Spam Test For Outbound False Positive Mail

Jul 9, 2007

I tried a little searching both in Google and on here but this is probably going to be a private or member-based thing anyway.

I've gotten a couple comments that some of my outbound personal mail is ending up in spam folders. I think it's almost completely limited to having Outlook (or Express?) as a client... which I assume doesn't even do network-based lookups. Nonetheless I don't seem to be on any blacklists, and running it through my own spamassassin filter comes up basically zero score. But the fact that more than one person has had the problem concerns me greatly. Also, I haven't seen any significant reason why the content itself would trigger anything.

I realize a public spam test service would basically be a "testing ground" for spammers to evade detection, but there's obviously legitimate uses as well... is there such a tool somewhere? Thanks for any advice. Public information sharing is key to a forum, but PMs are welcome in this case.

View 0 Replies


ADVERTISEMENT

Spam...false Positive

May 21, 2008

After few days of not getting even "one" spam out of average 70 messages a day...the company manager got angry! He thought the mail system is down.

Our provider - a VDS subscriber who rent us shared plan for a website - said: we changed nothing. I confirmed: did you install any new anti-spam software on the site...they said: NO.

In a next conversation with the company manager, they told him they installed a new anti-spam software on the whole server and cannot make it off for our site specifically.

The problem is, they already had a kind of anti-spam software which only "marks" spam-like messages with "**SPAM**" in the subject line, and doesn't mark others. I am afraid some customers' emails get marked and deleted with this new software they claim implemented, based on false positives.

Many times I get my emails in Yahoo and Hotmail go to Spam/Junk folder for some not-widely known reasons, like sending to myself, while putting recipients in CC, and other strange reasons like just using CC in an auto-reply!

something any non-tech person might do.

I am thinking in switching to a new host where we only host mails (mx record), so we don't have "any" email deleted without our check.

View 5 Replies View Related

If Mod_security Gave False Positive

Mar 11, 2008

I don't really know much about how mod_security rules work, I've just clicked on default configuration in WHM.

Anyway one user on our vbulletin board has pmed me saying he can't access the board. He gave me his fixed ip. And I noticed it is in CSF denied ip list as:

lfd: 5 (mod_security) login failures from xx.xx....
I've checked mod_security log and it has like twenty entries for this ip saying: ....

View 3 Replies View Related

Is Immutable-bit Set On Wget An Rkhunter False Positive Or Do I Worry

Mar 12, 2008

Got this error on rkhunter 1.3.2

Quote:

[12:16:24] /usr/bin/wget [ Warning ]
[12:16:24] Warning: File '/usr/bin/wget' has the immutable-bit set.

Is that a concern? What does it mean?

View 5 Replies View Related

Stop Outbound Spam On An Open Wireless Network

Jan 31, 2008

I'm not sure if this is the right place to be posting this, but at our hotel, we have wireless routers (Linksys) that any of our clients can use to connect their laptops to the internet. We have been getting reports from our ISP that spam has been coming from our external IP address, so I wanted to know what people would recommend as ways to combat either our computers or any of our clients' computers from sending out spam. The internet is connected through a firewall/server computer running linux. I thought about blocking port 25, but I'm sure we would have clients complaining about not being able to send any mail.

View 9 Replies View Related

Plesk 12.x / Linux :: Mail - Outbound Only?

Oct 14, 2014

We have an AWS plesk instance with around 400 domains on. All domains DNS are pointing mail to a different server and almost all domains have a contact form on their website.

the problem is, the contact forms won't work as mail is on a different server. I'm assuming that the local server thinks mail is on the server and thinks it has already been received?

is this because we need to disable incoming mail for all of these domains? if so how would we go about doing this? I tried stopping all courier-imap services but this didn't seem to work.

View 1 Replies View Related

Can We Create OutBound Rules In Smarter Mail

Mar 6, 2008

i have installed a new mail server i.e. SmarterMail, and from past few days i have devoted much time to find "How to create Out Bound rules in Smarter Mail?" but unfortunately i ended up with no solution, hence here i am seeking help from all the member of WHT for my two questions:

1) Can we create an out bound rule in smartermail?

2)if yes, then what is the process for same?

View 0 Replies View Related

Plesk 12.x / Linux :: Keep Permanent Record Of All Mail Inbound And Outbound - Log Rotation Settings

Nov 19, 2014

1/ What is the difference between maillog and maillog.processed? I want to keep a permanent record of all mail inbound and outbound even if delivery is deferred by the gray listing. I'm not sure which one is the best to keep.

2/ I would like to change the way that the mail logs get log rotated. I am struggling to work out exactly what happens at the moment but I would like to rotate the log out every day regardless of size. I think currently that the maillog.processed is rotated daily if it is over a specific size.

View 2 Replies View Related

Issues Sending Mail To Yahoo, And Mail Getting Marked As Spam, Whats A Good Solution?

Nov 4, 2008

Issues sending mail to Yahoo, and mail getting marked as spam, Whats a good solution? ...

View 7 Replies View Related

Rkhunter - New False Positives

Jun 30, 2008

Rootkit Hunter version 1.3.2 ]

[1;33mChecking rkhunter version... [0;39m
This version : 1.3.2
Latest version: 1.3.2
[ Rootkit Hunter version 1.3.2 ]

[1;33mChecking rkhunter data files... [0;39m
Checking file mirrors.dat [34C[ [1;32mNo update [0;39m ]
Checking file programs_bad.dat [29C[ [1;32mNo update [0;39m ]
Checking file backdoorports.dat [28C[ [1;32mNo update [0;39m ]
Checking file suspscan.dat [33C[ [1;32mNo update [0;39m ]
Checking file i18n/cn [38C[ [1;32mNo update [0;39m ]
Checking file i18n/en [38C[ [1;32mNo update [0;39m ]
Checking file i18n/zh [38C[ [1;32mNo update [0;39m ]
Checking file i18n/zh.utf8 [33C[ [1;32mNo update [0;39m ]
Warning: Checking for preload file [ Warning ]
Warning: Found library preload file: /etc/ld.so.preload
Warning: The file properties have changed:
File: /bin/ps
Current hash: 36f3d8a9fcaebf5838e5e55ebdcac7e355477343
Stored hash : 8f1acf237e562043f8353f4ec5d0c3490c0d0cb3
Current inode: 1228803 Stored inode: 1228857
Current size: 61364 Stored size: 67088
Current file modification time: 1214487892
Stored file modification time : 1195262225
Warning: The command '/usr/bin/GET' has been replaced by a script: /usr/bin/GET: perl script text executable
Warning: The command '/usr/bin/groups' has been replaced by a script: /usr/bin/groups: Bourne shell script text executable
Warning: The command '/usr/bin/ldd' has been replaced by a script: /usr/bin/ldd: Bourne shell script text executable
Warning: The file properties have changed:
File: /usr/bin/top
Current hash: 15f1f743d73d9546a05a15644816139de7708327
Stored hash : 5e78fb7f0a02643a91964081ca03316dbaf01bdd
Current inode: 246165 Stored inode: 245920
Current size: 48536 Stored size: 48504
Current file modification time: 1214487892
Stored file modification time : 1195262225
Warning: The file properties have changed:
File: /usr/bin/vmstat
Current hash: 898351bc3be226caf6915715b23a1c7cc5d35fdd
Stored hash : edaa64f3921a0a2d873c14a5eb641ba883f4dcff
Current inode: 246561 Stored inode: 246020
Current size: 17872 Stored size: 20444
Current file modification time: 1214487892
Stored file modification time : 1195262225
Warning: The file properties have changed:
File: /usr/bin/w
Current hash: 480c2c2e4f1048e19fc075f4daebe79fa84e08d1
Stored hash : 87f39eeb583bc7f6622e95fd0266f093ed8b362b
Current inode: 246020 Stored inode: 246167
Current size: 9720 Stored size: 11720
Current file modification time: 1214487892
Stored file modification time : 1195262225
Warning: The file properties have changed:
File: /usr/bin/watch
Current inode: 246167 Stored inode: 245924
Current file modification time: 1214487892
Stored file modification time : 1195262225
Warning: The command '/usr/bin/whatis' has been replaced by a script: /usr/bin/whatis: Bourne shell script text executable
Warning: The command '/sbin/ifdown' has been replaced by a script: /sbin/ifdown: Bourne-Again shell script text executable
Warning: The command '/sbin/ifup' has been replaced by a script: /sbin/ifup: Bourne-Again shell script text executable
Warning: The file properties have changed:
File: /sbin/sysctl
Current hash: b560099caf18d28bcc0249efaec75dcddb87b219
Stored hash : fa13202ac5897d9f7198e8afbbe7d0c835b07639
Current inode: 589893 Stored inode: 589875
Current size: 9144 Stored size: 11048
Current file modification time: 1214487892
Stored file modification time : 1195262225

I know some of these warnings like /usr/bin/GET - groups -ldd - whatis - ifdown – ifup are normal false positives.

But other warnings are new,

I think they changed after upgrading the cpanel to 11.23
I have cpanel on centos 4.6

View 6 Replies View Related

PRIMARYVPS.COM's False Tactics: IS IT OK

Jun 13, 2007

I was surprised to see that they had 100% uptime in May according to their logs. I am used to see 99.98%, 98.97% etc. etc. with other hosts. But even 100% is quite possible.

On June 7th the uptime suddenly dropped below 96% with avg. 7 outages. I was really disappoined as I was planning to signup. But after a day or so it again rose to 100% with 0 outages on all of their servers which clearly explained the 100% uptime of May.

According to them they had a attack because of which IPs of nodes had to be changed and subsequently they also changed it on hyperspin.com (their server monitoring service). I immediately signed up on hyperspin to verify this claim. Changing the IP or hostname of a monitored service on hyperspin doesn't reset its log is what i clearly observed. Its quite visible that the logs were reset intensionally to hide the actual server uptime and make it always show 100% percent. When i reverted back to them on this issue, they prefered to close the ticket. I just want to know from other hosts, it this practice common or primaryvps.com is an exception? Well as mentioned on their site, the uptime log is located at:

hyperspin.com/publicreport/30037/20077

But don't expect too much. It has only two figures 0 for outages and 100% for uptime.

View 14 Replies View Related

Nameserver Giving False Results

Mar 25, 2007

Is there any way to avoid getting false name lookups when trying to resolv inexistent domains ? apart from using another nameserver.

I'm sorry if it was posted earlier, tried searching but it didn't help as it gave me large results.

Code:
[root@removed ~]# ping hjkdji284kajgafhj87da778dfsd.com
PING hjkdji284kajgafhj87da778dfsd..com.insertdchere.com (xx.xxx.xxx.xx) 56(84) bytes of data.
64 bytes from www.insertdchere.com (xx.xxx.xxx.xx): icmp_seq=0 ttl=61 time=1.00 ms
64 bytes from www.insertdchere.com (xx.xxx.xxx.xx): icmp_seq=1 ttl=61 time=0.952 ms
64 bytes from www.insertdchere.com (xx.xxx.xxx.xx): icmp_seq=2 ttl=61 time=1.34 ms

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved