Stan Hoeppner put forth on 2/1/2011 11:21 PM:
> It might be beneficial for you to send your postconf -n output so we can make
> some anti spam configuration suggestions. This spam you're having a problem
> with would likely not have made it past the normal spam filters of most people
> on this list.
So it looks like you got hit before it was listed (I should have read all the
responses before my first reply).
The parent /24 looks like part of a broadband pool--all generic rDNS matching
one pattern. I've thus added the regex:
/^[0-9]{1,3}-[0-9]{1,3}-[0-9]{1,3}-[0-9]{1,3}\.optolan\.net\.ua$/
to http://www.hardwarefreak.com/fqrdns.pcre which will reject any client with
rDNS matching this pattern.
For those who don't already know, the file contains an additional 1600+ regexes
matching similar broadband/dynamic rDNS patterns and blocks much bot spam. FPs
will be extremely low, and will only include SOHO MTAs and "Linux weenies" (to
use Dave Crocker's term).
Usage instructions are comments at the top of the file. You may want to give
this a go Simon.
--
Stan
