Rocco Scappatura schrieb:
It is possible to block the spam sent by GreetingCards.com which invites
the receiver to access an URL and browse the ecard?
I mean that spam which has subject similar to:
You've received a greeting ecard from a Colleague!
BR,
rocsca
I really dont understand (once again) how that can get through at any of
you guys setups:
X-Spam-Report:
* 7.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
* [score: 1.0000]
* 0.0 STOX_REPLY_TYPE STOX_REPLY_TYPE
* 2.1 TVD_FINGER_02 TVD_FINGER_02
* 2.4 HELO_DYNAMIC_IPADDR Relay HELO'd using suspicious hostname (IP
addr
* 1)
* 0.0 FH_HELO_EQ_D_D_D_D Helo is d-d-d-d
* 3.0 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
* [75.111.124.140 listed in zen.spamhaus.org]
* 2.0 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in
bl.spamcop.net
* [Blocked - see <http://www.spamcop.net/bl.shtml?75.111.124.140>]
* 0.6 RCVD_IN_SORBS_WEB RBL: SORBS: sender is a abuseable web server
* [75.111.124.140 listed in dnsbl.sorbs.net]
* 3.0 BOTNET Relay might be a spambot or virusbot
*
[botnet0.7,ip=75.111.124.140,hostname=c75-111-124-140.mdldcmtk01.tx.dh.suddenlink.net,client,ipinhostname]
* 0.0 DKIM_POLICY_SIGNSOME Domain Keys Identified Mail: policy says
domain
* signs some mails
* 0.0 BOTNET_IPINHOSTNAME Hostname contains its own IP address
*
[botnet_ipinhosntame,ip=75.111.124.140,rdns=c75-111-124-140.mdldcmtk01.tx.dh.suddenlink.net]
* 0.0 BOTNET_CLIENT Relay has a client-like hostname
*
[botnet_client,ip=75.111.124.140,hostname=c75-111-124-140.mdldcmtk01.tx.dh.suddenlink.net,ipinhostname]
* 1.9 RCVD_ILLEGAL_IP Received: contains illegal IP address
* 0.0 HS_INDEX_PARAM URI: Link contains a common tracker pattern.
* 0.0 NORMAL_HTTP_TO_IP URI: Uses a dotted-decimal IP address in URL
* 1.5 IXHASH BODY: This mail has been classified as spam @ iX Magazine,
* Germany
* 1.5 LOGINHASH2 BODY: mail has been classified as spam @ unknown
company,
* Germany
* 1.5 LOGINHASH1 BODY: mail has been classified as spam @
LogIn&Solutions
* AG, Germany
* 1.5 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level
* above 50%
* [cf: 100]
* 0.5 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
* 0.5 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
* [cf: 100]
* 2.2 DCC_CHECK Listed in DCC (http://rhyolite.com/anti-spam/dcc/)
* 0.0 DIGEST_MULTIPLE Message hits more than one network digest check
* 0.1 RDNS_DYNAMIC Delivered to trusted network by host with
* dynamic-looking rDNS
its scoring huge for me,
arni