Hello folks, I am using a combination of amavisd-new 2.6.4 - spamassassin - p0f - dcc - razor2 - SPF - DKIM on FBSD box, with quite good results since many years now.
I would like to know if anyone has already found a solution to fight these scams as I am a little bit clueless to fight these new spam. Since couple of days, I am facing a massive increase in Little SPAM such as the one presented hereunder: This one is received directly through my main server. > Return-Path: <assas...@delifood.cl> > X-Original-To: greg...@rmm.fr > Delivered-To: greg...@rmm.fr > Received: from localhost (localhost [127.0.0.1]) > by newmail.rmm.fr (Postfix) with ESMTP id 58C593364F > for <greg...@rmm.fr>; Mon, 6 Jul 2009 16:48:47 +0200 (CEST) > X-Virus-Scanned: amavisd-new 2.6.4 (20090625) at rmm.fr > X-Spam-Flag: NO > X-Spam-Score: 4.282 > X-Spam-Level: **** > X-Spam-Status: No, score=4.282 tagged_above=0 required=5.8 > tests=[L_P0F_D15=0.5, L_P0F_W=1.9, RCVD_IN_PBL=0.905, > RCVD_IN_SORBS_DUL=0.877, RDNS_DYNAMIC=0.1] autolearn=no > X-Amavis-OS-Fingerprint: Windows 2000 SP4, XP SP1+, (distance 15, > link: > ethernet/modem), [201.68.46.137:2407] > Received: from newmail.rmm.fr ([127.0.0.1]) > by localhost (newmail.rmm.fr [127.0.0.1]) (amavisd-new, port 10024) > with ESMTP id Fcyos5HJtkQS for <greg...@rmm.fr>; > Mon, 6 Jul 2009 16:48:46 +0200 (CEST) > Received-SPF: none (newmail.rmm.fr: 201.68.46.137 is neither > permitted nor denied by domain of delifood.cl) client- > ip=201.68.46.137; envelope-from=assas...@delifood.cl; > helo=oxck.telesp.net.br; > X-Greylist: delayed 302 seconds by postgrey-1.32 at newmail.rmm.fr; > Mon, 06 Jul 2009 16:48:45 CEST > Received: from oxck.telesp.net.br (201-68-46-137.dsl.telesp.net.br > [201.68.46.137]) > by newmail.rmm.fr (Postfix) with SMTP id AC52F2E04A > for <omni_osx...@todoo.biz>; Mon, 6 Jul 2009 16:48:45 +0200 (CEST) > Message-ID: <20090706144540_3938896plac...@braveltd.com> > Content-Type: text/plain; > charset="windows-1258" > Date: Mon, 06 Jul 2009 14:48:53 -0100 > From: "Hong Piske"<assas...@delifood.cl> > MIME-Version: 1.0 > To: omni_osx...@todoo.biz > Subject: Waht sex Means to Ogld People: Funny Things They Say > > What sex Means too Olld People: Funny Things They Say www. via99. > org. Bored Att Workk? This second one is using my backup MX server as a relay. > Return-Path: <archaica...@1badapple.com> > X-Original-To: greg...@rmm.fr > Delivered-To: greg...@rmm.fr > Received: from localhost (localhost [127.0.0.1]) > by newmail.rmm.fr (Postfix) with ESMTP id BAD553347F > for <greg...@rmm.fr>; Sat, 4 Jul 2009 18:25:17 +0200 (CEST) > X-Virus-Scanned: amavisd-new 2.6.4 (20090625) at rmm.fr > X-Amavis-OS-Fingerprint: FreeBSD 6.x (1) (up: 5470 hrs), (distance > 6, link: > ethernet/modem), [88.191.71.9:53334] > Received: from newmail.rmm.fr ([127.0.0.1]) > by localhost (newmail.rmm.fr [127.0.0.1]) (amavisd-new, port 10024) > with ESMTP id b1-z8pSvNsQG for <greg...@rmm.fr>; > Sat, 4 Jul 2009 18:25:16 +0200 (CEST) > Received-SPF: none (newmail.rmm.fr: 88.191.71.9 is neither permitted > nor denied by domain of 1badapple.com) client-ip=88.191.71.9; > envelope-from=archaica...@1badapple.com > ; helo=dns.afrinet.eu; > Received: from dns.afrinet.eu (dns.afrinet.eu [88.191.71.9]) > by newmail.rmm.fr (Postfix) with ESMTP id CF07433472 > for <n...@todoo.biz>; Sat, 4 Jul 2009 18:25:16 +0200 (CEST) > Received: from localhost (localhost [127.0.0.1]) > by dns.afrinet.eu (Postfix) with ESMTP id B2058F35F75 > for <n...@todoo.biz>; Sat, 4 Jul 2009 18:25:16 +0200 (CEST) > X-Virus-Scanned: amavisd-new 2.6.3 (20090422) at dns.afrinet.eu > Received: from dns.afrinet.eu ([127.0.0.1]) > by localhost (dns.afrinet.eu [127.0.0.1]) (amavisd-new, port 10024) > with ESMTP id xUB4JXVn1Q5m for <n...@todoo.biz>; > Sat, 4 Jul 2009 18:25:13 +0200 (CEST) > Received: from ymxqft.telkomadsl.co.za > (dsl-246-245-14.telkomadsl.co.za [41.246.245.14]) > by dns.afrinet.eu (Postfix) with SMTP id CB7BFF34C4C > for <n...@todoo.biz>; Sat, 4 Jul 2009 18:24:57 +0200 (CEST) > Date: Sat, 04 Jul 2009 16:25:02 -0000 > MIME-Version: 1.0 > Content-Type: text/plain; > charset="windows-1258" > To: n...@todoo.biz > Message-ID: <mren1882596...@1badapple.com> > From: Reinmann Kreiner <archaica...@1badapple.com> > Subject: Fyemtale Orgasms - Tips to Give Your Woman Powerful Orgasms > Through Intercourse > > Female Orgasms -- Tips to Give Your Wotman Powerful Orgasms Through > Intercourse www. via11. net. Brow Maan ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Gregober ---> PGP ID --> 0x1BA3C2FD bsd @at@ todoo.biz ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ P "Please consider your environmental responsibility before printing this e-mail" ------------------------------------------------------------------------------ Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/blackberry _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
