1: For the user login the SMTP or SSL SMTP to send email,there is no need to RBL check the login IP. RBL should only check those not loggin.

2: For the SPF check result,"helo=" string is always the domain after the @,it is not the real value.

3: Access control blank issue-->already settled at 6.3 5979

4: DKIM Key size in bits better have 1024 and 2048,as most of the DNS support 1024 but not 2048,as the value too long. Just like port25.com,you can choose 1024 or 2048

Need new function:

As long as the server port 25,110,143 is open,you can see a lot of HELO/ELHO like: ylmf-pc,user and etc.they keep scanning the password.Better have function of list IPs,the server will never give them any response,just disconnect.

Sender filters seems have some issue with "does not contain" method,for example,if you set up a rule as below

Seach for: @  ;  Weight: 100  ; operator: does not contain

Below 3 format matching results:

(1) From: user@domain.com---->NOT MATCH

(2) From: user <user@domain.com>---->NOT MATCH

(3) From: "user" <user@domain.com>---->MATCH

I think the rule should only match something like: From:<>[null_here] or From:<only_name_here_without_@> or From: only_name_here_without_@

Tommy,

I am going to answer both of your posts in one message.

Post 1 - Answer 1: Agreed. We will change the logic in the next build. Let us know if you need the binaries before they are released to general public. Having said that, Xeams does not rely on one filter. By default, Xeams should assign a negative score to the message if the user is authenticated. Once the score goes below a certain negative value, no other rule will matter.

Post 1 - Answer 2: I am not sure if I understand this correctly. Is this a question? Could you please elaborate.

Post 1 - Answer 3: Done

Post 1 - Answer 4: You should be able to add multiple entries in your DNS server if 2048 is not supported. A DNS server will stitch the two entries together and return one big string. 

Post 1 - Feature request: Xeams already takes few measures if it detects someone is trying to crack passwords. For example, it will block an IP address if too many attempts are detected. You can configure the exact number of attempts under Server Configuration/Manage Alerts. An email will be sent to the administrator when an IP is put on the blocked list.

It will also log entries into InvalidPasswordAttempts.log for every attempt.

Post 2 - Does not contain filter - We are able to reproduce this but don't know if this falls in a bug category. The "Does not contain" filter will not work for Sender Filter. This is because the sender filter is the only filter that gets split into two tokens: Sender's Name and Sender's Email. The filters runs independently on both tokens and a score is assigned if both fails. In this case, an @ sign is found in the email but not the name part. Since it is missing from the Name, score is assigned. Filters other than Sender filter (Body, Header) will work because they are not broken into multiple tokens.

I would not recommend writing a filter that looks for an @ sign. That is because Xeams will check for this condition using a Custom Filter called RFC 822 Verifier.