Can someone give me the email address of their support? I am still getting tons of spam mail even though I have EAS turned on. It captures some of them but not all. As you can see below, Spam Assassin is blocking them.

I want to forward some of the ones to them. I've included one below for your reading pleasure. Thanks in advance.....

X-Persona: <Info@OnSite>
Return-path: <_e_puentes@actioninc.com>
Envelope-to: info@onsitecomputingservices.com
Delivery-date: Fri, 22 Feb 2008 11:23:01 -0500
Received: from mail by www97.hostpc.com with spam-scanned (Exim 4.66)
(envelope-from <_e_puentes@actioninc.com>)
id 1JSafn-0002K3-Ng
for info@onsitecomputingservices.com; Fri, 22 Feb 2008 11:23:01 -0500
Received: from localhost by www97.hostpc.com
with SpamAssassin (version 3.1.7);
Fri, 22 Feb 2008 11:23:01 -0500
From: "Replica Watches" <_e_puentes@actioninc.com>
To: "Hermes Watches" <info@onsitecomputingservices.com>
Subject: [Spam][97.1%] Exquisite Replica
Date: Fri, 22 Feb 2008 14:35:25 +0000
Message-Id: <000901c8756f$018a83e7$04990bab@ldsoacwv>
X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on www97.hostpc.com
X-Spam-Level: ***************************
X-Spam-Status: Yes, score=27.6 required=5.0 tests=HTML_FONT_BIG,HTML_MESSAGE,
RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_XBL,RCVD_NUMERIC_HE LO,REPLICA_WATCH,
SPF_FAIL,URIBL_AB_SURBL,URIBL_JP_SURBL,URIBL_OB_SU RBL,URIBL_SC_SURBL,
URIBL_WS_SURBL autolearn=failed version=3.1.7
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------=_47BEF6E5.D2A25443"


Spam detection software, running on the system "www97.hostpc.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.

Content preview: We have fake Swiss Men's and Ladie's Replica Watches
from Rolex to the Popular Panerai Watch More information here We have
fake Swiss Men's and Ladie's Replica Watches from Rolex to the Popular
Panerai Watch [...]

Content analysis details: (27.6 points, 5.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
1.3 RCVD_NUMERIC_HELO Received: contains an IP address used for HELO
1.3 SPF_FAIL SPF: sender does not match SPF record (fail)
[SPF failed: Please see http://www.openspf.org/why.html?sender=_e_puentes%40actioninc.com&ip=82.119.231.18&receiver=www97.hostpc.com]
2.3 REPLICA_WATCH BODY: Message talks about a replica watch
0.0 HTML_MESSAGE BODY: HTML included in message
0.3 HTML_FONT_BIG BODY: HTML tag for a big font size
4.0 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
http://www.spamcop.net/bl.shtml?82.119.231.18[/URL]>]
4.0 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
[82.119.231.18 listed in sbl-xbl.spamhaus.org]
3.3 URIBL_AB_SURBL Contains an URL listed in the AB SURBL blocklist
[URIs: topstopnow.com]
3.4 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist
[URIs: topstopnow.com]
1.5 URIBL_WS_SURBL Contains an URL listed in the WS SURBL blocklist
[URIs: topstopnow.com]
2.6 URIBL_OB_SURBL Contains an URL listed in the OB SURBL blocklist
[URIs: topstopnow.com]
3.6 URIBL_SC_SURBL Contains an URL listed in the SC SURBL blocklist
[URIs: topstopnow.com]

The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam. If you wish to view
it, it may be safer to save it to a file and open it with an editor.


Received: from [82.119.231.18] (helo=82.119.231.18)
by www97.hostpc.com with esmtp (Exim 4.66)
(envelope-from <_e_puentes@actioninc.com>)
id 1JSafk-0002JR-Bz
for info@onsitecomputingservices.com; Fri, 22 Feb 2008 11:22:55 -0500
Message-ID: <000901c8756f$018a83e7$04990bab@ldsoacwv>
From: "Replica Watches" <_e_puentes@actioninc.com>
To: "Hermes Watches" <info@onsitecomputingservices.com>
Subject: Exquisite Replica
Date: Fri, 22 Feb 2008 14:35:25 +0000
MIME-Version: 1.0
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.3138
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0006_01C8756F.018763C1"; x-avg-checked=avg-ok-41F01180

[B]We have fake Swiss Men's and Ladie's Replica
Watches from Rolex to the Popular Panerai Watch

More information here (http://topstopnow.com/)

EAS "support" is though the HostPC help desk so any issues should be posted in a trouble ticket there.

But if you want to report spam that gets into your inbox, you need to capture the FULL email headers from the message and save it to a file. Then ATTACH that file to an email and address it to spam@protectedmail.net.

I notice that in the headers you posted there's no mention of the EAS device handling that particular email. Maybe you didn't post all of the lines, but there should be at least a couple of references to 'mf2.ijnet.net' in there somewhere. If not, your email didn't get filtered by the MailFoundry device.

As far as spam getting into your inbox, I've been monitoring 24 accounts for the last two months. In 23 of the accounts I've seen a total of 25 spams combined. In the last account, I've reported 52...so ONE account has double what the other 23 combine have! No idea why that is, though.

Thx Tony but I did post all the header information.

So I'm gonna show my ignorance here.....how does email get to me without going to the EAS server first? I thought the MX records point to the EAS servers.

Do they mail directly to my IP address?

Yeah, everything should go through the device. What do headers from your other emails look like, do they show the mf2 lines?

If none of them have it either then it's time to open a help desk ticket and have the guys take a look.

Spammers are getting increasingly smarter and bypassing mx records sending straight to the IP addresses ... but fortunately they're far and few between.

Any questions or support issues need to go through HostPC first - and if warranted, we'll pass them to EAS.

Thanks

Joe, I knew they sometimes use IP's but wouldn't that show up in the headers or is that completely invisible to the recipient?

Once last month I received a spam message. I checked the headers and noticed that "mfX.ijnet.net" was not listed. At the time I thought this was a case of an EAS problem and the email was forwarded on without any filtering, but now I wonder if it was just a direct to IP message.

Anyone know how they do this? If you try to send an email to:

info@(my server ip address)

the email gets rejected.

I don't wanna open up a can of worms here.....its just a curiosity question.

you won't get mail that genericly - like info@ip - unless you have a static IP address. Most don't.

I'm not going to go into HOW they send by IP address and it ends up in your mailbox - but no, it's not that easy.