Jason Esman wrote:
What are people doing about joe jobs at this point? What custom rules, and or
pluggins?
We
1) Use VBounce
2) For any message hitting ANY_BOUNCE_MESSAGE our MD filter tries
to extract the original message from the bounce and run that
through SpamAssassin and then use the hi
TED]
> Sent: Monday, May 05, 2008 11:53 AM
> To: Jon-Paul Kelly
> Cc: spamassassin-users
> Subject: Re: joe jobbed or hacked?
>
> Read the headers in the bounce messages; look for the originating IP
> address. If it's the address of your server, then you know it's not a
Jon-Paul Kelly <[EMAIL PROTECTED]> writes:
> I just received around 2000 bounce messages from various servers
> rejecting messages (supposedly) coming from my email address.
It's most likely just a joe-job thing. While backscatter is nothing
new, I haven't seen backscatter on the current scale b
Jon-Paul Kelly wrote:
I just received around 2000 bounce messages from various servers
rejecting messages (supposedly) coming from my email address.
This has happened to me before but not on this scale. Any ideas on how
to tell if this is just a joe job or if someone has actually used my
server
Read the headers in the bounce messages; look for the originating IP
address. If it's the address of your server, then you know it's not a
joe job (but it probably is).
Rubin
On Mon, 2008-05-05 at 09:45 -0700, Jon-Paul Kelly wrote:
> I just received around 2000 bounce messages from various serve
