<div dir="ltr">Hi Mark<br>Thanks for the suggestion, however I do not send my outgoing emails through the same incoming spam filter. So watermarking is not applicable here. At least that is what I understood from my readings.<br>
Thanks<br><br><div class="gmail_quote">On Wed, Jul 30, 2008 at 12:17 PM, Mark <span dir="ltr"><<a href="mailto:mcornes@loreto.ac.uk">mcornes@loreto.ac.uk</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div>
<font size="4"><font face="Calibri, Verdana, Helvetica, Arial"><span style="font-size: 11pt;">I had lots of these recently one day some 200+ reached our CEO! Ouch. Anyway look up Watermarking and "joe-job" attacks. In the MailScanner.conf try adding this feature and pushing all your mail out via your mailscanner gateway so then you know that any NDR messages have originated from yourself.<br>
<br>
M<br>
<br>
# Do you want to add a watermark to each email message?<br>
# Setting this enables delivery error messages to be identified as yours<br>
# so you want to see them. Delivery error messages without valid watermarks<br>
# are treated as spam (or whatever you set below), as you probably don't<br>
# want to see them. Spammers can send vast quantities of spam claiming to<br>
# come from you so that you get all the delivery errors (known as a "joe-job"<br>
# attack).<br>
# This can also be the filename of a ruleset.<br>
Add Watermark = yes<div class="Ih2E3d"><br>
<br>
<br>
On 30/07/2008 09:40, "Ali Jawad" <<a href="mailto:alijawad1@gmail.com" target="_blank">alijawad1@gmail.com</a>> wrote:<br>
<br>
</div></span></font></font><blockquote><font size="4"><font face="Calibri, Verdana, Helvetica, Arial"><span style="font-size: 11pt;"><div class="Ih2E3d"> Hi <br>
I am running Mailscanner/Mailwatch I am facing the following problem. A lot of emails are passing through my incoming spam filter camouflaged as NDR. Stating subject such as "Message Could Not Be Delivered" and "User not available". I clearly know this is spam because I closely monitor outgoing emails and all is fine there.<br>
What can I do so that those emails are marked as Spam correctly instead of reaching Outlook as System Administrator messages. Their scores are almost always below 2.<br>
<br>
Some of the originating email servers are :<br>
<br>
</div><a href="http://map.ttn.ru" target="_blank">map.ttn.ru</a> <a href="http://map.ttn.ru/" target="_blank"><http://map.ttn.ru/></a> <br>
<a href="http://relay.tpn.ru" target="_blank">relay.tpn.ru</a> <a href="http://relay.tpn.ru/" target="_blank"><http://relay.tpn.ru/></a> <br>
<a href="http://earth.sysprog.spb.ru" target="_blank">earth.sysprog.spb.ru</a> <a href="http://earth.sysprog.spb.ru/" target="_blank"><http://earth.sysprog.spb.ru/></a> <br>
<a href="http://mail.couo.ru" target="_blank">mail.couo.ru</a> <a href="http://mail.couo.ru/" target="_blank"><http://mail.couo.ru/></a> <br>
<a href="http://mint.ldsoft.ru" target="_blank">mint.ldsoft.ru</a> <a href="http://mint.ldsoft.ru/" target="_blank"><http://mint.ldsoft.ru/></a> <br><div class="Ih2E3d">
<br>
Can I block those server ?<br>
<br>
Thanks<br>
<br>
</div><hr align="center" size="3" width="95%"><br>
</span></font></font></blockquote>
</div>
<br>--<br>
MailScanner mailing list<br>
<a href="mailto:mailscanner@lists.mailscanner.info">mailscanner@lists.mailscanner.info</a><br>
<a href="http://lists.mailscanner.info/mailman/listinfo/mailscanner" target="_blank">http://lists.mailscanner.info/mailman/listinfo/mailscanner</a><br>
<br>
Before posting, read <a href="http://wiki.mailscanner.info/posting" target="_blank">http://wiki.mailscanner.info/posting</a><br>
<br>
Support MailScanner development - buy the book off the website!<br>
<br></blockquote></div><br><br clear="all"><br>-- <br>-- <br>With Regards<br>Ali Jawad System Administrator<br><a href="http://www.alijawad.org">http://www.alijawad.org</a><br>Phone : +961-01-559031<br>Mobile : +961-03-041705<br>
<br><br>----------------------------------------------------<br><br><br>Confidentiality Notice: The contents of this E-mail are intended for the<br>named recipient only. It may contain confidential and privileged<br>information. If you received it in error, please notify us immediately and<br>
then destroy it. Internet communications are not secure and therefore<br>I do we do not accept legal responsibility<br>for the contents of this message. Also, and though we provide every effort<br>to keep our network free from viruses, you would need to check this E-mail<br>
and any attachments for viruses as we can take no responsibility for any<br>computer virus which might be transferred by way of this E-mail.<br>
</div>