On Wed, 11 Jan 2012, --[ UxBoD ]-- wrote:
The type of SPAM we are seeing is where legit companies are having their
adverts cloned and the hyperlinks changed to spammy sites. Bayes is being
by-passed due to the content looking valid so it is coming down to the IPs and
domains. Had one yesterday where at 06:39 it was received by one of our clients
and at 06:42 it appeared on one of the RBLs. I am guessing that it must have
been a huge spam mailing that hit a lot of honeypots and people all at once.
Downside is not a happy client ;(
Graylisting would be one answer to this particular senario.
However it has the downside of delaying legit messages.
Some clients seem to think that e-mail == IM and get PO'ed
if messages don't arrive with seconds of sending.
Actually had a faculty ask me how to set his T-bird to check for
new messages every -second-, didn't want to wait a minute. ;(
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
