Neil,
I'm sorry but I can't disclose the logs. fortunately 95% of them were
blocked by blacklisting or greylisting. I just wanted to know if other
people see a massive increase of spam the last weeks.
On Wed, Jun 12, 2013 at 9:31 PM, Benny Pedersen m...@junc.eu wrote:
Alex skrev den
Hi,
On Wed, Jun 12, 2013 at 2:54 PM, Daniel McDonald
dan.mcdon...@austinenergy.com wrote:
On 6/12/13 1:25 PM, Alex mysqlstud...@gmail.com wrote:
John Hardin wrote:
As was suggested earlier: greylisting?
I really don't think my users would tolerate the delay, so I've never
implemented it.
On Thu, 13 Jun 2013, Alex wrote:
John Hardin wrote:
As was suggested earlier: greylisting?
I'm thinking this is sounding like a better option. The IPs change way
too quickly for me to be able to keep up with updating a DNSBL. It's
funny -- despite all MXs having the same weight, mail03 is
Hi,
On Thu, Jun 13, 2013 at 6:53 PM, John Hardin jhar...@impsec.org wrote:
On Thu, 13 Jun 2013, Alex wrote:
I'm thinking this is sounding like a better option. The IPs change way
too quickly for me to be able to keep up with updating a DNSBL. It's
funny -- despite all MXs having the same
Hi,
On Wed, Jun 12, 2013 at 3:07 PM, Benny Pedersen m...@junc.eu wrote:
Ben Johnson skrev den 2013-06-12 18:26:
Isn't this the function that Bayes is intended to serve, rather precisely?
sa-grey plugin might help, spammers change sender address and ips, so lets
track it, works well here,
On Thu, 13 Jun 2013, Alex wrote:
There's anecdotal reports that spammers focus on backup MX hosts in the
hopes they are less-well-protected. You might also try changing the MX
weighting and see if that causes the spam to concentrate on a specific MX
host. That might give you a little more
Alex skrev den 2013-06-14 00:42:
I'm thinking this is sounding like a better option. The IPs change
way
too quickly for me to be able to keep up with updating a DNSBL. It's
funny -- despite all MXs having the same weight, mail03 is really the
one that's pounded with these pump-and-dump spams.
Dear list,
We see massive spamruns since begin june. Are other people also similar
runs? They fill our maillog. Fortunately most is blocked.
Uhm. perhaps some snippets from the maillogs, or examples?
On Jun 12, 2013, at 5:59 AM, polloxx poll...@gmail.com wrote:
Dear list,
We see massive spamruns since begin june. Are other people also similar runs?
They fill our maillog. Fortunately most is blocked.
smime.p7s
Description: S
Hi,
On Wed, Jun 12, 2013 at 9:03 AM, Neil Schwartzman n...@cauce.org wrote:
Uhm. perhaps some snippets from the maillogs, or examples?
I thought I would take the opportunity to post a few I'm seeing and
can't figure out. I've created a bunch of local subject rules, and
continually train them
On 06/12/2013 05:09 PM, Alex wrote:
# 2013 cars local dealership
http://pastebin.com/3bEMiV3B
URI in that sample
pohformed.com listed on black.uribl.com
pohformed.com listed on jp.surbl.org
pohformed.com listed on sc.surbl.org
pohformed.com listed on dbl.spamhaus.org
using SA 3.4 it adds:
Hi,
# 2013 cars local dealership
http://pastebin.com/3bEMiV3B
URI in that sample
pohformed.com listed on black.uribl.com
pohformed.com listed on jp.surbl.org
pohformed.com listed on sc.surbl.org
pohformed.com listed on dbl.spamhaus.org
I know I should have mentioned that. Yes, I'm using
On 6/12/2013 12:22 PM, Alex wrote:
Hi,
# 2013 cars local dealership
http://pastebin.com/3bEMiV3B
URI in that sample
pohformed.com listed on black.uribl.com
pohformed.com listed on jp.surbl.org
pohformed.com listed on sc.surbl.org
pohformed.com listed on dbl.spamhaus.org
I know I
On Wed, 12 Jun 2013, Alex wrote:
I know I should have mentioned that. Yes, I'm using the above RBLs,
and they're all correctly tagged here now.
I was hoping for something more preemptive to trigger on these more
generally because the IPs are only used for a short while, but long
enough to get
Hi,
# 2013 cars local dealership
http://pastebin.com/3bEMiV3B
URI in that sample
pohformed.com listed on black.uribl.com
pohformed.com listed on jp.surbl.org
pohformed.com listed on sc.surbl.org
pohformed.com listed on dbl.spamhaus.org
I know I should have mentioned that. Yes, I'm
On 6/12/13 1:25 PM, Alex mysqlstud...@gmail.com wrote:
John Hardin wrote:
As was suggested earlier: greylisting?
I really don't think my users would tolerate the delay, so I've never
implemented it. They would have vendors calling them on the phone
complaining, not to mention users.
Ben Johnson skrev den 2013-06-12 18:26:
Isn't this the function that Bayes is intended to serve, rather
precisely?
sa-grey plugin might help, spammers change sender address and ips, so
lets track it, works well here, rbl is not a content, but url is, in
other words, if one check rbl in mta
Alex skrev den 2013-06-12 20:25:
John Hardin wrote:
As was suggested earlier: greylisting?
I really don't think my users would tolerate the delay, so I've never
implemented it. They would have vendors calling them on the phone
complaining, not to mention users. From what I understand the
18 matches
Mail list logo
