cancel
Showing results for 
Search instead for 
Did you mean: 

Critical Path Anti-spam Maintenance

jelv
Seasoned Hero
Posts: 26,785
Thanks: 971
Fixes: 10
Registered: ‎10-04-2007

Re: Critical Path Anti-spam Maintenance

What was the typical loading before they were put behind the CP devices?
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£14.40/month)
Mobile: iD mobile (£4/month)
bobpullen
Community Gaffer
Community Gaffer
Posts: 16,869
Thanks: 4,950
Fixes: 315
Registered: ‎04-04-2007

Re: Critical Path Anti-spam Maintenance

It's the CP boxes I was referring to Jelv.
Anyways, latest update is that we've now moved the last two mx.core mail delivery servers behind the CriticalPath devices.
This concludes the roll out phase of the trial and the next few days will see us concentrate on further monitoring and tuning.
Consideration will also be given towards switching on spam tagging and introducing the appliances to the mx.last delivery servers.

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

bobpullen
Community Gaffer
Community Gaffer
Posts: 16,869
Thanks: 4,950
Fixes: 315
Registered: ‎04-04-2007

Re: Critical Path Anti-spam Maintenance

Quick update on some of the weekend's activities here.

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

Tony_W
Grafter
Posts: 745
Registered: ‎11-08-2007

Re: Critical Path Anti-spam Maintenance

Are there any mail servers not behind Critical Path boxes?
I seem to have got a spam email (not marked as spam) which has not gone through the a CP process.
Quote
X-Daemon-Classification: INNOCENT
Envelope-to: yaa@username.f9.co.uk
Delivery-date: Wed, 21 Nov 2007 15:45:43 +0000
Received: from [83.238.151.211] (helo=chao-heng.com)
  by fhw-sunmxcore03.plus.net with smtp (PlusNet MXCore v2.00) id 1Iurlm-0001xA-5z
  for yaa@username.f9.co.uk; Wed, 21 Nov 2007 15:45:42 +0000
Message-ID: <000701c82c55$83b94210$8800fea9@sienek>
From: <undislosedrecipients-013@chao-heng.com>
To: <yaa@username.f9.co.uk>

It had several BCC recipients.
zubel
Community Veteran
Posts: 3,793
Thanks: 4
Registered: ‎08-06-2007

Re: Critical Path Anti-spam Maintenance

I believe only the mx.cores are behind the CP boxes.  The mx.lasts are not.
B.
Tony_W
Grafter
Posts: 745
Registered: ‎11-08-2007

Re: Critical Path Anti-spam Maintenance

Hi Barry,
Looking at the header, I can only see mxcore, not mxlast...
jelv
Seasoned Hero
Posts: 26,785
Thanks: 971
Fixes: 10
Registered: ‎10-04-2007

Re: Critical Path Anti-spam Maintenance

Can you post the headers please.
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£14.40/month)
Mobile: iD mobile (£4/month)
Tony_W
Grafter
Posts: 745
Registered: ‎11-08-2007

Re: Critical Path Anti-spam Maintenance

Hi Jelv,
I did post the relevant part, but here is the complete thing:
Quote
X-Daemon-Classification: INNOCENT
Envelope-to: yaa@username.f9.co.uk
Delivery-date: Wed, 21 Nov 2007 15:45:43 +0000
Received: from [83.238.151.211] (helo=chao-heng.com)
  by fhw-sunmxcore03.plus.net with smtp (PlusNet MXCore v2.00) id 1Iurlm-0001xA-5z
  for yaa@username.f9.co.uk; Wed, 21 Nov 2007 15:45:42 +0000
Message-ID: <000701c82c55$83b94210$8800fea9@sienek>
From: <undislosedrecipients-013@chao-heng.com>
To: <yaa@username.f9.co.uk>
Bcc: <yaa@pm.fwdto.com>,
<yaa@porter1948.fsworld.co.uk>,
<yaa@praintl.com>,
<yaa@prismacomms.com>,
<yaa@pukromo.freeserve.co.uk>,
<yaa@pyrie.co.uk>,
<yaa@rapidhost.co.uk>,
<yaa@ravers-central.co.uk>,
<yaa@redwood80.fsnet.co.uk>,
<yaa@reilly27.freeserve.co.uk>,
<yaa@reseller-margin.co.uk>
Subject: Re[5]: Clinical Trials Update: Nov. 20, 2007   
Date: Wed, 21 Nov 2007 16:45:17 +0200
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0004_01C82C5D.E57C04F0"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2180
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
X-PN-VirusFiltered: by PlusNet MXCore (v4.00)
X-DSPAM-Result: Innocent
X-DSPAM-Processed: Wed Nov 21 15:45:43 2007
X-DSPAM-Confidence: 0.6710
X-DSPAM-Improbability: 1 in 205 chance of being spam
X-DSPAM-Probability: 0.0000
X-DSPAM-Factors: 27,
Delivery-date*21+Nov, 0.00157,
Date*21+Nov, 0.00730,
Received*21+Nov, 0.00778,
name=GENERATOR>+See, 0.99000,
Url*cn, 0.95302,
Url*cn, 0.95302,
Subject*20+2007, 0.05520,
Subject*Update, 0.06733,
Machine, 0.13346,
Machine, 0.13346,
Subject*2007, 0.14474,
Maker, 0.15147,
Maker, 0.15147,
See, 0.15300,
See, 0.15300,
For, 0.15406,
For, 0.15406,
Received*smtp+(PlusNet, 0.16463,
Voting, 0.18942,
Voting, 0.18942,
X-PN-VirusFiltered*by+PlusNet, 0.20378,
X-PN-VirusFiltered*PlusNet+MXCore, 0.20378,
X-PN-VirusFiltered*PlusNet, 0.20378,
X-PN-VirusFiltered*by, 0.20378,
X-PN-VirusFiltered*MXCore, 0.20378,
Sues, 0.21078,
Sues, 0.21078
Chris
Legend
Posts: 17,724
Thanks: 600
Fixes: 169
Registered: ‎05-04-2007

Re: Critical Path Anti-spam Maintenance

Quote
fhw-sunmxcore03.plus.net

That's actually an mx.last, the lasts are at Field House Way (the FHW prefix)
Former Plusnet Staff member. Posts after 31st Jan 2020 are not on behalf of Plusnet.
bobp
Grafter
Posts: 71
Registered: ‎29-06-2007

Re: Critical Path Anti-spam Maintenance

The spam headers are making less and less sense.  Here's  one  I picked up this morning.
Quote
X-Daemon-Classification: INNOCENT
Envelope-to: bob@username.plus.com
Delivery-date: Tue, 20 Nov 2007 23:57:42 +0000
Received: from pih-criticalpath01.plus.net ([84.92.7.52] helo=cp3a.criticalpath.priv)
  by pih-sunmxcore17.plus.net with esmtp (PlusNet MXCore v2.00) id 1IucyM-0003vn-En
  for bob@username.plus.com; Tue, 20 Nov 2007 23:57:42 +0000
X-MAA: Suspected Spam
Received: from 20151061066.user.veloxzone.com.br (201.51.61.66) by cp3a.criticalpath.priv (7.3.118.15)
        id 472061DE10280746 for bob@username.plus.com; Tue, 20 Nov 2007 23:57:42 +0000
Received: from [201.51.61.66] by smtp.getontheweb.com; Tue, 20 Nov 2007 21:11:33 -0300
Message-ID: <01c82bb9$ed706790$423d33c9@jbg>
From: "Antoine Sanford" <jbg@sgri.com>
To: <bob@username.plus.com>
Subject: EmedsMedsHealthyLife
Date: Tue, 20 Nov 2007 21:11:33 -0300
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0007_01C82BB9.ED706790"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1409
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409
X-PN-VirusFiltered: by PlusNet MXCore (v4.00)
X-DSPAM-Result: Innocent
X-DSPAM-Processed: Tue Nov 20 23:57:43 2007
X-DSPAM-Confidence: 0.4953
X-DSPAM-Improbability: 1 in 99 chance of being spam
X-DSPAM-Probability: 0.3348
X-DSPAM-Factors: 27,
Received*33+0300, 0.01000,
From*Sanford", 0.99000,
To*<bob, 0.99000,
From*"Antoine, 0.01000,
Date*Tue+20, 0.02219,
Date*33+0300, 0.04305,
size=2><A+">, 0.88328,
1409", 0.87641,
1409"+name=GENERATOR>, 0.87569,
Delivery-date*2007+23, 0.12432,
X-MAA*Suspected, 0.87498,
X-MAA*Spam, 0.87498,
X-MAA*Suspected+Spam, 0.87498,
Received*2007+23, 0.13701,
Received*2007+23, 0.13701,
Received*2007+21, 0.14442,
2800+1409", 0.84898,
Date*21+11, 0.16233,
Date*2007+21, 0.17207,
1250">+<META, 0.78980,
Received*33, 0.21139,
Received*21+11, 0.78763,
Content-Type*charset="windows+1250", 0.78618,
Content-Type*charset="windows+1250", 0.78618,
Content-Type*1250", 0.78614,
Content-Type*1250", 0.78614,
X-PN-VirusFiltered*by+PlusNet, 0.23238

So is it suspected spam or is it innocent - make your mind up.  One or the other - but both?
This came through mx-core and criticalpath.  K9 identified it as spam with a probability of 97.6% once it arrived here.  It will be interesting to see what effect Postini has.
bobp
bobpullen
Community Gaffer
Community Gaffer
Posts: 16,869
Thanks: 4,950
Fixes: 315
Registered: ‎04-04-2007

Re: Critical Path Anti-spam Maintenance

For those that don't know, the trial we have been conducting with Critical Path was terminated today, 2 weeks behind the original intended date of closure.
The overall results of the trial have been positive.
Further details can be found in the planned maintenance post here.

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵