Spam from two letter domain.
bfebrian.mailscanner at gedubrak.com
Wed Mar 25 06:25:04 GMT 2009
Recently I got hit by spam that came only from two letter domain, like
xi.com, cn.com, gr.com and many others.
Right now it only got hit by this rules
4.00 BAYES_80 Bayesian spam probability is 80 to 95%
1.90 INVALID_MSGID Message-Id is not valid, according to RFC 2822
Right now I only put many of those two letter domains in our blacklist,
but I'm affraid that will come many more with different domain.
This is one example of the email
Received: from mn.com (n219076186134.netvigator.com [188.8.131.52])
by mail.busanagroup.com (8.13.8/8.13.8) with ESMTP id n2P4CHlP022256
for <Rakesh at busanagroup.com>; Wed, 25 Mar 2009 11:12:34 +0700
Date: Wed, 25 Mar 2009 12:12:52 +0800
From: Milla <pemdb2004 at mn.com>
X-Mailer: cxaz 0.415
Reply-To: pemdb2004 at mn.com
X-Priority: 3 (Normal)
Message-ID: 2818841884.905474100 at mn.com
To: Rakesh at busanagroup.com
Subject: Good afternoon! I Milla
Content-Type: text/plain; charset=us-ascii
Good afternoon! I Milla Look my photo, call me and fuck me bjqxhp:
It is safe to block all the two letter domains?
Or is there any other rules to block this kind of spam?
Thanks in advance.
More information about the MailScanner