I recently blocked .jpg and .gif attachments on our server
here at bong.com.au (which also serves fragfest.com.au)
fortunately we dont have many users so its not a huge drama.
But its great that so much spam is image spam, because
adding such a rule has dropped our spam *enormously*
I also have HELO checks thanks to exim, i just block
'localhost' '127.0.0.1' and my domain name. scanning the
logs it has had some impact on the amount of spam, but
not as significant as feeding spamassassin regularly.
im not sure if razor is making much difference, my logs
dont really isolate things that well (razor being part of
spamassassin in my case)
We also block .exe .com .scr .doc .xls .ppt
It annoys people sometimes, but the benefits of ziping
annoying office documents outweigh not. (most doc files
will go to at least 25%, and there is nothing more annoying
than a powerpoint presentation of someones holiday snaps
being slung at you)
Dean
Howard Lowndes wrote:
[EMAIL PROTECTED] wrote:
On Wednesday 10 January 2007 08:55, [EMAIL PROTECTED] wrote:
I've just noticed that the spam level hitting my mail server
has increased 4 to 4 fold overnight, most of it being dropped
at the CONNECT stage.
http://www.lannet.com.au/traffic/h48/index.html
Has anyone else noticed similar?
Yes, there has been a massive increase in spam in recent days but last
night it went off the richter scale.
Particularly nasty has been the bogus postmaster messages sent as
bounces from "random four or five alpha character group" at my domain.
There also appears to be another ugly one that contains random lines of
text picked up by a search engine (searching the victim sender's HDD?).
For several months now I have been sending my incoming spam to ACMA,
for which I had to allow spam through (and then filter it). But I am
about to abandon this and just stop the spam altogether -- at least, as
best I can.
After John escaped the bottomless pit ...
How do you "just stop spam"
Everyone of my client or helo restrictions gets howls of anguish ...,
broken mailers proliferate!
I have abandoned HELO checks because of, mostly, screwed M$ Exchange
servers and now rely on CONNECT, MAIL FROM, RCPT TO, and the usual DATA
checks and I haven't noticed much change in the rejection rate but
certainly an improvement (reduction) in the false positive hits, so it
looks like the HELO checks aren't worth much other than grief from
recipient users.
James
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
