Header Not being Tested RSS Back to forum
@Steven Richards:
So there are two issues here: "EOleException" errors and the Keyword Blacklist expression not triggering blacklistings.
As for the first: could you copy/paste the entire error message?
As for the second, please send us the following to :
* your current configuration file called orfent.ini
* your related ORF text log files (.log files, Log Viewer CSV exports are not suitable)
* an email sample which should have been blacklisted by your expression (headers included, EML format preferred)
We will look into this.
As you know I posted a couple of entries and in some sense from your reply I probably should have created 3 entries. That said I fear the issue may be a database issue of some kind linking all our issues together. To answer your reply most error messages are "timeout expired" errors as below:
Error EOleException cleaning up expired database items. Database: Auto Sender Whitelist. Error: "Timeout expired".
Error EOleException cleaning up expired database items. Database: Greylisting. Error: "Timeout expired".
However we have had the following on SPF record tests:
Unexpected SPF Test error. EAssertionFailed "Invalid network IP for the CIDR test. (C:\projects\ORF\Source\ORFEnterprise\CoreService\tests\spf\SPFCommon_un.pas, line 145)".
The only error messages I located over the past few days which is as the above were:
Error EOleException cleaning up expired database items. Database: Honeypot Test. Error: "Unspecified error".
Our ORF software is on our mail server, and the SQL database is on our SQL server. All tests between the ORF and SQL databases pass. All seems to be well. Most activities take place fine however the above error messages account for 226 errors over approx one week.
Our DNS Cache does not seem to clear down. As such today to avoid issues we're having I'm unenabling cache. Deleteing the cache file and re-enabling the cache again. I will see if that resolves our cache not being cleared as well. Of cause that doesn't produce any errors just doesn't seem to take place. Our current settings are for 7 days, but entries 10 days old are still seeminly active. Not an issue normally but someone has changed their DNS SPF record due to errors they had in it and our system seem rejects they SPF records. I mention this in case it proves relevant.
@Steven Richards:
See my reply in the other thread regarding the SPF and database related issues: http://www.vamsoft.com/forum/topic/show/FQDN-Error-and-Pass/5
Regarding caching: you mentioned that "our current settings are for 7 days, but entries 10 days old are still seeminly active". Are you absolutely sure the cached DNS query results (older than 7 days) are kept in the DNS cache of ORF and not in the cache of your DNS server? These two are independent, so I recommend checking how caching is configured on the DNS server.
New error message received:
Unexpected Auto Sender Whitelist error. EAccessViolation "Access violation at address 0059C6B8 in module 'orfeesvc.exe'. Read of address 0000000C".
Will work through the link provided. I've reduced the DNS cache to 1 day and we'll see how we get on. I think it may be an isolated oddity, or file corruption ranther than an issue relating to anything else.
@Steven Richards:
please send us the following to
* your current configuration file called orfent.ini
* your ORF text log files from the past few days (.log files, Log Viewer CSV exports are not suitable)
These files are located in the ORF directory (Program Files \ ORF Enterprise Edition or Program Files (x86) \ ORF Enterprise Edition by default).
We will look into this.
We've got Keyboard Blacklists checking "Email Header (raw MIME)" and when we copy and paste the header into the "Test Text" manually it confirms "Matches" in green.
That said we're finding emails still getting through which should not be.
I am concerned that we're getting EOleException "time out" errors for emails being checked quite often. That said none of the error messages correspond with the emails which appear to be getting a "Pass" status without being checked against blacklists such as the "Keyword blacklist".