Hi, It has been a few years since I last wrote to the list. Our James 2.3 installation has been happily running all that time with no problems.
Recently however we are being plagued by a particular variety of spam that the Bayesian filter just can't handle; 'no-body' spam. This variety has seemingly random 'from' addresses (but usually with valid domains). They all seem to come from different IP addresses which suggests a bot-net and therefore can't be blocked by the firewall. But the other distinguishing feature is their complete lack of any subject or body. This is what makes it so difficult for the filter to latch onto. A typical email looks as follows: - Message-ID: <A[20 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-MessageIsSpamProbability: 0.018074688897863164 Received: from 38.124.60.215 ([38.124.60.215]) by somewhere.co.uk (JAMES SMTP Server 2.3.1) with SMTP ID 965 for <off...@somewhere.co.uk>; Sun, 22 Mar 2015 12:11:17 +0000 (GMT) Date: Sun, 22 Mar 2015 12:11:17 +0000 (GMT) From: ieqeq...@baboonabeach.com Received: from 248.32.157.238 by 46.4.123.50; Sun, 22 Mar 2015 18:23:42 +0500 I was hoping that there was a matcher that I could use to reject all email with no or very small (< 4 bytes) content. However, all I could find was the 'SizeGreaterThan' matcher which matches the entire size of the email. As well as knowing if their is a solution for this I was also wondering if anyone knows just what is the point of all this? I've heard one theory that it poisons the filter but it just seems like a mindless act to me. Regards, David Legg --------------------------------------------------------------------- To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org