Re: User getting spammed to death
From: Loren Wilton [EMAIL PROTECTED]
and I also consider to reject mails that have a random
display name added to my email
How do you do that?
I'd sure love to reject e-mail that says To: Joe Smith
([EMAIL PROTECTED]) but what about mail where they don't enter any
name?
Baby, bathwater...
You do it with a *really* *ugly* set of rules and a meta. Or well, you can
only reject if you are doing it at the frontend, and as you point out
rejecting may not be appropriate. But I do add, I forget, 3-5 points for
getting my name wrong if you include a display name.
#
# mail is not really to me
# Look for a string of [[]First Last[ ][]] [[EMAIL PROTECTED]]
# the name at the front is optional, but if it is there it better be right.
header __TO_METoCc =~ /(?:^|\,|\|,)\s*(?:\?\'?First
.*?\b?Last\s*\'?\?\s*\?(?i:[EMAIL PROTECTED])\?|\?(?i:[EMAIL
PROTECTED])\?)/
meta NOT_TO_ME (!__TO_ME)
describe NOT_TO_ME Mail is not addressed to me
The real problem here is that it is a unique solution for every user.
The not quite so nasty problem is the number of different ways to render
my name, especially if I allow for most of the common fsckups.
You and I are lucky in that we can reject anything to us at .com, which
is almost certainly spam. (Some people make the mistake. I correct them.
And I score the mistake fairly high. And there are other address manglings
I give even higher scores than the .com.)
{^_-}
Re: User getting spammed to death
jdow a écrit : The real problem here is that it is a unique solution for every user. The not quite so nasty problem is the number of different ways to render my name, especially if I allow for most of the common fsckups. agreed. I have many contacts who add me to their own addr book with their choice of display name (mouss/company, mouss/context, moos, $local_name, ... etc). so filtering the To/CC display name isn't for everyone. You and I are lucky in that we can reject anything to us at .com, which is almost certainly spam. (Some people make the mistake. I correct them. And I score the mistake fairly high. And there are other address manglings I give even higher scores than the .com.)
Re: User getting spammed to death
On Tue, 2006-02-14 at 07:45 +, [EMAIL PROTECTED] wrote: It seems my email appears on one of those millions of emails cdroms Egads, are those things still out there? I used to get spammed with offers for them. Of course, I don't get spam any more (thanks, SA team)! Thomas
User getting spammed to death
I am not sure if there is anything that I can do ... But our marketing email address is getting spammed to death. We are getting about 2000 messages an hour. It is getting to be a problem. Do any of you have a suggestion other than simply turfing the email address ? Thanks Peter
RE: User getting spammed to death
I had this problem a couple years back with our education email address. While the account got moderate levels of spam, it was absolutely inundated with virus backscatter. After a few months of trying to block the majority of it, we deemed the effort futile and abandoned the address. It was a nuisance as our website and brochures all had to be updated but its 2 years later and I still reject about 2000/day at our MTA... -Shawn -- Shawn Beairsto Network Administrator Data Kinetics Ltd. / Smart Telecom http://www.dkl.com http://www.smarttelecom.ca -Original Message- From: Peter Marshall [mailto:[EMAIL PROTECTED] Sent: Monday, February 13, 2006 1:16 PM To: SpamAssassin list Subject: User getting spammed to death I am not sure if there is anything that I can do ... But our marketing email address is getting spammed to death. We are getting about 2000 messages an hour. It is getting to be a problem. Do any of you have a suggestion other than simply turfing the email address ? Thanks Peter
RE: User getting spammed to death
Are the messages coming from the same sending server? If so, I'd blacklist it at your MTA until the storm is over. Kris -Original Message- From: Peter Marshall [mailto:[EMAIL PROTECTED] Sent: Monday, February 13, 2006 12:16 PM To: SpamAssassin list Subject: User getting spammed to death I am not sure if there is anything that I can do ... But our marketing email address is getting spammed to death. We are getting about 2000 messages an hour. It is getting to be a problem. Do any of you have a suggestion other than simply turfing the email address ? Thanks Peter
Re: User getting spammed to death
nope .. unfortunitly, that is not the case :( Kristopher Austin wrote: Are the messages coming from the same sending server? If so, I'd blacklist it at your MTA until the storm is over. Kris -Original Message- From: Peter Marshall [mailto:[EMAIL PROTECTED] Sent: Monday, February 13, 2006 12:16 PM To: SpamAssassin list Subject: User getting spammed to death I am not sure if there is anything that I can do ... But our marketing email address is getting spammed to death. We are getting about 2000 messages an hour. It is getting to be a problem. Do any of you have a suggestion other than simply turfing the email address ? Thanks Peter
RE: User getting spammed to death
Peter: I know this is probably not the problem... but you might want to be extra sure that this is not really a case of the SAME small group of messages downloading over and over again. I've seen that happen before where Outlook or Outlook Express, when downloading 20 messages off of the server (for example), will then choke on message #15 (for example). In such a case, each time the person retrieves their e-mail, they'll get the **same** 1st 14 messages (or however many) over and over and over again... when, in reality, these messages were not sent to the server over and over again. The client is simply downloading duplicate copies over and over again. (Most often, good filters will block any such message that would choke outlook, but you never know!) I recommend making sure that this isn't the actual problem (if you haven't already) --Rob McEwen -Original Message- From: Kristopher Austin [mailto:[EMAIL PROTECTED] Sent: Monday, February 13, 2006 2:01 PM To: Peter Marshall; SpamAssassin list Subject: RE: User getting spammed to death Are the messages coming from the same sending server? If so, I'd blacklist it at your MTA until the storm is over. Kris -Original Message- From: Peter Marshall [mailto:[EMAIL PROTECTED] Sent: Monday, February 13, 2006 12:16 PM To: SpamAssassin list Subject: User getting spammed to death I am not sure if there is anything that I can do ... But our marketing email address is getting spammed to death. We are getting about 2000 messages an hour. It is getting to be a problem. Do any of you have a suggestion other than simply turfing the email address ? Thanks Peter
RE: User getting spammed to death
please send unsubscribe address. I cannot find it on the spamassissin site. Thanks Mike
Re: User getting spammed to death
Michael Di Martino wrote: please send unsubscribe address. I cannot find it on the spamassissin site. That's because it's in the headers of *EVERY* message on the list. Note that this is the RFC standardized method for telling users how to unsubscribe, so be sure to check for it on other lists you subscribe to. list-help: mailto:[EMAIL PROTECTED] list-unsubscribe: mailto:[EMAIL PROTECTED] List-Post: mailto:users@spamassassin.apache.org List-Id: users.spamassassin.apache.org
RE: User getting spammed to death
On Mon, February 13, 2006 11:20 am, Michael Di Martino wrote: please send unsubscribe address. I cannot find it on the spamassissin site. In the headers of every message: list-unsubscribe: mailto:[EMAIL PROTECTED]
Re: User getting spammed to death
On Mon, February 13, 2006 11:59 am, Matt Kettler wrote: That's because it's in the headers of *EVERY* message on the list. Note that this is the RFC standardized method for telling users how to unsubscribe, so be sure to check for it on other lists you subscribe to. SNIP list-unsubscribe: mailto:[EMAIL PROTECTED] SNIP Also on the bottom of the messages. :-D Technically, the unsubscribe instructions aren't on the spamassassin page, but the subscribe instructions are. And you can generally figure out the unsubscribe instructions based on the subscribe options - ie To subscribe, send an e-mail to [EMAIL PROTECTED] , you can probably assume you can use [EMAIL PROTECTED] :)
RE: User getting spammed to death
Using some good RBLs at your MTA should help, also make sure you are running current version of SA with everything enabled (bayes, urbl, etc) -Original Message- From: Peter Marshall [mailto:[EMAIL PROTECTED] Sent: Monday, February 13, 2006 1:16 PM To: SpamAssassin list Subject: User getting spammed to death I am not sure if there is anything that I can do ... But our marketing email address is getting spammed to death. We are getting about 2000 messages an hour. It is getting to be a problem. Do any of you have a suggestion other than simply turfing the email address ? Thanks Peter
RE: User getting spammed to death
Using some good RBLs at your MTA should help, also make sure you are running current version of SA with everything enabled (bayes, urbl, etc) -Original Message- From: Peter Marshall [mailto:[EMAIL PROTECTED] Sent: Monday, February 13, 2006 1:16 PM To: SpamAssassin list Subject: User getting spammed to death I am not sure if there is anything that I can do ... But our marketing email address is getting spammed to death. We are getting about 2000 messages an hour. It is getting to be a problem. Do any of you have a suggestion other than simply turfing the email address ? Thanks Peter
Re: User getting spammed to death
Evan Platt wrote: On Mon, February 13, 2006 11:59 am, Matt Kettler wrote: That's because it's in the headers of *EVERY* message on the list. Note that this is the RFC standardized method for telling users how to unsubscribe, so be sure to check for it on other lists you subscribe to. SNIP list-unsubscribe: mailto:[EMAIL PROTECTED] SNIP Also on the bottom of the messages. :-D I copied that there Evan.. It's not normally there :) Technically, the unsubscribe instructions aren't on the spamassassin page, but the subscribe instructions are. And you can generally figure out the unsubscribe instructions based on the subscribe options - ie To subscribe, send an e-mail to [EMAIL PROTECTED] , you can probably assume you can use [EMAIL PROTECTED] :) Yeah, but why would you look on the webpage at all??? That's not where the information is supposed to be. It's supposed to be in the headers.
Re: User getting spammed to death
Greg Allen wrote: Using some good RBLs at your MTA should help, also make sure you are running current version of SA with everything enabled (bayes, urbl, etc) True, spamcop and some other RBLs have recently started blacklisting sites that emit backwash.
Re: User getting spammed to death
On 2/13/2006 7:16 PM +0100, Peter Marshall wrote: I am not sure if there is anything that I can do ... But our marketing email address is getting spammed to death. We are getting about 2000 messages an hour. It is getting to be a problem. Do any of you have a suggestion other than simply turfing the email address ? Thanks Peter Implement grey-listing temporarily. Regards, Niek Baakman
Re: User getting spammed to death
I am not sure if there is anything that I can do ... But our marketing email address is getting spammed to death. We are getting about 2000 messages an hour. It is getting to be a problem. Do any of you have a suggestion other than simply turfing the email address ? Thanks Peter Hi Peter, I have just started to reject mails where the sender does not care to put my email addy into To or Cc field, and I also consider to reject mails that have a random display name added to my email Of course you have to whitelist every mailing list or forwarder that sends to that address. Wolfgang Hamann
Re: User getting spammed to death
On Mon, February 13, 2006 2:29 pm, [EMAIL PROTECTED] wrote: I have just started to reject mails where the sender does not care to put my email addy into To or Cc field, Wow.. So if someone sends a message where you're on the BCC, you simply delete it? I get a number of e-mails from friends and family like this. and I also consider to reject mails that have a random display name added to my email Of course you have to whitelist every mailing list or forwarder that sends to that address. How do you do that? I'd sure love to reject e-mail that says To: Joe Smith ([EMAIL PROTECTED]) but what about mail where they don't enter any name? Baby, bathwater...
Re: User getting spammed to death
Hi Evan, it is currently an addition to qmail-scanner As for whielisting: if the envelope from matches @spamassassin.apache.org or @lists.sourceforge.net or my username (yes, I sometimes bcc me a copy) let it through. Otherwise if none of my possible names appears in either to or cc, it must be for the recycle bin. I check for my username, my email addy, and another email addy that gets forwarded to me. It seems my email appears on one of those millions of emails cdroms, and there probably is software that picks ever 50'th name for To, and sends bcc to 49, so I often find [EMAIL PROTECTED] About the display name: when I use feedback forms or signup to a newsletter, I expect either no display name at all, or my last name, or first name + last name. When someone replies, I expect to see what I was sending. So why should I want to read mails with arbitrary display names Wolfgang Hamann On Mon, February 13, 2006 2:29 pm, [EMAIL PROTECTED] wrote: I have just started to reject mails where the sender does not care to put my email addy into To or Cc field, Wow.. So if someone sends a message where you're on the BCC, you simply delete it? I get a number of e-mails from friends and family like this. and I also consider to reject mails that have a random display name added to my email Of course you have to whitelist every mailing list or forwarder that sends to that address. How do you do that? I'd sure love to reject e-mail that says To: Joe Smith ([EMAIL PROTECTED]) but what about mail where they don't enter any name? Baby, bathwater...
