Understanding ChoiceMail ( 13 Articles )
This section contains articles that will further user's understanding of ChoiceMail.
(Note – this section assumes you have some basic knowledge about TCP/IP and configuring local area networks, and firewalls. DigiPortal Software will not provide technical support for these topics)
By default, IP filtering is disabled and ChoiceMail will only allow access from email applications running on the same computer as ChoiceMail. The IP address 127.0.0.1, known as ‘localhost’ is always enabled.
To allow other computers to access the ChoiceMail server, check the ‘Allow specified connections” option and add a list of IP addresses corresponding to those other computers.
We do not recommend that you select “Full remote access” unless you are running behind a firewall and you are certain that no unauthorized systems can access your machine otherwise you run the risk of allowing your mail server to be used by others for sending out spam.
To add a specific IP address to the list, type it into the edit field labeled "IP address or address range" and click the Add button. To remove an entry from the list, first click on the entry to select it and then click the Remove button
To add an IP address range (subnet) use the * character to replace any sub-address in the given subnet. For example:
192.168.1.* would include all addresses that start with 192.168.1. (e.g. 192.168.1.1 - 192.168.1.255)
192.168.* would do the same but the subnet would include all addresses that start with 192.168.
Once you have completed this configuration, you can connect to ChoiceMail from email programs on your network. You should refer to the account settings on the email program that was directly configured by ChoiceMail as a guide. Note in particular that the server settings for both SMTP and POP3 will be the IP address of the machine where ChoiceMail is running. Note also that the account name will be configured using the ChoiceMail UserName followed by a slash followed by the actual email address from which you want to retrieve messages.
If you lock ChoiceMail One (version 2.x only), you need to use a password to unlock it. The password is the same password that is used by your email application to access your mail. If you configured ChoiceMail automatically, you would have been asked for your password for each email account and ChoiceMail by default would have used the first such password as the password for ChoiceMail itself.
Disable splash screen / modify activity log size
Modifying any of the following settings is completely unsupported by DigiPortal Software. We cannot provide any help with making these changes or correcting any errors introduced by making these changes. Any changes you make based on the information below is done at your own risk.
Make sure you have closed ChoiceMail One (Actions | Exit) before making any changes.
Starting with ChoiceMail One version 2.2, the startup splashscreen can be disabled by adding a line to your choicemail.ini configuration file. This file is found in your main ChoiceMail folder.
1) Open choicemail.ini using a text editor such as notepad. Do NOT use a word processor such as Microsoft Word.
2) Somewhere in the file (usually at the top but not necessarily) will be a section name called
followed by a list of entries.
3) Insert the following line exactly as written directly below the [display] line
4) Save the choicemail.ini file and restart ChoiceMail One
Starting with ChoiceMail One version 2.2, the maximum number of lines displayed in each tab of the activity logs can be changed from the default. Note that too large a value can cause ChoiceMail to crash, particularly on older operating systems such as Windows 98 and ME.
1) Open popmanager.ini using a text editor such as notepad. Do NOT use a word processor such as Microsoft Word.
2) Add the following 3 lines exactly as written at the bottom of the file.
maxtotallines = 30
maxlinelength = 128
(You can change the numbers to suit your requirements. The ones shown here are the default values that are used when the section is not defined in the file)
3) Save the popmanager.ini file and restart ChoiceMail One.
Manual configuration and multiple email accounts in ChoiceMail
Solution To see how to configure ChoiceMail and/or your email application manually, particularly when you have multiple email accounts, it is necessary to have a basic understanding of the email receiving process and the information needed for an email program to retrieve mail from ChoiceMail.
In general, when an email program retrieves messages from the POP3 server at your ISP, it connects to the server, and sends the required username and password to the server. The email program can then retrieve all the email messages associated with that username and that is the key point. All email messages on a POP3 server are associated with a single username.
Now, when you configure ChoiceMail One to retrieve messages from a POP3 server, you provide it with the name of the POP3 server, and the username/password for that server. ChoiceMail then downloads all the messages and stores it in a local mailbox folder. If you have multiple POP3 accounts, then ChoiceMail retrieves the messages for each one of those accounts, using the appropriate POP3 server, username and password.
So from where does your email program get the messages? Well, from the perspective of your email program, ChoiceMail One is your ISP, even though it is running on your own computer. To retrieve mail from your "ISP", your email program has to specifiy a POP3 server, username and password.
Now, the server name you use is called localhost which is in fact just a synonym for the IP address 127.0.0.1 which always means your own computer. Indeed, it is sometimes better to insert the actual IP address 127.0.0.1 rather than using the synonym, mainly because other programs can cause the value of that synonym to change.
The basic username you need is displayed on the titlebar of your ChoiceMail One program. Depending on how you originally configured ChoiceMail, that username will typically be the same as the username of the first email account that is being protected. It is normally a single sequence of characters, but it could also look like a complete email address.
So, let's suppose that you have looked at the titlebar of ChoiceMail One and you have determined that your ChoiceMail One username is abcd and your ChoiceMail One password is xyz (note that you can change your ChoiceMail password at any time by clicking on Options | Configuration | General, but if you do so, you will have to update the passwords on all accounts in your email program as well).
So if you have a single account in your email program where the POP3 server is localhost, the username is abcd, and the password is xyz, your email program will be able to retrieve all the mail being held by ChoiceMail One, regardless of from which original account the mail was originally retrieved.
Now lets suppose that ChoiceMail One normally retrieves email from two different POP3 accounts, also known as mailboxes, one associated with the email address firstname.lastname@example.org and the other with email@example.com.
You can then configure your email program with multiple accounts such each account in your email program retrieves only mail from a single POP3 account (mailbox) in ChoiceMail.
To do this, the notion of your ChoiceMail One username is extended to refer to a particular email account. Using the example above, you would now create two separate email accounts in your email program.
username: abcd/ firstname.lastname@example.org
POP3 server: localhost
username: abcd/ email@example.com
POP3 server: localhost
Note the format of the username - it consists of your ChoiceMail username (as displayed in the titlebar) followed by a '/' followed by an email address.
In this scenario, if you just checked your mail for account #1, your email program would pull in only approved messages from ChoiceMail One that were originally sent to firstname.lastname@example.org and messages for email@example.com would remain inside ChoiceMail until you check your account #2
If your email program checks both accounts (the normal operation), then the email from each account will be retrieved as expected.
So in general, you should have an email account configured in your email program for every email account that is defined as a POP3 source in ChoiceMail. If you do not do this, messages sent to such an address will get stuck in ChoiceMail because there is no corresponding email account in your email program for those messages. Indeed this is the most common reason why mail appears to get stuck in ChoiceMail and cannot be retrieved.
You also need to pay attention to the PORT settings. Normally, ports 110 and 25 are used for receiving (POP3) and sending (SMTP) mail respectively. However, if ChoiceMail detects that either or both of the default ports are in use by other applications, it will change the ports that it uses to listen for your email program to connect. The ports that ChoiceMail are using can be found by clicking on Options | Configuration | Advanced).
Make sure that the port values displayed here match the port values associated with the respective servers in your email account settings.
Creating or modifying an email rule
When you create a new email rule, you can define portions of text that must appear in an incoming message. For example, suppose you are subscribed to a list server that redistributes all messages from members of that group. In such a case, the sender might be different each time and you don't want to send registration requests out to everyone in the group. The ChoiceMail One user guide has more information on how to handle this example.
Conditions: You can specify text in various fields that will match with the same fields in actual email messages. The permission rule "triggers" when it matches with a particular message.
Actions: if an incoming message matches a particular rule, then the permission rule triggers and selected rule action is executed. There are currently nine actions available.
The message will be quietly accepted but the status of the sender will not change. In other words, the sender will stay in the unknown senders list.
* Delete message to junkbox
The message will be quietly deleted to the junkbox but the status of the sender will not change.
* Delete message permanently
The message will be quietly deleted but the status of the sender will not change. Note that this action deletes a message irretrievably. You should only use this action after you have tested your rule satisfactorily with deletion to the junkbox so that you can get it back if you delete the wrong message accidently.
* Approve sender
The sender will automatically be added to your whitelist and all messages from that sender will be allowed.
* Reject sender
The sender is added to your blacklist and all messages are quietly deleted. This action is not used very often as spammers don't use the same email address each time they send you a message. Normally you will want to use one of the "Delete" actions
* Delete sender to junkbox
The sender is deleted from your system so that if they send another message, they will get a new registration request. All the messages associated with the sender are moved to the junkbox so you can get them back.
* Delete sender permanently
The sender is deleted from your system so that if they send another message, they will get a new registration request. All the messages associated with the sender are irretrievably deleted. Use this action only when you're certain that the permission rule is working to your satisfaction.
* Don't send identity query
This action converts the status of the incoming message to a "BCC" message which means that the sender and associated messages will simply STAY in the unknown sender list and ChoiceMail will not send out a registration request to the sender.
* Mark message as spam
This action marks the message as spam which, like BCC, means that the sender and associated messages will simply STAY in the unknown sender list and ChoiceMail will not send out a registration request to the sender. It's particularly useful for experimenting with permission rules since you can see the effects of changing your permission rules without actually having the message in question deleted. After applying permission rules, you can right-click on a message marked as spam and check the "Sender info" which will tell you WHICH permission matched that message. Once you're happy that the permission rule is working to your satisfaction, you can change the action to Accept or Delete as you wish.
Notifications: You can optionally associate a predefined message with individual permission rules such that when a permission rule is triggered, an email message can be sent back to the sender.
Misc: The text that you type in the field will be displayed when you click the Explain menu in the permission rules list.
What is the difference between rejecting a sender and deleting a sender in the unknown sender list?
If you REJECT a sender, all future emails from that sender just silently disappear. ChoiceMail remembers that that sender is rejected. However, if you DELETE a sender, they are 100% removed from your lists so that if they send another message, they will get a new registration request (because they look like a new sender again)
If someone is rejected, the next time they send a message does it show up on the new senders list? If I decide to review the new senders list everyday, am I going to see them each time they send a message?
If you REJECT someone, you will NEVER see them again - they will NOT show up on the new senders list.
What is the Safe Message Previewer?
When you open up an email message in most email applications, even if they are performing a "preview" function, information can be sent back to the originator of the message. This is done through the infamous "webbug", a 1x1 transparent gif image that you can't see but which still trigger an image request from a server, causing cookies to be sent by your browser. Also, if your email system isn't correctly configured, previewing can also trigger scripts that could introduce a virus into your system.
ChoiceMail's safe message previewer is immune to these problems and so you can quickly examine a message if you're not sure whether the sender is legitimate or not and you don't want to wait for them to register.
Some senders don't bother to fill in the permission form. Will I still get their mail?
That's up to you. Mail is held temporarily by ChoiceMail until someone registers and you can always choose to review held-up mail manually (ChoiceMail makes it easy to do that quickly).
On the other hand, many people take the position that if someone doesn't want to bother to fill in the form (a simple brief one-time effort for anyone not already on your whitelist), then you probably don't need to see their mail anyway. After all, if the sender doesn't consider their message to be important enough that they need to make sure you read it, why should you consider it worth reading!
Determine why a message was accepted
Determine why a message was accepted
From time to time, we receive a "bug" report where a user feels that spam has managed to get through ChoiceMail. We have no doubt that spammers are actively looking for ways to break ChoiceMail and we are committed to enhancing our technology to protect our users.
However, in all reports to date where spam has gotten through ChoiceMail, the problem has turned out to be some kind of mis-configuration. Therefore, as of version 1.3, we have added some extra information to all incoming emails so that users can more easily determine why a particular message was accepted by ChoiceMail.
All email messages have a header section that describes where the email came from (although most of this information can be forged by spammers) and various other items most of which is not interesting unless there is a problem.
ChoiceMail adds several extra headers to all incoming email messages. You can examine those headers through your email application (how) to understand what happened.
Look for the headers
If the header "X-ChoiceMail-OriginalAccount" was not found, then the email message was not processed through ChoiceMail. In other words, your email application received the message directly from your ISP's server. Please review your configuration and refer to ChoiceMail's documentation, online help, and our online technotes. In particular, see the technotes:
Mail is coming in to ChoiceMail but not to my email application and
How To Temporarily Disable ChoiceMail
If the ChoiceMail filter button (top right corner of the main ChoiceMail window) is red then you have either disabled ChoiceMail or you have not yet configured your email application to communicate with ChoiceMail. If the ChoiceMail filter button is green, then the most likely possibility is that you have more than one account configured in your email application and one or more of these accounts were not disabled. Click here for more information about this issue and how to resolve it.
If the "X-ChoiceMail-OriginalAccount" header was found but the "X-ChoiceMail-AcceptedReason" header was not found, then you are running an older version of ChoiceMail - you should update to the latest version as soon as possible.
If the "X-ChoiceMail-AcceptedReason" header was found, there will be an associated message that explains the reason why the email message was accepted by ChoiceMail. For example:
X-ChoiceMail-AcceptedReason: Sender is on your whitelist
means that the email was accepted because the sender has already been approved by you. Other possibilities include a permission rule, an accepted domain or it could tell you that ChoiceMail filtering is disabled.
ChoiceMail One supports some special keywords that can be used to match messages whose content has been deliberately distorted by spammers to try and prevent filter systems from recognizing them as spam.
The keywords are
(email address in whitelist)
(no email address in whitelist)
If one of these keywords appears at the very beginning of an entry, all characters that follow are interpreted according to special rules. Note that except for the not keyword, the parentheses are part of these keywords.
This keyword inverts the sense of the test. You can use it with normal phrases as well as a prefix to any of the other special keywords below.
If you put not firstname.lastname@example.org in a To header, then you will get a match if email@example.com is NOT in the To header.
Translates to mean any email address defined in POP3 or ALIASES. You can use this to see if any of your own email addresses are in any of the fields of a message.
* (email address in whitelist)
(no email address in whitelist)
Typically used in the BODY section of a permission rule, these special keywords can be used to check whether an email address in the body of a received message is (or is not) in your whitelist. It's most often used in a permission rule where the FROM address contains 'postmaster@' or 'mailer-daemon@' so that you can block spoofed system messages.
This keyword forces a match on individual words and will ignore character sequences that are embedded in a larger word.
(word)hell will match the phrase 'life is hell' but it will not match the phrase 'hello there, my name is John'
This keyword can be used to match a word that has been broken up by non alphabetical characters in an attempt to disguise it.
(seq)viagra will match character sequences such as v!i!a!g!r!a
This keyword can be used to find matches for words that are separated by other words.
(phrase)reduce debt will match the phrase 'click here to reduce your mortgage debt
A regular expression is a very generalized mechanism that can be used by itself and in conjunction with transform rules to perform some very advanced matching. A full explanation is beyond the scope of this document and no technical support is available from DigiPortal Software on this topic.
Accepted and Rejected Domains
You can tell ChoiceMail One to accept or reject all email messages whose address matches a particular domain. Most of the time, you'll want to reject a domain. Although it is not strictly necessary to do this to prevent spam from reaching your email inbox, rejecting certain domains known for being originators of spam will reduce the number of unknown senders that appear on the list in ChoiceMail One.
• To accept all email from a domain, click the Accepted domains tab on the Permission management window. You can also choose Allow all messages from another domain from the Senders menu.
• To reject all email from a domain, click the Rejected domains tab on the Permission management window. You can also choose Block all messages from another domain from the Senders menu.
You can reject a complete domain, a subdomain, or a partial domain. You can also use wildcards to specify a group of similarly named domains.
1) Suppose you receive an email from firstname.lastname@example.org and you want to block all emails coming from junk.email.com in the future. Just enter junk.email.com in the edit field and click the Add button. ChoiceMail One tells you when you've entered a valid domain name.
2) Blocking mail from junk.email.com will not prevent you from getting email messages from the domain spam.email.com . However, rather than adding this new domain to the list, you can remove junk.email.com and replace it with email.com .
3) Now, a minor problem blocking email.com is that this will block all messages that end with email.com, which means that a message coming from email@example.com would also be rejected. If you don't want this to happen, change email.com to .email.com (note the period in front of the domain name).
4) Sometimes a spammer using fake domains will use a related group of domains, such as email1.com , email2.com , email3.com . In this case it's clearly not practical to add each domain separately. Instead, the solution is to specify the domain using a wildcard. ChoiceMail One accepts two kinds of wildcards.
• Use the question mark ? to represent any single character.
• Use the asterisk * to represent a variable number of characters (including none).
So specifying email?.com will block any messages whose domain ends with the name email followed by any single character. A specification of email*.com will block email.com itself as well as domains such as email123.com , emailxyzzy.com and so forth.
Sometimes spammers send emails without any domain at all. You can automatically block emails with no domains by specifying (none) as the domain name. Please note that the parentheses are required.
When you request that a messages containing a particular server to beblocked, ChoiceMail One dispays a simple dialog to confirm that you want to block this IP address. If the Block button does not appear, it means that you just opened the dialog manually.
Click the OK button to add the IP address to your blocklist.
You can also manually add an IP address to your blocklist. When you click the IP blocking button on the Permission Management dialog, a simple IP Address Range Editor dialog displays, indicating the number of IP addresses currently on your blocklist.
Note: When you install ChoiceMail One, no IP addresses are included on your blocklist.
The first time you click the IP blocking button, ChoicMail One prompts you to select some IP addresses from a list of addresses that DigiPortal Software has confirmed are responsible for sending out spam email messages.
Click the Yes button to display the list of spam IP address regions.
You can also explicitly access the Region dialog by choosing Merge regions from the File menu on the IP Address Range Editor dialog.
• Click the Select all button to enter a checkmark next to all IP regions. You can then clear the checkbox next to the IP regions you don't want to block.
• Click the Clear all button to clear all the checkboxes. You can then select the regions you want to block.
DigiPortal Software has provided a starting set of regions that contain IP address ranges that have been found to be associated with sending out spam. Based on your needs, you can use all or a partial set of these regions to start with. You can then add more IP addresses and regions manually as needed.
Note - it is possible for a domain check system to be unable to resolve a particular server into an address for a variety of reasons such as DNS servers temporarily down. In this case, the message will simply appear in your unknown senders list.