Spam from two letter domain.
Budi Febrianto
bfebrian.mailscanner at gedubrak.com
Wed Mar 25 06:25:04 GMT 2009
Dear all,
Recently I got hit by spam that came only from two letter domain, like
xi.com, cn.com, gr.com and many others.
Right now it only got hit by this rules
4.00 BAYES_80 Bayesian spam probability is 80 to 95%
1.90 INVALID_MSGID Message-Id is not valid, according to RFC 2822
0.39 SARE_RECV_SPAM_NAME2
Right now I only put many of those two letter domains in our blacklist,
but I'm affraid that will come many more with different domain.
This is one example of the email
>>>>>
Return-Path: <<81>g>
Received: from mn.com (n219076186134.netvigator.com [219.76.186.134])
by mail.busanagroup.com (8.13.8/8.13.8) with ESMTP id n2P4CHlP022256
for <Rakesh at busanagroup.com>; Wed, 25 Mar 2009 11:12:34 +0700
Date: Wed, 25 Mar 2009 12:12:52 +0800
From: Milla <pemdb2004 at mn.com>
X-Mailer: cxaz 0.415
Reply-To: pemdb2004 at mn.com
X-Priority: 3 (Normal)
Message-ID: 2818841884.905474100 at mn.com
To: Rakesh at busanagroup.com
Subject: Good afternoon! I Milla
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Good afternoon! I Milla Look my photo, call me and fuck me bjqxhp:
http://t-tnov.mail15.su iqylrxcz
>>>>>
It is safe to block all the two letter domains?
Or is there any other rules to block this kind of spam?
I'm using
MailScanner 4.65.3
Thanks in advance.
More information about the MailScanner
mailing list