Warning: SPAMHEADERS: This E-mail has headers
consistent with spam [4000021e].
X-Declude-Sender: [EMAIL PROTECTED] [216.254.57.135]
X-Note: This E-mail was scanned by Declude JunkMail
(www.declude.com <http://www.declude.com/> ) for spam.
X-Spam-Tests-Failed: SPAMHEADERS
X-RCPT-TO: <[EMAIL PROTECTED]>
<mailto:[EMAIL PROTECTED]>
Status: U
X-UIDL: 375162615
Here is a message from another chap using exactly
the same
build of MS Office Outlook - no problem.
X-Persona: <Awasco>
Received: from mxsf16.cluster1.charter.net [209.225.28.216]
by awasco.com with ESMTP
(SMTPD32-7.07) id A0DE7401B8; Mon, 26 Jul 2004 08:18:54
-0700
Received: from mxip10.cluster1.charter.net
(mxip10a.cluster1.charter.net [209.225.28.140])
by mxsf16.cluster1.charter.net (8.12.11/8.12.11)
with ESMTP id i6QF6YR0023700
for <[EMAIL PROTECTED]>
<mailto:[EMAIL PROTECTED]> ; Mon, 26 Jul 2004 11:06:34 -0400
Received: from 44ba00138.kfalls.or.charter.com (HELO
SCOTTSGATEWAY) (68.186.0.138)
by mxip10.cluster1.charter.net with ESMTP; 26 Jul 2004
11:06:32 -0400
Message-Id: <[EMAIL PROTECTED]>
<mailto:[EMAIL PROTECTED]>
X-Ironport-AV: i="3.83,88,1089000000";
d="scan'208?jpg'208,145?dat'208,145,59";
a="140519816:sNHT19421620"
Reply-To: <[EMAIL PROTECTED]>
<mailto:[EMAIL PROTECTED]>
From: "Scott Lochard" <[EMAIL PROTECTED]>
<mailto:[EMAIL PROTECTED]>
To: "Orin Wells" <[EMAIL PROTECTED]>
<mailto:[EMAIL PROTECTED]>
Subject:
Date: Mon, 26 Jul 2004 08:06:30 -0700
Organization: LifeorDeathLeadership
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0060_01C472E7.76D7EA10"
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409
X-MS-TNEF-Correlator:
00000000E4E4AE15AD8AD544BD6C22CBC36DF311E4922700
Thread-Index: AcRzIeZrtdYsyWeMTb6K4XIb1GNwxA==
X-Declude-Sender: [EMAIL PROTECTED]
[209.225.28.216]
X-Note: This E-mail was scanned by Declude JunkMail
(www.declude.com <http://www.declude.com/> ) for spam.
X-Spam-Tests-Failed: IPNOTINMX, CATCHALLMAILS
X-Declude-Date: 07/26/2004 15:06:30 [12]
X-RCPT-TO: <[EMAIL PROTECTED]>
<mailto:[EMAIL PROTECTED]>
Status: U
X-UIDL: 375108670
Is it the ISP service that inserts (or should) the
message-ID or is it Outlook? It does not make sense it would be
the ISP
service because it really shouldn't even know you are sending an
email. So
if it is the email client application (Microsoft Office Outlook)
why does
one incarnation insert the message header and the other not?
I am not convinced that it is necessarily the
message-id
because I found a message from Barry Simpson using an even later
version of
Microsoft Office Outlook where the message-id appears in the same
manner and
no flag is generated. Now I am really confused. Is it
something else
causing this failure?
X-Persona: <Awasco>
Received: from declude.com [63.246.13.90] by awasco.com
with
ESMTP
(SMTPD32-7.07) id A421B009E; Thu, 02 Dec 2004 07:26:25
-0800
Received: from Bart [68.162.218.198] by declude.com with
ESMTP
(SMTPD32-8.05) id AB311FD40074; Thu, 02 Dec 2004 08:40:01
-0500
Reply-To: <[EMAIL PROTECTED]>
<mailto:[EMAIL PROTECTED]>
From: "Barry Simpson" <[EMAIL PROTECTED]>
<mailto:[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
<mailto:[EMAIL PROTECTED]>
Subject: Important Declude Update
Date: Thu, 2 Dec 2004 08:43:34 -0500
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0034_01C4D84B.02BCA200"
X-Mailer: Microsoft Office Outlook, Build 11.0.6353
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
Thread-Index: AcTYdOsB2FXQiyGFTg2powYSHhcaCQ==
Message-Id: <[EMAIL PROTECTED]>
X-ML1: NzI5
X-ML2: VGh1LCAyIERlYyAyMDA0IDA4OjQzOjM0IC0wNTAw
X-ML3:
QY969WtqWWSEQlARpEoFHITI4imZ2xl74aRUjTv/smaG5axEQub2RD
+vbSwB4HRHiUzm78WolzKZ
y7Tdee3Fig==
X-Note: This E-mail was scanned for viruses by Declude
Virus
(www.declude.com <http://www.declude.com/> )
X-NRecips: 1
X-Reverse-IP: static-68-162-218-198.bos.east.verizon.net
X-Weight: 0 (Whitelisted)
X-Country-Chain: UNITED STATES->destination.
X-Declude-Sender: [EMAIL PROTECTED] [68.162.218.198]
X-Declude-Spoolname: D1b311fd40074adf7.SMD
Precedence: bulk
Sender: [EMAIL PROTECTED]
X-Declude-Sender: [EMAIL PROTECTED]
[63.246.13.90]
X-Note: This E-mail was scanned by Declude JunkMail
(www.declude.com <http://www.declude.com/> ) for spam.
X-Spam-Tests-Failed: CATCHALLMAILS
X-Declude-Date: 12/02/2004 13:43:34 [102]
X-RCPT-TO: <[EMAIL PROTECTED]>
<mailto:[EMAIL PROTECTED]>
Status: U
X-UIDL: 375122650
--- [This E-mail was scanned for viruses by
Declude EVA
www.declude.com] --- This E-mail came from the Declude.JunkMail
mailing
list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED],
and type
"unsubscribe Declude.JunkMail". The archives can be found at
http://www.mail-archive.com.
--- [This E-mail was scanned for viruses by Declude EVA
www.declude.com] ---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe,
just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe
Declude.JunkMail". The archives can be found at http://www.mail-
archive.com.
---
[This E-mail was scanned for viruses by Declude EVA
www.declude.com]
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.JunkMail". The archives can be found
at http://www.mail-archive.com.
