I don't have the specifics at hand but I created a rule that places a
heavy score (like 2.0) on anything that matches existing sex and bitcoin
rules. These messages usually match a bunch of other signals and that
rule pushes the score over my delete-on-sight threshold (8.0).
On 2023-11-10 05:51, giova...@paclan.it wrote:
To block this type of spam I've increased the score of GB_HASHBL_BTC
(Bitcoin rbl) rule.
Giovanni
On 11/10/23 11:01, Mark London wrote:
Sendmail didn't introduce FEATURE(require_rdns) until 2007. I'm sure
I've been using it longer than that. And by default it's not enabled.
It doesn't totally block the "I RECOVERED YOU" spams. Occasional some
come through with ip addresses that have valid reverse lookups. But
the number getting blocked, is still huge.
On 11/10/2023 4:48 AM, Reindl Harald (privat) wrote:
Am 10.11.23 um 08:40 schrieb Mark London:
Marc - You are correct. All the IP sources of this spam, don't a
valid reverse lookup of the IP address, to an IP name. That will
solve my problem. Thanks! - Mark
in other words your MTA is misconfigured
https://www.postfix.org/postconf.5.html#reject_unknown_reverse_client_hostname
On 11/9/2023 12:38 PM, Marc wrote:
Do you at least verify the reverse lookup? That already stops a
lot of such networks.
--
For SpamAssassin Users List