ChangeLog :: Abuse

Changes for each of the releases

1.0.7.0
-German language translation was completely rewritten by
Angelika Oberhof who also made thoughtful suggestions
on improving the user interface. Contact information can
be found in the German.lng file. Angelika has also
provided a glossary in German which is also included
with this release - glossary_german.txt.
-Added support for another SMTP authentication method.
Auth PLAIN uses a single message to pass the logon
information. This newly supported method provides for
a more secure method of logging onto your SMTP server.
It doesn't require any changes to the information
currently provided by the user. Abuse will determine
if the SMTP server supports this method and use this
method as the first choice when authentication is
requested by the user.
-Added additional verification of responses during the
SMTP connect conversation to more readily detect
failures of communication.
-French help file : abuse_french.chm. To use this you will
need to replace abuse.chm with this file by renaming the
abuse_french.chm file to abuse.chm. In addition, the
French language file was updated on this release.
-Minor changes to the user interface.
[Bugs fixed]
- Fixed the sound file browse option on the Sound Effects
options page.

1.0.6.9
[dave]
-Updated Help to document the latest features/changes.
-Obtained German translation and enlarged some user interface
fields as a result.
-Modified About display.
[Bill - new developer]
-Added $date tag for use in the lart subject line. This symbol will
be replaced with the received date from the message header.
Some ISP's ask for the received date to be able to correlate it
with their usage logs (RADIUS logs for DHCP assigned IP
numbers).
[Bugs fixed]
-Fixed Win 98/ME commandline processing bug introduced in
ver 1.0.6.8. Prevented Abuse from running on Windows 98/Me.
-Fixed Win Me analysis problem introduced in ver 1.0.6.0. Was
another poor choice of an api not supported under this version
of Windows. Was fixed with the help of a Win Me user.
[New bugs]
- Broke the sound file browse function on the Sound Effects
options page in version 1.0.6.7. WIll be fixed in next release.

1.0.6.8
[dave]
-Added an smtp server timeout field to Smtp Connection Options page.
This will allow user's who occasionally experience timeout errors
to lengthen or shorten this timeout period.
-Added a supplemental lart address list. This permits the user to
maintain a list of addresses they frequently choose from when
adding additional email addresses to a lart. The newly added
Supplemental Lart Addresses option page provides the user the
ability to add/remove/edit email addresses on this list.
The Add Address box on the Select Who To Lart dialog has a
drop down list displaying these supplemental lart addresses,
allowing the user to easily add an address from the list to the
lart.
This list of addresses is stored in a file (UserCache.dat) residing
in the same directory as the Abuse cache file.
-Added "connect to..." text line at start of the smtp connection dialog
describing the smtp server and its port.
-Changed the Find button function in the "Select Who To Lart" dialog
to return only those addies matching the requested addie string.
-Improved overall performance
-Obtained Dutch translation.
[Bill - new developer]
-Made numerous changes to the source to permit the use of newer
compilers like the Visual Studio 2005.
[Bugs fixed]
-Restored registry cleanup on a uninstall request. Somehow I disabled
this awhile ago while performing some tests and failed to re-enable
this code.
- Fixed a bug that occurred while processing ARIN subnet information
[New bugs]
-I don't have a Windows 98/ME system to test with. As a result this
release doesn't work with Windows 98. I mistakenly used a function
that is not supported on Windows 98. I will fix this in the next
release.
-After working with a Windows 98/ME user, we have been able to
fix a Win 98/ME issue that has been a problem since 1.0.6.0.
The fix will be available in the next release.

1.0.6.7
[dave]
- Added missing language translation for 2 Add buttons.
- Added language translation for edit menu items.
- Changed text of a couple of items to make their meaning clearer.
- Updates to the language dialog.
- Updated URL processing to include another instance of URL character
encoding.
- Obtained French, Norwegian translations.
[New bugs]
- Broke the sound file browse function on the Sound Effects options
page.

1.0.6.6
[dave]
- Reduce the number of whois requests for cached IP contacts &
modifying existing cached IP contacts (addies cache).
- Added Find button to LartSelect Dialog for searching addies
cache for an abuse contact.
- Added explanation for Find button to Help file.
- Retain the range information from a cache entry to eliminate
additional whois queries.
[Bugs fixed]
- Fixed bug causing Windows 98/SE crash. This was an error formatting
function having a different result returned in Windows 98.

1.0.6.5
[dave]
- Improvements to spamvertized URL processing
- Improvements to Japan ISP queries - have recently seen references
to JNIC.
- Improvements to creation of whois cache entries - reduce the
creation of single IP address entries.
- Improvements to KRNIC ISP queries.
- Improvements to the Mapi dialog to make it easier to determine when
it is finished processing entries in the spam folder.
- Improved updating of existing addies cache entries based on
selections made in the Select Who to Lart dialog which also reduces
the number of single IP address entries.
[Bugs fixed]
- Program wasn't sending larts if the only contacts selected in the
Select Who to Lart dialog were non-cached contacts (contacts
beginning with an *).
[Bug in this release]
- Abuse will exit abruptly on a Windows 98 SE system when the program
attempts to display a network error message box. This is fixed in
the next release.

1.0.6.4
[dave]
- Added language support - loads language file at startup and permits
the user to select from available languages. A number of new menu
items were added to the program for the language support:
Export Language File: creates an English language reference file
that is used as a template for translating to another language
file. The format of the language files are compatible with
a translator utility program found at :
http://www2.arnes.si/~sopjsimo/translator.html
The language files only support simple single byte characters
at this time (US and European languages).
Change Language - dialog allows the user to choose from a list of
languages. The list is created by listing the language files
residing in the the Abuse program directory.
About Language - lists the language loaded and some of the details
provided in the language file.
Changes were made anywhere text appears to permit longer translated
strings. This is the first phase of supporting language files. This
will evolve over the next few releases.
At this time, Italian is the only language file provided. English
is provided as the default language and is therefore built-in.
- Modified the handling of the "Add E-mail Address" on the "Select
Who to Lart..." dialog. The user can prevent an entered email
address from being stored in the addies cache by adding a '*' as
the first character of an email address. All non-cached addresses
are displayed with '*' as the first character of the email address.
This includes the cc email address and the Mail to self option email
address. The '*' is stripped from the email address before the
address is used.
This feature is convenient when you want to add an email address
that responds to the email content rather than the ISP
(i.e. spoof@paypal.com). And therefore you don't want the email
address to be added to every lart to that ISP as would happen with
addresses stored in the addies cache.
- Changed Korean ISP handling to allow querying KRNIC when the APNIC
response does not link to KRNIC. Since the start of this year, I
have been seeing more Korean ISPs utilizing these type of APNIC
records.
- Updated IANA reserved address tables.
[Bugs fixed]
- Program would not always recognize all of the subnets of an ARIN
ISP. This was made to be more reliable. This was happening very
infrequently.
- Program was not allowing abuse contact addresses with RIR tags in
the local part of the email address. Changed to only check for the
RIR tag in the domain of the abuse contact address.
- Program would hang when using the "Add/Replace addie" dialog to
erase the only addie in a addie cache entry.
- Program wasn't emailing larts to self if the Select Abuse Dialog
was not displayed.

1.0.6.3
[dave]
- Improve processing of Abuse.net responses
- Improve detection of AFRINIC IPs
- Improve search for abuse contact addresses in whois responses
- Remove "X-Spam" lines from the end of the email header before sending
a lart. This SpamAssassin/SpamPal/etc info could be harmful when
the lart is passed on to black-hats.

1.0.6.2
[dave]
- Prevent the use of abuse@ripe.net as an abuse contact
- Prevent the use of hostmaster@nic.or.kr as an abuse contact address
- Don't clear the user entered data in the find/replace dialog fields
after performing the requested action.
- When using the Mapi folder option: delete messages when they can't
be larted and there is no retry/save folder specified.

1.0.6.1
[dave]
- Fix bug introduced with ver 1.0.5.9, program will crash if it fails
to find at least one valid SMTP received line in the header.
- More statistics data
- Minor user interface changes
- Minor help file changes

1.0.6.0
[dave]
- Rely less on the online abuse contact databases and more on Abuse's
own newly added more extensive examination of whois response fields.
This proves to be more efficient because the additional fields examined
always find a contact address, always find any annotated spam/abuse
contact, and is faster because the online abuse databases don't respond
as readily as the RIRs.
- Added new command line option "/e" which disables the trusted line
check added in ver 1.0.5.9 that forces the user to confirm the lart
addresses when the spammer's received line is not the first untrusted
IP address. This was needed for users who receive a lot of freemailer
routed spam whose larts force the confirmation dialog.
- Added a menu item Settings/Select Specific DNS address. It is grayed
out if Abuse is not getting the DNS list from the system (i.e. running
on Win 2k). This dialog will allow the user to select a DNS address
from the list supplied by the system. This is an option that is expected
to be used infrequently. The selection is not saved between executions
of the program.
- Examine additional information in the whois responses for abuse
contacts.
- Changed the way DNS queries were performed to speed up the analysis
process.
- Clear "Send if cached" option when "Ask for Confirmation" is unchecked
in SMTP Connection Options.
- Added editing of an existing net range in the Trusted Net Ranges
Dialog and improved the user interaction with the existing buttons.
- Added additional counters to the statistics display.
- Prevent the user from exiting before the analysis was completed
in the view/"Get IPO/Domain Abuse EMail Addresses" dialog.
- Check for a previously unseen response format from abuse.net.
- Fixed a problem that failed to remove all emails when "/m" option
was used because the program was exiting before waiting for all the
emails to be moved/removed in a Mapi folder.
- Fixed a problem when interpreting a spamvertized URL which was using
google redirection.
- Update Help file with the latest additions.
[Bugs]
- Introduced a bug with ver 1.0.5.9, program will crash if it fails
to find at least one valid SMTP received line in the header.

1.0.5.9
[dave]
- Added to the lart select dialog the display of the last trusted
line # if it is less than the line the analysis stopped on. This new
line number is only displayed when the analysis didn't stop on the
first untrusted "Received" line and it will cause the Select Lart
dialog to appear. This permits the user to know if the header analysis
stopped on the first untrusted "Received" line. If it didn't, the
user needs to examine the "received" lines between the last trusted
"Received" line and the "Received" line the analysis stopped on. The
"trusted net ranges" option under settings menu item help to identify
the trusted "Received" lines.
- Prevented possible issues with very long SMTP header lines.
- Added more statistics & error counts.
- Added support of the Lart Confirmation dialog re-analyze button
for cut/paste email entry.
- Fix possible problems occurring when main windows force closure
of open child windows.
- Added new item under utilities menu and then disabled it for now.
- Prevent multiple MsgData windows from being opened thereby preventing
possible memory leaks.
- Changed Addies Cache search to locate the smallest range for which
a URL is defined rather than the first one.
- Improved check of user entered address in the select lart dialog
query Abusenet field.
- Remember lart select dialog and Mapi dialog window positions.
- Fixed memory leak in Mapi Dialog caused when retry cleanup folder
is selected.
[Bugs/ToDo]
- Help file needs to be updated with the latest features.

1.0.5.8
[dave]
-Added email address format check in Lart Select dialog of the Add
addies entry. Won't allow badly formatted addie to be added to the
list of addresses to send the lart.
-Added code to dig a little deeper at the JPNIC RIR when all else
failed to return an abuse contact (addie).
-Added a dialog which permits the user to find, replace, delete addies
from the addie cache in the Utilities menu. ***Use with caution ****.
This will allow users for example to remove addresses that continue
to get bounced. A delete is simply a replace where the replacement
field is blank. The find will find all instances of the string in
the addie cache and return all of the other addies in each of the
entries the string was found. The list is purged of all duplicates
before being displayed. The delete (replace where 2nd field is blank)
will not remove the only addie in a cache entry.
-Changed the munge function ("E-mail addresses to munge" selected
from menu "settings/options/Smtp Connection options") that replaces
email addresses with a generic string to mask the users e-mail address.
The E-mail addresses entered are treated as a substring. So the user
can enter "@domain.com" for an email address and the result is all
email addresses in this domain will be munged.
-Provide a more specific smaller list of abuse contact addresses in
the lart select dialog.
[Bugs]
- If the lart select dialog is closed with one or more of its child
windows open (msg data or whois data), the program will abnormally
terminate. So if the whois window is opened and the send button is
selected before the whois window is closed, the program will eventually
be aborted.
- When the user selects the save folder in the dialog displayed with
the menu item utilities/Lart emails... the program can terminate
unexpectedly while exiting the program under Windows XP.

1.0.5.7
[dave]
**Warning: A different development machine was used for the first
time for this release. It should be fine. But keep this in mind and
let us know if there are any problems. If there are they should be
immediately apparent.
-More checks put in to prevent 0.0.0.0-0.0.0.0 and 0.0.0.0-255.255.255.255
entries being created in the abuse cache file.
-The whois cache will no longer be loaded when it isn't being used.
-The email munging function was updated to be case-insensitive.
-Improve handling of JPNIC whois responses, specifically the Classless
Internet Domain Routing (CIDR) range format.
-Added field near the top of the select lart dialog for displaying
the received line number. This helps in deciding to take a closer
look at the received lines in the header preceding the one Abuse stopped
on.
-Upgraded the email address format checking.
-Believe we have fixed the bug listed in the last 2 releases.
[To be improved]
-ISPs listed at the JPNIC RIR are not always listing email abuse contacts
in the whois data. We already look elsewhere for this information.
We also will look elsewhere on the JPNIC site.

1.0.5.6
[dave]
-I broke the "Send lart without confirmation if information found
in the abuse address cache" option with the last set of changes. So
I had to make it work again.
[bug]
-A user whose uses the cut & paste method, had a 0.0.0.0-255.255.255.255
entry created in his abuse cache file. This will cause the same abuse
contact address to be use for all larts sent.

1.0.5.5
[zello]
- just an hack to force abuse contact database fixing only once. All
duplicate abuse addies database entries will be eliminated the first
time this release is executed. The last entry of a string of duplicates
is kept.
[dave]
-Another update to determining RIPE ISPs abuse contact information
based on an email interchange with a RIPE member.
-Added a re-analyze button in the lart Select dialog intended for
use with the Mapi folder processing option. The user can specify an
earlier SMTP "received" line which will force the analysis to conclude
with the specified line. This enables the user to select an earlier
received line as the spammer's. When the user fills in the received
line number (counting the first "received" line as 1, the next as
2, etc) and selects the re-analyze button, the current lart is canceled
and the email msg is immediately re-analyzed using the received line
limit. When the user fills in the received line number and selects
the send button, the current lart is sent and then the email msg is
re-analyzed. The lart select dialog is presented again after the re-analysis
is complete.
-Remember position of the lart select dialog for a session. Each time
the lart select dialog is moved it will reappear in that position
during the current session of Abuse.
-Minor tweaks to the abuse contact search.
-Minor tweaks to the spamvertised Url display.
-Update help files. Each time I actually look at the help files, I
want to spend more quality time massaging them.
-Prevent duplicating entries in abuse contact database when existing
entries are updated.
[Bugs]
-"Send lart without confirmation if information found in the abuse
address cache" option mistakenly got disabled with this release.
-A user whose uses the cut & paste method, had a 0.0.0.0-255.255.255.255
entry created in his abuse cache file. This will cause the same abuse
contact address to be use for all larts sent.

1.0.5.4
[dave]
-Minor tweaks to the options/settings display dialogs to reduce their
overall length.
-More tweaks to the abuse contact search.
-More tweaks when locating the spamvertised Url.
-Improve handling of KRNIC whois info,specifically the net range.
-More tweaks to improve handling of IP ranges found in whois replies
to prevent invalid 0-0 & 0-xxx range entries being added to Whois
cache & Abuse Addies cache.
-Added munge option to SMTP settings permitting user to identify email
addresses in the larts to be replaced by: undisclosed_recipient@munged.invalid.
-Display positive results returned by each DNSBL.

1.0.5.3
[dave]
-Added support for new RIPE whois request/reply formats.
-Try to prevent invalid 0-0 range entries being added to Whois cache
& Abuse Addies cache.
-Improve handling of whois info for nic.br Reponses with "Permission
denied".
-Fix bug with Query Abuse.net option in the lart dialog. It didn't
have the error logic to prevent the program from bombing if the whois
request timed out.
-Fix bug causing "send if cached" check option to fail to uncheck.
[zello]
-Fix a dependency on DbgHelp.dll (MakeSureDirectoryPathExists), since
this library isn't always available under all Windows platforms.
-Provided a way to document the source code (thanx to Doxygen)

1.0.5.2
[zello]
- cleanup on headers including std:: in the global namespace
- started adding a way to put Abuse data in the user application data
directory (usually /Documents And Settings/username/Application Data),
and not in the executable directory.
[dave]
-Corrected failure to wait for the Mapi folder dialog to come to a
stopping point before exiting when the dialog was stopped while it
was processing an email.
-Added support for displaying redirected spamvertized Urls using Yahoo,
Google & Lycos.
-Added ".pro" to Url domains. Added allowable Url characters: "& ;
$ #!".
-Added new check option to "Smtp Connection Options". Can be selected
if Ask for Confirmation is checked. Will not display lart dialog if
address is found in the cache.
-Added AFRINIC as an RIR. I used an IP address owned by AFRINIC to
determine the AFRINIC response format. Also improved finding RIPE
addresses transferred to AFRINIC.
-Cleanup formatting of output to the log file.

1.0.5.1
[dave]
-Speedup lookup of abuse contacts by using a DNS lookup instead of
Whois calls whenever possible.
-Improvements to handling of problematic URLs by the view option and
the spamvertized Url in the email body.
-Added AFRINIC RIR.
-Fixed problem causing the Abuse program to abort because of Whois
call connection timeouts.
-Updated IANA IP reserved address detection.

1.0.5.0
[dave]
- Refinements to the search for a abuse contact address.
- Improvements to the search for a spamvertised Url in the message
text.
- Fixed a bug in routine that scanned HTML for a spammer URL. Failed
to reliably find the spammer URL when there were multiple URLs in
HTML body. Also was ignoring Urls in <H1> lines.
- Improved search for abuse contact address. If no contact address
was found at abuse.net, then check cyberabuse.org.
- Insure there is a mail folder selected before allowing the '/m'
program startup option.
- Added new Vlart button to Lart select dialog, text definition for
a virus source on the Lart options page.
User can send a lart (Send VLart button in Lart Select dialog) with
text indicating the user received a UCE with an attached virus.
[zello]
- Pretty nothing, just fixed a bug in ShowWhois Dialog (i.e., the
dialog showing the whois data when it comes to choose who to lart).

1.0.4.6
[dave]
- Added "/m" parameter at program startup: automatically process emails
in the default message folder and then exit the program.
- Added new menu option under main menu item Utilities: Cleanup Emails
In The Saved Message Folder. This is kept grayed out until the save
message store folder is selected in the Utilities/"Lart Emails in
The Default Message Store" dialog.The Cleanup Emails dialog enables
the user to process the emails that were previously saved when no
abuse contact addresses were found for the email while processing
emails in the default message folder. The dialog requires user interaction
to determine a abuse contact address for each of the saved emails.
- Made improvements during the analysis of an email to determine a
abuse contact address.
- Provided messages explaining issues encountered during the initial
setup of access to the default message store.
- Added the display of a (spamvertized) URL found in the body of a
email during processing of the email in the default message store.
- Fixed a bug that occurred when the whois response failed to return
an IP range.
[zello]
- Fixed a bug that crashed Abuse if the user chose to see the whois
cache content with whois cache disabled (technical notes: remember
to pass pointers and not references if the argument can be null!!)
- Changed the internal implementation of the dialog, adding a common
base class (dialog.[h|cpp]). Very clever trick from Carlo Pescio,
see notes in VirtBase.h

1.0.4.5
- started adding the requested "trusted IP range" feature
- added a "view Whois cache content" in the options dialog
- you can now add an external whois server mapping IP to abuse address
as a new abuse addresses cache, with lower priority than the one using
a local database

1.0.4.4
- WhoisCache (Cache.cpp, Cache.h) totally rewritten from scratch
- bug: the abuse address cache cannot be disabled (fixed)
- The DNSBL list can now be exported or imported in xml format (under
construction)
- (for dave): added a function in to convert from
a string to a Result, documented the header (not fully)
- Changed the "lart messages in a default store folder" dialog: Added
retry folder to the Mapi dialog to permit failed messages (no contact
address or an SMTP error) to be moved to another folder from the default
message folder when the "Ask for Confirmation" option has not been
selected in settings. The user can select the retry folder from the
existing folders which is not the default email folder, to store emails
that need user interaction to lart. The retry folder name is saved
in the registry as MRURETRYFOLDER property.The retry folder selection
is not enabled in the dialog if the "Ask for Confirmation" option
has been selected. The number of messages stored in the retry folder
for each group of emails processed is displayed when all of the emails
in the default folder have been analyzed and processed. The lart will
be sent as long as at least 1 trusted abuse contact email address
was found. If the "Ask for Confirmation" option has not been selected,
the SMTP error message box will not be displayed on an error during
the SMTP transaction. But the email will be moved to the retry folder
as a result of an error. The user will need to process the emails
in the retry folder by selecting it as the default folder. Abuse will
not initiate any action on its own. The features of the dialog listed
above will require extended beta testing.
- Attempted to fix a bug: Abuse will on occasion not wait for the
SMTP server to finish communicating before sending the next response.
This will need to be tested to verify it fixed the reported issues
with SMTP server communications.
- Modification to change made in last release for "[xxxx]" of "[xxxx](xxxxx[xxx.xxx.xxx.xxx])".
- Fixed problem user found where Abuse was looping indefinitely thru
the email folder. The list of contact email addresses returned by
Analysis was empty and as a result, the associated message was not
being removed from the list of emails to process.
- Fixed problem which caused Abuse to be aborted when our connection
to the RIR was dropped unexpectedly during a whois request.
- Fixed problem where Abuse failed to recognize when no useable information
was returned from the whois query to the RIR.
- Added a display of error and statistics to the email folder dialog
to help solve user problems. Increased the size of the header info
display box in the email folder dialog.
-Fixed problem problem with multi-line responses from the server.
Abuse was communicating before the server was finished with its response.
known bugs:
- there's a memory leak hidden in the whois cache I'm tracking, but
I still haven't found it.

1.0.4.3
(all changes by Dave)
- Clear abuse.net entry after use in lart dialog.
- Changed body text in lart settings for two of the lart types: added
space following "IP".
- View option : If fails to find an abuse address in the whois data
then query abuse.net.
- View option : Permit an email address to be entered for a domain.
- Accept as trusted, contact addresses returned from abuse.net containing
'spam' or 'abuse'.
- Permit "[xxxx]" of "[xxxx](xxxxx[xxx.xxx.xxx.xxx])" on received
line of header.
1.0.4.2 is still available if you have troubles with this release.

1.0.4.2
(all changes by Dave)
- Changed message folder processing to delete message only if the
lart was sent
successfully.
- If "Ask for Confirmation" in "Smtp Connection Options" is not selected,
confirmation is requested only when a good abuse address is not found.
- Created a new Show MsgData button for the lart confirmation dialog.
This
permits the user to exam the email header & the analysis results before
sending the lart.
- Remember the most recently used message folder by storing it in
the
registry[MRUMAPIFOLDER] and use this to highlight this entry in the
combo box
folder list in the message folder dialog.
- Cleared message folder dialog analysis window text before starting
analysis
to reduce the buffering required.
- Changed default button to Query button when entering info in the
abuse.net field so you can use the enter key after entering a domain
in this
field.

1.0.4.1
New features:
- you can now disable whois & abuse caches (options->larts dialog)
- you can set a DNSBL cache per DNSBL (options->DNSBLs->edit/add)

Fixes:
- Removed proxies.relays.monkeys.com & pdl.bofh.it from the DNSBL
list (dave, zello).
- Removed the only mapi32.dll reference at startup, mapi32.dll:135.
It caused a "cannot find function" error at abuse startup under Windows
98 (dave)
- Help files updates: Dave credit.
- many bugs in add/edit DNSBL dialog

known bugs:
- some inconsistencies in add/edit DNSBL dialog

1.0.4.0
New features: now you can lart every message in a default message
store folder (thanks Dave) [please note it's still experimental].
There's a tool extracting abuse info from a domain name or an IP.
Fix: the abuse file were not found if the user changed the working
directory.

1.0.3.0
Well, some news, finally. I've kicked in the "add/edit" DNSBL feature.
Dave did all the rest, i.e.: a html help file (included in the zip
file), some graphic changes, a "show whois" menu item, and many many
optimization. His name haven't been included in the help file, please
don't ask me why.
--
zello

1.0.2.17
Some more improvements in the header scanner section, thanks again
to Dave.
Still not-so-much tested, should be more reliable than the previous
version.

1.0.2.16
Dave, a new developer of the project, has made some changes in the
way Abuse scans headers. As we ain't got time to perform a complete
set of tests, we ask you to let us know if & where Abuse fails to
scan email headers correctly, possibly at zellodespammedcom.
1.0.2.15 is still the preferred choice if you need more reliability.

1.0.2.15
Fix a couple of minor bugs. There's really no need to upgrade, unless
you are having troubles with auth-smtp or some strange Received: lines

1.0.2.14
Just excluded relays.osirusoft.com from the default DNSBLs used by
Abuse!
relays.osirusoft.com has been shut down by its owner, Joe Jared. I
wish to thank JJ for the priceless service he has given to the Internet
community with his block list!

1.0.2.13
Well, I finally fix a bug (actually, a non-compliance to RFC822 bis)
in the way Abuse was sending out the larts. This bug prevented Abuse
to lart if there was NAV or if the SMTP server of the ISP was running
Qmail.
I also added smtp-after-pop.

1.0.2.12
- Now the auth-smtp option works ok (at least on my box).
BEWARE!!ACHTUNG!!ATTENZIONE!!: the password is stored in almost clear
text in the registry. I'll fix it ASAP.
- your own address is not shown in the header anymore when you choose
"mail a copy to self".

1.0.2.11a
I haven't fix anything, but simply recompiled the whole stuff. Now
it seems to work under the "cheap" tree of Windows (Win95/98/ME).
Please don't ask me why. It's not enough to rename this version as
1.0.2.12.
I've also prevented abuse to send your own address in the To: line
of the larts.

1.0.2.11
- Added a SMTP log feature, to keep trace of the larts you're sending
out.
- Fixed a bug that caused Abuse to freeze when sending larts.
- Fixed a bug (not actually a bug of mine, more a non-standard reply
from them) when querying Korean RIR (one more reason to block all
Korea at the border routers)
- added a "Always on top" feature
I haven't fixed some known bugs, mostly because they don't happen
when Abuse runs in my box. I promise to hunt them down before 1.0.2.12,
due on August 15th.

1.0.2.10
Just a bug fix in options' dialog - which crashed while closing if
the DNSBL tab was never shown.

1.0.2.9
Added a feature to include/exclude a DNSBL. Still implementing the
"add new/edit" DNSBL, have a look at the registry (HKCU/pc-facile/Abuse!/Dnsbls)
to discover how you can do it manually.

1.0.2.8
Version 1.0.2.7 introduced a bug that prevents this app to work under
win9x, it crashes when you close it.
I haven't been able to spot it, because I haven't a win9x box. I've
tried to debug it using a box of a friend of mine, but it seems that
it crashes *after* the process is terminated (probably Abuse overwrites
some kernel data during its execution).
The only thing I can do right now is to block Abuse if it finds itself
running under those (poor...) operating system.
From now on Abuse will run only under NT kernels (NT, 2000, XP)
================================================
If you're interested and have got a win9x box (possibly with SoftIce
installed), please write me a line at zellodespammed.com.
Introduced a ip->abuse addies cache, and a DNSBLs 'results cache (which
is disabled in the Release version, but it seems to work in Debug
mode - ready for 1.0.2.9)

1.0.2.7
Minor changes in the interface - a couple of bug fixes. Important:
fixed a very nasty bug in the whois cache - I suggest to remove the
subdir "WhoisCache" and its content, or you may sometimes get inconsistent
results!
Added a Spanish translation for the analysis (thanks to Miguel P�rez
Sub�as of the Spanish Internet Users Associacion [http://www.aui.es]).

1.0.2.6
Added some sound effects, fixed a nasty bug that caused the properties
to get corrupted when saved.
Minor changes in the whois info extraction algorithm. Another bug
fix in Received: line analysis (actually a bug in the c++ std library
impl I'm using, used a dirty workaround)

1.0.2.5
Some changes in options' GUI, and a not-so-stable whois cache.

1.0.2.4
Fixed several memory leaks. Updated IP spaces (220,221,222,223/8 now
are assigned to APNIC, and 96.0.0.0/126.255.255.255 are reserved to
IANA)

1.0.2.3
Fixed a bug that causes Abuse to crash under win9x

1.0.2.2
Utilizing a pool of thread when queuing blacklists. Other minor (U.I.)
changes

1.0.2.1
Fixed a bug while querying registro.br, and another one when sending
out larts

1.0.2.0
A lot of new features - now the app is able to send out larts (not
fully tested, please verify the results *before* sending out any lart).

1.0.1.3
Minor bug fix (gpf while maximizing under win9x).

1.0.1.2
Fixed a bug (retrieving wrong netblocks from LACNIC whois info). Added
a "Reset" button and a "Select All" hotkey (^A)

1.0.1.1
Improved the "abuse extractor" algorithm. Added a "choose font" dialog.

1.0.1.0
Initial re-design of the User Interface

1.0.0.6a
Added code to extract abuse address - not really reliable... Use at
your own risk!

1.0.0.6
Some (initial) code to extract abuse addresses
Added a Reset button to clear the upper text box

1.0.0.5c
Some minor bug fixes & changes in whois queries

1.0.0.5b
Should work alright with hotmail strange headers, some minor bug fixes

1.0.0.5
Implemented MX and TEXT DNS queries under older Windows versions (Win9x-
NT 4)

1.0.0.4
Improved the integrity checks on the from-by chain in the Received:header
lines

1.0.0.3
First public version

Web Design by:
Paola Pisano