Thanks for this. Did you put the .ME domain in the countries file even though its not a country?
J. Carl Wagar EntreNet Communications Inc <http://www.entrenet.com> www.entrenet.com <http://www.thehostingservice.com> www.thehostingservice.com 24 Swain Ave, Ottawa, ON, K1G 4T1, Canada Email: <mailto:[email protected]> [email protected], skype: jcwagar Tel: +1 613-737-7327, Fax: +1 613-737-5801 Cel: +1 613-818-8898 From: [email protected] [mailto:[email protected]] On Behalf Of Darin Cox Sent: Wednesday, April 23, 2014 4:25 PM To: [email protected] Subject: [MBF]Re: spam from .me domains. Yep. We added a weight for .ME, and several other TLDs last year, mostly country TLDs. All of them failed other spam tests, so we just added enough to get them to the hold weight. If needed, we add a counterweight for specific domains, but we’ve only needed to do that a couple of times in the past year. Most legit traffic still uses COM/NET/ORG. Darin. From: Carl Wagar <mailto:[email protected]> Sent: Wednesday, April 23, 2014 9:50 AM To: [email protected] <mailto:[email protected]> Subject: [MBF]spam from .me domains. Has anyone witnessed a large increase in spam coming from address in .ME domains and containing links to .ME domains? It looks to me like some (expletive) hacker has found a way to hack a registrar for .ME domains to create them like crazy and is blasting a lot of spam. Although MOST of it is detected by SNIFFER, about 10 percent does not, and the combination of BHL and other filters do not get it over my threshold to HOLD. I have changed the FILTER-COUNTRY to boost the weight of .ME domain (anyone unfortunate enough to send legitimate mail from there is out of luck) but I had to raise the MAXWEIGHT. I expect this is not the best place to put it. Comments? Carl J. Carl Wagar EntreNet Communications Inc www.entrenet.com <http://www.entrenet.com> www.thehostingservice.com <http://www.thehostingservice.com> 24 Swain Ave, Ottawa, ON, K1G 4T1, Canada Email: [email protected] <mailto:[email protected]> , skype: jcwagar Tel: +1 613-737-7327, Fax: +1 613-737-5801 Cel: +1 613-818-8898 From: [email protected] <mailto:[email protected]> [mailto:[email protected]] On Behalf Of Dave Beckstrom Sent: Tuesday, April 22, 2014 5:42 PM To: [email protected] <mailto:[email protected]> Subject: [MBF]Smartermail / Declude and attachments I have a customer who about once a month will suddenly say they aren't receiving emails that have attachments. They claim the file sizes are well below their max message size limit. Is there a way to whitelist any email to them that has an attachment? As far as I know, declude doesn't look at the attachments. We have no virus scanner and virus scanning in declude is disabled. But at this point, I'd like to pass through anything with an attachment and they can deal with the spam. Any ideas?
