• Blocked email return message

    From GREG MARLER@1:124/5013 to All on Thu Jan 31 19:18:36 2019
    Date: Wed, 26 Dec 2007 11:42:05 -0400
    From: GREG MARLER
    To: All
    Subject: Blocked email return message
    Newsgroups: win.server.smtp.&.avs
    Message-ID: <1198687325.46.0@winserver.com>
    X-Mailer: Wildcat! Interactive Net Server v7.0.454.5
    Lines: 18

    Hector this is probably addressed mainly to you but anyone is welcome to comment if they have an answer.

    Implementing wcSAP and it works pretty well, blobking and returning a signifcant number of emails.

    Questions. Is there a way to customize the return message as to why the sender's email is returned.

    For example, some systems such as aol and such tack on a website address or email address that can be used if a legitimate email is returned so that
    they can be whitelisted or at least have a chance to be recognized. I would like to be able to append a spam@ email address that I have place as
    "accept all" exception in the SAP file. This way a person who is having
    trouble sending email can have a means to have their email received by recipient.

    Greg
    --- Platinum Xpress/Win/WINServer v3.1
    * Origin: Prison Board BBS Mesquite Tx //telnet.RDFIG.NET www. (1:124/5013)
  • From HECTOR SANTOS@1:124/5013 to All on Thu Jan 31 19:18:36 2019
    Date: Thu, 27 Dec 2007 00:57:05 -0400
    From: HECTOR SANTOS
    To: GREG MARLER
    Subject: RE: Blocked email return message
    Newsgroups: win.server.smtp.&.avs
    Message-ID: <1198735025.46.1198687325@winserver.com>
    References: <1198687325.46.0@winserver.com>
    X-WcMsg-Attr: Rcvd
    X-Mailer: Wildcat! Interactive Net Server v7.0.454.5
    Lines: 111

    On 2007-12-26 11:42 AM, GREG MARLER wrote to All:

    Hector this is probably addressed mainly to you but anyone is welcome to comment if they have an answer.

    Implementing wcSAP and it works pretty well, blobking and returning a signifcant number of emails.

    Questions. Is there a way to customize the return message as to why the sender's email is returned.

    For example, some systems such as aol and such tack on a website
    address or email address that can be used if a legitimate email is
    returned so that they can be whitelisted or at least have a chance
    to be recognized. I would like to be able to append a spam@
    email address that I have place as "accept all" exception in the
    SAP file. This way a person who is having trouble sending email
    can have a means to have their email received by recipient.

    Greg

    Hi Greg,

    First let me explain why it is like it currently is.

    Overall, I fundamentally believe the less clue you give the bad guys the better.

    This premise works when the FALSE positives are low. In other words, when
    the majority is expected only to be the "bad guys" to see this, then you
    don't want to explain why.

    However, intentional vagued reasons can be a problem when the majority or a high incidences of rejections are false positives. But if that is case,
    then the AVS method in place is poor and shouldn't be used.

    So the method only works because the vast majority is bad.

    That said, I did explore alternative response string methods. I will
    provide current state of affairs on that. But first let me explain why it
    was considered.

    Again, on the premise the only people who this might effect are false positives. By far, the system works, therefore you don't an urgent
    request to do this.

    However, there was this one incident a few years back where in a public ANTI-SPAM forum thread exchange of messages, this one fella decided to send
    a private email to me and got a WCSAP rejection with a generic "Return Path
    not validated" response.

    He posted it publicly and began to bad mouth the system.

    Beside the fact it was shown WCSAP was right, it only did its job and he
    felt embarrassed when it was showed (I posted logs) he using a non-SMTP compliant return path (it must be valid), he did make a valid point that
    if he "knew" of reasons, then he would not made an ass of himself.

    So based on overall incident and understanding I did need it, especially
    for SMTPFILTER, I did start work to allow for custom responses for WCSMTP rejections.

    However, and this where I have to now open a DOS BOX and read the source
    code to confirm if it was done only for SMTPFILTER because it was needed
    for WCGREYLIST and any other 3rd party SMTPFILTER developers write who need
    a custom response. I know it was done for SMTPFILTER and it is
    programmable, and I know it was done for WCSAP, but I don't know if it was allowed to be programmable.

    Let me check.. OPENING DOS BOX....

    Well, lets just say its not "cleanly" available to be programmable at this point to have WCSAP offer custom SMTP responses but two internal methods
    was used to return WCSMTP TRACE LOG reasons.

    These methods explored predated the way it currently done for SMTPFILTER
    which allowed the 3rd party WCX to create a response file with the special
    file name:

    spool\{hostname}\ne\temp-message-filename.response

    There is a SMTPFILTER library function that allows this response file to be created. When a SMTPFILTER*.WCX module is run to analyze the email data, before WCSMTP sends the default

    250 message accepted
    45x/550 message not accepted"

    responses, it will check for a specific response file created by SMTPFILTER WCX.

    So for WCSAP, we don't have a way to change the SMTP response sent to the sender.

    I will jot this down and explore it again :-)

    Keep in mind again that I still feel it is not a good idea to expose
    "clues" to bad guys, especially when the majority is bad. So IMO its a judgment call if the concern is just a current rare situation you just came across and believe it would of been great to have more information, but overall, do you really want to this to be sent to the majority of
    rejections where are bad guys?

    The worst case scenario is the bad guy learns from the "spam@" address and begins to bombard it or learns how to autowhite list it selft. :-)

    Anyway, I will check it out.

    ---
    HLS

    * Origin: Prison Board BBS Mesquite Tx //telnet.RDFIG.NET www. (1:124/5013)
  • From GREG MARLER@1:124/5013 to All on Thu Jan 31 19:18:36 2019
    Date: Thu, 27 Dec 2007 11:56:38 -0400
    From: GREG MARLER
    To: HECTOR SANTOS
    Subject: RE: Blocked email return message
    Newsgroups: win.server.smtp.&.avs
    Message-ID: <1198774598.46.1198735025@winserver.com>
    References: <1198735025.46.1198687325@winserver.com>
    X-WcMsg-Attr: Rcvd
    X-Mailer: Wildcat! Interactive Net Server v7.0.454.5
    Lines: 129

    I don't disagree with what you say. I love the way that wcSAP works. It has blocked a bunch of spam. What I am encountering is email server who will
    not authenticate their users, possibly with their version of a spam filter.
    A good example of this is the NY Time newspaper, polk-fl.net gov emails, passport.msn.com, cheaptickets.com, and firn.edu. These are just a few out
    of the smtpfilter.txt file. I do NOT want an automatic whitelist system, I
    want to still peruse the requests and grant them on a personal basis. I am
    not so large that an automated system is necessary. Even RR.Com's whitelist sytem is a live person, just their blacklist is automated.

    Thanks in advance for looking into this.

    Greg


    On 2007-12-27 12:57 AM, HECTOR SANTOS wrote to GREG MARLER:

    On 2007-12-26 11:42 AM, GREG MARLER wrote to All:

    Hector this is probably addressed mainly to you but anyone is welcome to comment if they have an answer.

    Implementing wcSAP and it works pretty well, blobking and returning a signifcant number of emails.

    Questions. Is there a way to customize the return message as to why the sender's email is returned.

    For example, some systems such as aol and such tack on a website
    address or email address that can be used if a legitimate email is returned so that they can be whitelisted or at least have a chance
    to be recognized. I would like to be able to append a spam@
    email address that I have place as "accept all" exception in the
    SAP file. This way a person who is having trouble sending email
    can have a means to have their email received by recipient.

    Greg

    Hi Greg,

    First let me explain why it is like it currently is.

    Overall, I fundamentally believe the less clue you give the bad guys the better.

    This premise works when the FALSE positives are low. In other words, when the majority is expected only to be the "bad guys" to see this, then you don't want to explain why.

    However, intentional vagued reasons can be a problem when the majority or a high incidences of rejections are false positives. But if that is case, then the AVS method in place is poor and shouldn't be used.

    So the method only works because the vast majority is bad.

    That said, I did explore alternative response string methods. I will provide current state of affairs on that. But first let me explain why it was considered.

    Again, on the premise the only people who this might effect are false positives. By far, the system works, therefore you don't an urgent
    request to do this.

    However, there was this one incident a few years back where in a public ANTI-SPAM forum thread exchange of messages, this one fella decided to send a private email to me and got a WCSAP rejection with a generic "Return Path not validated" response.

    He posted it publicly and began to bad mouth the system.

    Beside the fact it was shown WCSAP was right, it only did its job and he felt embarrassed when it was showed (I posted logs) he using a non-SMTP compliant return path (it must be valid), he did make a valid point that
    if he "knew" of reasons, then he would not made an ass of himself.

    So based on overall incident and understanding I did need it, especially
    for SMTPFILTER, I did start work to allow for custom responses for WCSMTP rejections.

    However, and this where I have to now open a DOS BOX and read the source code to confirm if it was done only for SMTPFILTER because it was needed for WCGREYLIST and any other 3rd party SMTPFILTER developers write who need a custom response. I know it was done for SMTPFILTER and it is programmable, and I know it was done for WCSAP, but I don't know if it was allowed to be programmable.

    Let me check.. OPENING DOS BOX....

    Well, lets just say its not "cleanly" available to be programmable at this point to have WCSAP offer custom SMTP responses but two internal methods
    was used to return WCSMTP TRACE LOG reasons.

    These methods explored predated the way it currently done for SMTPFILTER which allowed the 3rd party WCX to create a response file with the special file name:

    spool\{hostname}\ne\temp-message-filename.response

    There is a SMTPFILTER library function that allows this response file to be created. When a SMTPFILTER*.WCX module is run to analyze the email data, before WCSMTP sends the default

    250 message accepted
    45x/550 message not accepted"

    responses, it will check for a specific response file created by SMTPFILTER WCX.

    So for WCSAP, we don't have a way to change the SMTP response sent to the sender.

    I will jot this down and explore it again :-)

    Keep in mind again that I still feel it is not a good idea to expose
    "clues" to bad guys, especially when the majority is bad. So IMO its a judgment call if the concern is just a current rare situation you just came across and believe it would of been great to have more information, but overall, do you really want to this to be sent to the majority of
    rejections where are bad guys?

    The worst case scenario is the bad guy learns from the "spam@" address and begins to bombard it or learns how to autowhite list it selft. :-)

    Anyway, I will check it out.

    ---
    HLS


    --- Platinum Xpress/Win/WINServer v3.1
    * Origin: Prison Board BBS Mesquite Tx //telnet.RDFIG.NET www. (1:124/5013)
  • From HECTOR SANTOS@1:124/5013 to All on Thu Jan 31 19:18:36 2019
    Date: Thu, 27 Dec 2007 14:42:17 -0400
    From: HECTOR SANTOS
    To: GREG MARLER
    Subject: RE: Blocked email return message
    Newsgroups: win.server.smtp.&.avs
    Message-ID: <1198784537.46.1198774598@winserver.com>
    References: <1198774598.46.1198735025@winserver.com>
    X-WcMsg-Attr: Rcvd
    X-Mailer: Wildcat! Interactive Net Server v7.0.454.5
    Lines: 147

    Ok, I am not sure what you are looking for or how this helps, so give me
    an example of what you would like to do? what you would like to see
    replaced or done?

    --
    HLS

    On 2007-12-27 11:56 AM, GREG MARLER wrote to HECTOR SANTOS:

    I don't disagree with what you say. I love the way that wcSAP works. It has blocked a bunch of spam. What I am encountering is email server who will
    not authenticate their users, possibly with their version of a spam filter.
    A good example of this is the NY Time newspaper, polk-fl.net gov emails, passport.msn.com, cheaptickets.com, and firn.edu. These are just a few out
    of the smtpfilter.txt file. I do NOT want an automatic whitelist system, I want to still peruse the requests and grant them on a personal basis. I am not so large that an automated system is necessary. Even RR.Com's whitelist sytem is a live person, just their blacklist is automated.

    Thanks in advance for looking into this.

    Greg


    On 2007-12-27 12:57 AM, HECTOR SANTOS wrote to GREG MARLER:

    On 2007-12-26 11:42 AM, GREG MARLER wrote to All:

    Hector this is probably addressed mainly to you but anyone is welcome to comment if they have an answer.

    Implementing wcSAP and it works pretty well, blobking and returning a signifcant number of emails.

    Questions. Is there a way to customize the return message as to why the sender's email is returned.

    For example, some systems such as aol and such tack on a website address or email address that can be used if a legitimate email is returned so that they can be whitelisted or at least have a chance
    to be recognized. I would like to be able to append a spam@
    email address that I have place as "accept all" exception in the
    SAP file. This way a person who is having trouble sending email
    can have a means to have their email received by recipient.

    Greg

    Hi Greg,

    First let me explain why it is like it currently is.

    Overall, I fundamentally believe the less clue you give the bad guys the better.

    This premise works when the FALSE positives are low. In other words, when the majority is expected only to be the "bad guys" to see this, then you don't want to explain why.

    However, intentional vagued reasons can be a problem when the majority
    or a
    high incidences of rejections are false positives. But if that is case, then the AVS method in place is poor and shouldn't be used.

    So the method only works because the vast majority is bad.

    That said, I did explore alternative response string methods. I will provide current state of affairs on that. But first let me explain why it was considered.

    Again, on the premise the only people who this might effect are false positives. By far, the system works, therefore you don't an urgent request to do this.

    However, there was this one incident a few years back where in a public ANTI-SPAM forum thread exchange of messages, this one fella decided to
    send
    a private email to me and got a WCSAP rejection with a generic "Return
    Path
    not validated" response.

    He posted it publicly and began to bad mouth the system.

    Beside the fact it was shown WCSAP was right, it only did its job and he felt embarrassed when it was showed (I posted logs) he using a non-SMTP compliant return path (it must be valid), he did make a valid point that if he "knew" of reasons, then he would not made an ass of himself.

    So based on overall incident and understanding I did need it, especially for SMTPFILTER, I did start work to allow for custom responses for WCSMTP rejections.

    However, and this where I have to now open a DOS BOX and read the source code to confirm if it was done only for SMTPFILTER because it was needed for WCGREYLIST and any other 3rd party SMTPFILTER developers write who
    need
    a custom response. I know it was done for SMTPFILTER and it is programmable, and I know it was done for WCSAP, but I don't know if it was allowed to be programmable.

    Let me check.. OPENING DOS BOX....

    Well, lets just say its not "cleanly" available to be programmable at
    this
    point to have WCSAP offer custom SMTP responses but two internal methods was used to return WCSMTP TRACE LOG reasons.

    These methods explored predated the way it currently done for SMTPFILTER which allowed the 3rd party WCX to create a response file with the special file name:

    spool\{hostname}\ne\temp-message-filename.response

    There is a SMTPFILTER library function that allows this response file
    to be
    created. When a SMTPFILTER*.WCX module is run to analyze the email data, before WCSMTP sends the default

    250 message accepted
    45x/550 message not accepted"

    responses, it will check for a specific response file created by
    SMTPFILTER
    WCX.

    So for WCSAP, we don't have a way to change the SMTP response sent to the sender.

    I will jot this down and explore it again :-)

    Keep in mind again that I still feel it is not a good idea to expose "clues" to bad guys, especially when the majority is bad. So IMO its a judgment call if the concern is just a current rare situation you just
    came
    across and believe it would of been great to have more information, but overall, do you really want to this to be sent to the majority of rejections where are bad guys?

    The worst case scenario is the bad guy learns from the "spam@" address and begins to bombard it or learns how to autowhite list it selft. :-)

    Anyway, I will check it out.

    ---
    HLS



    --- Platinum Xpress/Win/WINServer v3.1
    * Origin: Prison Board BBS Mesquite Tx //telnet.RDFIG.NET www. (1:124/5013)
  • From GREG MARLER@1:124/5013 to All on Thu Jan 31 19:18:38 2019
    Date: Fri, 28 Dec 2007 11:46:15 -0400
    From: GREG MARLER
    To: HECTOR SANTOS
    Subject: RE: Blocked email return message
    Newsgroups: win.server.smtp.&.avs
    Message-ID: <1198860375.46.1198784537@winserver.com>
    References: <1198784537.46.1198774598@winserver.com>
    X-WcMsg-Attr: Rcvd
    X-Mailer: Wildcat! Interactive Net Server v7.0.454.5
    Lines: 195

    I would just like a message appended to the current error code to either
    send an email to a specified email address or go to a certain URL to be
    given access to send email to this system.

    RoadRunner Uses:

    Received: 550 ERROR: Mail Refused - 24.173.130.227 - See http://security.rr.com/cgi-bin/block-lookup?24.173.130.227 from SMTP server hrndva-smtpin01.mail.rr.com.

    In this case, taken from smtp logs they are using the offending ip in the message. Nothing this sophisticated needs to be used just a link or instructions on why they are blocked and how to get unblocked.

    The actual unblocking would take place after a review of the email address
    that is sent to the spam blocked email address i.e. spam@myhometownweb.com
    or a form that sends the email to that address.

    Hope that this clarifies things more.

    Thanks, in advance.

    Greg Marler

    Ok, I am not sure what you are looking for or how this helps, so give me
    an example of what you would like to do? what you would like to see replaced or done?

    --
    HLS

    On 2007-12-27 11:56 AM, GREG MARLER wrote to HECTOR SANTOS:

    I don't disagree with what you say. I love the way that wcSAP works.
    It has
    blocked a bunch of spam. What I am encountering is email server who will not authenticate their users, possibly with their version of a spam
    filter.
    A good example of this is the NY Time newspaper, polk-fl.net gov emails, passport.msn.com, cheaptickets.com, and firn.edu. These are just a few out of the smtpfilter.txt file. I do NOT want an automatic whitelist system, I want to still peruse the requests and grant them on a personal basis. I am not so large that an automated system is necessary. Even RR.Com's
    whitelist
    sytem is a live person, just their blacklist is automated.

    Thanks in advance for looking into this.

    Greg


    On 2007-12-27 12:57 AM, HECTOR SANTOS wrote to GREG MARLER:

    On 2007-12-26 11:42 AM, GREG MARLER wrote to All:

    Hector this is probably addressed mainly to you but anyone is
    welcome to
    comment if they have an answer.

    Implementing wcSAP and it works pretty well, blobking and returning a signifcant number of emails.

    Questions. Is there a way to customize the return message as to
    why the
    sender's email is returned.

    For example, some systems such as aol and such tack on a website address or email address that can be used if a legitimate email is returned so that they can be whitelisted or at least have a chance to be recognized. I would like to be able to append a spam@
    email address that I have place as "accept all" exception in the
    SAP file. This way a person who is having trouble sending email
    can have a means to have their email received by recipient.

    Greg

    Hi Greg,

    First let me explain why it is like it currently is.

    Overall, I fundamentally believe the less clue you give the bad
    guys the
    better.

    This premise works when the FALSE positives are low. In other
    words, when
    the majority is expected only to be the "bad guys" to see this,
    then you
    don't want to explain why.

    However, intentional vagued reasons can be a problem when the majority
    or a
    high incidences of rejections are false positives. But if that is
    case,
    then the AVS method in place is poor and shouldn't be used.

    So the method only works because the vast majority is bad.

    That said, I did explore alternative response string methods. I will provide current state of affairs on that. But first let me explain
    why it
    was considered.

    Again, on the premise the only people who this might effect are false positives. By far, the system works, therefore you don't an urgent request to do this.

    However, there was this one incident a few years back where in a public ANTI-SPAM forum thread exchange of messages, this one fella decided to
    send
    a private email to me and got a WCSAP rejection with a generic "Return
    Path
    not validated" response.

    He posted it publicly and began to bad mouth the system.

    Beside the fact it was shown WCSAP was right, it only did its job
    and he
    felt embarrassed when it was showed (I posted logs) he using a non-SMTP compliant return path (it must be valid), he did make a valid
    point that
    if he "knew" of reasons, then he would not made an ass of himself.

    So based on overall incident and understanding I did need it,
    especially
    for SMTPFILTER, I did start work to allow for custom responses for
    WCSMTP
    rejections.

    However, and this where I have to now open a DOS BOX and read the
    source
    code to confirm if it was done only for SMTPFILTER because it was
    needed
    for WCGREYLIST and any other 3rd party SMTPFILTER developers write who
    need
    a custom response. I know it was done for SMTPFILTER and it is programmable, and I know it was done for WCSAP, but I don't know if
    it was
    allowed to be programmable.

    Let me check.. OPENING DOS BOX....

    Well, lets just say its not "cleanly" available to be programmable at
    this
    point to have WCSAP offer custom SMTP responses but two internal
    methods
    was used to return WCSMTP TRACE LOG reasons.

    These methods explored predated the way it currently done for
    SMTPFILTER
    which allowed the 3rd party WCX to create a response file with the
    special
    file name:

    spool\{hostname}\ne\temp-message-filename.response

    There is a SMTPFILTER library function that allows this response file
    to be
    created. When a SMTPFILTER*.WCX module is run to analyze the email
    data,
    before WCSMTP sends the default

    250 message accepted
    45x/550 message not accepted"

    responses, it will check for a specific response file created by
    SMTPFILTER
    WCX.

    So for WCSAP, we don't have a way to change the SMTP response sent
    to the
    sender.

    I will jot this down and explore it again :-)

    Keep in mind again that I still feel it is not a good idea to expose "clues" to bad guys, especially when the majority is bad. So IMO its a judgment call if the concern is just a current rare situation you just
    came
    across and believe it would of been great to have more information, but overall, do you really want to this to be sent to the majority of rejections where are bad guys?

    The worst case scenario is the bad guy learns from the "spam@"
    address and
    begins to bombard it or learns how to autowhite list it selft. :-)

    Anyway, I will check it out.

    ---
    HLS




    --- Platinum Xpress/Win/WINServer v3.1
    * Origin: Prison Board BBS Mesquite Tx //telnet.RDFIG.NET www. (1:124/5013)
  • From HECTOR SANTOS@1:124/5013 to All on Thu Jan 31 19:18:38 2019
    Date: Fri, 28 Dec 2007 13:49:48 -0400
    From: HECTOR SANTOS
    To: GREG MARLER
    Subject: Re: Blocked email return message
    Newsgroups: win.server.smtp.&.avs
    Message-ID: <1198867952.46.1198860375@winserver.com>
    References: <1198860375.46.1198784537@winserver.com>
    X-WcMsg-Attr: Rcvd
    X-Mailer: Wildcat! Interactive Net Server v7.0.454.5
    Lines: 48

    Ok, thanks for the example.

    There is reasons to get an idea of what you referring to because it
    means a few things:

    1) The length
    2) How it is done, internally or as a separate file
    3) Is it one file or multiple response code files?
    4) Should it have MACROs or just plain old sysop text.

    etc.

    Will look at it.

    --
    HLS

    GREG MARLER wrote:
    I would just like a message appended to the current error code to either
    send an email to a specified email address or go to a certain URL to be
    given access to send email to this system.

    RoadRunner Uses:

    Received: 550 ERROR: Mail Refused - 24.173.130.227 - See http://security.rr.com/cgi-bin/block-lookup?24.173.130.227 from SMTP server hrndva-smtpin01.mail.rr.com.

    In this case, taken from smtp logs they are using the offending ip in the message. Nothing this sophisticated needs to be used just a link or instructions on why they are blocked and how to get unblocked.

    The actual unblocking would take place after a review of the email address that is sent to the spam blocked email address i.e. spam@myhometownweb.com
    or a form that sends the email to that address.

    Hope that this clarifies things more.

    Thanks, in advance.

    Greg Marler

    Ok, I am not sure what you are looking for or how this helps, so give me an example of what you would like to do? what you would like to see replaced or done?

    --
    HLS
    --- Platinum Xpress/Win/WINServer v3.1
    * Origin: Prison Board BBS Mesquite Tx //telnet.RDFIG.NET www. (1:124/5013)