Jaroslaw Rafa via mailop wrote:
Dnia 3.01.2025 o godz. 11:55:10 Matus UHLAR - fantomas via mailop pisze:
I have put googlegroups.com and groups.google.com to my local rhsbl
list and use it at both MTA and spamassassin level (uribl checks
included).
Many people here on this list are saying this. I'm wondering - does none of
your users actually use Google Groups as regular, legitimate mailing lists?
I'm on a couple of technical lists using Groups, for better or worse,
and I've come across a number of others.
And as a smallish-medium-sized ISP, we absolutely have customers
receiving legitimate mail from legitimate groups.
I've done several things about these since I first saw them:
-> Create SpamAssassin rules targeting clear patterns in the List-ID
-> Add the List-ID, unaltered, into a local DNSBL
-> Remove the first dot-separated part of the List-ID, and add the
remainder into a local DNSBL, and extend the custom SpamAssassin plugin
code that grabs a List-ID header (and numerous other related ones across
many other platforms) to trim the first part off of Google Groups IDs,
specifically, if they have more than 4 parts. To date I have not seen
more than a very few spam groups with 3-part List-IDs.
-kgd
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
