Currently no, but it seems like a good idea to specify a country to
whitelist, I'll look at adding that..
ChrisP.
Thanks for that insight.
Can we have the g_safe_smtp feature turned on for just non-US networks?
This would minimize the false-positives in the USA and “only” “allow” spammers
in the U.S.
Regards,
Frank
From: surgemail-support [mailto:surgemail-support@netwinsite.com]
Sent: Thursday, July 24, 2014 8:47 PM
To: surgemail-list@netwinsite.com
Subject: re: RE: Re: [SurgeMail List] Feature Suggestion: Include Country
of Origin in g_safe_smtp
It only miss triggers when the person
1) is using a smart phone in a new location
2) tries to send an email message without reading/checking email first
(which is fairly rare)
At which point it would fail and they'd get an email so they could read
the email and fix the problem, or more likely they will open email or
move and the message will then send. But yes they will get a false
positive warning.
On the plus side, it's fairly good at stopping the hackers from abusing
the account and sending out a batch of spam through your system, which can
save you from being blacklisted...
ChrisP.
Seems this feature is risky for those who use an email client on a
smartphone. For those who have this turned up, do you see a lot of false
positives?
Frank
From: surgemail-support [mailto:surgemail-support@netwinsite.com]
Sent: Wednesday, July 23, 2014 5:43 PM
To:
surgemail-list@netwinsite.com<mailto:surgemail-list@netwinsite.com>
Subject: re: Re: [SurgeMail List] Feature Suggestion: Include Country of
Origin in g_safe_smtp
It's a recommended setting so it pops up in the list of settings to turn
on in the config checker (if not then update first)
It remembers the ip addresses people use via pop and imap and if it see's
a new address only from 'smtp' then it rejects the login with a url the user
can use to enable logins.
Since most email clients are stupid (The software not the people) and
don't show the user the actual error they may not see the cause, but surgemail
then delivers an email to them that they will see explaining what occurred.
The email gives them the ip address, and a url to use to enable logins
for that address.
And in future it will tell them the country the login attempt came from.
ChrisP.
i never knew this existed. how does it work if you turn it on? the
documentation is non-existent:
g_safe_smtp - Force users to prove they are real if logging in from
unknown sources via smtp
This feature is intended to prevent spamers/hackers from harvesting
accounts on your system and then using them to send out spam
david camm
advanced web systems
keller, tx
On 7/23/2014 4:28 PM, Glenn Meadows wrote:
I think people new (and good) innate fear of randomly clicking links in
email is part of the problem. If the country was listed in the message they
got, it would actually be more helpful.
-- Glenn Meadows
Mayfield Mastering
2825 Erica Place
Nashville, TN 37204
615-383-3708
On 7/23/2014 4:17 PM, surgemail-support wrote:
The email contains a link which shows them a map of the world with the
origin of the ip address on the map... isn't that clear? Or is that not
working? Or are they afraid of pressing the link incase it's a trick?
(just trying to understand why the existing mechanism isn't working as
intended before modifying it - I think your idea is good actually)
ChrisP.
Netwin,
Just making another feature suggestion. A common support call
topic is the
automated e-mail message from SurgeMail to a user when the
g_safe_smtp is
enabled. These are usually hacked accounts and SurgeMail is
blocking the
authenticated SMTP session from an unknown IP address. The problem
is that
the customer has no idea if the IP address included in the message
is their
IP address or some spammers IP address. As a result, they are
confused and
do not know if they should click the link included in the message. We
usually ask them for the IP address in the e-mail, perform a WHOIS
query,
and then ask if they are trying to access their mailbox from that
network/location. Today it was an IP address from the Ukraine.
My suggestion is that if g_country_ip is also enabled, which gives
SurgeMail
the country that owns the IP, include the country information in the
g_safe_smtp notice. I think that would eliminate a lot of the
confusion for
the end user.
Thanks,
Jim Lohiser
N2Net
