On Wed, Jan 22, 2025 at 08:02:22AM +0100, Martin Waschbüsch via Exim-users
wrote:
> And yes, this is not something to use lightly, but there are literally
> several hundred fake domains I identified all using this one MX... I am
> quite sure in this instance. ;-)
If so, you can easily block this
Hi
you can do something like this:
drop condition = ${if match{bad.mx.host.name}${lookup
dnsdb{>:defer_never,mxh=$sender_address_domain}}
El 22/01/2025 a las 6:24, Martin Waschbüsch via Exim-users escribió:
Hi all,
I noticed that loads of Spam comes my way from addresses with this kind
Am 22.01.25 um 07:25 schrieb Slavko via Exim-users:
Dňa 22. 1. o 6:24 Martin Waschbüsch via Exim-users napísal(a):
Looking more closely, I found that all the sending domains I tested
had one common attribute: their MX points to the same fqdn.
Is it possible to use that information to block inc
Dňa 22. 1. o 6:24 Martin Waschbüsch via Exim-users napísal(a):
Looking more closely, I found that all the sending domains I tested
had one common attribute: their MX points to the same fqdn.
Is it possible to use that information to block incoming mail from
any and all domains having that same
Hi all,
I noticed that loads of Spam comes my way from addresses with this kind
of pattern:
word.numb...@subdomain.domain.tld
All parts of that pattern seem to randomly change (though currently I
mostly see the .shop TLD used 95% of the time.)
Sending IPs are all over the place.
Initially
