Subj : RE: Blocked email return message To : All From : GREG MARLER Date : Thu Jan 31 2019 19:18:36 Date: Thu, 27 Dec 2007 11:56:38 -0400 From: GREG MARLER To: HECTOR SANTOS Subject: RE: Blocked email return message Newsgroups: win.server.smtp.&.avs Message-ID: <1198774598.46.1198735025@winserver.com> References: <1198735025.46.1198687325@winserver.com> X-WcMsg-Attr: Rcvd X-Mailer: Wildcat! Interactive Net Server v7.0.454.5 Lines: 129 I don't disagree with what you say. I love the way that wcSAP works. It has blocked a bunch of spam. What I am encountering is email server who will not authenticate their users, possibly with their version of a spam filter. A good example of this is the NY Time newspaper, polk-fl.net gov emails, passport.msn.com, cheaptickets.com, and firn.edu. These are just a few out of the smtpfilter.txt file. I do NOT want an automatic whitelist system, I want to still peruse the requests and grant them on a personal basis. I am not so large that an automated system is necessary. Even RR.Com's whitelist sytem is a live person, just their blacklist is automated. Thanks in advance for looking into this. Greg On 2007-12-27 12:57 AM, HECTOR SANTOS wrote to GREG MARLER: -> On 2007-12-26 11:42 AM, GREG MARLER wrote to All: -> -> > Hector this is probably addressed mainly to you but anyone is welcome to -> > comment if they have an answer. -> > -> > Implementing wcSAP and it works pretty well, blobking and returning a -> > signifcant number of emails. -> > -> > Questions. Is there a way to customize the return message as to why the -> > sender's email is returned. -> > -> > For example, some systems such as aol and such tack on a website -> > address or email address that can be used if a legitimate email is -> > returned so that they can be whitelisted or at least have a chance -> > to be recognized. I would like to be able to append a spam@ -> > email address that I have place as "accept all" exception in the -> > SAP file. This way a person who is having trouble sending email -> > can have a means to have their email received by recipient. -> > -> > Greg -> -> Hi Greg, -> -> First let me explain why it is like it currently is. -> -> Overall, I fundamentally believe the less clue you give the bad guys the -> better. -> -> This premise works when the FALSE positives are low. In other words, when -> the majority is expected only to be the "bad guys" to see this, then you -> don't want to explain why. -> -> However, intentional vagued reasons can be a problem when the majority or a -> high incidences of rejections are false positives. But if that is case, -> then the AVS method in place is poor and shouldn't be used. -> -> So the method only works because the vast majority is bad. -> -> That said, I did explore alternative response string methods. I will -> provide current state of affairs on that. But first let me explain why it -> was considered. -> -> Again, on the premise the only people who this might effect are false -> positives. By far, the system works, therefore you don't an urgent -> request to do this. -> -> However, there was this one incident a few years back where in a public -> ANTI-SPAM forum thread exchange of messages, this one fella decided to send -> a private email to me and got a WCSAP rejection with a generic "Return Path -> not validated" response. -> -> He posted it publicly and began to bad mouth the system. -> -> Beside the fact it was shown WCSAP was right, it only did its job and he -> felt embarrassed when it was showed (I posted logs) he using a non-SMTP -> compliant return path (it must be valid), he did make a valid point that -> if he "knew" of reasons, then he would not made an ass of himself. -> -> So based on overall incident and understanding I did need it, especially -> for SMTPFILTER, I did start work to allow for custom responses for WCSMTP -> rejections. -> -> However, and this where I have to now open a DOS BOX and read the source -> code to confirm if it was done only for SMTPFILTER because it was needed -> for WCGREYLIST and any other 3rd party SMTPFILTER developers write who need -> a custom response. I know it was done for SMTPFILTER and it is -> programmable, and I know it was done for WCSAP, but I don't know if it was -> allowed to be programmable. -> -> Let me check.. OPENING DOS BOX.... -> -> Well, lets just say its not "cleanly" available to be programmable at this -> point to have WCSAP offer custom SMTP responses but two internal methods -> was used to return WCSMTP TRACE LOG reasons. -> -> These methods explored predated the way it currently done for SMTPFILTER -> which allowed the 3rd party WCX to create a response file with the special -> file name: -> -> spool\{hostname}\ne\temp-message-filename.response -> -> There is a SMTPFILTER library function that allows this response file to be -> created. When a SMTPFILTER*.WCX module is run to analyze the email data, -> before WCSMTP sends the default -> -> 250 message accepted -> 45x/550 message not accepted" -> -> responses, it will check for a specific response file created by SMTPFILTER -> WCX. -> -> So for WCSAP, we don't have a way to change the SMTP response sent to the -> sender. -> -> I will jot this down and explore it again :-) -> -> Keep in mind again that I still feel it is not a good idea to expose -> "clues" to bad guys, especially when the majority is bad. So IMO its a -> judgment call if the concern is just a current rare situation you just came -> across and believe it would of been great to have more information, but -> overall, do you really want to this to be sent to the majority of -> rejections where are bad guys? -> -> The worst case scenario is the bad guy learns from the "spam@" address and -> begins to bombard it or learns how to autowhite list it selft. :-) -> -> Anyway, I will check it out. -> -> --- -> HLS -> --- Platinum Xpress/Win/WINServer v3.1 * Origin: Prison Board BBS Mesquite Tx //telnet.RDFIG.NET www. (1:124/5013) .