I was using Pegasus Mail in the 90's and recently
decided to look at it again. The author's web site
is http://www.pmail.com and he has continued its
development into something incredibly useful.
Most amazing of all is that he keeps it free by only
selling the documentation..

Anyway, in addition to its neat automatic spam
content filter, you can create and utilize custom
filters which will in fact filter everything and do so
on the server side, if you tell it to. I figured it all
out in one night using the HELP INDEX included
with Pegasus Mail.

The filter file I created is called spam.pnp and it
contains an IP listing of mail servers known for
spam which still make their way through the black
lists that the network servers rely on. You place
the list in the PMAIL\MAIL\ADMIN directory
and then tell Pegasus Mail to reference the file
for your filter. The spam list I created will be
continously updated and made available here:

http://www.widders.com/spam.pnp

SPAM
If expression headers matches "*218.5[0-5].*.*" DeleteOnServer ""
If expression headers matches "*24.207.[12]*.*" DeleteOnServer ""
If expression headers matches "*211.2[01]*.*.*" DeleteOnServer ""
If expression headers matches "*141.1[45]*.*.*" DeleteOnServer ""
If expression headers matches "*138.88.*.*" DeleteOnServer ""
If expression headers matches "*218.2[23]*.*.*" DeleteOnServer ""
If expression headers matches "*218.1[3-8]*.*.*" DeleteOnServer ""
If expression headers matches "*202.109.11[67]*.*" DeleteOnServer ""
If expression headers matches "*80.3[2-5]*.*.*" DeleteOnServer ""
If expression headers matches "*81.202.*.*" DeleteOnServer ""
If expression headers matches "*68.18[4-7].*.*" DeleteOnServer ""
If expression headers matches "*68.8[0-7]*.*.*" DeleteOnServer ""
If expression headers matches "*64.1[67]*.*.*" DeleteOnServer ""
If expression headers matches "*64.119.[12]*.*" DeleteOnServer ""
If expression headers matches "*61.1[67]*.*.*" DeleteOnServer ""
If expression headers matches "*12.*.*.*" DeleteOnServer ""
If expression headers matches "*4.*.*.*" DeleteOnServer ""
If expression headers matches "*64.70.[01]*.*" DeleteOnServer ""
If expression headers matches "*200.108.*.*" DeleteOnServer ""

I've been using pegasus since the early 90's.. and agree.. it rocks!

in addition to the spam filtering, it does not automatically load off-site graphics (you know.. the email you get trying to sell you viagra w/either a large graphic of who knows what or a tiny little blank graphic you may not know is there..), this way - spammers do not know that I got their mail. If it's a trusted vendor or friend - I can tell it to load them...

highly suggest it for those that want to get rid of outlook..
-L
(back from Bonny Scotland!)

In the Pegasus features it lists:
SSL Support on all protocols for secure mail access

Can anyone tell me what that means?

Welcome back, Laurey - did you see any of those
hairy Coos in Scotland?

Rancher

Originally posted by rancher
In the Pegasus features it lists:
SSL Support on all protocols for secure mail access

Can anyone tell me what that means?

Welcome back, Laurey - did you see any of those
hairy Coos in Scotland?

Rancher

Never used it, but from what I gather: sometimes this is a required feature. I see some talking about needing it for college networks.. but I'd think maybe it has biz applications??? maybe someone else knows???

I did see some of them big 'ole hairy cows.. and odd looking sheep as well. The hillsides are rampant w/them both (though more sheep) when you get up into the highlands. It's gorgeous country, and I already miss it so. Seems Continental is adding a run from NY straight to Edinburgh - hope that's true.. tired of Heathrow already...

-L

Cool! pretty soon you'll have the entire net blocked!

Originally posted by widders
Blocking a few domains hardly comprises the entire Internet? I'm just filling in the cracks that the black list misses. This list can be edited to anyone's liking. I've been monitoring unsolicted BULK E-mail for more than a year and it looks like the secure and responsible networks will not make "the s*** list".
A few? You've got a giant portion of the internet blocked with some of your rules...

Also, RBL's aren't exactly shy about blocking IP's - if anything they tend to be a bit overboard (like SPEWS blocking all of internap). Adding on to this is like adding a grenade to an atomic bomb because the bomb wasn't effective enough...

BTW - make sure you find out Powweb's IP's and add them to your list (if they aren't there already) - spammers have been known to abuse Powweb too (lol).

Also, one if the advantages (supposedly) of RBL's is that they'll remove IP's from the list when either the owner cleans up their act or when the block of IP's changes hands. Massive private blocking has no way of doign this. If you keep it up, eventually you will have the entire net blocked...

Originally posted by widders
If expression headers matches "*12.*.*.*" DeleteOnServer ""
If expression headers matches "*4.*.*.*" DeleteOnServer ""

The first line cuts off all of AT&T's IP addresses (including Worldcom, AT&T corporate, everyone contracted to use AT&T circuts, ...) - approcimately 16,777,214 IP addresses (an old style Class A network).

The second line does the same for Genuity, another major backbone on the itnernet. Also 16,777,214 IP addresses blocked.

So I was wrong, this is more like strapping an atomic bomb to a hand grenade because you don't think the hand grenade does enough...

Originally posted by widders
Sure, but the filter has nothing to do with "backbones". It is strictly a mail header filter. That has absolutely nothing to do with the backbone of the Internet. Maybe you should try it out? :)
But it does prevent you from receiving mail from anyone using an email server connected to AT&T's and Genuity's network.

Since they are major internet backbones that supply IP addresses to their customers (residential and businesses), it's a really silly idea to block all of either one...

You're really doing a disservice to people by advertising your list as an effective spam filter. It may be that, but so would just blocking all email (something you're working toward).

Along the same lines...

I use SpamPal to catch the spam I get. It uses a bunch of RBL's and additional to that, I add my own blocks.. whenever a spam gets thru I do an ARIN search on it and block the entire netblock they came from..

None of the spam is deleted it is moved to a seperate folder by a filter in my mail prog. The spams simply have '**SPAM**' added to the subject.

Then once a day I browse thru the emails in the spam folder and if I find any legitimate ones I look at the headers (spampal adds headers so you can see why it was marked as spam) and if one of my large blocks caught it, then I either update the blacklist, or whitelist the IP that the legitimate email came from. I *DO* block a large amount of the net, and surprisingly I vary rarely mark legitimate emails as spam and those that do tend to be marked from the RBL's just like Powweb does from time to time.

Most of my private blocks belong to dialup or private DSL users. Since it is rare that a dialup user would need to send an email directly rather than thru their providers SMTP I see no reason in being concerned about this.

Numbers? Well, when I go thru my *SPAM* folder, I move the ones that are spam to a *Checked* folder... and then I have Outlook clear out that folder every week or so. In the last 5 days, I have 265 emails in my checked folder. I get about 2 or 3 each day that dont get caught in my filters, so I spend about 2 minutes adding those to the block-lists.

I might check out pegasus, I used it about 10 years ago and prefered Eudora back then. Using Outlook and Outlook Express now (yes, I use both... my main email goes to Outlook thru POP3, but I use Outlook Express to check on about a dozen IMAP accounts that are for a specific purpose).

Darn... I forgot to include the main point of my post.

When it comes to spam-control, I like to have a conservative spam list filter out the most notorious spam on the server. And have very aggressive spam lists filter out things on the client side where items are moved to a special folder, not deleted.

Then I spend a minute to look thru the spam folder and see if any legitimate emails were included.

I have a fairly high confidence that I wont miss any real emails. I would definately not use my block lists to delete emails directly from the server even though they very rarely catch real emails.

Just wanted to show my support for pmail as well, I've been using it for quite a long time now. All e-mail notifications of replies from this forum I have set up to automatically get the color red :D

I use MailWasher (http://www.firetrust.com/products/mailwasherpro/)... along with pmail, works well. I kind of got lucky though and registered it back when it was a $3 donation, so I got the Pro version upgrade free :)

Again, hopefully no one else uses this unless they realize that you're cutting off email from 2 of the largest backbone providers in the US (AT&T and Genuity).

There are thousands of SMTP servers on the 4.* and 12.* netblocks that have probably never sent spam. This is like killing flys with cluster bombs...

Originally posted by RocketJeff
Again, hopefully no one else uses this unless they realize that you're cutting off email from 2 of the largest backbone providers in the US (AT&T and Genuity).

There are thousands of SMTP servers on the 4.* and 12.* netblocks that have probably never sent spam. This is like killing flys with cluster bombs...

True, 12.* is AT&T/Comcast... and many regular home users are on that.

I'd much rather have some spam get through than block some legitimate email. Even in MailWasher I have it set on "Careful" and double-check everything is actually spam when it thinks it is.

If this continues, this thread is going to be considered spam for all the space it's going to occupy. :D

Originally posted by Nino
If this continues, this thread is going to be considered spam for all the space it's going to occupy. :D It's about as useful as most spam...

SPAM
If expression headers matches "*137.186.*.*" DeleteOnServer ""
If expression headers matches "*138.130.*.*" DeleteOnServer ""
If expression headers matches "*138.88.*.*" DeleteOnServer ""
If expression headers matches "*139.165.*.*" DeleteOnServer ""
If expression headers matches "*140.113.*.*" DeleteOnServer ""
If expression headers matches "*141.149.*.*" DeleteOnServer ""
If expression headers matches "*141.15[0-8].*.*" DeleteOnServer ""
If expression headers matches "*142.161.*.*" DeleteOnServer ""
If expression headers matches "*144.13.*.*" DeleteOnServer ""
If expression headers matches "*146.145.*.*" DeleteOnServer ""
If expression headers matches "*151.19[6-9].*.*" DeleteOnServer ""
If expression headers matches "*151.20[0-5].*.*" DeleteOnServer ""
If expression headers matches "*165.234.*.*" DeleteOnServer ""
If expression headers matches "*168.126.*.*" DeleteOnServer ""
If expression headers matches "*172.12[89].*.*" DeleteOnServer ""
If expression headers matches "*172.19[01].*.*" DeleteOnServer ""
If expression headers matches "*172.1[3-8]?.*.*" DeleteOnServer ""
If expression headers matches "*192.38.23[2-9].*" DeleteOnServer ""
If expression headers matches "*199.181.7[78].*" DeleteOnServer ""
If expression headers matches "*19[3-5].*.*.*" DeleteOnServer ""
If expression headers matches "*205.158.*.*" DeleteOnServer ""
If expression headers matches "*205.252.*.*" DeleteOnServer ""
If expression headers matches "*207.29.19[2-9].*" DeleteOnServer ""
If expression headers matches "*207.29.20[0-7].*" DeleteOnServer ""
If expression headers matches "*207.248.22[4-8].*" DeleteOnServer ""
If expression headers matches "*207.81.*.*" DeleteOnServer ""
If expression headers matches "*208.12[89].*.*" DeleteOnServer ""
If expression headers matches "*208.17[0-5].*.*" DeleteOnServer ""
If expression headers matches "*208.1[3-6]?.*.*" DeleteOnServer ""
If expression headers matches "*209.50.22[4-9].*.*" DeleteOnServer ""
If expression headers matches "*209.50.2[3-5]?.*" DeleteOnServer ""
If expression headers matches "*209.133.?.*" DeleteOnServer ""
If expression headers matches "*209.133.??.*" DeleteOnServer ""
If expression headers matches "*209.133.1[01]?.*" DeleteOnServer ""
If expression headers matches "*209.133.12[0-7].*" DeleteOnServer ""
If expression headers matches "*209.237.22[4-9].*" DeleteOnServer ""
If expression headers matches "*209.237.2[3-5]?.*" DeleteOnServer ""
If expression headers matches "*209.249.*.*" DeleteOnServer ""
If expression headers matches "*209.63.*.*" DeleteOnServer ""
If expression headers matches "*209.88.*.*" DeleteOnServer ""
If expression headers matches "*20[023].*.*.*" DeleteOnServer ""
If expression headers matches "*216.53.12[89].*" DeleteOnServer ""
If expression headers matches "*216.53.1[3-9]?.*" DeleteOnServer ""
If expression headers matches "*216.53.2??.*" DeleteOnServer ""
If expression headers matches "*216.128.6[4-9].*" DeleteOnServer ""
If expression headers matches "*216.128.9[0-5].*" DeleteOnServer ""
If expression headers matches "*216.128.[78]?.*" DeleteOnServer ""
If expression headers matches "*216.218.12[89].*" DeleteOnServer ""
If expression headers matches "*216.218.1[3-9]?.*" DeleteOnServer ""
If expression headers matches "*216.218.2??.*" DeleteOnServer ""
If expression headers matches "*216.243.6[4-9].*" DeleteOnServer ""
If expression headers matches "*216.243.7?.*" DeleteOnServer ""
If expression headers matches "*216.55.12[89].*" DeleteOnServer ""
If expression headers matches "*216.55.19[01].*" DeleteOnServer ""
If expression headers matches "*216.55.1[3-8]?.*" DeleteOnServer ""
If expression headers matches "*216.73.8?.*" DeleteOnServer ""
If expression headers matches "*216.73.9[0-5].*" DeleteOnServer ""
If expression headers matches "*21[0-37-9].*.*.*" DeleteOnServer ""
If expression headers matches "*22[01].*.*.*" DeleteOnServer ""
If expression headers matches "*[12.*.*.*" DeleteOnServer ""
If expression headers matches "*[32.*.*.*" DeleteOnServer ""
If expression headers matches "*[38.*.*.*" DeleteOnServer ""
If expression headers matches "*[4.*.*.*" DeleteOnServer ""

If expression headers matches "*[[]24.118.*.*" DeleteOnServer ""
If expression headers matches "*[[]24.207.12[89].*" DeleteOnServer ""
If expression headers matches "*[[]24.207.1[3-9]?.*" DeleteOnServer ""
If expression headers matches "*[[]24.207.2??.*" DeleteOnServer ""
If expression headers matches "*[[]24.215.6[4-9].*" DeleteOnServer ""
If expression headers matches "*[[]24.215.9[0-5].*" DeleteOnServer ""
If expression headers matches "*[[]24.215.[78]?.*" DeleteOnServer ""
If expression headers matches "*[[]24.233.12[89].*" DeleteOnServer ""
If expression headers matches "*[[]24.233.1[3-5]?.*" DeleteOnServer ""
If expression headers matches "*[[]24.4[89].*.*" DeleteOnServer ""
If expression headers matches "*[[]24.57.*.*" DeleteOnServer ""
If expression headers matches "*[[]24.5[01].*.*" DeleteOnServer ""
If expression headers matches "*[[]24.98.*.*" DeleteOnServer ""
If expression headers matches "*[[]24.99.14[0-3].*" DeleteOnServer ""
If expression headers matches "*[[]24.99.1[0-3]?.*" DeleteOnServer ""
If expression headers matches "*[[]24.99.?.*" DeleteOnServer ""
If expression headers matches "*[[]24.99.??.*" DeleteOnServer ""
If expression headers matches "*[[]63.14[4-9].*.*" DeleteOnServer ""
If expression headers matches "*[[]63.15[01].*.*" DeleteOnServer ""
If expression headers matches "*[[]64.119.19[2-9].*" DeleteOnServer ""
If expression headers matches "*[[]64.119.22[0-3].*" DeleteOnServer ""
If expression headers matches "*[[]64.119.2[01]?.*" DeleteOnServer ""
If expression headers matches "*[[]64.16?.*.*" DeleteOnServer ""
If expression headers matches "*[[]64.17[0-5].*.*" DeleteOnServer ""
If expression headers matches "*[[]64.70.10?.*" DeleteOnServer ""
If expression headers matches "*[[]64.70.11[01].*" DeleteOnServer ""
If expression headers matches "*[[]64.70.?.*" DeleteOnServer ""
If expression headers matches "*[[]64.70.??.*" DeleteOnServer ""
If expression headers matches "*[[]64.88.12[89].*" DeleteOnServer ""
If expression headers matches "*[[]64.88.1[3-5]?.*" DeleteOnServer ""
If expression headers matches "*[[]65.2?.*.*" DeleteOnServer ""
If expression headers matches "*[[]65.3[015].*.*" DeleteOnServer ""
If expression headers matches "*[[]65.4[0-3].*.*" DeleteOnServer ""
If expression headers matches "*[[]66.13[01].*.*" DeleteOnServer ""
If expression headers matches "*[[]66.148.12[89].*" DeleteOnServer ""
If expression headers matches "*[[]66.148.1[3-9]?.*" DeleteOnServer ""
If expression headers matches "*[[]66.148.2[0-5]?.*" DeleteOnServer ""
If expression headers matches "*[[]66.55.1[6-8]?.*" DeleteOnServer ""
If expression headers matches "*[[]66.55.19[01].*" DeleteOnServer ""
If expression headers matches "*[[]66.9[23].*.*" DeleteOnServer ""
If expression headers matches "*[[]66.176.*.*" DeleteOnServer ""
If expression headers matches "*[[]66.177.1??.*" DeleteOnServer ""
If expression headers matches "*[[]66.177.20[0-7].*" DeleteOnServer ""
If expression headers matches "*[[]66.177.?.*" DeleteOnServer ""
If expression headers matches "*[[]66.177.??.*" DeleteOnServer ""
If expression headers matches "*[[]66.18[89].*.*" DeleteOnServer ""
If expression headers matches "*[[]66.19[01].*.*" DeleteOnServer ""
If expression headers matches "*[[]66.229.*.*" DeleteOnServer ""
If expression headers matches "*[[]66.235.1[6-8]?.*" DeleteOnServer ""
If expression headers matches "*[[]66.235.19[01].*" DeleteOnServer ""
If expression headers matches "*[[]66.23[6-9].*.*" DeleteOnServer ""
If expression headers matches "*[[]66.25.*.*" DeleteOnServer ""
If expression headers matches "*[[]66.250.*.*" DeleteOnServer ""
If expression headers matches "*[[]66.56.?.*" DeleteOnServer ""
If expression headers matches "*[[]66.56.[1-8]?.*" DeleteOnServer ""
If expression headers matches "*[[]66.56.9[0-5].*" DeleteOnServer ""
If expression headers matches "*[[]66.61.*.*" DeleteOnServer ""
If expression headers matches "*[[]66.6[6-9].*.*" DeleteOnServer ""
If expression headers matches "*[[]66.7[23].*.*" DeleteOnServer ""
If expression headers matches "*[[]66.81.*.*" DeleteOnServer ""
If expression headers matches "*[[]66.91.*.*" DeleteOnServer ""
If expression headers matches "*[[]67.11[2-9].*.*" DeleteOnServer ""
If expression headers matches "*[[]67.12[0-7].*.*" DeleteOnServer ""
If expression headers matches "*[[]67.16?.*.*" DeleteOnServer ""
If expression headers matches "*[[]67.17[0-4].*.*" DeleteOnServer ""
If expression headers matches "*[[]67.19?.*.*" DeleteOnServer ""
If expression headers matches "*[[]67.1[01].*.*" DeleteOnServer ""
If expression headers matches "*[[]67.2??.*.*" DeleteOnServer ""
If expression headers matches "*[[]67.?.*.*" DeleteOnServer ""
If expression headers matches "*[[]68.11[2-9].*.*" DeleteOnServer ""
If expression headers matches "*[[]68.12[0-5].*.*" DeleteOnServer ""
If expression headers matches "*[[]68.14[4-7].*.*" DeleteOnServer ""
If expression headers matches "*[[]68.16[0-3].*.*" DeleteOnServer ""
If expression headers matches "*[[]68.16[89].*.*" DeleteOnServer ""
If expression headers matches "*[[]68.17[01].*.*" DeleteOnServer ""
If expression headers matches "*[[]68.18[4-9].*.*" DeleteOnServer ""
If expression headers matches "*[[]68.190.*.*" DeleteOnServer ""
If expression headers matches "*[[]68.191.6[0-3].*" DeleteOnServer ""
If expression headers matches "*[[]68.191.?.*" DeleteOnServer ""
If expression headers matches "*[[]68.191.[1-5]?.*" DeleteOnServer ""
If expression headers matches "*[[]68.1?.*.*" DeleteOnServer ""
If expression headers matches "*[[]68.2[0-3].*.*" DeleteOnServer ""
If expression headers matches "*[[]68.23[67].*.*" DeleteOnServer ""
If expression headers matches "*[[]68.[3-8]?.*.*" DeleteOnServer ""
If expression headers matches "*[[]68.9[0-3].*.*" DeleteOnServer ""
If expression headers matches "*[[]68.?.*.*" DeleteOnServer ""
If expression headers matches "*[[]69.13[6-9].*.*" DeleteOnServer ""
If expression headers matches "*[[]69.140.*.*" DeleteOnServer ""
If expression headers matches "*[[]69.41.16?.*.*" DeleteOnServer ""
If expression headers matches "*[[]69.41.17[0-5].*" DeleteOnServer ""
If expression headers matches "*[[]69.56.12[89].*" DeleteOnServer ""
If expression headers matches "*[[]69.56.1[3-9]?.*" DeleteOnServer ""
If expression headers matches "*[[]69.56.2??.*" DeleteOnServer ""
If expression headers matches "*[[]6[12].*.*.*" DeleteOnServer ""
If expression headers matches "*[[]8[0-2].*.*.*" DeleteOnServer ""

I was using Pegasus Mail in the 90's and recently
decided to look at it again. The author's web site
is http://www.pmail.com and he has continued its
development into something incredibly useful.
Most amazing of all is that he keeps it free by only
selling the documentation..

Anyway, in addition to its neat automatic spam
content filter, you can create and utilize custom
filters which will in fact filter ANYTHING you tell it
to on the server side. I figured it all out in one
night using the HELP INDEX included with
Pegasus Mail.

The filter file I created is called spam.pnp and it
contains an IP listing of mail servers known for
spam which still make their way through the black
lists that the network servers rely on. You place
the list in the PMAIL\MAIL\ADMIN directory
and then tell Pegasus Mail to reference the file
for your filter. This list is dated 22 April, 2004.
The spam list is continously updated and made
available to the public here:

http://www.widders.com/spam.pnp


You may also download the attached file: spam.zip
to access the spam.pnp text file.

We filter mail on the server side without even
downloading it. We got tired of unsolicited
bulk E-mail and have since developed a list
based on IP addresses that allow proven abuse
of their mail servers. Anyone using Pegasus
Mail can easily implement the list.

It is the Spam Having IP Traceability™ List:

Filter and block junk E-mail by utilizing
Pegasus Mail. Save the list as spam.pnp and
place in your PMAIL\MAIL\ADMIN folder. From
the Pegasus Mail menu go to "Tools - Mail
filtering rules", select a rule set (general
or POP3) to edit, and then open SPAM for your
filtering rule set. It will automatically
delete all E-mail that originates from an IP
on the list.

If necessary review and make changes to the
list before implementing. You can use any
text editor (i.e. Notepad), word processing
software, or Pegasus Mail to make changes.

THE LIST OF IP ADDRESSES IS VERY LONG
SO FOR THE SAKE OF EVERYONE YOU MAY
FOLLOW THE LINK TO ACCESS THE LIST.

The Spam Having IP Traceability™ List is
located and maintained at:

http://www.widders.com/9.htm