Whitelist on 10.6?

Similar Messages

• How difficult would it be to implement an iMessage whitelist..?

  iMessage spam is a really big problem to me and my family members.  And getting worse by the week.
  Blocking individual senders is ludicrously ineffective and Apple seems to be reluctant to allow us to block entire domains (which would really help).
  So how difficult would it be to implement a whitelist?  (For example... I don't want any iMessages from anybody not in my Contacts list!)
  I'm really close to disabling iMessage altogether.  It is barely worth the effort now.

  The difficulty and time to do it depends on the learning
  capability of the new programmer. Patience and a drive to learn is
  what all is needed. Accomplishing one step at a time is probably
  the best approach, whether you're new or well-versed.

• Ironport Whitelist and related questions

  Hi all,
  I have recently started at a new position for a company that is utilising ironport as the email spam filtering/virus checking appliance.
  Almost immediately after starting in my position issues were being discussed, where the senderbase reputation scoring was marking a sister companies mail as spam - obviously due to a bad reputation.
  It was important that these mails were delivered and the obvious answer seemed to be to whitelist the domains, which was implemented by another support person. After the whitelist setting was applied though the mails were still be rejected due to being suspected spam - there is no quarantine setup.
  Today I logged into the boxes to see if I could syslog the mail logs to a seperate linux server and suddenly got wrapped up in this problem. I had a look and could see the domains in the whitelist section within the HAT, after doing some reading I can confirm the whitelist section was ordered as being number 1 in the list and by looking further it looks like the whitelist domains were via the 'add to sender group' button within the monitoring overview screens (this is assumed as both .sistercompany.com and sistercompany.com were appended to the whitelist).
  After a few hours of reading up I couldn't understand why the whitelist wasn't working, I even did a lookup of the domain in the monitoring overview search section for mail recieved by sistercompany.com and could see that it belonged in the whitelist group. I got further confused when reading the help and support guide - it had screenshots that looked very similar to our setup [within the HAT overview and Mail Policies], however it had an sbrs for the whitelist set between 6 and 10, where as that was blank on our system, nowhere in the document would it describe why this sbrs value was set. Bearing in mind I have only had a few hours of experience with this product, so these maybe silly questions but:
  Why would you add an sbrs value to the whitelist - I would have thought whitelists would ignore any score presented.
  If number 1 has nothing to do with why these domains were still being flagged as spam, has anyone got any suggestions as to what the issue maybe?
  For a small bit of information we have the C660 appliances installed.
  Any help would be much appreciated

  I'm taking a wild guess here since there are a lot of missing details. Forgive me if I'm covering ground you've already trod.
  Remember that the HAT controls how incoming SMTP connections are handled, so entries in the HAT must correspond to the remote SMTP servers that are connecting to you. You don't put the "domain" part of "user@domain" in the HAT ("sistercompany.com" in your case), you put in the the domain names of the actual remote SMTP servers or a wildcard that matches them all. In your case, this might be ".sistercompay.com" (note the leading "." indicating that this will match any domain name ending with ".sistercompany.com"), but only if their SMTP servers have host names in that domain.
  Whitlisting by domain name requires that the IP addresses of those remote SMTP servers have correct rDNS. If they don't, you'll have to list them in the HAT by IP address. FYI, we never put anything in the HAT by IP address unless it is unavoidable. Using domain names and requiring correct rDNS forces good DNS hygiene, and also provides a layer of abstraction. The server's address can change, but so long as the DNS is kept up to date we don't have to change our HAT entries.
  You can see from the mail logs what sender group is being applied on each SMTP connection. Find one of the rejected messages in the log and see what sender group its connection landed in. If it didn't land in the whitelist (which will almost certainly be the case, given that the message was not in fact whitelisted), then you know the HAT entry is wrong. You can also use the log to determine the actual domain name of the remote server, assuming the rDNS for its IP address is correct.
  The example screenshot in the manual showing SBRS between 6 and 10 being whitelisted is demonstrating that you can whitelist by SBRS as well as by explicit listing in the sender group. Your whitelist simply isn't doing this, which is fine. In this age of rampant spamming from stolen accounts on reputable servers, whitelisting by SBRS can let spam in. We raised the lower limit from 6 to 8 several years ago after getting hit in this exact way.
  ++Don

• Wiki whitelist.plist not working here's the script and steps taken

  1. whitelist.plist created according to instructions in wiki admin manual.
  2. file placed in: /Library/Application Support/Apple/WikiServer/
  3. File permissions set to allow _teamsserver access like other files in directory.
  4. Webserver restarted.
  5. Attempt to add <head> tag to wiki fails. Code is stripped out after save.
  6. Has anyone got this working? I can't find any syntax errors in the file and I've tried the suggestion from another post to place the file in: /etc/wikid
  Here's the contents of whitelist.plist
  I don't know what else I can do to make it work. Any help is appreciated.
  I've pasted the code below:
  <?xml version="1.0" encoding="UTF-8"?>
  <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  <plist version="1.0">
  <dict>
  <key>protocols</key>
  <array>
  <string>file</string>
  <string>afp</string>
  <string>feed</string>
  <string>feeds</string>
  <string>fax</string>
  <string>ftp</string>
  <string>gopher</string>
  <string>http</string>
  <string>https</string>
  <string>itms</string>
  <string>itpc</string>
  <string>ldap</string>
  <string>mailto</string>
  <string>news</string>
  <string>nfs</string>
  <string>nntp</string>
  <string>rdar</string>
  <string>rtsp</string>
  <string>sip</string>
  <string>sips</string>
  <string>sftp</string>
  <string>smb</string>
  <string>ssh</string>
  <string>svn</string>
  <string>svn+ssh</string>
  <string>tel</string>
  <string>telnet</string>
  <string>vnc</string>
  <string>webcal</string>
  <string>xmpp</string>
  </array>
  <key>styles</key>
  <array>
  <string>font-style</string>
  <string>font-weight</string>
  <string>text-decoration</string>
  </array>
  <key>tags</key>
  <dict>
  <key>all</key>
  <array>
  <string>style</string>
  <string>class</string>
  <string>title</string>
  </array>
  <key>a</key>
  <array>
  <string>href</string>
  <string>name</string>
  <string>rel</string>
  </array>
  <key>blockquote</key>
  <array>
  <string>cite</string>
  </array>
  <key>body</key>
  <array/>
  <key>br</key>
  <array/>
  <key>caption</key>
  <array/>
  <key>dd</key>
  <array/>
  <key>div</key>
  <array/>
  <key>dl</key>
  <array/>
  <key>dt</key>
  <array/>
  <key>em</key>
  <array/>
  <key>h1</key>
  <array/>
  <key>h2</key>
  <array/>
  <key>h3</key>
  <array/>
  <key>h4</key>
  <array/>
  <key>h5</key>
  <array/>
  <key>h6</key>
  <array/>
  <key>head</key>
  <array>
  <string>title</string>
  <string>base</string>
  <string>link</string>
  <string>meta</string>
  </array>
  <key>html</key>
  <array/>
  <key>img</key>
  <array>
  <string>src</string>
  <string>alt</string>
  <string>name</string>
  <string>width</string>
  <string>height</string>
  <string>longdesc</string>
  </array>
  <key>li</key>
  <array/>
  <key>node</key>
  <array/>
  <key>object</key>
  <array>
  <string>classid</string>
  <string>width</string>
  <string>height</string>
  <string>codebase</string>
  </array>
  <key>ol</key>
  <array/>
  <key>p</key>
  <array/>
  <key>param</key>
  <array>
  <string>name</string>
  <string>value</string>
  </array>
  <key>pre</key>
  <array/>
  <key>q</key>
  <array>
  <string>cite</string>
  </array>
  <key>span</key>
  <array/>
  <key>strong</key>
  <array/>
  <key>table</key>
  <array/>
  <key>tbody</key>
  <array/>
  <key>td</key>
  <array>
  <string>colspan</string>
  <string>rowspan</string>
  </array>
  <key>tfoot</key>
  <array/>
  <key>th</key>
  <array>
  <string>colspan</string>
  <string>rowspan</string>
  </array>
  <key>thead</key>
  <array/>
  <key>tr</key>
  <array/>
  <key>ul</key>
  <array/>
  </dict>
  </dict>
  </plist>

  Ok. Found some more stuff. It appears that, as of 10.6.2, you can't have this in your whitelist: :
  <key>protocols</key>
  <key>styles</key>
  What's missing? Even if you have nothing to add to an area you must have the array tags e.g.
  <key>protocols</key>
  <array/>
  <key>styles</key>
  <array/>
  The problem is that the Wiki just fails if there is any problem with your whitelist, with no warning. To see the fault you have to look in the console log. There you will see something like this, which indicates a faulty whitelist file:
  8/01/10 10:34:00 AM com.apple.wikid[4416] Traceback (most recent call last):
  8/01/10 10:34:00 AM com.apple.wikid[4416] File "/usr/share/caldavd/lib/python/twisted/application/app.py", line 689, in run
  8/01/10 10:34:00 AM com.apple.wikid[4416] config.parseOptions()
  8/01/10 10:34:00 AM com.apple.wikid[4416] File "/usr/share/caldavd/lib/python/twisted/application/app.py", line 669, in parseOptions
  8/01/10 10:34:00 AM com.apple.wikid[4416] usage.Options.parseOptions(self, options)
  8/01/10 10:34:00 AM com.apple.wikid[4416] File "/usr/share/caldavd/lib/python/twisted/python/usage.py", line 226, in parseOptions
  8/01/10 10:34:00 AM com.apple.wikid[4416] for (cmd, short, parser, doc) in self.subCommands:
  8/01/10 10:34:00 AM com.apple.wikid[4416] File "/usr/share/caldavd/lib/python/twisted/application/app.py", line 679, in subCommands
  8/01/10 10:34:00 AM com.apple.wikid[4416] for plug in plugins:
  8/01/10 10:34:00 AM com.apple.wikid[4416] --- <exception caught here> ---
  8/01/10 10:34:00 AM com.apple.wikid[4416] File "/usr/share/caldavd/lib/python/twisted/plugin.py", line 204, in getPlugins
  8/01/10 10:34:00 AM com.apple.wikid[4416] adapted = interface(plugin, None)
  8/01/10 10:34:00 AM com.apple.wikid[4416] File "/System/Library/Frameworks/Python.framework/Versions/2.6/Extras/lib/python/zop e/interface/interface.py", line 625, in callconform
  8/01/10 10:34:00 AM com.apple.wikid[4416] return conform(self)
  8/01/10 10:34:00 AM com.apple.wikid[4416] File "/usr/share/caldavd/lib/python/twisted/plugin.py", line 68, in _conform_
  8/01/10 10:34:00 AM com.apple.wikid[4416] return self.load()
  8/01/10 10:34:00 AM com.apple.wikid[4416] File "/usr/share/caldavd/lib/python/twisted/plugin.py", line 63, in load
  8/01/10 10:34:00 AM com.apple.wikid[4416] return namedAny(self.dropin.moduleName + '.' + self.name)
  8/01/10 10:34:00 AM com.apple.wikid[4416] File "/usr/share/caldavd/lib/python/twisted/python/reflect.py", line 462, in namedAny
  8/01/10 10:34:00 AM com.apple.wikid[4416] topLevelPackage = _importAndCheckStack(trialname)
  8/01/10 10:34:00 AM com.apple.wikid[4416] File "/usr/share/caldavd/lib/python/twisted/python/reflect.py", line 398, in _importAndCheckStack
  8/01/10 10:34:00 AM com.apple.wikid[4416] return _import_(importName)
  8/01/10 10:34:00 AM com.apple.wikid[4416] File "/usr/share/wikid/lib/python/twisted/plugins/wikid.py", line 9, in <module>
  8/01/10 10:34:00 AM com.apple.wikid[4416] from apple_utilities.tap import WikiServiceMaker
  8/01/10 10:34:00 AM com.apple.wikid[4416] File "/usr/share/wikid/lib/python/apple_utilities/tap.py", line 25, in <module>
  8/01/10 10:34:00 AM com.apple.wikid[4416] from apple_utilities import SettingsManager, Authentication
  8/01/10 10:34:00 AM com.apple.wikid[4416] File "/usr/share/wikid/lib/python/apple_utilities/SettingsManager.py", line 916, in <module>
  8/01/10 10:34:00 AM com.apple.wikid[4416] globalSettings = SettingsManager(defaultConfigFilePath)
  8/01/10 10:34:00 AM com.apple.wikid[4416] File "/usr/share/wikid/lib/python/apple_utilities/SettingsManager.py", line 151, in _init_
  8/01/10 10:34:00 AM com.apple.wikid[4416] whitelist = WhitelistContentFilter.WhitelistContentFilter(userWhitelistPath, self.data['wiki']['whitelist'])
  8/01/10 10:34:00 AM com.apple.wikid[4416] File "/usr/share/wikid/lib/python/apple_wlt/WhitelistContentFilter.py", line 120, in _init_
  8/01/10 10:34:00 AM com.apple.wikid[4416] systemPlist = plistlib.readPlist(systemWhitelistFileLoc)
  8/01/10 10:34:00 AM com.apple.wikid[4416] File "/System/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/plistli b.py", line 78, in readPlist
  8/01/10 10:34:00 AM com.apple.wikid[4416] rootObject = p.parse(pathOrFile)
  8/01/10 10:34:00 AM com.apple.wikid[4416] File "/System/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/plistli b.py", line 405, in parse
  8/01/10 10:34:00 AM com.apple.wikid[4416] parser.ParseFile(fileobj)
  Message was edited by: John Holley NZ

• How do I add a whitelist on AirPort Utility to connect a Kindle Fire?

  All of a sudden my daughter's Kindle Fire says it has no wireless connection even though I have the name and password entered correctly. Is this some type of update on the Kindle side? The Kindle tells me (when I tap on the connected wifi name for my computer) signal strength is excellent, status is connected, shows my security with a WPA and additional codes. I have been reading that there is a whitelist I can add devices too but am so illiterate on my MAC that I cannot find it or where to go...my apologies. What do I/ should I do? I am confused as to why I see the Kindle and my computer are connected to wifi but then I receive an error message. Any help or advice would be greatly appreciated!

  There isn't a whitelist, per se, on the AirPort routers. Instead there is a means to prevent a wireless device from accessing the AirPort by its hardware MAC address. Unless you have enabled this feature, via the AirPort Utility, all wireless devices should be able to connect.
  One area to look at as a possible cause, is the Network Name (aka SSID) that you are using for your AirPort's Wi-Fi network. If it contains special characters or spaces, you may want to consider changing it to something that has neither to see if this helps.

• How can I create a whitelist of banking websites based on the server certifcates of legitimate sites?

  I want to configure FF so that I can optionally activate a whitelist of my legitimate banking websites. When the whitelist is turned on, FF should only be able to display those sites. When the whitelist is turned off, FF works as usual and displays all sites. I would create the whitelist by visiting my banking websites and somehow adding the server certificates of those sites to the whitelist. So the whitelist would consist of the server certs of my banking websites. When whitelisting is then turned on, FF would allow me to visit only those sites whose server certs match those on the whitelist. This would protect me against phishing sites. How can I do this? Thanks

  I believe that did it! Thank you. I am running those changes on a secondary E-Mail address for the same job and server and it appears to be working properly.

• How to whitelist a specific email address

  We are trying out an ironport C350. I am looking for a way to whitelist a specific email address ex. [email protected] The whitlist appears to onlyl let you add a whole domain or i.p. range and not a specific address. Is there a way to do this or would I need to build some kind of incomming content filter by sender name?

  A Content Filter would be the easiest but it is processed after the SBRS check.. Remember you can have a one content filter with multiple checks just make sure you use OR and not AND.
  So if you want to make sure a specific email is not spammed check you would need to create a Message Filter (regX expression) but then every single inbound email would be checked againest this filter.
  So the best way might be to create a whole new policy and place it before your normal or default policy. Have the policy only apply for sender = [email protected] You can turn off the spam check for this policy.

• Verizon's WhiteList of email senders won't work unless you know who they are blocking

  I have Verizon FIOS with a POP3 email account, which is configured on several PCs and my smartphone. Monday I contacted support by phone about lost incoming emails on all the systems. Four of them were emails that I bcc'ed to myself earlier that day and never received. There was also one that my sister-in-law sent the day before that was never received on any system. The support tech told me that sometimes Verizon decides to block some incoming emails for various reasons. The tech then told me how to "whitelist" the senders that were being blocked. I did whitelist the senders that I knew I has lost emails from. What I don't understand, is how I am supposed to know what important emails I didn't get? If Verizon is going to do this, they should email me a list of the senders they decided to block, so I can review the list and add important ones to my Verizon whitelist.
  That said, evidently Verizon doesn't realize that their subscribers depend on email for important communication, and should act more responsibly. If their servers are too busy at a given time, they should queue the messages for future delivery. If messages are dropped because they suspect spam they should allow the subscriber to see what was blocked, and have a chance to retrieve the messages.

  Punchcard wrote:
  I have Verizon FIOS with a POP3 email account, which is configured on several PCs and my smartphone. Monday I contacted support by phone about lost incoming emails on all the systems. Four of them were emails that I bcc'ed to myself earlier that day and never received. There was also one that my sister-in-law sent the day before that was never received on any system. The support tech told me that sometimes Verizon decides to block some incoming emails for various reasons. The tech then told me how to "whitelist" the senders that were being blocked. I did whitelist the senders that I knew I has lost emails from. What I don't understand, is how I am supposed to know what important emails I didn't get? If Verizon is going to do this, they should email me a list of the senders they decided to block, so I can review the list and add important ones to my Verizon whitelist.
  That said, evidently Verizon doesn't realize that their subscribers depend on email for important communication, and should act more responsibly. If their servers are too busy at a given time, they should queue the messages for future delivery. If messages are dropped because they suspect spam they should allow the subscriber to see what was blocked, and have a chance to retrieve the messages.
  Verizon has several different blocking systems in place. The SpamDetector can be set to save spam to your Spam folder for review, but you have to set it to do so (default behavior is to delete the messages). The Blocked Senders list is the same way. These can both be set from within your Email Settings.
  Verizon's Black List on the other hand, is a server-level block on the IP/server of the sender. These messages are not allowed into Verizon's email system at all, and the sender will receive a bounceback message directing them to the White List form.
  If a forum member gives an answer you like, give them the Kudos they deserve. If a member gives you the answer to your question, mark the answer as Accepted Solution so others can see the solution to the problem.
  "All knowledge is worth having."

• Auto-whitelist

  Greetings,
  not sure how many people still run 10.4 mail systems. but what the heck
  I have a mail server that has been running spammassassin for years. pumping SA learn and running spamtrainer.
  recently i received OS and postfix error messages regarding insufficient storage space although i had 30gig of room on the drive.
  During a clone operation i discovered a very large Auto-whitelist file in /var/clamav/.spamassassin
  i don't remember setting Auto-Whitelist 1
  mylocal.cf doesn't mention AutoWhitelist
  and my amavisd.conf has it commented out .
  #$saautowhitelist = 0; # turn on AWL (default: false)
  # Bayesian Auto Learn
  auto_learn 1
  # Safe Reporting
  safe_reporting 0
  # Full/Terse Reporting
  usetersereport 0
  # Subject Tag
  subject_tag * Warning: Junk Mail *
  # Rewrite the Subject
  rewrite_subject 0
  # Use Bayesian Filtering
  use_bayes 1
  # OK locals
  ok_locales en
  # OK languages
  ok_languages en fr de ja
  # Required hits to be marked as spam
  required_hits 5
  I ran a test message through SA, i did not see anything referencing Auto-Whitelist.
  here is debug ::: ::
  }mx1:/var/clamav root# spamassassin -D < /private/var/root/Documents/Message1.rtf
  debug: SpamAssassin version 3.0.1
  debug: Score set 0 chosen.
  debug: running in taint mode? yes
  debug: Running in taint mode, removing unsafe env vars, and resetting PATH
  debug: PATH included '/bin', keeping.
  debug: PATH included '/sbin', keeping.
  debug: PATH included '/usr/bin', keeping.
  debug: PATH included '/usr/sbin', keeping.
  debug: Final PATH set to: /bin:/sbin:/usr/bin:/usr/sbin
  debug: using "/etc/mail/spamassassin/init.pre" for site rules init.pre
  debug: config: read file /etc/mail/spamassassin/init.pre
  debug: using "//usr/share/spamassassin" for default rules dir
  debug: config: read file //usr/share/spamassassin/10_misc.cf
  debug: config: read file //usr/share/spamassassin/20antiratware.cf
  debug: config: read file //usr/share/spamassassin/20bodytests.cf
  debug: config: read file //usr/share/spamassassin/20_compensate.cf
  debug: config: read file //usr/share/spamassassin/20dnsbltests.cf
  debug: config: read file //usr/share/spamassassin/20_drugs.cf
  debug: config: read file //usr/share/spamassassin/20fake_helotests.cf
  debug: config: read file //usr/share/spamassassin/20headtests.cf
  debug: config: read file //usr/share/spamassassin/20htmltests.cf
  debug: config: read file //usr/share/spamassassin/20metatests.cf
  debug: config: read file //usr/share/spamassassin/20_phrases.cf
  debug: config: read file //usr/share/spamassassin/20_****.cf
  debug: config: read file //usr/share/spamassassin/20_ratware.cf
  debug: config: read file //usr/share/spamassassin/20uritests.cf
  debug: config: read file //usr/share/spamassassin/23_bayes.cf
  debug: config: read file //usr/share/spamassassin/25body_testses.cf
  debug: config: read file //usr/share/spamassassin/25body_testspl.cf
  debug: config: read file //usr/share/spamassassin/25_hashcash.cf
  debug: config: read file //usr/share/spamassassin/25head_testses.cf
  debug: config: read file //usr/share/spamassassin/25head_testspl.cf
  debug: config: read file //usr/share/spamassassin/25_spf.cf
  debug: config: read file //usr/share/spamassassin/25_uribl.cf
  debug: config: read file //usr/share/spamassassin/30textde.cf
  debug: config: read file //usr/share/spamassassin/30textes.cf
  debug: config: read file //usr/share/spamassassin/30textfr.cf
  debug: config: read file //usr/share/spamassassin/30textit.cf
  debug: config: read file //usr/share/spamassassin/30textnl.cf
  debug: config: read file //usr/share/spamassassin/30textpl.cf
  debug: config: read file //usr/share/spamassassin/30textsk.cf
  debug: config: read file //usr/share/spamassassin/50_scores.cf
  debug: config: read file //usr/share/spamassassin/60_whitelist.cf
  debug: using "//etc/mail/spamassassin" for site rules dir
  debug: config: read file //etc/mail/spamassassin/local.cf
  debug: using "/private/var/root/.spamassassin" for user state dir
  debug: using "/private/var/root/.spamassassin/user_prefs" for user prefs file
  debug: config: read file /private/var/root/.spamassassin/user_prefs
  debug: plugin: loading Mail::SpamAssassin::Plugin::URIDNSBL from @INC
  debug: plugin: registered Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840)
  debug: plugin: loading Mail::SpamAssassin::Plugin::Hashcash from @INC
  debug: plugin: registered Mail::SpamAssassin::Plugin::Hashcash=HASH(0x1a8be70)
  debug: plugin: loading Mail::SpamAssassin::Plugin::SPF from @INC
  debug: plugin: registered Mail::SpamAssassin::Plugin::SPF=HASH(0x1af36a4)
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) implements 'parse_config'
  debug: plugin: Mail::SpamAssassin::Plugin::Hashcash=HASH(0x1a8be70) implements 'parse_config'
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
  debug: config: SpamAssassin failed to parse line, skipping: auto_learn 1
  debug: config: SpamAssassin failed to parse line, skipping: safe_reporting 0
  debug: config: SpamAssassin failed to parse line, skipping: usetersereport 0
  debug: config: SpamAssassin failed to parse line, skipping: subject_tag * Warning: Junk Mail *
  debug: config: SpamAssassin failed to parse line, skipping: rewrite_subject 0
  debug: using "/private/var/root/.spamassassin" for user state dir
  debug: bayes: 17114 tie-ing to DB file R/O /private/var/root/.spamassassin/bayes_toks
  debug: bayes: 17114 tie-ing to DB file R/O /private/var/root/.spamassassin/bayes_seen
  debug: bayes: found bayes db version 3
  debug: using "/private/var/root/.spamassassin" for user state dir
  debug: bayes: Not available for scanning, only 0 spam(s) in Bayes DB < 200
  debug: bayes: 17114 untie-ing
  debug: bayes: 17114 untie-ing db_toks
  debug: bayes: 17114 untie-ing db_seen
  debug: Score set 1 chosen.
  debug: bayes: 17114 tie-ing to DB file R/O /private/var/root/.spamassassin/bayes_toks
  debug: bayes: 17114 tie-ing to DB file R/O /private/var/root/.spamassassin/bayes_seen
  debug: bayes: found bayes db version 3
  debug: bayes: Not available for scanning, only 0 spam(s) in Bayes DB < 200
  debug: bayes: 17114 untie-ing
  debug: bayes: 17114 untie-ing db_toks
  debug: bayes: 17114 untie-ing db_seen
  debug: metadata: X-Spam-Relays-Trusted:
  debug: metadata: X-Spam-Relays-Untrusted:
  debug: ---- MIME PARSER START ----
  debug: main message type: text/plain
  debug: parsing normal part
  debug: added part, type: text/plain
  debug: ---- MIME PARSER END ----
  debug: decoding: no encoding detected
  debug: Loading languages file...
  debug: Can't determine language uniquely enough
  debug: metadata: X-Languages:
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) implements 'parsed_metadata'
  debug: is Net::DNS::Resolver available? yes
  debug: Net::DNS version: 0.66
  debug: trying (3) sun.com...
  debug: looking up NS for 'sun.com'
  debug: NS lookup of sun.com succeeded => Dns available (set dns_available to hardcode)
  debug: is DNS available? 1
  debug: uri found: mailto:[email protected]
  debug: uri found: mailto:[email protected]
  debug: uri found: mailto:[email protected]
  debug: uri found: mailto:[email protected]
  debug: uri found: mailto:[email protected]
  debug: URIDNSBL: domains to query: beth.k12.pa.us hetnet.nl aim.com
  debug: all '*From' addrs:
  debug: Running tests for priority: 0
  debug: running header regexp tests; score so far=0
  debug: registering glue method for checkhashcash_doublespend (Mail::SpamAssassin::Plugin::Hashcash=HASH(0x1a8be70))
  debug: registering glue method for checkfor_spf_helopass (Mail::SpamAssassin::Plugin::SPF=HASH(0x1af36a4))
  debug: SPF: message was delivered entirely via trusted relays, not required
  debug: registering glue method for checkhashcashvalue (Mail::SpamAssassin::Plugin::Hashcash=HASH(0x1a8be70))
  debug: all '*To' addrs:
  debug: registering glue method for checkfor_spfsoftfail (Mail::SpamAssassin::Plugin::SPF=HASH(0x1af36a4))
  debug: SPF: message was delivered entirely via trusted relays, not required
  debug: registering glue method for checkfor_spfpass (Mail::SpamAssassin::Plugin::SPF=HASH(0x1af36a4))
  debug: registering glue method for checkfor_spf_helosoftfail (Mail::SpamAssassin::Plugin::SPF=HASH(0x1af36a4))
  debug: registering glue method for checkfor_spf_helofail (Mail::SpamAssassin::Plugin::SPF=HASH(0x1af36a4))
  debug: running body-text per-line regexp tests; score so far=-2.801
  debug: running uri tests; score so far=-2.801
  debug: registering glue method for check_uridnsbl (Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840))
  debug: Razor2 is not available
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) implements 'check_tick'
  debug: URIDNSBL: query for hetnet.nl took 1 seconds to look up (multi.surbl.org.:hetnet.nl)
  debug: URIDNSBL: query for aim.com took 1 seconds to look up (multi.surbl.org.:aim.com)
  debug: URIDNSBL: query for beth.k12.pa.us took 1 seconds to look up (multi.surbl.org.:beth.k12.pa.us)
  debug: URIDNSBL: queries completed: 6 started: 8
  debug: URIDNSBL: queries active: at Mon Mar 8 18:06:35 2010
  debug: running raw-body-text per-line regexp tests; score so far=-2.801
  debug: running full-text regexp tests; score so far=-2.801
  debug: Razor2 is not available
  debug: Current PATH is: /bin:/sbin:/usr/bin:/usr/sbin
  debug: Pyzor is not available: pyzor not found
  debug: DCCifd is not available: no r/w dccifd socket found.
  debug: DCC is not available: no executable dccproc found.
  debug: Running tests for priority: 500
  debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) implements 'checkpostdnsbl'
  debug: URIDNSBL: queries completed: 8 started: 8
  debug: URIDNSBL: queries active: at Mon Mar 8 18:06:35 2010
  debug: waiting 2 seconds for URIDNSBL lookups to complete
  debug: URIDNSBL: queries completed: 0 started: 0
  debug: URIDNSBL: queries active: DNSBL=8 at Mon Mar 8 18:06:35 2010
  debug: URIDNSBL: query for aim.com took 2 seconds to look up (sbl.spamhaus.org.:132.51.12.64)
  debug: URIDNSBL: query for beth.k12.pa.us took 2 seconds to look up (sbl.spamhaus.org.:2.96.96.209)
  debug: URIDNSBL: query for aim.com took 2 seconds to look up (sbl.spamhaus.org.:80.73.200.207)
  debug: URIDNSBL: query for aim.com took 2 seconds to look up (sbl.spamhaus.org.:107.1.236.64)
  debug: URIDNSBL: query for hetnet.nl took 2 seconds to look up (sbl.spamhaus.org.:34.63.75.213)
  debug: URIDNSBL: query for hetnet.nl took 2 seconds to look up (sbl.spamhaus.org.:69.63.75.213)
  debug: URIDNSBL: query for aim.com took 2 seconds to look up (sbl.spamhaus.org.:232.157.188.205)
  debug: URIDNSBL: query for beth.k12.pa.us took 2 seconds to look up (sbl.spamhaus.org.:20.3.172.207)
  debug: URIDNSBL: queries completed: 8 started: 0
  debug: URIDNSBL: queries active: at Mon Mar 8 18:06:36 2010
  debug: done waiting for URIDNSBL lookups to complete
  debug: running meta tests; score so far=-2.801
  debug: running header regexp tests; score so far=-1.231
  debug: running body-text per-line regexp tests; score so far=-1.231
  debug: running uri tests; score so far=-1.231
  debug: running raw-body-text per-line regexp tests; score so far=-1.231
  debug: running full-text regexp tests; score so far=-1.231
  debug: Running tests for priority: 1000
  debug: running meta tests; score so far=-1.231
  debug: running header regexp tests; score so far=-1.231
  debug: running body-text per-line regexp tests; score so far=-1.231
  debug: running uri tests; score so far=-1.231
  debug: running raw-body-text per-line regexp tests; score so far=-1.231
  debug: running full-text regexp tests; score so far=-1.231
  debug: auto-learn: currently using scoreset 1.
  debug: auto-learn: message score: -1.231, computed score for autolearn: -1.231
  debug: auto-learn? ham=0.1, spam=12, body-points=0, head-points=-2.801, learned-points=0
  debug: auto-learn? yes, ham (-1.231 < 0.1)
  debug: Learning Ham
  debug: all '*From' addrs:
  debug: all '*To' addrs:
  debug: uri found: mailto:[email protected]
  debug: uri found: mailto:[email protected]
  debug: uri found: mailto:[email protected]
  debug: uri found: mailto:[email protected]
  debug: uri found: mailto:[email protected]
  debug: lock: 17114 created /private/var/root/.spamassassin/bayes.lock.mx1.beth.k12.pa.us.17114
  debug: lock: 17114 trying to get lock on /private/var/root/.spamassassin/bayes with 0 retries
  debug: lock: 17114 link to /private/var/root/.spamassassin/bayes.lock: link ok
  debug: bayes: 17114 tie-ing to DB file R/W /private/var/root/.spamassassin/bayes_toks
  debug: bayes: 17114 tie-ing to DB file R/W /private/var/root/.spamassassin/bayes_seen
  debug: bayes: found bayes db version 3
  debug: ebd3a443815ae7214b74ef30dfb2c5524e3adf7a@sa_generated: already learnt correctly, not learning twice
  debug: bayes: 17114 untie-ing
  debug: bayes: 17114 untie-ing db_toks
  debug: bayes: 17114 untie-ing db_seen
  debug: bayes: files locked, now unlocking lock
  debug: unlock: 17114 unlink /private/var/root/.spamassassin/bayes.lock
  debug: is spam? score=-1.231 required=5
  debug: tests=ALLTRUSTED,MISSING_DATE,MISSINGSUBJECT
  debug: subtests=_UNUSABLEMSGID
  X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on mx1.beth.k12.pa.us
  X-Spam-Level:
  X-Spam-Status: No, score=-1.2 required=5.0 tests=ALLTRUSTED,MISSINGDATE,
  MISSING_SUBJECT autolearn=unavailable version=3.0.1
  \f0\fs24 \cf0 Return-Path: <[email protected]>\
  Received: from murder ([unix socket]) by bragg.beth.k12.pa.us (Cyrus v2.2.12-OS X 10.4.8) with LMTPA; Sun, 07 Mar 2010 22:32:43 -0500\
  Received: from smtp3.beth.k12.pa.us (smtp3.beth.k12.pa.us [10.135.1.13]) by bragg.beth.k12.pa.us (Postfix) with ESMTP id 3D3F02CE4B19 for <[email protected]>; Sun, 7 Mar 2010 22:32:43 -0500 (EST)\
  Received: from localhost (mx1.beth.k12.pa.us [10.135.1.6]) by smtp3.beth.k12.pa.us (Postfix) with ESMTP id 7E5EB2425D0C for <[email protected]>; Sun, 7 Mar 2010 22:32:07 -0500 (EST)\
  Received: from mx1.beth.k12.pa.us ([127.0.0.1]) by localhost (mx1.beth.k12.pa.us [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 11329-05 for <[email protected]>; Sun, 7 Mar 2010 19:32:06 -0800 (PST)\
  Received: from mail2.beth.k12.pa.us (mail2.beth.k12.pa.us [192.227.0.10]) by mx1.beth.k12.pa.us (Postfix) with ESMTP id 9DDDFCF9E5 for <[email protected]>; Sun, 7 Mar 2010 19:32:06 -0800 (PST)\
  Received: from cpsmtpb-ews07.kpnxchange.com (cpsmtpb-ews07.kpnxchange.com [213.75.39.10]) by mail2.beth.k12.pa.us (Postfix) with ESMTP id 36E83E51479 for <[email protected]>; Sun, 7 Mar 2010 22:32:05 -0500 (EST)\
  Received: from cpbrm-ews29.kpnxchange.com ([10.94.84.160]) by cpsmtpb-ews07.kpnxchange.com with Microsoft SMTPSVC(6.0.3790.3959); Mon, 8 Mar 2010 04:32:05 +0100\
  Received: from CPSMTPM-EML04.kpnxchange.com ([213.75.39.74]) by cpbrm-ews29.kpnxchange.com with Microsoft SMTPSVC(6.0.3790.3959); Mon, 8 Mar 2010 04:32:04 +0100\
  Received: from localhost ([10.94.77.199]) by CPSMTPM-EML04.kpnxchange.com with Microsoft SMTPSVC(7.0.6001.18000); Mon, 8 Mar 2010 04:32:04 +0100\
  X-Sieve: CMU Sieve 2.2\
  Content-Class: urn:content-classes:message\
  Mime-Version: 1.0\
  Content-Type: multipart/alternative; boundary="----=_NextPart_00101CABE6F.E8E7FFDB"\
  X-Mimeole: Produced By Microsoft Exchange V6.5\
  Message-Id: <[email protected]>\
  X-Ms-Has-Attach: \
  X-Ms-Tnef-Correlator: \
  Thread-Topic: EU INT LOTTO\
  Thread-Index: Acqbc/3PXjmnUcQsGeSny2PogEEg==\
  X-Originalarrivaltime: 08 Mar 2010 03:32:04.0493 (UTC) FILETIME=[EC150BD0:01CABE6F]\
  X-Recipientdomain: beth.k12.pa.us\
  X-Spam-Status: No, hits=4.117 tagged_above=-999 required=5 tests=BAYES_50, HTML5060, HTML_MESSAGE, MIMEQP_LONGLINE, NOREALNAME, SUBJALLCAPS, UNDISC_RECIPS, UPPERCASE5075\
  X-Spam-Level: **\
  EU INT LOTTO\
  YOUR EMAIL ID HAS WON \'db1,000,000.00, IN THE FIRST CATEGORY, ALL THE E-MAIL ADDRESSES WERE SELECTED THROUGH ELECTRONIC BALLOTING SYSTEM OF INTERNET E-MAIL USERS, FROM WHICH YOUR E-MAIL ADDRESS CAME OUT AS THE WINNING COUPON.\
  Clarification and procedure Contact: [email protected]\
  Tel:\'ca\'ca\'ca\'ca +31-630-861-292\'ca\'ca\'ca\'ca\'ca\'ca\'ca\'ca \
  Miss. Gillian Rowland \
  Qualification winning Number [EU/ILO-564/003/008] \
  Expiring date is 19th of March, 2010.\
  All response should be send Via Email: [email protected]\
  }mx1:/var/clamav root#

  postfix receives the mail, then passes it to amavisd.
  amavisd decides what scanners to use (clamav/spamassassin and possibly others) and performs the scan
  amavisd might not scan the messages if certain criteria are met (size too large, white list, etc), this is all configurable in amavisd.conf. For example, the size threshold by default may be too small, so messages with large graphics may not be scanned.
  after amavis processes the message, depending on the config of amavis, certain actions are performed (add headers, discard, reject, bounce, etc).
  then amavisd passes the mail back to postfix
  postfix delivers any deliverable mail to cyrus/dovecot and/or processes and bounce/rejection.
  a rejection doesn't work in the above scenario because it's already been accepted by postfix.
  best to discard.
  if you would like to learn more about the flow and logic, look at the amavisd config file
  /etc/amavisd.conf
  and check out the docs
  http://www.ijs.si/software/amavisd/
  Jeff

• ISE 1.2 - External database to use as MAC whitelist ?

  Hi,
  I am just wondering, how can a company can live with ISE 1.2 configured with MAB, and whitelist.
  Senarios is a company hires a IT provider to run and manage the ISE setup.
  so the company itselfs, will not be able to access the ISE for administration. What they can do is manage the AD that ISE integrates to.
  So how is it possible, for the company, to maintain a MAC white-list within the AD, externally to the ISE, so that the company can add new MAC's themselfs without intervention from the IT Provider ?
  I see in the guides that LDAP does "MAC Address Lookup" but cant an AD do the same ?
  Or what is the difference between the two.
  Also any ideas from the real world on how to differentiate access and support "Segregation of Duties" when it comes to roles as grouping etc with ISE
  regards
  Martin

  well you can have a OU specified in the AD for admin PC and all computers in the Admin OU will have full access.so you have mange the access to ISE this way also.
  ********Do rate helpful posts**************

• Cisco ISE 1.3 Email Domain WhiteList

  In ISE version 1.2.x, you were able to whitelist all of the domains you wanted to be able to send email messages to, from the ISE:
  In 1.3, I do not see this capability:
  Here's what I'm trying to do.  When a guest user wants to use our guest wireless network, I want them to use self-registration.  When they choose our guest SSID, it'll intercept the traffic, and redirect them to our guest portal.  This works just fine.  At the bottom of the page, there's a link that says, "Don't have an account?".   They click on that link, which brings them to the self-registration form.  They fill out the information, and click on Submit.  I want an email to be sent to the email address of the person that they're visiting.  In the self-registration form, there's a field "Person You're visiting (email address)".  I do not want them to be able to send an email to themselves.  In 1.2, it was possible to do this simply by whitelisting our domain, as the only email domain you could send a message to.  In 1.3, that capability isn't there.  Also, in order to send an email to the person that they're visiting, it requires approval from that person.  If you don't have that option selected, and email doesn't go to the "Person being visited". 
  If anyone has any thoughts, it would be very much appreciated.  Thanks!

  Refer the link :
  http://www.cisco.com/c/en/us/td/docs/security/ise/1-3/admin_guide/b_ise_admin_guide_13/b_ise_admin_guide_sample_chapter_011100.html#reference_9D8AECAB38164664B5A1CFCAA99CC97C

• Whitelist in Reader X doesn't work

  Hello everyone,
  Anybody can help me figure out this?
  I have a plug-in which will call functions in a DLL to invoke 3rd-party application's UI. It works in Reader 9.0, none-protect mode in Reader X. But it doesn't work in protect mode in Reader X.
  (Here, it used COM to make the communication. )
  To make this plug-in be trusted. I followed the document to make whitelist:
  1. Set registry to enable the configurable file of white-list.
  Create a key-value named bUseWhitelistConfigFile with value 1, under HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Adobe\Acrobat Reader\10.0\FeatureLockDown.
  2. Create the configure file named ProtectedModeWhitelistConfig.txt under Reader X’s installation folder.
  3. Write configure file in #2 with following content to allow it access to Tamale Software
  ; Files Section
  FILES_ALLOW_ANY = *
  ; Processes
  PROCESS_ALL_EXEC = *
  ; Registry
  REG_ALLOW_ANY = *
  ; Mutants
  MUTANT_ALLOW_ANY = *
  ; Sections
  SECTION_ALLOW_ANY = *
  I think my configure will allow all access to local. Same as disable the protect mode. Right?
  Why my plug-in can work when protect mode is disabled but cannot work in my setting of whitelist?
  Thanks a lot~ ^_^
  =================
  More information about this topic:
  I got log from Reader X:
  [03:22/01:20:51] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:51] name: MSFT.VSA.COM.DISABLE.4092
  [03:22/01:20:51] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:20:51] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:51] name: MSFT.VSA.IEC.STATUS.6c736db0
  [03:22/01:20:51] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:20:51] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:51] name: Global\CLR_PerfMon_StartEnumEvent
  [03:22/01:20:51] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:20:51] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:51] name: Global\CLR_PerfMon_StartEnumEvent
  [03:22/01:20:51] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:20:52] NtCreateMutant: STATUS_ACCESS_DENIED
  [03:22/01:20:52] real_path: \BaseNamedObjects\MSCTF.GCompartListMUTEX.DefaultS-1-5-21-212926602-4 199581602-1198870392-1007
  [03:22/01:20:52] Consider modifying policy using this policy rule: MUTANT_ALLOW_ANY
  [03:22/01:20:52] NtCreateMutant: STATUS_ACCESS_DENIED
  [03:22/01:20:52] real_path: \BaseNamedObjects\MSCTF.GCompartListMUTEX.DefaultS-1-5-21-212926602-4 199581602-1198870392-1007
  [03:22/01:20:52] Consider modifying policy using this policy rule: MUTANT_ALLOW_ANY
  [03:22/01:20:54] NtCreateMutant: STATUS_ACCESS_DENIED
  [03:22/01:20:54] real_path: \BaseNamedObjects\MSCTF.GCompartListMUTEX.DefaultS-1-5-21-212926602-4 199581602-1198870392-1007
  [03:22/01:20:54] Consider modifying policy using this policy rule: MUTANT_ALLOW_ANY
  [03:22/01:20:54] NtCreateMutant: STATUS_ACCESS_DENIED
  [03:22/01:20:54] real_path: \BaseNamedObjects\MSCTF.GCompartListMUTEX.DefaultS-1-5-21-212926602-4 199581602-1198870392-1007
  [03:22/01:20:54] Consider modifying policy using this policy rule: MUTANT_ALLOW_ANY
  [03:22/01:20:54] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:54] name: MSFT.VSA.COM.DISABLE.4092
  [03:22/01:20:54] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:20:54] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:54] name: MSFT.VSA.IEC.STATUS.6c736db0
  [03:22/01:20:54] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:21:00] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:21:00] name: _fCanRegisterWithShellService
  [03:22/01:21:00] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:21:07] NtOpenSection: STATUS_ACCESS_DENIED
  All status are Denied. Why? I feel confused about this.
  =================
  I updated my policy rules. Now, I will not get STATUS_ACCESS_DENIED in the log anymore.
  But still, my plug-in does not work.
  The latest log is:
  [03:22/01:51:22] Adobe Reader Protected Mode Logging Initiated
  [03:22/01:51:22] Found custom policy file: C:\Program Files\Adobe\Reader 10.0\Reader\ProtectedModeWhitelistConfig.txt
  [03:22/01:51:22] Adding custom policy: FILES_ALLOW_ANY = c:\*
  [03:22/01:51:22] Adding custom policy: PROCESS_ALL_EXEC = c:\*
  [03:22/01:51:22] Adding custom policy: REG_ALLOW_ANY = HKEY_CLASSES_ROOT\*
  [03:22/01:51:22] Adding custom policy: REG_ALLOW_ANY = HKEY_CURRENT_USER\*
  [03:22/01:51:22] Adding custom policy: REG_ALLOW_ANY = HKEY_LOCAL_MACHINE\*
  [03:22/01:51:22] Adding custom policy: REG_ALLOW_ANY = HKEY_USERS\*
  [03:22/01:51:22] Adding custom policy: REG_ALLOW_ANY = HKEY_CURRENT_CONFIG\*
  [03:22/01:51:22] Adding custom policy: MUTANT_ALLOW_ANY = \BaseNamedObjects\MS*
  [03:22/01:51:22] Adding custom policy: SECTION_ALLOW_ANY = \BaseNamedObjects\MS*
  [03:22/01:51:22] Adding custom policy: SECTION_ALLOW_ANY = \BaseNamedObjects\Local*
  [03:22/01:51:22] Adding custom policy: EVENTS_ALLOW_ANY = MS*
  [03:22/01:51:22] Adding custom policy: EVENTS_ALLOW_ANY = Gl*
  [03:22/01:51:22] Adding custom policy: EVENTS_ALLOW_ANY = _fC*
  [03:22/01:51:22] Adding custom policy: NAMEDPIPES_ALLOW_ANY = MS*
  [03:22/01:51:22] Adding custom policy: FILES_ALLOW_DIR_ANY = c:\*
  Then, nothing else. Any idea of my issue?
  Thanks a lot.
  =================
  To update my current status of this issue again.
  Now, I can catch the error when I try to create the instance of COM object. It will throw an error said: Class not registered.
  I still feel confused about this.

  Hello everyone,
  Anybody can help me figure out this?
  I have a plug-in which will call functions in a DLL to invoke 3rd-party application's UI. It works in Reader 9.0, none-protect mode in Reader X. But it doesn't work in protect mode in Reader X.
  (Here, it used COM to make the communication. )
  To make this plug-in be trusted. I followed the document to make whitelist:
  1. Set registry to enable the configurable file of white-list.
  Create a key-value named bUseWhitelistConfigFile with value 1, under HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Adobe\Acrobat Reader\10.0\FeatureLockDown.
  2. Create the configure file named ProtectedModeWhitelistConfig.txt under Reader X’s installation folder.
  3. Write configure file in #2 with following content to allow it access to Tamale Software
  ; Files Section
  FILES_ALLOW_ANY = *
  ; Processes
  PROCESS_ALL_EXEC = *
  ; Registry
  REG_ALLOW_ANY = *
  ; Mutants
  MUTANT_ALLOW_ANY = *
  ; Sections
  SECTION_ALLOW_ANY = *
  I think my configure will allow all access to local. Same as disable the protect mode. Right?
  Why my plug-in can work when protect mode is disabled but cannot work in my setting of whitelist?
  Thanks a lot~ ^_^
  =================
  More information about this topic:
  I got log from Reader X:
  [03:22/01:20:51] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:51] name: MSFT.VSA.COM.DISABLE.4092
  [03:22/01:20:51] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:20:51] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:51] name: MSFT.VSA.IEC.STATUS.6c736db0
  [03:22/01:20:51] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:20:51] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:51] name: Global\CLR_PerfMon_StartEnumEvent
  [03:22/01:20:51] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:20:51] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:51] name: Global\CLR_PerfMon_StartEnumEvent
  [03:22/01:20:51] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:20:52] NtCreateMutant: STATUS_ACCESS_DENIED
  [03:22/01:20:52] real_path: \BaseNamedObjects\MSCTF.GCompartListMUTEX.DefaultS-1-5-21-212926602-4 199581602-1198870392-1007
  [03:22/01:20:52] Consider modifying policy using this policy rule: MUTANT_ALLOW_ANY
  [03:22/01:20:52] NtCreateMutant: STATUS_ACCESS_DENIED
  [03:22/01:20:52] real_path: \BaseNamedObjects\MSCTF.GCompartListMUTEX.DefaultS-1-5-21-212926602-4 199581602-1198870392-1007
  [03:22/01:20:52] Consider modifying policy using this policy rule: MUTANT_ALLOW_ANY
  [03:22/01:20:54] NtCreateMutant: STATUS_ACCESS_DENIED
  [03:22/01:20:54] real_path: \BaseNamedObjects\MSCTF.GCompartListMUTEX.DefaultS-1-5-21-212926602-4 199581602-1198870392-1007
  [03:22/01:20:54] Consider modifying policy using this policy rule: MUTANT_ALLOW_ANY
  [03:22/01:20:54] NtCreateMutant: STATUS_ACCESS_DENIED
  [03:22/01:20:54] real_path: \BaseNamedObjects\MSCTF.GCompartListMUTEX.DefaultS-1-5-21-212926602-4 199581602-1198870392-1007
  [03:22/01:20:54] Consider modifying policy using this policy rule: MUTANT_ALLOW_ANY
  [03:22/01:20:54] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:54] name: MSFT.VSA.COM.DISABLE.4092
  [03:22/01:20:54] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:20:54] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:20:54] name: MSFT.VSA.IEC.STATUS.6c736db0
  [03:22/01:20:54] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:21:00] OpenEvent: STATUS_ACCESS_DENIED
  [03:22/01:21:00] name: _fCanRegisterWithShellService
  [03:22/01:21:00] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
  [03:22/01:21:07] NtOpenSection: STATUS_ACCESS_DENIED
  All status are Denied. Why? I feel confused about this.
  =================
  I updated my policy rules. Now, I will not get STATUS_ACCESS_DENIED in the log anymore.
  But still, my plug-in does not work.
  The latest log is:
  [03:22/01:51:22] Adobe Reader Protected Mode Logging Initiated
  [03:22/01:51:22] Found custom policy file: C:\Program Files\Adobe\Reader 10.0\Reader\ProtectedModeWhitelistConfig.txt
  [03:22/01:51:22] Adding custom policy: FILES_ALLOW_ANY = c:\*
  [03:22/01:51:22] Adding custom policy: PROCESS_ALL_EXEC = c:\*
  [03:22/01:51:22] Adding custom policy: REG_ALLOW_ANY = HKEY_CLASSES_ROOT\*
  [03:22/01:51:22] Adding custom policy: REG_ALLOW_ANY = HKEY_CURRENT_USER\*
  [03:22/01:51:22] Adding custom policy: REG_ALLOW_ANY = HKEY_LOCAL_MACHINE\*
  [03:22/01:51:22] Adding custom policy: REG_ALLOW_ANY = HKEY_USERS\*
  [03:22/01:51:22] Adding custom policy: REG_ALLOW_ANY = HKEY_CURRENT_CONFIG\*
  [03:22/01:51:22] Adding custom policy: MUTANT_ALLOW_ANY = \BaseNamedObjects\MS*
  [03:22/01:51:22] Adding custom policy: SECTION_ALLOW_ANY = \BaseNamedObjects\MS*
  [03:22/01:51:22] Adding custom policy: SECTION_ALLOW_ANY = \BaseNamedObjects\Local*
  [03:22/01:51:22] Adding custom policy: EVENTS_ALLOW_ANY = MS*
  [03:22/01:51:22] Adding custom policy: EVENTS_ALLOW_ANY = Gl*
  [03:22/01:51:22] Adding custom policy: EVENTS_ALLOW_ANY = _fC*
  [03:22/01:51:22] Adding custom policy: NAMEDPIPES_ALLOW_ANY = MS*
  [03:22/01:51:22] Adding custom policy: FILES_ALLOW_DIR_ANY = c:\*
  Then, nothing else. Any idea of my issue?
  Thanks a lot.
  =================
  To update my current status of this issue again.
  Now, I can catch the error when I try to create the instance of COM object. It will throw an error said: Class not registered.
  I still feel confused about this.

• How do I defeat or whitelist the "Firefox has blocked this site from loading another web page" function?

  Often when I click a link within a web page, a message bar appears at the top of the page saying "Firefox has blocked this site from loading another page" or something similar. This happens frequently on banking or credit card sites. This is particularly annoying because it seems to disturb the operation of the link when I have to click the "Allow" box on the message bar. I would prefer to create a whitelist for this feature so it would not interrupt my banking operations. Failing that, I would like to know how to toggle the feature on and off. Failing that, I would like to know how to defeat the function.

  See:
  *Firefox > Options/Preferences > Advanced > General : Accessibility : [ ] "Warn me when web sites try to redirect or reload the page"
  The setting in "Options > Advanced > General" is meant as an accessibility feature, as you can see by the label of that section, so that people with disabilities or people who use screen readers do not get confused and is not meant as a safety protection to stop redirecting.
  See also:
  *https://support.mozilla.org/kb/settings-network-updates-and-encryption#w_general-tab
  *http://kb.mozillazine.org/accessibility.blockautorefresh
  *http://kb.mozillazine.org/Accessibility_features_of_Firefox

• Is there a "whitelist" capability on the 3G?

  Until I know that I can program my phone to not ring at certain times, except for a few select numbers, I'll just wait until MyProfiles gets the unlock for 3.0 and then seriously consider the iPhone 3Gs. From what I read, MyProfiles lets you control these things in a lot of ways, such as whitelists and blacklists. I work night shift and my landline service has a service called "Quiet Time." I activate it, set up a schedule and program 5 numbers that will ring during those times. Right now that's the only thing keeping me from getting a cell phone because I'd have to get rid of my landline because of the expense.

  It is easier than that. Just add your contact to your Favorites list (select contact and click on Add to Favorites). All you need to do it touch the name and the call is placed. : )

• Trouble Whitelisting E-mail Server IP

  In the hopes of attracting Verizon problem-solvers, I'm posting here as a Verizon customer and owner of a small business.  I own my own business domain, but my e-mail server is owned by a parent company and all outgoing e-mail goes through that company's e-mail server.  
    All of my outgoing business e-mail to Verizon addresses suddenly started to get blocked today by Verizon anti-spam.  I listed my e-mail provider's IP of the e-mail server, following Verizon's suggestion to submit it for whitelisting.  Twice it was rejected with the following reply: 
  After investigation, Verizon Online Security has determined that e-mail from your IP address will not be allowed access to the Verizon Online e-mail domain due to one or more of the following reasons:
  Your IP has been blocked because of spam issues or because your ISP indicates that it is dynamically assigned.
    So far as I know, the IP is static.  Also, the IP is not blacklisted (verified this at http://whatismyipaddress.com/blacklist-check).  
  My e-mail host threw up its hands, staing that my 'clients' should pick a different e-mail provider, i.e., not Verizon.  Uh, no.  Any ideas about getting on Verizon's WhiteList?
  Thanks.

  Since you are syncing with iCloud why don't you try to delete the Gmail account and try to send your mac mail. If mail goes through okay once the Gmail is gone then you can add Gmail back and all of your mail will also come back. See if that works for you.

• Unable to whitelist our mail server IP

  Hi,
  I hope Verizon Support staff will see this message as it is practically our last resort.
  Ever since we upgraded our dedicated server used as both web and mail server for the domain kraisoft.com (which inflicted IP address change) all emails sent out from this server to Verizon customers are being rejected with the following bounce message:
  host relay.verizon.net[206.46.232.11] refused to talk to me:
  571 Email from 69.64.78.50 is currently blocked by Verizon Online's anti-spam system. The email sender or Email Service Provider may visit http://www.verizon.net/whitelist and request removal of the block. 150330
  Any attempts to whitelist our server using the above-mentioned form end up within several minutes with seemingy automatic (judging by its uselessness and the time taken to investigate) reply:
  Your IP has been blocked because of spam issues or because your ISP indicates that it is dynamically assigned
  No Reverse Hostname associated with your IP address.
  Once you have addressed any security-related issues on your network, you should contact Verizon Online Security via this form.
  Sincerely,
  Verizon Online Security
  Any attempts to reply to this message, or use "this form", or email [email protected] quoted in the message end in complete and total silence.
  Needless to say the IP adress in question - 69.64.78.50 -
  1. Does not have any spam issues as it is a freshly assigned IP address for a new dedicated server built a couple of weeks ago (with your rejection started from the day one). The Postfix mailer on the server is configured properly, not an open relay, isn't listed in any of the 100 common blacklists, uses SSL client connections, has SPF records, signs email using DKIM etc.
  2. Isn't by any means a dynamic IP. It is a static IP, one of the 4 assigned to the server by the hoster.
  3. ANY available tool (online or command-line) will show within seconds that  a proper reverse hostname kraisoft.com is assosiated with the IP address in question 69.64.78.50 so the reply is obviously irrelevant.
  This is getting extremely frustrating and we'd be very, very grateful if this issue could be escalated to someone who can provide some additional info or resolve the issue.
  Thank you.

  Your issue has been escalated to a Verizon agent. Before the agent can begin assisting you, they will need to collect further information from you.
  Please go to your profile page for the forum, and look in the middle, right at the top where you will find an area titled "My Support Cases". You can reach your profile page by clicking on your name beside your post, or at the top left of this page underneath the title of the board.
  Under “My Support Cases” you will find a link to the private board where you and the agent may exchange information. This should be checked on a frequent basis as the agent may be waiting for information from you before they can proceed with any actions.
  To ensure you know when they have responded to you, at the top of your support case there is a drop down menu for support case options. Open that and choose "subscribe".
  Please keep all correspondence regarding your issue in the private support portal.