Spam question
Martin Hepworth
maxsec at gmail.com
Mon Aug 24 10:26:33 UTC 2015
Sean
Greylisting is still very very useful and recommended at the MTA level.
Do you reject non-valid recipients at the MTA level as well?
I presume your Spamassassin is upto date and getting the updated rulesets
from them automatically?
--
Martin Hepworth, CISSP
Oxford, UK
On 6 August 2015 at 19:10, Sean M. Schipper <sean.m.schipper at lawrence.edu>
wrote:
> Email is accepted for a single domain. I use postfix as my MTA.
>
>
>
> I employ Spamhaus as an RBL that I use to reject at SMTP. I do use others
> but do not reject based on them. Any others that are reputable enough to
> reject with?
>
>
>
> I haven’t really considered Greylisting. I just read some on it to
> refresh my memory. Is this commonly used by the MailScanner community?
>
>
>
>
>
>
>
> --
>
>
>
> RBL ? Greylisting ? How many domains are you filtering ? What MTA ?
>
>
>
> --
>
> Jeremy McSpadden | Flux Labs
>
> Local - 850-250-5590x501<tel:850-250-5590;501 <850-250-5590;501>> |
> Mobile - 850-890-2543<tel:850-890-2543 <850-890-2543>>
>
> Fax - 850-254-2955<tel:850-254-2955 <850-254-2955>> | Toll Free -
> 877-699-FLUX<tel:877-699-FLUX <877-699-FLUX>>
>
> Web - http://www.fluxlabs.net<http://www.fluxlabs.net/
> <http://www.fluxlabs.net%3chttp:/www.fluxlabs.net/>>
>
>
>
>
>
> On Aug 6, 2015, at 12:49 PM, Sean M. Schipper <
> sean.m.schipper at lawrence.edu<mailto:sean.m.schipper at lawrence.edu>> wrote:
>
>
>
> Since last November I've been getting inundated with spam (yesterday just
> under 7,000 just in the am) from coming from 3 or 4 IP addresses on the
> same subnet in the morning starting like clockwork just after 9am. Then
> sometimes I'll get a similar rush of spam in the afternoon coming from a
> separate IP range. Countries of origin include US and Bulgaria mostly but
> also have come from Brasil, Romania and S. Africa.
>
>
>
> I've been able to train MailScanner to correctly identify these as spam
> since the content is very similar -- tons of links to websites with .php
> extensions. Examples of subject lines: Situations for 2015 that forgive
> your Student-Loan, 12 month MBA programs, accelerated...
>
>
>
> To cut down on the processing/traffic on my server I've been just
> blacklisting these IP subnets at smtp with a deny bounce message. Does
> anyone have any other suggestions on actions I can take to rid myself of
> this annoying daily routine? Does anyone else have similar battle stories
> like this?
>
>
>
> Thanks for any suggestions on this.
>
>
>
> Sean
>
>
>
>
>
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/listinfo/mailscanner
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150824/bf1f810b/attachment.html>
More information about the MailScanner
mailing list