This forum is closed to new posts and
responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:
~Helga Dwolutherflar 23.Jan.04 04:48 AM a Web browser General6.5Windows NT
Hi All,
This was a goof that I made and it sounds quite obvious now, but when you're not sure where to look, it is a big problem.
I configured SAV3.1 to content filter specific words (names of particular growth drugs etc). I figured that this would cut down our spam a lot more than Symantec's points rating system does.
This works very well.
I also configured it to send me broadcasts of rejected material, so I could release them if necessary (since our staff have a thing about false positives).
I set the system up to send a response to people who sent spam indicating that their message was rejected, but that if it shouldn't be then they needed to contact me. This was also to reduce false positives.
Finally, since I didn't want to have to open each one up before deciding if it could be released, I configured the subject to be something like...
SAV Blocked mail from %FROM% with subject of %SUBJECT% and intended for %TO%
(I know the syntax here is wrong, I'm just trying to give the general idea).
Anyway, this worked very well, but every now and then, seemingly randomly, the server would stop routing mail.
If I went into MAIL.BOX and released all mail marked as dead, the current mail would route, but any new mail would not (hence I'd have to do it all day - or reboot the server).
Also - if I rebooted the server without releasing the mail first, the mail still wouldn't route.
obviously, the problem was the first message in mail.box.
There was also a strange pattern just before the mail stopped routing. I'd get a flurry of emails from SAV saying that an email sent by MYSERVER/MYDOMAIN had violated content etc... (ie: The response message for spammers that I'd configured).
It turns out when SAV was quoting the subject lines, they sometimes contained a word that was in the block list. Since SAV doesn't support whitelisting, all messages from SAV (ie: from our server) were being rescanned for content before being sent to me.
This obviously causes more messages to be generated about the error messages (and these still had the word in their header). Eventually, the system would get into a loop and mail would stop.
Since I've taken the %subject% out of the heading, it's all been ok... It looks like I'll have to lose that nice feature until SAV starts to support whitelisting.
I'll try and draw Symantec's attention to this issue too as I couldn't find any info about the problem on their web site.
Hopefully, by posting this, you wont make the same mistakes.
Return to top
Print this page
