How It Works
For incoming messages, XWall needs to get the message before
your Exchange server will get it so that it can perform it
checks before passing the message over to Exchange. Depending on whether you run
XWall on the same machine as Exchange or on a different machine,
XWall either needs to hook up to port 25 or to act as a relay host (respectively).
For outgoing messages, Exchange server passes the message to
XWall, which performs its checks and then sends the message out
in the Internet. From Exchange Servers viewpoint, XWall is a normal relay host.
So the message flow for incoming messages would be Internet
-> XWall -> Exchange server, and for outgoing messages it would be Exchange server -> XWall
-> Internet
System Requirements
- Windows NT, Windows 2000 with TCP/IP
installed
- Microsoft Exchange, Lotus Notes or any other SMTP
server
Installation
- Run Setup.exe or create a directory on your machine and
copy all the files into this directory.
-
Start MBAdmin.exe to configure XWall.
- The first time you run XWall you will be prompted
for the following information:
Postmaster's address
The address of the person who is responsible for
maintaining XWall.
XWall will send all error messages to this address.
The name or IP address of the Exchange server.
If XWall is running on the same machine as the Exchange
server than you can ( and should ) use localhost
as the name.
The port Exchange listens
If XWall is running on the same machine as the Exchange
server than use port 24,
else use port 25.
The e-mail domain that your Exchange is
responsible
XWall needs to know for which e-mail domain your Exchange
is responsible,
so that if can forward messages for this domain to your
Exchange.
- Running XWall on the same machine as Exchange server
Incoming Messages
If you run XWall on the same machine as the Exchange, then you must tell Exchange to listen on a separate port; i.e. not port 25, because only one application can listen to a specific port at one time and
XWall needs to be the first application that gets SMTP messages.
- Exchange 5.x
To do this open the file services, usually
located in C:\WINNT\system32\drivers\etc\SERVICES
with Notepad or any other text editor. Locate the line smtp
25/tcp mail and change 25 to the port of your
choice (use 24 if you are not sure which one you
should use) and save the file.Restart the IMS (Internet Mail
Service) of the
Exchange server to bring the new settings into affect.
- Exchange 2000
Start System Manager (Exchange
Admin) and select Servers->Your
Server->Protocol->SMTP->Default SMTP
Virtual Server->Properties.
In this dialog select the tab labeled General
and then Advanced and here you can set the
port on which this virtual server listens.
Also make sure Anonymous access is allowed
or else XWall is not able to connect to Exchange. In System Manager ( Exchange
Admin) select Servers->Your
Server->Protocol->SMTP->Default SMTP
Virtual Server->Properties. In this dialog select the tab labeled Access
and then Authentication and enable Anonymous
access.
Then start MBAdmin, select View->Options->IP
Address->Exchange SMTP Port and type in the same
port that you used in services .
Outgoing Messages
- Exchange 5.x
Start Exchange Administrator, select the IMS (Internet
Mail Service) and
click on the tab labeled Connections.
Enable Forward all messages to host and type in localhost.
Close the dialog and restart the IMS.
From then on the Exchange server will forward all
messages to the localhost, which basically means it sends
them
to XWall.
- Exchange 2000
If you have no SMTP connector then start System Manager (Exchange
Admin) and select Servers->Your
Server->Protocol->SMTP->Default SMTP
Virtual Server->Properties.
In this dialog select the tab labeled Delivery
and then Advanced.
In Smart host
type in localhost.
Close the dialog and restart
Exchange.
From then on the Exchange server will forward all
messages to the localhost, which basically means it sends
them
to XWall.
If you have a SMTP connector then start System Manager (Exchange
Admin) and select Connectors->Your SMTP
Connector->Properties->Forward all mail
through this connector to the following smart host
and type in the name or IP address of the machine
where XWall is running.
Close the dialog and restart
Exchange.
From then on the Exchange server will forward all
messages to the name or IP address , which basically means it sends
them
to XWall.
- Running XWall on a different machine then the Exchange server
Incoming Messages
Start MBAdmin, select View->Options->Exchange->Name
or IP address of the Exchange server and type in the
name or IP address of the Exchange server.
Depending on your DNS configuration you will need to
change the MX record so that it points to the machine
where XWall is running or else XWall will not get the
messages before Exchange.
Outgoing Messages
- Exchange 5.x
Start Exchange Administrator, select the
IMS (Internet Mail Service) and
click on the tab labeled Connections.
Enable Forward all messages to host and type in
the name or IP address of the machine where XWall is
running.
Close the dialog and restart the IMS.
From then on the Exchange server will forward all
messages to XWall.
- Exchange 2000
If you have no SMTP connector start System Manager ( Exchange
Admin) and select Servers->Your
Server->Protocol->SMTP->Default SMTP
Virtual Server->Properties.
In this dialog select the tab labeled Delivery
and then Advanced. In Smart host
type in
the name or IP address of the machine where XWall is
running. Close the dialog and restart Exchange.
From then on the Exchange server will forward all
messages to XWall.
If you have a SMTP connector then start System Manager (Exchange
Admin) and select Connectors->Your SMTP
Connector->Properties->Forward all mail
through this connector to the following smart host
and type in the name or IP address of the machine
where XWall is running.
Close the dialog and restart Exchange.
From then on the Exchange server will forward all
messages to the name or IP address , which basically means it sends
them
to XWall.
Once you have done this you can start MBServer and check if all
messages are properly routed.
Run XWall as a service
Keep in mind that XWall needs to reside on a
local disk or the service controller will not be able to start
it. For the examples below, we assume XWall is in C:\XWall
Once you run XWall as a service, errors will only be visible in the logfile. Consequently, before running it as a service you must first ensure that
XWall is running properly with no errors by launching it in Console Mode (i.e. starting it from an icon).
In general, installing XWall as a service should be your
last task and not your first.
- Installing XWall as a service
Start MBServer.exe with the argument of install,
by typing MBServer install at the command prompt and
XWall will create the
service.
By default it is an AutoStart service and any time your
computer is started, XWall will start. You can start and stop XWall at any time via Control
Panel
Note: After you have started XWall as a
service, verify that XWall has no errors.
You need to take a look into the logfile to do this.
- Removing XWall as a service
Start MBServer.exe with the argument of remove,
by typing MBServer remove at the command prompt and
XWall will delete the
service.
How to stop XWall
- XWall runs as a console application:
- Press ESCAPE
- Select Close from the
system menu (works only on NT)
- Press Alt-F4 (works only
on NT)
- XWall runs as a service on NT:
- Open Control Panel, select Services,
locate XWall and press the button labeled Stop
- type Net Stop XWall at
the command prompt
Upgrade to the Latest Version
You will find the latest version of XWall at our Download Area.
Simply stop XWall and then run setup.exe to
install the new version.
Tighten Security
To tighten your email security as much as possible enable the
following setting:
Fight Spam
There are two ways to fight against spam and both have advantages
and disadvantages:
- Block all messages as early as possible
The advantage is that the messages do not reach your server
and are blocked as early as possible, most of them at the SMTP
protocol level. The drawback is that the administrator needs to
handle all the exceptions.
For example, if you enable the Spam
Lookup Service (SLS) and you tell XWall to block all
messages that are on the spamcop.net list, then this will catch
a lot of spam mails ( usually around 50% ).
However, your best customer/supplier/friend/relative will
also be blocked because he/she is using a mail server which is
on the list. So you need to exclude this mail server and you
need to adjust it any time the IP address changes.
What makes the task really time consuming is the fact that
the customer/supplier/friend/relative does not simply tell you
that your server does not accept mail because it is on a spam
list. They will call you and say something like
I can not send to you and you have to figure out what the
problem might be.
- Let all messages come in and mark the subject
The advantage of this is that the administrator has absolute
no work and it give the most flexibility, because XWall only
marks the subject ( it adds a small text like [sls] at
the end of the subject ).
The final recipient can then simply setup a rule in his/her
email client that deletes all messages where the subject
contains [sls]. He/she can maintain a local exception
list and do not need to call the administrator for handling an
exception. Another option would be to color code the message
rather then deleting it.
In practice this this has been proven to be the best way to
fight spam.
Methods for the fight:
One of the best methods, it catches around 50% of spam
Does not really help much, because spammer usually use valid
domains.
Most spam messages are sent as BCC and so this is a very
effective way to fight against spam. Combined with a Spam Lookup
Service it should catch around 95%.
However, the drawback is that an extensive exclusion list is
needs, because not every BCC is a spam. Because of this
there is no way to block BCC message in XWall.
Works far better that simply blocking words,
because it
is fully dynamic and there is no need to maintain a word
list.
Keep in mind that XWall scan for strings and not
words.
To scan for words you need to add a space in front and at the
end of the string.
If the string is cum ( without the spaces that make it
a word), then you block the authors name which is Michael Kocum.
Or if the string is sex then this would also block MSExchange.
This is cpu intensive task, because the text needs to be
normalized before it is scanned and this requires cpu power (
memory is not a issue )
Helper Programs
- Signal
Signal is a command line program that allows you to perform
the same commands as from the Signal menu of
MBAdmin. You can force the download of POP3 messages by simply
clicking on a link rather than starting MBAdmin.
Signal.zip can be downloaded from our Download Area.
- LogView
LogView allowss you to view the logfile in real time from any
machine on your network. This is especially useful if MBServer runs as a service.
LogView.zip can be downloaded from our Download Area.
Common Problems - FAQ
|
|
Error: Unable to connect to host |
|
|
Error: Timeout in reading data [9] |
|
|
550 5.7.1 Unable to relay for user@yourdomain.com |
|
|
505 5.7.1: Client was not authenticated |
|
|
XWall is running as a console application without any problems,
but when running as a service errors are reported |
|
|
XWall as a console application and the last screen line is
not visible |
|
|
XWall reports RAS problems when the Proxy server opens the
line |
|
|
You have a AVM card |
|
|
Error: No Exchange server found at localhost |
|
|
Files stuck in the MSG-IN directory |
|
|
Error: No AUTH command in EHLO found, Authentication failed |
KBXW001
- Symptoms:
The logfile
shows Error: Unable to connect to host
- Cause:
Exchange does not listen for incoming
messages on port 25. You can check if Exchange is listening on port 25 by typing (in
a DOS box) telnet localhost 25 [enter].
When everything is working you should get back a greeting line,
else you get a connection error.
KBXW016
- Symptoms:
The messages are not forwarded to the Exchange
server;
the messages are all in the MSG-OUT directory and the logfile shows
Error:
Timeout in reading data [9]
- Cause:
This error happens in Exchange 2000 when there is
something that prevents Exchange from accepting the message.
Usually the error is the result of a routing problem, a
renamed domain in the recipient policy, an authentication
problem or a
firewall that blocks or a virus scanner that
prevents Exchange from working correctly.
- Solution:
Exchange 2000
Check if there is virus scanner running and disable
it.
or
Check if there is a firewall like ISA Server that blocks the data
flow between the interface that XWall uses and the
interface that Exchange is bound.
or
Start MBAdmin, select View->Options->Exchange
and change the name of the Exchange server from localhost
to the name or IP address. If you are currently using a
IP address or a name , then change it to localhost. The
best is you try every combination and most likely one
will work.
or
Start System Manager (Exchange Admin) and select Recipient->Recipient
Policies.
Make sure you have not renamed the domain in the Default Policy.
Adding a new domain is no problem, but renaming the
default domain is not what Exchange likes.
or
Start System Manager (Exchange Admin) and select Servers->Your
Server->Protocol->SMTP->Default SMTP Virtual
Server->Properties.
In this dialog select the tab labeled Access and then
Authentication and make sure Anonymous
access or Basic Authentication is checked.
KBXW011
- Symptoms:
The logfile
shows Error: No Exchange server found at localhost
- Cause:
A SMTP server is responding, but it is not the one of Exchange.
The most common problems are:
- The SMTP server of the IIS ( Internet Information Server
) is running
- A proxy server with a virtual port mapping is active
- The IP address you specified is wrong
- Solution:
In a DOS box type telnet localhost 25
[enter]. You will then get a greeting line of the SMTP server which should give you
an idea what program is running.
Exchange 5.x
If the line reads something like
220 yourserver.yourdomain.com.com Microsoft
ESMTP MAIL Service, Version: 5.0.2195.1600 ready
rather than
220 yourserver.yourdomain.com.com
ESMTP Server (Microsoft Exchange Internet Mail Service 5.5.2653.13) ready
then the SMTP server of the IIS ( Internet Information Server ) is
running.
In Control Panel->Services look for a service called
Simple Mail Transport Protocol (SMTP)
and stop it and disable it. Then restart the Exchange IMS and it should work.
KBXW002
- Cause:
This error happens in Exchange 2000 when the Exchange
does feels responsible for your email domain. Usually this results because was installed using a different
domain than your email domain and so you need to manually
tell Exchange for which domain it is responsible.
KBXW003
- Symptoms:
The logfile shows 505 5.7.1
Client was not authenticated
- Cause:
Exchange 2000 does not allow Anonymous
access and so XWall is not able to connect to Exchange.
KBXW004
- Symptoms:
The logfile shows Error: No AUTH command in EHLO found, Authentication failed
- Cause:
Authentication is enabled in XWall, but yout Exchange
does not support authentication.
- Solution:
Start MBAdmin, select View->Options->Exchange and uncheck Exchange
needs authentication
KBXW013
- Symptoms:
XWall download the messages without
any problem but the files stuck in the MSG-IN directory
and XWall does not send them to Exchange.
- Cause:
There is an on-access virus scanner
running that blocks XWall from accessing the downloaded
files.
- Solution:
In your on-access scanner disable the scanning of the XWall directory and below.
Most scanners will never find a virus that is in a raw message file,
because they can not extract the attachments from the message and even if
they would find anything, they would confuse XWall more than it would help.
If you enable the virus scanner support in XWall, it will extract the attachments
and html pages from the message and call the scanner to scan it.
KBXW014
- Symptoms:
The logfile shows Error: No AUTH command in EHLO found,
Authentication failed
- Cause:
Authentication is enabled in XWall, but yout Exchange
does not support authentication.
- Solution:
Start MBAdmin, select View->Options->Exchange and uncheck
Exchange
needs authentication>
KBXW007
- Symptoms:
XWall is running as a console application without
any problems, but when running as a service errors are
reported.
- Cause:
The account you use to start the service does not have
enough rights to use RAS or the Internet or the Proxy.
- Solution:
Start the service with Administrator or the account you use
to logon onto NT and then it should work.
KBXW008
- Symptoms:
You have Windows 2000 and when running
XWall as a console application the last screen line is not
visible.
- Cause:
By default the Windows 2000 screen buffer size
height for a console application is set to 300 lines.
- Solution:
Select the Properties of the console and then
select the tab labeled Layout and change the Screen
Buffer Size Height to 25
KBXW009
- Symptoms:
XWall reports RAS problems when the Proxy server
opens the line.
- Cause:
You should run XWall over the proxy rather that use
the built in dial-up.
KBXW010
- Symptoms:
You have a AVM Fritz! or B1 ISDN
card and
- XWall reports: RAS port is not available
- XWall reports: Another application is using the
port
- NT server hangs after dialing
- Cause:
This is a problem of the driver for the FRITZ!
or B1 card
(most likely its the AVM NDIS WAN v1.0)
- Solution:
You need to completely de-install the driver and RAS (
including all registry entries with Clearreg and Cearsys
from AVM) and re-install the latest driver. This usually
fixes the problem.
You should run XWall over the proxy rather that use the
built in dial-up.
Information on how to configure your proxy can be found at
Additional
information for Using a Proxy server
Licensing Agreement
XWall ⌐ is copyrighted 1993-2002 by DataEnter,
Michael Kocum
This product and its documentation may not, in whole or in
part, be copied, reproduced, transmitted, transcribed, stored in
a retrieval system, or translated into any other natural or
computer language, in any form or by any means whatsoever, be it
electronic, mechanical, magnetic, optical, manual or otherwise,
without the prior written consent of DataEnter. DataEnter makes
no warranty or representation, either expressed or implied, with
respect to the product XWall and its documentation, their
quality, performance, merchantability, or fitness for a
particular purpose. DataEnter reserves the right to revise the
user's guide and make changes to the content without obligation
to notify any person or organization of such change. In no event
will DataEnter be liable for any direct, indirect, special,
incidental or consequential damages, real or imagined, resulting
from the use or purchase of this software. Under no
circumstances shall DataEnter's liability for damages exceed the
price paid for the software license. Should any remedy hereunder
be determined to have failed, all limitations of liability and
exclusion of damages set forth above shall remain in full force
and effect. The extent of the DataEnter's warranty for the
software and its documentation is limited to physical defects of
the distribution media containing the software. Contact
DataEnter to obtain return authorization for the replacement
diskette within 30 days of the original date of purchase. Any
further statement made by agents, employees, distributors or
dealers of DataEnter do not constitute warranties and are not
binding. No employee of DataEnter has the authority to modify
any portion of this warranty. All brand and product names we
refer to in the documentation are used solely for identification
purposes and may be trademarks of other companies.
DataEnter, (the licensor) grants the buyer (the licensee) the
right to use this copy of XWall (the program) on a single
computer at a single location servicing a single Exchange server
as long as the licensee complies with the terms of this license.
The licensor reserves the right to terminate this license if the
licensee violates any part of the agreement. The licensee agrees
to make copies of the program only for backup purposes. The
licensee agrees not to copy the documentation and to take all
necessary precautions to ensure that the backup copies of the
software are not distributed to or acquired by other parties.
Microsoft Exchange, Windows 95, Windows NT and Windows 98 are
a trademarks of Microsoft Corp.
History
- v3.01 1998-08-06
Released
- v3.02 1999-09-27
Fixed quoting in CSV file
Added optional removing of
Return-Receipt-To: for
inbound and outbound messages
Added dialup, SOCKS, ETRN and relaying
Added address translation to translate
e-mail domains, mailboxes or a complete
domain to one single address
- v3.03 1999-12-02
Removed Norton Anti Virus from the
supported scanner options, because it
does not return a proper errorlevel in
the newest versions
Added support to limit concurrent
connections
Added user defined message size limit
Added message compression when sending
to another XWall (30 - 80% depending of
the attachments in the message)
- v3.05 2000-02-25
Added support for forwarding to a group
of addresses and for recursive forwards
Fixed console screen when running as a
interactive service
Added workaround for Win2000 which
reports an error when shutting down the
service
- v3.06 2000-04-27
Fixed name server Auto Detect in Win2000
- v3.07 2000-05-08
Added blocking of a message by subject
to block viruses like "ILOVEYOU"
Added blocking of an outbound message by
attachment name
Added From: address to DNS messages
- v3.08 2000-07-18
Added the option to send a NDR when
blocking an inbound attachment or
subject
Added the option to check for a blocked
subject case sensitive and case
insensitive
Added support for CHUNKING (RFC 1830)
for better sending to an Exchange 2000
Added authentication for secure sending
to an Exchange 2000
Added complete support for RFC 1891 (
Delivers Status Notification)
Added signal to send the current logfile to postmaster
Added option to purge old logfiles
Updated option to remove return-receipt
for the new Exchange 2000 read receipt
- v3.09 2000-09-11
Fixed handling of a message with contains hundreds of sub messages
Added option to also deliver to the orignal e-mail address after forwarding
Added a workaround for servers that deny the RSET command
Added support for F-PROT 3.x anti-virus scanner
Added support for blocking a normalized subject
Added blocking of a message by message text
Added option to define static routes for specific e-mail domains
- v3.10 2000-10-27
Fixed handling of yahoo multipart messages where a blank line is missing
Added a switch to allow relaying for client from an internal IP address
Added support for command pipelining (RFC1854)
Added support for message chunking (RFC1830)
Added support for virus scanning of html pages
Fixed relaying for domains with a static route when a smart host was specified
- v3.11 2000-12-21
Fixed virus scanning with the newer versions of F-PROT
Added support for blocking based on ORBS spam list
- v3.12 2001-02-10
Added support for RFC 2554 ( SMTP AUTH LOGIN )
Added support for RFC 2595 ( SMTP AUTH PLAIN )
Added support for RFC 2195 ( SMTP AUTH CRAM-MD5 )
Added support for SMTP AUTH NTLM
Changed the default SMTP connection limit to 100 concurrent connections
- v3.13 2001-04-11
Changed the logfile to use UTF-8 rather than ASCII
Changed the .dat and .ini files to use ANSI and UTF-8 rather than ASCII
Changed the orbs blocking to use the new outputs.orbs.org
Changed the maps blocking to use the new dialups.mail-abuse.org and blackholes.mail-abuse.org
Changed the blocking of the subject to scan for strings rather than comparing from left to right
Changed the default action for a blocked inbound attachment to "discard"
Fixed the DNS query for the MX record to stop after the first server in the case a domain has no MX
Fixed the DNS query for the MX record to query for an A record even one of the DSN servers is down
Added support for messages encoded in UTF-7 and UTF-8
Added blocking based on string in the html part of a message
Added support for KOI8-R ( Russian ) and Big5 ( Chinese ) message decoding
Added support for code page 1255 ( Hebrew ) message decoding
- v3.14 2001-05-04
Fixed detection of Magistr virus
Changed the parsing of the header of a message to accept only a blank line with CRLF as end-of-header
Added the option to scan embedded TNEF ( WINMAIL.DAT ) for viruses
- v3.15 2001-06-07
Fixed decoding of messages with more than 40000 Content-Type definitions
Fixed console screen buffer handling when running on Windows 2000
Changed that no error is generated when the Exchange does not allow authentication
Added a check for an on-access virus scanner, because the scanner will block XWall from accessing its files
Added additional checking when reading queued messages from disk
Added checking of the senders domain as an optional spam check
- v3.16 2001-08-10
Fixed SMTP authentication with servers that announce only AUTH and PLAIN
Fixed a problem decoding the attachments of a multipart/related message
Fixed a bug when an out-of-range SMTP DATA command crashes XWall
Changed the default charset for non-deliver-messages from ISO-8859-1 to UTF-7
Removed support for the ORBS spam list, because the list is no longer working
Combined MAPS RBL, DUL and RSS into one lookup
Added inbound and outbound SMTP authentication
Added inbound SMTP authentication using NTLM
Added an option to relay messages for authenticated users ( allow XWall to act as a relay for POP3 clients )
Added infinite message loop detection
Added the option to manually define spam dns lookup services
Added the option to show real time statistic using MRTG (Multi Router Traffic Grapher)
Added "mark subject" as an action when a message is blocked
Added the option to automatically BCC every message to a specific e-mail address
Added the option to CC every blocked message to a specific e-mail address
- v3.17 2001-10-18
Fixed setting of the expiration time of a message when XWall restarts
Fixed the decoding so that it does not take forever to normalize a message with a very large body text
Changed definition of MAPS, because MAPS is now a pay service
Added user defined Spam Lookup Services
Added support for Sophos Anti-Virus 3.x
- v3.18 2001-11-29
Fixed detection of Aliz virus
Added the option to perform an online check for a new program version
Added the option to notify the postmaster in the case a new program version is available
Added the option to exclude email addresses from html/text/subject blocking
Added the option to exclude IP addresses from SLS/MAPS blocking
Added the option to remove the HTML part of a message
- v3.19 2002-02-27
Fixed the announcement of authentication in inbound ESMTP
Fixed the multiply host name announcement in ETRN
Fixed html remove with signed messages
Fixed auto detect of dns server when running under a user account
Added diagnostic logging for the virus scanner
Added a more verbose logging when blocking a message
Added support for RFC 2480
Added more verbose logging when blocking an IP address by using SLS
Added support for virus scanning in the EML message format
Added support for blocking files with a CLSID extension
Added support for SSL / TLS encryption
- v3.20 2002-05-03
Fixed blocking of attachments with an extension of .eml
Fixed HELO when ESMTP is disabled
Fixed html remove so that it works better with Exchange 5.x
Fixed deleting of the xxxx.tmp files after a invalid BDAT transfer
Changed the removing of the HTML formatting; making it more human readable
Added the option to mark the subject for BCC messages
Added the option to block e-mail addresses
Added the option to exclude e-mail addresses from blocking
Added the option to reassemble the messages for
protection against badly formatted messages and viruses
Added the option to block files with a dot as the last char ( file.vbs. )
Added the option to add a disclaimer to outgoing messages
Added the option to remove the TNEF part of a message
Added a check for an on-access virus scanner at startup
- v3.21 2002-05-30
Fixed html parser for <style> tag
Fixed decoding of utf-7 messages
Fixed a bug when a disclaimer with no blank line at the
beginning was added to a empty note text
Fixed a extra char problem when adding a disclaimer to a hmtl message
Fixed a special html char problem when adding a disclaimer to a hmtl message
Changed the handling of a SSL/TLS connection when the target host
has not CN (common name)
Added support for nested digest messages
Added a statistic file for spam blocking and virus
- v3.22 2002-08-09
Fixed domain validating when a relay host is defined
Fixed adding a disclaimer to a message/report
Fixed a timeout problem with SSL/TLS
Fixed decoding of an Unicode tnef attachment name
Changed the handling of a SSL/TLS connection when the target host has no CN
(common name)
Added a check at startup to make sure the SLS (Spam Lookup Services) are responding
( to prevent timeouts when queries a not working SLS )
Added the option to mark the subject for faked From: addresses
Added the option check the IP of the message header against SLS/MAPS
Added the IP address to the message that will be shown to the
sending server when blocked by MAPS/SLS
Added the option to define the temp path without changing the TEMP environment variable
- v3.23 2002-10-16
Fix: Encoding of foreign display name when body text is plain ASCII
Fix: HTML decoding is done before a check for a blocked string in the text
Fix: In a non-delivery report the header and the body text was sent back
rather than only the header
Fix: Contacted the authoritative name server of a domain even
when the local name server provided an authoritative answer
Fix: Decoding of Big5 HTML messages
Fix: Rotation of the logfile at midnight
Chg: ESC value for blocked text and blocked html from 5.7.0 to 5.9.7
New: Block a sending host with an invalid FQDN
( full qualified domain name ) in the HELO/EHLO
New: Block a sending host if no reverse lookup of the IP address exist ( missing DNS PTR )
New: Block all attachments
New: Check of the name server at startup to make sure it is working
New: Dump Mark Subject data to the logfile
New: More actions when detecting a SLS/RBL/MAPS message
New: More actions when text blocking a message
New: The logfile and the NDR now shows the SLS service and
the IP that blocked the message
New: XWall writes the SLS/RBL/MAPS blocking database and the IP address
of the sending host to the header of the message so that this information
is quickly available in Outlook
New: Block partial attachments (message/partial)
New: Field in the statistic file to indicate spam mail
New: Support for ISO-2022-JP (Japanese Characters)
New: Wildcards can be used for blocking attachments, text, HTML and subject
New: The logfile and the non-delivery-report now shows the line in
which a blocked string was found
New: Logging to screen is disabled when XWall runs as a service
New: Statistical approach with the Bayesian filter to filter out spam mails
- v3.24 2002-12-04
Fix: Typo in a delivery status notification
Fix: Sometimes the non-delivery report for blocked subject/text/HTML
showed the wrong string
Chg: XWall allows a CNAME as an MX records;
this is prohibited by RFC 1713 and 2181, but a lot of sites use it
Chg: Renamed "message loop" to "suspicious message",
because it's not always a looping message
New: XWall stops accepting messages when the disk has less then 20MB free space
New: /PROGRAM as argument for McAfee scanner
New: Verify FQDN only when the user is not authenticated
New: MRTG and statistic values for the count of blocked and spam messages
New: statistic values for the format of a message (HTML,TNEF,DSN,SIGN,ENCRYPT)
New: Exclusion by IP and e-mail address for SLS, Bayes,
dns verify, remove format and envelope
New: XWall shows now the name of the virus as long as the scanner
is able to give back this information
|
