Subj : RE: Blocked email return message
To   : All
From : HECTOR SANTOS
Date : Thu Jan 31 2019 19:18:36

Date: Thu, 27 Dec 2007 14:42:17 -0400
From: HECTOR SANTOS
To: GREG MARLER
Subject: RE: Blocked email return message
Newsgroups: win.server.smtp.&.avs
Message-ID: <1198784537.46.1198774598@winserver.com>
References:  <1198774598.46.1198735025@winserver.com>
X-WcMsg-Attr: Rcvd
X-Mailer: Wildcat! Interactive Net Server v7.0.454.5
Lines: 147

Ok, I am not sure what  you are looking for or how this helps, so give me
an example of what you would like to do?  what you would like to see
replaced or done?

--
HLS

On 2007-12-27 11:56 AM, GREG MARLER wrote to HECTOR SANTOS:

> I don't disagree with what you say. I love the way that wcSAP works. It has
> blocked a bunch of spam. What I am encountering is email server who will
> not authenticate their users, possibly with their version of a spam filter.
> A good example of this is the NY Time newspaper, polk-fl.net gov emails,
> passport.msn.com, cheaptickets.com, and firn.edu. These are just a few out
> of the smtpfilter.txt file. I do NOT want an automatic whitelist system, I
> want to still peruse the requests and grant them on a personal basis. I am
> not so large that an automated system is necessary. Even RR.Com's whitelist
> sytem is a live person, just their blacklist is automated.
> 
> Thanks in advance for looking into this.
> 
> Greg
> 
> 
> On 2007-12-27 12:57 AM, HECTOR SANTOS wrote to GREG MARLER:
> 
> -> On 2007-12-26 11:42 AM, GREG MARLER wrote to All:
> -> 
> -> > Hector this is probably addressed mainly to you but anyone is welcome to
> -> > comment if they have an answer.
> -> > 
> -> > Implementing wcSAP and it works pretty well, blobking and returning a
> -> > signifcant number of emails.
> -> > 
> -> > Questions. Is there a way to customize the return message as to why the
> -> > sender's email is returned.
> -> > 
> -> > For example, some systems such as aol and such tack on a website 
> -> > address or email address that can be used if a legitimate email is 
> -> > returned so that they can be whitelisted or at least have a chance 
> -> > to be recognized. I would like to be able to append a spam@ 
> -> > email address that I have place as "accept all" exception in the 
> -> > SAP file. This way a person who is having trouble sending email 
> -> > can have a means to have their email received by recipient.
> -> > 
> -> > Greg 
> -> 
> -> Hi Greg,
> -> 
> -> First let me explain why it is like it currently is.
> -> 
> -> Overall, I fundamentally believe the less clue you give the bad guys the
> -> better.  
> -> 
> -> This premise works when the FALSE positives are low.  In other words, when
> -> the majority is expected only to be the "bad guys" to see this, then you
> -> don't want to explain why.    
> -> 
> -> However, intentional vagued reasons can be a problem when the majority
or a
> -> high incidences of rejections are false positives.  But if that is case,
> -> then the AVS method in place is poor and shouldn't be used.
> -> 
> -> So the method only works because the vast majority is bad.
> -> 
> -> That said, I did explore alternative response string methods.  I will
> -> provide current state of affairs on that.  But first let me explain why it
> -> was considered.
> -> 
> -> Again, on the premise the only people who this might effect are false
> -> positives.   By far, the system works, therefore you don't an urgent
> -> request to do this.
> -> 
> -> However, there was this one incident a few years back where in a public
> -> ANTI-SPAM forum thread exchange of messages, this one fella decided to
send
> -> a private email to me and got a WCSAP rejection with a generic "Return
Path
> -> not validated" response.
> -> 
> -> He posted it publicly and began to bad mouth the system.
> -> 
> -> Beside the fact it was shown WCSAP was right, it only did its job and he
> -> felt embarrassed when it was showed (I posted logs) he using a non-SMTP
> -> compliant return path (it must be valid),  he did make a valid point that
> -> if he "knew" of reasons, then he would not made an ass of himself.
> -> 
> -> So based on overall incident and understanding I did need it, especially
> -> for SMTPFILTER, I did start work to allow for custom responses for WCSMTP
> -> rejections.
> -> 
> -> However, and this where I have to now open a DOS BOX and read the source
> -> code to confirm  if it was done only for SMTPFILTER because it was needed
> -> for WCGREYLIST and any other 3rd party SMTPFILTER developers write who
need
> -> a custom response.  I know it was done for SMTPFILTER and it is
> -> programmable, and I know it was done for WCSAP, but I don't know if it was
> -> allowed to be programmable.  
> -> 
> -> Let me check.. OPENING DOS BOX....
> -> 
> -> Well, lets just say its  not "cleanly" available to be programmable at
this
> -> point to have WCSAP offer custom SMTP responses but two internal methods
> -> was used to return WCSMTP TRACE LOG reasons. 
> -> 
> -> These methods explored predated the way it currently done for SMTPFILTER
> -> which allowed the 3rd party WCX to create a response file with the special
> -> file name:
> -> 
> ->    spool\{hostname}\ne\temp-message-filename.response
> -> 
> -> There is a SMTPFILTER library function that allows this response file
to be
> -> created.  When a SMTPFILTER*.WCX module is run to analyze the email data,
> -> before WCSMTP sends the default 
> -> 
> ->      250 message accepted
> ->      45x/550 message not accepted" 
> -> 
> -> responses, it will check for a specific response file created by
SMTPFILTER
> -> WCX.
> -> 
> -> So for WCSAP, we don't have a way to change the SMTP response sent to the
> -> sender.  
> -> 
> -> I will jot this down and explore it again :-)
> -> 
> -> Keep in mind again that I still feel it is not a good idea to expose
> -> "clues" to bad guys, especially when the majority is bad.  So IMO its a
> -> judgment call if the concern is just a current rare situation you just
came
> -> across and believe it would of been great to have more information, but
> -> overall, do you really want to this to be sent to the majority of
> -> rejections where are bad guys?
> -> 
> -> The worst case scenario is the bad guy learns from the "spam@" address and
> -> begins to bombard it or learns how to autowhite list it selft. :-)
> -> 
> -> Anyway, I will check it out.
> -> 
> -> ---
> -> HLS
> ->  
>  
 
--- Platinum Xpress/Win/WINServer v3.1
 * Origin: Prison Board BBS Mesquite Tx  //telnet.RDFIG.NET www. (1:124/5013)

.