Community Discussions and Support
'Wildcard' DOMAIN Filtering on Mercury

To be able to use MercuryS to receive mail you will first need to verify that your ISP allows access to port 25 (SMTP). If this is the case you will then need to point the MX record for your domain to the public address of your mail server. The MX record is expected to contain a hostname (like mail.mydomain.com), not a numerical IP address.

To be able to use MercuryS to receive mail you will first need to verify that your ISP allows access to port 25 (SMTP). If this is the case you will then need to point the MX record for your domain to the public address of your mail server. The MX record is expected to contain a hostname (like mail.mydomain.com), not a numerical IP address.

Hoping someone can help here... like many people I am inundated with spam email and although Pegasus does a good job filtering out most of the crud, I am regularly overcome with emails

from mailer type services that use variations on the same issuing domain. David Harris did reply previously to advise that Mercury can filter using a wildcard but the testing I have done confirms that 

this feature for Mercury will only work where the domain sits adjacent to the ampersand character ie.  @mailer.com

 

So, I had hoped to use a Killfile in conjunction with the Global Filtering rules withinin Mercury, to delete these emails . Two of the worst offfenders follow here : 

\MATCH *.mcdlv.net

\MATCH *.mcsv.net 

This is fine where the emails are of the following format : user@mcdlv.net /  user@mcsv.net

However, I appear unable to block any of the following from being intercepted by Mercury, using the MATCH instruction given above.

user@abc.mcdlv.net ,  user@abc.123.mcdlv.net , user@abc.123.xyz.mcdlv.net 

Does anyone know of a way to block these - alternatively, am I able to ask of the next version of Mercruy that the MATCH is all encompassing OR better still a new

MATCHALL command to delete these domain variants can be considered please? 

Thanks in advance for any help/guidance  offered. 

 Regards

 

 

<p>Hoping someone can help here... like many people I am inundated with spam email and although Pegasus does a good job filtering out most of the crud, I am regularly overcome with emails <span style="font-size: 10pt;"></span></p><p><span style="font-size: 10pt;">from mailer type services that use variations on the same issuing domain. David Harris did reply previously to advise that Mercury can filter using a wildcard but the testing I have done confirms that </span></p><p>this feature for Mercury will only work where the domain sits adjacent to the ampersand character ie.  @mailer.com</p><p> </p><p><span style="font-size: 10pt;">So, I had hoped to use a Killfile in conjunction with the Global Filtering rules withinin Mercury, to delete these emails . Two of the worst offfenders follow here : </span></p><p><span style="font-size: 10pt;">\MATCH *.mcdlv.net</span></p><p><span style="font-size: 10pt;">\MATCH *.mcsv.net</span><span style="font-size: 10pt;"> </span></p><p>This is fine where the emails are of the following format : user@mcdlv.net /  <span style="font-size: 10pt;">user@mcsv.net</span></p><p><b>However, I appear unable to block any of the following from being intercepted by Mercury, using the MATCH instruction given above.</b></p><p><b>user@abc.mcdlv.net ,  <span style="font-size: 10pt;">user@abc.123.mcdlv.net</span><span style="font-size: 10pt;"> , </span><span style="font-size: 10pt;">user@abc.123.xyz.mcdlv.net</span><span style="font-size: 10pt;"> </span></b></p><p>Does anyone know of a way to block these - alternatively, am I able to ask of the next version of Mercruy that the MATCH is all encompassing OR better still a new </p><p>MATCHALL command to delete these domain variants can be considered please? </p><p><span style="font-size: 10pt;">Thanks in advance for any help/guidance  offered. </span></p><p> Regards</p><p> </p><p> </p>

Why are you coding a period after the asterisk? The email addresses do not contain the period before the domain name.

Martin. 

<p>Why are you coding a period after the asterisk? The email addresses do not contain the period before the domain name.</p><p>Martin. </p>

Martin

Thanks for the reply...

>>The email addresses do not contain the period before the domain name. 

But they do!....... as per my examples :

user@abc.123.xyz.mcdlv.net  

                             *

 

 The RED asterisk '*' shown above is directly underneath the period in question. The primary domain is mcdlv.net NOT (in this example), abc.123.xyz.mcdlv.net - which is what I have termed a 'variant' of the primary domain name...

I have tried various combinations and it just so happens what I have copied here is what I have taken from the 'killfile' and is what I had hoped

would work for the variants described... because the mails I am trying to avoid are those where there is a period in front of the actual domain name that we are trying to filter. (..is that clear ? ;-)

 NOTE : you have stated 'after the ASTERISK', I stated ampersand - but, what we are both referring to is actually the @ character

<p>Martin</p> <p>Thanks for the reply...</p> <p>>><span style="font-family: Tahoma, Arial, Helvetica; font-size: 12px;">The email addresses do not contain the period before the domain name. </span></p> <p><span style="font-family: Tahoma, Arial, Helvetica; font-size: 12px;"></span><span style="font-size: 10pt;">But they do!....... as per my examples :</span></p> <p><b style="font-family: Tahoma, Arial, Helvetica; font-size: 12px;"><span style="font-size: 10pt;">user@abc.123.xyz.mcdlv.net</span><span style="font-size: 10pt;"> </span></b> </p> <p>                             <span style="color: red; font-size: 10pt;">*</span></p><p> </p> <p> The RED asterisk '*' shown above is directly underneath the period in question. The <i>primary </i>domain is mcdlv.net NOT (in this example), <span style="font-family: Tahoma, Arial, Helvetica; font-size: 12px;"><span style="font-size: 10pt;">abc.123.xyz.mcdlv.net - which is what I have termed a 'variant' of the <i>primary </i>domain name...</span></span></p> <p>I have tried various combinations and it just so happens what I have copied here is what I have taken from the 'killfile' and is what I <b><u>had</u></b> hoped </p> <p>would work for the variants described... because the mails I am trying to avoid are those where there is a period in front of the actual domain name that we are trying to filter. (..is that clear ? ;-)</p> <p> NOTE : you have stated 'after the ASTERISK', I stated ampersand - but, what we are both referring to is actually the @ character</p> <p>G </p>

If that is the string you are trying to filter I would suggest:

*@*.domainName

Martin 

<p>If that is the string you are trying to filter I would suggest:</p><p>*@*.domainName</p><p>Martin </p>

Regretably, this proposal doesnt work...

 

Thanks for the suggestion... any other suggestions welcomed....! 

<p>Regretably, this proposal doesnt work...</p><p> </p><p>Thanks for the suggestion... any other suggestions welcomed....! </p>

Assuming the same domain name is used in MAIL FROM in the SMTP envelope I would suggest using the transaction-level expression filter (MercuryS configuration / Compliance):

M, "*.mcdlv.net*", R, "554 Domain blocked due to previous spamming."

 

<p>Assuming the same domain name is used in MAIL FROM in the SMTP envelope I would suggest using the transaction-level expression filter (MercuryS configuration / Compliance):</p><p>M, "*.mcdlv.net*", R, "554 Domain blocked due to previous spamming."</p><p> </p>

Hello again, I wrote a little test and the results are below. I am not using Mercury Regular Expressions but a unix lookalike.

Looking at: user@mcdlv.net   (* Okay format *)

using mask: ?*\@?*.mcdlv.net

Length of data: 0

 

using mask: ?*\@?*.mcdlv.net  

Looking in: user@abc.mcdlv.net(* domain name enlarged *)

Found: user@abc.mcdlv.net

String found at: 1

Length of data: 18

 

Looking in: user@abc.123.mcdlv.net   (* domain name enlarged *)

using mask: ?*\@?*.mcdlv.net

Found: user@abc.123.mcdlv.net

String found at: 1

Length of data: 22

 

Looking in: user@abc.123.xyz.mcdlv.net                  (* domain name enlarged *)

using mask: ?*\@?*.mcdlv.net

Found: user@abc.123.xyz.mcdlv.net

String found at: 1

Length of data: 26

This is slightly different to my first suggestion. The ?* indicates any character followed by any number of characters. The\@ is to code the @ sign in escaped form. The following ?*. looks for any character repeated any number of times followed by .mcdlv.net

The same Mask value was used in each test. All you seem to need is the Mercury equivalent of this mask.

Martin 

 

 

<p>Hello again, I wrote a little test and the results are below. I am not using Mercury Regular Expressions but a unix lookalike.</p><p>Looking at: user@mcdlv.net   (* Okay format *)</p><p>using mask: ?*\@?*.mcdlv.net</p><p>Length of data: 0</p><p> </p><p>using mask: ?*\@?*.mcdlv.net  </p><p>Looking in: user@abc.mcdlv.net<span style="font-size: 10pt;">(* domain name enlarged *)</span></p><p>Found: user@abc.mcdlv.net</p><p>String found at: 1</p><p>Length of data: 18</p><p> </p><p>Looking in: user@abc.123.mcdlv.net   <span style="font-size: 10pt;">(* domain name enlarged *)</span></p><p>using mask: ?*\@?*.mcdlv.net</p><p>Found: user@abc.123.mcdlv.net</p><p>String found at: 1</p><p>Length of data: 22</p><p> </p><p>Looking in: user@abc.123.xyz.mcdlv.net                  <span style="font-size: 10pt;">(* domain name enlarged *)</span></p><p>using mask: ?*\@?*.mcdlv.net</p><p>Found: user@abc.123.xyz.mcdlv.net</p><p>String found at: 1</p><p>Length of data: 26</p><p>This is slightly different to my first suggestion. The ?* indicates any character followed by any number of characters. The\@ is to code the @ sign in escaped form. The following ?*. looks for any character repeated any number of times followed by .mcdlv.net</p><p>The same Mask value was used in each test. All you seem to need is the Mercury equivalent of this mask.</p><p>Martin </p><p> </p><p> </p>

this looks very encouraging ! Thank you for the effort here....

The only remaining question is : who would know what the Mercury equivalent of this mask would be...? David himself perhaps... ?

 

 

<p>this looks very encouraging ! Thank you for the effort here.... </p><p>The only remaining question is : who would know what the Mercury equivalent of this mask would be...? David himself perhaps... ?</p><p> </p><p> </p>

[quote user="Rolf Lindby"]

Assuming the same domain name is used in MAIL FROM in the SMTP envelope I would suggest using the transaction-level expression filter (MercuryS configuration / Compliance):

M, "*.mcdlv.net*", R, "554 Domain blocked due to previous spamming."

 

[/quote]

 

Hi

I am and have been using Mercury C (SMTP Relay Client)  and Mercury D (POP3 Distributing Client) modules for many years with great success.

Following your suggestion I have now added the Mercury S module in order to use the Compliance feature... is there anything else I need to

configure in Mercury S, because it doesnt seem to be doing anything at all... no messages in the panels etc.

 

Thank you.

 

[quote user="Rolf Lindby"]<p>Assuming the same domain name is used in MAIL FROM in the SMTP envelope I would suggest using the transaction-level expression filter (MercuryS configuration / Compliance):</p><p>M, "*.mcdlv.net*", R, "554 Domain blocked due to previous spamming."</p><p> </p><p>[/quote]</p><p> </p><p style="font-family: Tahoma, Arial, Helvetica; font-size: 12px;">Hi</p><p style="font-family: Tahoma, Arial, Helvetica; font-size: 12px;">I am and have been using Mercury C (SMTP Relay Client)  and Mercury D (POP3 Distributing Client) modules for many years with great success.</p><p style="font-family: Tahoma, Arial, Helvetica; font-size: 12px;">Following your suggestion I have now added the Mercury S module in order to use the Compliance feature... is there anything else I need to</p><p style="font-family: Tahoma, Arial, Helvetica; font-size: 12px;">configure in Mercury S, because it doesnt seem to be doing anything at all... no messages in the panels etc.</p><p style="font-family: Tahoma, Arial, Helvetica; font-size: 12px;"> </p><p style="font-family: Tahoma, Arial, Helvetica; font-size: 12px;">Thank you.</p><p><span style="font-family: Tahoma, Arial, Helvetica; font-size: 12px;">G </span> </p>

[quote user="irelam"]

Hello again, I wrote a little test and the results are below. I am not using Mercury Regular Expressions but a unix lookalike.

Looking at: user@mcdlv.net   (* Okay format *)

using mask: ?*\@?*.mcdlv.net

Length of data: 0

 

using mask: ?*\@?*.mcdlv.net  

Looking in: user@abc.mcdlv.net(* domain name enlarged *)

Found: user@abc.mcdlv.net

String found at: 1

Length of data: 18

 

Looking in: user@abc.123.mcdlv.net   (* domain name enlarged *)

using mask: ?*\@?*.mcdlv.net

Found: user@abc.123.mcdlv.net

String found at: 1

Length of data: 22

 

Looking in: user@abc.123.xyz.mcdlv.net                  (* domain name enlarged *)

using mask: ?*\@?*.mcdlv.net

Found: user@abc.123.xyz.mcdlv.net

String found at: 1

Length of data: 26

This is slightly different to my first suggestion. The ?* indicates any character followed by any number of characters. The\@ is to code the @ sign in escaped form. The following ?*. looks for any character repeated any number of times followed by .mcdlv.net

The same Mask value was used in each test. All you seem to need is the Mercury equivalent of this mask.

Martin 

 

 

[/quote]

 

this looks very encouraging ! Thank you for the effort here....

The only remaining question is : who would know what the Mercury equivalent of this mask would be...? David himself perhaps... ? 

[quote user="irelam"]<p>Hello again, I wrote a little test and the results are below. I am not using Mercury Regular Expressions but a unix lookalike.</p><p>Looking at: user@mcdlv.net   (* Okay format *)</p><p>using mask: ?*\@?*.mcdlv.net</p><p>Length of data: 0</p><p> </p><p>using mask: ?*\@?*.mcdlv.net  </p><p>Looking in: user@abc.mcdlv.net<span style="font-size: 10pt;">(* domain name enlarged *)</span></p><p>Found: user@abc.mcdlv.net</p><p>String found at: 1</p><p>Length of data: 18</p><p> </p><p>Looking in: user@abc.123.mcdlv.net   <span style="font-size: 10pt;">(* domain name enlarged *)</span></p><p>using mask: ?*\@?*.mcdlv.net</p><p>Found: user@abc.123.mcdlv.net</p><p>String found at: 1</p><p>Length of data: 22</p><p> </p><p>Looking in: user@abc.123.xyz.mcdlv.net                  <span style="font-size: 10pt;">(* domain name enlarged *)</span></p><p>using mask: ?*\@?*.mcdlv.net</p><p>Found: user@abc.123.xyz.mcdlv.net</p><p>String found at: 1</p><p>Length of data: 26</p><p>This is slightly different to my first suggestion. The ?* indicates any character followed by any number of characters. The\@ is to code the @ sign in escaped form. The following ?*. looks for any character repeated any number of times followed by .mcdlv.net</p><p>The same Mask value was used in each test. All you seem to need is the Mercury equivalent of this mask.</p><p>Martin </p><p> </p><p> </p><p>[/quote]</p><p> </p><p style="font-family: Tahoma, Arial, Helvetica; font-size: 12px;">this looks very encouraging ! Thank you for the effort here....</p><p><span style="font-family: Tahoma, Arial, Helvetica; font-size: 12px;">The only remaining question is : who would know what the Mercury equivalent of this mask would be...? David himself perhaps... ?</span> </p>

To be able to use MercuryS for receiving mail you will need to point the MX record for your domain to the Internet address of the Mercury server. If this isn't possible, for instance if the Internet provider won't allow access to port 25, you are unfortunately stuck with collecting mail from a domain mailbox hosted by some other party. 

To be able to use MercuryS for receiving mail you will need to point the MX record for your domain to the Internet address of the Mercury server. If this isn't possible, for instance if the Internet provider won't allow access to port 25, you are unfortunately stuck with collecting mail from a domain mailbox hosted by some other party. 

Could a global rule work here, specifically an expression rule (they accepts wild cards)?  For example, if you wanted to detect the existence of "sam" anywhere in the From: header you would create an expressing rule that detects:

From:*sam*

Obviously you would need to create the rule specific to the header and content you need to detect.

<p>Could a global rule work here, specifically an expression rule (they accepts wild cards)?  For example, if you wanted to detect the existence of "sam" anywhere in the From: header you would create an expressing rule that detects:</p><p>From:*sam*</p><p>Obviously you would need to create the rule specific to the header and content you need to detect. </p>

[quote user="bfluet"]

Could a global rule work here, specifically an expression rule (they accepts wild cards)?  For example, if you wanted to detect the existence of "sam" anywhere in the From: header you would create an expressing rule that detects:

From:*sam*

Obviously you would need to create the rule specific to the header and content you need to detect.

[/quote]

See my very first post - I currently use a Killfile in Global Rules....  but the MATCH command used in this file does not seem to like the format of wildcard characters I require to filter out these domains...

Becuase of the number of domains I want to avoid - I figured a flat file would be preferable as opposed to writing a new rule for each and every domain I encounter..

[quote user="bfluet"]<p>Could a global rule work here, specifically an expression rule (they accepts wild cards)?  For example, if you wanted to detect the existence of "sam" anywhere in the From: header you would create an expressing rule that detects:</p><p>From:*sam*</p><p>Obviously you would need to create the rule specific to the header and content you need to detect. </p><p>[/quote]</p><p>See my very first post - I currently use a Killfile in <b><u>Global Rules</u></b>....  but the MATCH command used in this file does not seem to like the format of wildcard characters I require to filter out these domains...</p><p>Becuase of the number of domains I want to avoid - I figured a flat file would be preferable as opposed to writing a new rule for each and every domain I encounter..</p>

[quote user="GJT"]

See my very first post - I currently use a Killfile in Global Rules....

 but the MATCH command used in this file does not seem to like the

format of wildcard characters I require to filter out these domains...

Becuase

of the number of domains I want to avoid - I figured a flat file would

be preferable as opposed to writing a new rule for each and every domain

I encounter..

[/quote]

It looks as though you need to end each expression with a closure (i.e, another asterisk).

So, to filter out everything from any system within the domain mcdlv.net, you need to use the expression \MATCH *mcdlv.net*

The reason for this is that the match expression must match the *entire* address string: as the address string is probably enclosed in angle brackets (like "<user1@mcdlv.net>"), without the trailing closure, the closing '>' will prevent the match.

It would probably be good to have the rule engine perform complete address reduction on the addresses before attempting the match: I'll consider doing that, although like everything to do with a program that has been around for so long, I'll want to do some testing on it to make sure it doesn't impact too many existing rule sets.

Cheers!

-- David --

[quote user=&quot;GJT&quot;]&lt;p&gt;See my very first post - I currently use a Killfile in &lt;b&gt;&lt;u&gt;Global Rules&lt;/u&gt;&lt;/b&gt;.... &amp;nbsp;but the MATCH command used in this file does not seem to like the format of wildcard characters I require to filter out these domains...&lt;/p&gt;&lt;p&gt;Becuase of the number of domains I want to avoid - I figured a flat file would be preferable as opposed to writing a new rule for each and every domain I encounter..&lt;/p&gt;[/quote] It looks as though you need to end each expression with a closure (i.e, another asterisk). So, to filter out everything from any system within the domain mcdlv.net, you need to use the expression \MATCH *mcdlv.net* The reason for this is that the match expression must match the *entire* address string: as the address string is probably enclosed in angle brackets (like &quot;&amp;lt;user1@mcdlv.net&amp;gt;&quot;), without the trailing closure, the closing &#039;&amp;gt;&#039; will prevent the match. It would probably be good to have the rule engine perform complete address reduction on the addresses before attempting the match: I&#039;ll consider doing that, although like everything to do with a program that has been around for so long, I&#039;ll want to do some testing on it to make sure it doesn&#039;t impact too many existing rule sets. Cheers! -- David --

David

Thanks for the response.... however.... despite your suggestion : \MATCH *mcdlv.net* , the following got through .... which specific address entries in the headers of the email does Mercury check the Killfile entries against?...
The email header in question follows below....

Thanks

Guy

 

============================================== 

Received: from spooler by palatineprecision.co.uk (Mercury/32 v4.73); 4 Feb 2014 11:13:38 -0000

X-Envelope-To: sales@palatineprecision.co.uk

Received: from POP3D by palatineprecision.co.uk with MercuryD (v4.73); 4 Feb 2014 11:13:19 -0000

Return-path: <bounce-mc.us4_9445429.697433-sales=palatineprecision.co.uk@mail48.wdc01.mcdlv.net>

Delivery-date: Tue, 04 Feb 2014 11:12:56 +0000

Received: from [205.201.129.48] (helo=mail48.wdc01.mcdlv.net)

by athena.hosts.co.uk with esmtp (Exim 4.80.1)

(envelope-from <bounce-mc.us4_9445429.697433-sales=palatineprecision.co.uk@mail48.wdc01.mcdlv.net>)

id 1WAdvz-0000Y2-3q

for sales@palatineprecision.co.uk; Tue, 04 Feb 2014 11:12:56 +0000

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=k1; d=mail48.wdc01.mcdlv.net;

 h=Subject:From:Reply-To:To:Date:Message-ID:List-Unsubscribe:Sender:Content-Type:MIME-Version; i=enquiries=3Dqimtek.co.uk@mail48.wdc01.mcdlv.net;

 bh=zmlzrozk3XGZYY1ZIGRWmZv1d9o=;

 b=YJzc291hb1biVRfPle13L6R2v8VF9yKyfuH9PdeiDZeE1dsvt8x3hcVlc3AVPPHXoLj9WlhMSiwh

   b+bAXyXsZLmYCwZRKcqf2XbZNzEYTsEdiiKXi5XNGMAzLxpIqFgLrpQt2M80uoj4mYRVDp/MjOwK

   gpXZ0Dgwl/gQp9cGvgI=

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=k1; d=mail48.wdc01.mcdlv.net;

 b=YDVRys0UpF9pss5HojecqQ7Lte2GVn5LA+skMFpGTr93AJ/zi9pp+nDzM8VQHx3YxiuirFHQ/tgS

   Ou9qBwm9oyaKoihQ37gaY6eocHbtKnlfiDmkOIy1VPIyN1UY1DoW4PnJ91WRsoxbPTvoXkMamTOk

   V3AmwBgStthkyLvQSFI=;

Received: from (127.0.0.1) by mail48.wdc01.mcdlv.net id hu35je174e0o for <sales@palatineprecision.co.uk>; Tue, 4 Feb 2014 11:03:28 +0000 (envelope-from <bounce-mc.us4_9445429.697433-sales=palatineprecision.co.uk@mail48.wdc01.mcdlv.net>)

Subject: =?utf-8?Q?Update=20Your=20FREE=20Engineering=20Supplier=20Listing...?=

From: =?utf-8?Q?Qimtek=20Supplier=20Directory?= <enquiries@qimtek.co.uk>

Reply-To: =?utf-8?Q?Qimtek=20Supplier=20Directory?= <enquiries@qimtek.co.uk>

To: =?utf-8?Q?Guy?= <sales@palatineprecision.co.uk>

Date: Tue, 4 Feb 2014 11:03:28 +0000

Message-ID: <91ccbcc0b80e912f9899485924affa29bab.20140204110257@mail48.wdc01.mcdlv.net>

X-Mailer: MailChimp Mailer - **CIDc7210877424affa29bab**

X-Campaign: mailchimp91ccbcc0b80e912f989948592.c721087742

X-campaignid: mailchimp91ccbcc0b80e912f989948592.c721087742

X-Report-Abuse: Please report abuse for this campaign here: http://www.mailchimp.com/abuse/abuse.phtml?u=91ccbcc0b80e912f989948592&id=c721087742&e=4affa29bab

X-MC-User: 91ccbcc0b80e912f989948592

X-Feedback-ID: 9445429:9445429.697433:us4:mc

x-accounttype: pd

List-Unsubscribe: <mailto:unsubscribe-91ccbcc0b80e912f989948592-c721087742-4affa29bab@mailin1.us2.mcsv.net?subject=unsubscribe>, <http://qimtek.us4.list-manage.com/unsubscribe?u=91ccbcc0b80e912f989948592&id=f38e9d5980&e=4affa29bab&c=c721087742>

Sender: "Qimtek Supplier Directory" <enquiries=qimtek.co.uk@mail48.wdc01.mcdlv.net>

x-mcda: FALSE

Content-Type: multipart/alternative; boundary="_----------=_MCPart_1333020285"

MIME-Version: 1.0

X-namesco: 192.168.0.112

X-Spam-Score: 1.3 (+)

X-Original-To: sales@palatineprecision.co.uk

X-UC-Weight: [#   ] 50

X-CC-Diagnostic: Subject matches "*/cFREE[E!*, ]*" (50)

X-PMFLAGS: 570949952 0 16646145 YEPMTRP5.CNM                

 

&lt;p&gt;David&lt;/p&gt;&lt;p&gt;Thanks for the response.... however.... despite your suggestion :&amp;nbsp;&lt;span style=&quot;font-family: Tahoma, Arial, Helvetica; background-color: rgb(221, 221, 221);&quot;&gt;\MATCH *mcdlv.net*&lt;/span&gt;&amp;nbsp;, the following got through .... which&lt;b&gt; specific address entries&lt;/b&gt; in the headers of the email does Mercury check the Killfile entries against?... The email header in question follows below....&lt;/p&gt;&lt;p&gt;Thanks&lt;/p&gt;&lt;p&gt;Guy&lt;/p&gt;&lt;p&gt;&amp;nbsp;&lt;/p&gt;&lt;p&gt;==============================================&amp;nbsp;&lt;/p&gt;&lt;p&gt;Received: from spooler by palatineprecision.co.uk (Mercury/32 v4.73); 4 Feb 2014 11:13:38 -0000&lt;/p&gt;&lt;p&gt;X-Envelope-To: sales@palatineprecision.co.uk&lt;/p&gt;&lt;p&gt;Received: from POP3D by palatineprecision.co.uk with MercuryD (v4.73); 4 Feb 2014 11:13:19 -0000&lt;/p&gt;&lt;p&gt;Return-path: &amp;lt;bounce-mc.us4_9445429.697433-sales=palatineprecision.co.uk@mail48.wdc01.mcdlv.net&amp;gt;&lt;/p&gt;&lt;p&gt;Delivery-date: Tue, 04 Feb 2014 11:12:56 +0000&lt;/p&gt;&lt;p&gt;Received: from [205.201.129.48] (helo=mail48.wdc01.mcdlv.net)&lt;/p&gt;&lt;p&gt;&lt;span class=&quot;Apple-tab-span&quot; style=&quot;white-space:pre&quot;&gt; &lt;/span&gt;by athena.hosts.co.uk with esmtp (Exim 4.80.1)&lt;/p&gt;&lt;p&gt;&lt;span class=&quot;Apple-tab-span&quot; style=&quot;white-space:pre&quot;&gt; &lt;/span&gt;(envelope-from &amp;lt;bounce-mc.us4_9445429.697433-sales=palatineprecision.co.uk@mail48.wdc01.mcdlv.net&amp;gt;)&lt;/p&gt;&lt;p&gt;&lt;span class=&quot;Apple-tab-span&quot; style=&quot;white-space:pre&quot;&gt; &lt;/span&gt;id 1WAdvz-0000Y2-3q&lt;/p&gt;&lt;p&gt;&lt;span class=&quot;Apple-tab-span&quot; style=&quot;white-space:pre&quot;&gt; &lt;/span&gt;for sales@palatineprecision.co.uk; Tue, 04 Feb 2014 11:12:56 +0000&lt;/p&gt;&lt;p&gt;DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=k1; d=mail48.wdc01.mcdlv.net;&lt;/p&gt;&lt;p&gt;&amp;nbsp;h=Subject:From:Reply-To:To:Date:Message-ID:List-Unsubscribe:Sender:Content-Type:MIME-Version; i=enquiries=3Dqimtek.co.uk@mail48.wdc01.mcdlv.net;&lt;/p&gt;&lt;p&gt;&amp;nbsp;bh=zmlzrozk3XGZYY1ZIGRWmZv1d9o=;&lt;/p&gt;&lt;p&gt;&amp;nbsp;b=YJzc291hb1biVRfPle13L6R2v8VF9yKyfuH9PdeiDZeE1dsvt8x3hcVlc3AVPPHXoLj9WlhMSiwh&lt;/p&gt;&lt;p&gt;&amp;nbsp; &amp;nbsp;b+bAXyXsZLmYCwZRKcqf2XbZNzEYTsEdiiKXi5XNGMAzLxpIqFgLrpQt2M80uoj4mYRVDp/MjOwK&lt;/p&gt;&lt;p&gt;&amp;nbsp; &amp;nbsp;gpXZ0Dgwl/gQp9cGvgI=&lt;/p&gt;&lt;p&gt;DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=k1; d=mail48.wdc01.mcdlv.net;&lt;/p&gt;&lt;p&gt;&amp;nbsp;b=YDVRys0UpF9pss5HojecqQ7Lte2GVn5LA+skMFpGTr93AJ/zi9pp+nDzM8VQHx3YxiuirFHQ/tgS&lt;/p&gt;&lt;p&gt;&amp;nbsp; &amp;nbsp;Ou9qBwm9oyaKoihQ37gaY6eocHbtKnlfiDmkOIy1VPIyN1UY1DoW4PnJ91WRsoxbPTvoXkMamTOk&lt;/p&gt;&lt;p&gt;&amp;nbsp; &amp;nbsp;V3AmwBgStthkyLvQSFI=;&lt;/p&gt;&lt;p&gt;Received: from (127.0.0.1) by mail48.wdc01.mcdlv.net id hu35je174e0o for &amp;lt;sales@palatineprecision.co.uk&amp;gt;; Tue, 4 Feb 2014 11:03:28 +0000 (envelope-from &amp;lt;bounce-mc.us4_9445429.697433-sales=palatineprecision.co.uk@mail48.wdc01.mcdlv.net&amp;gt;)&lt;/p&gt;&lt;p&gt;Subject: =?utf-8?Q?Update=20Your=20FREE=20Engineering=20Supplier=20Listing...?=&lt;/p&gt;&lt;p&gt;From: =?utf-8?Q?Qimtek=20Supplier=20Directory?= &amp;lt;enquiries@qimtek.co.uk&amp;gt;&lt;/p&gt;&lt;p&gt;Reply-To: =?utf-8?Q?Qimtek=20Supplier=20Directory?= &amp;lt;enquiries@qimtek.co.uk&amp;gt;&lt;/p&gt;&lt;p&gt;To: =?utf-8?Q?Guy?= &amp;lt;sales@palatineprecision.co.uk&amp;gt;&lt;/p&gt;&lt;p&gt;Date: Tue, 4 Feb 2014 11:03:28 +0000&lt;/p&gt;&lt;p&gt;Message-ID: &amp;lt;91ccbcc0b80e912f9899485924affa29bab.20140204110257@mail48.wdc01.mcdlv.net&amp;gt;&lt;/p&gt;&lt;p&gt;X-Mailer: MailChimp Mailer - **CIDc7210877424affa29bab**&lt;/p&gt;&lt;p&gt;X-Campaign: mailchimp91ccbcc0b80e912f989948592.c721087742&lt;/p&gt;&lt;p&gt;X-campaignid: mailchimp91ccbcc0b80e912f989948592.c721087742&lt;/p&gt;&lt;p&gt;X-Report-Abuse: Please report abuse for this campaign here: http://www.mailchimp.com/abuse/abuse.phtml?u=91ccbcc0b80e912f989948592&amp;amp;id=c721087742&amp;amp;e=4affa29bab&lt;/p&gt;&lt;p&gt;X-MC-User: 91ccbcc0b80e912f989948592&lt;/p&gt;&lt;p&gt;X-Feedback-ID: 9445429:9445429.697433:us4:mc&lt;/p&gt;&lt;p&gt;x-accounttype: pd&lt;/p&gt;&lt;p&gt;List-Unsubscribe: &amp;lt;mailto:unsubscribe-91ccbcc0b80e912f989948592-c721087742-4affa29bab@mailin1.us2.mcsv.net?subject=unsubscribe&amp;gt;, &amp;lt;http://qimtek.us4.list-manage.com/unsubscribe?u=91ccbcc0b80e912f989948592&amp;amp;id=f38e9d5980&amp;amp;e=4affa29bab&amp;amp;c=c721087742&amp;gt;&lt;/p&gt;&lt;p&gt;Sender: &quot;Qimtek Supplier Directory&quot; &amp;lt;enquiries=qimtek.co.uk@mail48.wdc01.mcdlv.net&amp;gt;&lt;/p&gt;&lt;p&gt;x-mcda: FALSE&lt;/p&gt;&lt;p&gt;Content-Type: multipart/alternative; boundary=&quot;_----------=_MCPart_1333020285&quot;&lt;/p&gt;&lt;p&gt;MIME-Version: 1.0&lt;/p&gt;&lt;p&gt;X-namesco: 192.168.0.112&lt;/p&gt;&lt;p&gt;X-Spam-Score: 1.3 (+)&lt;/p&gt;&lt;p&gt;X-Original-To: sales@palatineprecision.co.uk&lt;/p&gt;&lt;p&gt;X-UC-Weight: [# &amp;nbsp; ] 50&lt;/p&gt;&lt;p&gt;X-CC-Diagnostic: Subject matches &quot;*/cFREE[E!*, ]*&quot; (50)&lt;/p&gt;&lt;p&gt;X-PMFLAGS: 570949952 0 16646145 YEPMTRP5.CNM &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp;&lt;/p&gt;&lt;p&gt;&amp;nbsp;&lt;/p&gt;

[quote user="GJT"]

Thanks for the response.... however.... despite your suggestion : \MATCH *mcdlv.net* , the following got through .... which specific address entries in the headers of the email does Mercury check the Killfile entries against?...

The email header in question follows below....

[/quote]

It checks the From: and Reply-to fields only. It does not check the "Sender" field, which would have been required to catch this example. A quick look at the Mercury code suggests that changing this is a larger job than I'm willing to undertake so near to a significant release (v4.8 is in gold release candidate testing at the moment).

In fairness, the listscan rule action was never intended for use as a rigorous anti-spam measure: the feature in the program most suited to your purpose is the MercuryS killfile or transaction filtering options, but of course they're not much help in your case because you're using MercuryD. I'm happy to consider adding a blacklisting capability to MercuryD for the next release, but regrettably it's just too late to get it into v4.8.

Cheers!

-- David --

[quote user=&quot;GJT&quot;] Thanks for the response.... however.... despite your suggestion :&amp;nbsp;&lt;span style=&quot;font-family: Tahoma, Arial, Helvetica; background-color: rgb(221, 221, 221);&quot;&gt;\MATCH *mcdlv.net*&lt;/span&gt;&amp;nbsp;, the following got through .... which&lt;b&gt; specific address entries&lt;/b&gt; in the headers of the email does Mercury check the Killfile entries against?... &lt;p&gt;The email header in question follows below....&lt;/p&gt;[/quote] It checks the From: and Reply-to fields only. It does not check the &quot;Sender&quot; field, which would have been required to catch this example. A quick look at the Mercury code suggests that changing this is a larger job than I&#039;m willing to undertake so near to a significant release (v4.8 is in gold release candidate testing at the moment). In fairness, the listscan rule action was never intended for use as a rigorous anti-spam measure: the feature in the program most suited to your purpose is the MercuryS killfile or transaction filtering options, but of course they&#039;re not much help in your case because you&#039;re using MercuryD. I&#039;m happy to consider adding a blacklisting capability to MercuryD for the next release, but regrettably it&#039;s just too late to get it into v4.8. Cheers! -- David --

OK David, the blacklist feature against <Sender> would be a great help here.... please add to your list for the next release of Mercury..

On another note.... am I able to configure Mercury S for use on my system in order to use the killfile and transaction level processing in the short term...?

What are the prerequisites to use Mercury S?
...............I have an ISP that provides my internet/broadband connection . Mercury sits on a Windows Vista PC (my dedicated mail server machine), and I have configured Mercury D to poll every minute to retrieve email from the hosted domain.

Mercury SMTP delivers to users' mailboxes on our LAN.

Will Mercury S work on this setup and are the config. changes required extensive to get this to work.. ?


&lt;p&gt;OK David, the blacklist feature against &amp;lt;Sender&amp;gt; would be a great help here.... please add to your list for the next release of Mercury..&lt;/p&gt;&lt;p&gt;&lt;span style=&quot;font-size: 10pt;&quot;&gt;On another note.... am I able to configure Mercury S for use on my system in order to use the killfile and transaction level processing in the short term...?&lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style=&quot;font-size: 10pt;&quot;&gt;What are the prerequisites to use Mercury S? &lt;/span&gt;&lt;span style=&quot;font-size: 10pt;&quot;&gt;...............I have an ISP that provides my internet/broadband connection . Mercury sits on a Windows Vista PC (my dedicated mail server machine), and I have configured Mercury D to poll every minute to retrieve email from the hosted domain. &lt;/span&gt;&lt;/p&gt;&lt;p&gt;&lt;span style=&quot;font-size: 10pt;&quot;&gt;Mercury SMTP delivers to users&#039; mailboxes on our LAN.&lt;/span&gt;&lt;/p&gt;&lt;p&gt;Will Mercury S work on this setup and are the config. changes required extensive to get this to work.. ?&lt;/p&gt;&lt;p&gt; &lt;/p&gt;
live preview
enter atleast 10 characters
WARNING: You mentioned %MENTIONS%, but they cannot see this message and will not be notified
Saving...
Saved
With selected deselect posts show selected posts
All posts under this topic will be deleted ?
Pending draft ... Click to resume editing
Discard draft