Dear diggerdog-ga;
Thank you for allowing me to answer your interesting question.
You obviously seem to know already that SPAMQ is a spam filter. The
code TRU, of course, means that it is active/activated.
ESP stands for ?Encapsulating Security Payload?. A fairly technical
explanation of an ESP is featured here:
THE INTERNET ENGINEERING TASK FORCE
http://www.ietf.org/rfc/rfc2406.txt
Basically, it is a security protocol that provides data privacy
services, optional data authentication, and anti-replay services by
?encapsulating? the data to be protected. ESP uses a ?protocol? or an
agreed set of rules for communicating within a system that allows
interoperability between vendors. The main protocols used with IP
(Internet Protocol) are ICMP (protocol 1), TCP (protocol 6), and UDP
(protocol 17). But within security the protocols 50 and 51 are also
used.
The terms ESP and 50 are basically redundant, and the term 51
indicates Authenticated Header (AH).
The bottom line is that apparently someone sent the client a message
that contained data payload that was deemed suspect and therefore was
encapsulated (halted, quarantined) for security reasons. The message
received by the client was most likely an automated response as a
result of this action at the server.
I hope you find that my answer exceeds your expectations. If you have
any questions about my research please post a clarification request
prior to rating the answer. Otherwise I welcome your rating and your
final comments and I look forward to working with you again in the
near future. Thank you for bringing your question to us.
Best regards;
Tutuzdad-ga ? Google Answers Researcher
INFORMATION SOURCES
ESP
http://www.networksorcery.com/enp/protocol/esp.htm
SEARCH STRATEGY
SEARCH ENGINE USED:
Google ://www.google.com
SEARCH TERMS USED:
ESP
Encapsulating Security Payload |
Request for Answer Clarification by
diggerdog-ga
on
01 Aug 2005 15:24 PDT
tutuzdad-ga,
Thanks for you response. It was very comprehensive. One of our
clients have receive this message code when they sent themselves a
message using our email marketing system. They advised us that the
message was blocked due to our system using and envelope sender
address as the reply address for bounced messages. This system for
sending email is used by hundreds of companies world wide. We dont
belive that this is the reason the message was flagged which is why we
wanted to know what this code meant. In your personal oppinion do you
think that this code would apply to the reason they have given us?
|
Clarification of Answer by
tutuzdad-ga
on
01 Aug 2005 15:44 PDT
It's certainly possible. If the SPAMQ settings are such that it is
sensitive to such things, or to electronic signatures and the like
that run active scripts or behave as other suspicious or prohibited
files might, it is defintely plausible that the filter encapsulated
the data and prevented it's relay for security reasons.
tutuzdad-ga
|
Clarification of Answer by
tutuzdad-ga
on
01 Aug 2005 16:51 PDT
Some clients can manage their SPAMQ from a secure management web site
similar to a cpanl that allowes you to access your web works and web
mail. From here clients can often "teach" their filter who is safe and
who is not and specify which suspect messages are "released" and which
are quarantined. Perhaps you should insure about this potential option
with your provider.
Hope this help.
tutuzdad-ga
|
Clarification of Answer by
tutuzdad-ga
on
01 Aug 2005 16:53 PDT
Sorry about the typops - let's try that again, shall we?
Some clients can manage their SPAMQ from a secure management web site
similar to a [cpanel] that allows you to access your web works and web
mail. From here clients can often "teach" their filter who is safe and
who is not and specify which suspect messages are "released" and which
are quarantined. Perhaps you should [inquire] about this potential option
with your provider.
Hope this help.
tutuzdad-ga
|
Clarification of Answer by
tutuzdad-ga
on
01 Aug 2005 16:54 PDT
"typops" === both funny AND ironic, huh?
|
