Re: how do I block this stock promotion spam?
Hi, i'd block it like this: X-Spam-Report: * 5.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100% * [score: 0.9997] * 0.1 RDNS_NONE Delivered to trusted network by a host with no rDNS * 2.0 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net * [Blocked - see http://www.spamcop.net/bl.shtml?63.147.147.222] * 3.0 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL * [63.147.147.222 listed in zen.spamhaus.org] * 3.0 BOTNET Relay might be a spambot or virusbot * [botnet0.7,ip=63.147.147.222,maildomain=southwest.com.au,nordns] * 0.0 DKIM_POLICY_SIGNSOME Domain Keys Identified Mail: policy says domain * signs some mails * 0.0 BOTNET_NORDNS Relay's IP address has no PTR record * [botnet_nordns,ip=63.147.147.222] Generally means: ether install botnet and hope for beeing a late reciever (spamcop) or train your bayes on it (also together with the botnet plugin) arni Andrew Xiang schrieb: how do I block this stock promotion spam? thanks Andrew
Re: how do I block this stock promotion spam?
At 06:14 AM 7/5/2007, Andrew Xiang wrote: how do I block this stock promotion spam? You are running 3.1.7. I'm on 3.1.8, and I'm not up to date. I believe 3.2.1 is the most current. On my system, the first spam scored a 11.0: X-Spam-Status: Yes, score=11.9 required=5.0 tests=BOTNET,MISSING_HB_SEP, RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_XBL autolearn=no version=3.1.8 I'd suggest running sa-update.
