The dashboard loses its data on server restart. Could this be the reason it's not showing that number? Did you restart before checking the dashboard? If so then unfortunately that data gets lost. 

 

If this is what occurred I can see us possibly dumping this data to a file that can be read back in when the server gets restarted, persisting this information.

I've seen the data being lost on server restart. It happens with IDS Blocks. Now we unplug the Network Cable first and do a restart as a last resort.

Hi Josh. Have you considered using Declude Hijack to prevent mass amounts of email from being sent out of your server in the case of a compromise like this? Declude Hijack is very easy to set up and implement into SM. If you are interested, we offer Declude 100% free from our website. I know a lot of SM users are using it, including myself. If you would like to check it out, visit our downloads page at http://mailsbestfriend.com/downloads. There is also a user manual there which explains how it works. If you have any question on how to set up and implement, please feel free to ask. I will be happy to help. Again, Declude is 100% FREE. We only charge for support which you probably won't need if you are only going to use the Hijack component. I hope this is helpful. Thanks.

SM already has throttling built-in, but it should have a Declude-like 2nd threshold as well that stops ALL outgoing email if desired.

Alas, sounds like a good time to implement Declude.  Will take some work, but you can probably clear all or most of those bad RBL reports.

Hi Paul. I don't think we have instructions available on our site. I will create a set of instructions this week. It is very easy to install. Download the Declude 4.12.11 new install for SmarterMail from our website. Run the installer as admin on your server and Declude will install in the correct place. Once installed, if you only want to use the Hijack component of Declude, go to the Declude directory which will be located at SmarterMail\Declude and rename the global.cfg to global.cfg.off and rename the virus.cfg to virus.cfg.off. Next, open up the hijack.cfg and configure the two thresholds how you would like them. The definitions of each threshold are in the hijack.cfg file so you will understand what happens when each threshold is exceeded. Next, open the HijackNotify.eml and set the TO address to an address where you would like to be notified when outbound mail is held permanently by Hijack. Lastly, log into your SM admin interface and enable Declude there. It's a simple checkbox. That's all you need to do to make it work. As for Ultimate Spool Manager, I do not think you will have any conflicts. Thanks.

linda,

how are mailing lists handled/exempted?