On 2:59 PM, Julian Yap wrote:
NOTE: I changed the domains below to 'dot info' as the mailing list rejected my initial submission.I'm pretty sure it's not just me but there is some constant spamming from dot info domains. Perhaps for the past 2 months or so. Often they send hundreds per day and consistently from the same IP's.
dot info domains hadn't crossed my radar, but I decided to look anyway and found that my logs agree with your notion that 99% (100%?) of dot info From: addresses are spam. Roughly 75% of mine are caught at the door by RBL's at the MTA level. Of the ones that get through, another 75% score above my reject threshold. A simple rule to bump the points of any dot info From: address has now pushed everything to the tag level, and even many of the tags to rejects.
For what it's worth, the ones making it past the RBL's in the MTA do not match any stock RCVD_IN_* rules.
-- /Jason
smime.p7s
Description: S/MIME Cryptographic Signature
