Keywords Filter |
Post Reply 
|
| Author | |
flessendop 
Newbie 
Joined: 10 April 2014 Status: Offline Points: 7 |
 Post Options
 Thanks(0)
 Quote Reply
 Topic: Keywords FilterPosted: 25 June 2014 at 8:14am |
|
Hello,
I got a problem with my keyword filter. Here are some words in it: Ruby,Palace ruby palace BreakingBulls Trading Wall MomentumOTC PennyStockReporting The most undervalued company this year casinogames USATODAY.COM LifeHealthPro NYTimes.com Eat This, Not That TD Ameritrade Scottrade Investors Newsdesk RealInvestments Ameritrade The Bloomberg.com Team Update your profile Financial News Our New Stock Alert! USMarketAdvisor BREAKING NEWS Most of emails with this in the content isn't be blocked How can i change this so we don't get the spam ? Version 4.5.1.98 ( REGISTERED ) With regards, Pascal
Edited by flessendop - 25 June 2014 at 8:15am |
|
 |
|
|
LogSat
Admin Group 
Joined: 25 January 2005 Location: United States Status: Offline Points: 4104 |
Post Options
Thanks(0)
Quote Reply
Posted: 25 June 2014 at 9:10pm |
|
Pascal,
Could you please zip us the following so we can take a look: • Two or three emails with the content that you think should have triggered a match with one of your keywords • SpamFilter's activity logfile for the day the above emails were received • Your SpamFilter.ini file • The \SpamFilter\Domains directory structure (if the files containing any of your blacklists/whitelists are outside that directory tree, please include those as well. If the zip is smaller than 8MB, you can email it to us at support at logsat.com. If the zipped file is over 8MB in size, I'll send you via PM a URL where you can upload the files to us.
Please ensure you send us the original emails, with their headers and body unaltered, as we'll need to see the source of the emails to determine what happened. Usually forwarding the emails as attachments rather than inline suffices. |
|
|
|
|
flessendop
Newbie
Joined: 10 April 2014 Status: Offline Points: 7 |
Post Options
Thanks(0)
Quote Reply
Posted: 26 June 2014 at 3:43am |
|
I send an e-mail to u.
|
|
|
|
|
LogSat
Admin Group
Joined: 25 January 2005 Location: United States Status: Offline Points: 4104 |
Post Options
Thanks(0)
Quote Reply
Posted: 26 June 2014 at 7:42am |
|
Pascal,
We received your files. Missing from both same emails are all the headers added by SpamFilter, which indicate that the email was never processed by SpamFilter to begin with. These are the SpamFilter headers (which usually start with an X-SF- prefix) to look for: X-SF-RX-Return-Path: X-SF-HELO-Domain: X-SF-Originating-IP: The emails processed by SpamFilter will also have a "Received" header similar to this: Received: from 212.54.nnn.nnn by mail.netwide.net (SpamFilter ISP); Thu, 26 Jun 2014 02:54:55 -0400 Checking the MX record for your domain, I see that you have 4 entries in there with different priorities. SpamFilter is installed on the server with priority 10: nnnnnnnnn.nl. 86400 IN MX 10 mail.nnnnnnn.nl However there are also entries with priorities 15, 20 and 25. On the servers with priorities 15 and 20 you don't have SpamFilter running, but rather have a "Microsoft ESMTP MAIL Service" listening for SMTP traffic. Please note that spammers will often ignore the RFC and send their spam emails directly to secondary MX records, knowing that they are often not as protected as the primary MX records. You can verify this is exactly what happened in your case by looking at this Received header for one of your email samples: Received: from 184.189.11.37.dynamic.jazztel.es (37.11.189.184) by aaaaaaaa.bbbbbb.nl (192.168.50.253) with Microsoft SMTP Server id 14.3.123.3; Thu, 26 Jun 2014 08:51:27 +0200 I've altered the host name to protect your privacy, but if you look at the original email you will see that aaaaaaaa.bbbbbb.nl is the secondary MX server with priority 20 in your DNS (which is not protected by SpamFilter). To resolve this you would either need to install SpamFilter on all your secondary MX servers (please note that a new license is required for each of them), or install another anti spam solution, or remove the secondary MX records from the DNS. |
|
|
|
|
flessendop
Newbie
Joined: 10 April 2014 Status: Offline Points: 7 |
Post Options
Thanks(0)
Quote Reply
Posted: 26 June 2014 at 9:36am |
|
So when i delete MX15 and MX20 the problem must be solved ?
|
|
|
|
|
LogSat
Admin Group
Joined: 25 January 2005 Location: United States Status: Offline Points: 4104 |
Post Options
Thanks(0)
Quote Reply
Posted: 26 June 2014 at 5:04pm |
|
Yes, as far as spammers bypassing your SpamFilter server and sending emails to the secondaries, that would definitely put a stop to it.
|
|
|
|
Topic Options|
Post Reply
|
|
Tweet
|
| Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
This page was generated in 0.176 seconds.