On 2013-06-13 18:49, John Hardin wrote:
On Thu, 13 Jun 2013, Alex wrote:
There's anecdotal reports that spammers focus on backup MX hosts in the
hopes they are less-well-protected. You might also try changing the MX
weighting and see if that causes the spam to concentrate on a
specific MX
hos
Alex skrev den 2013-06-14 00:42:
I'm thinking this is sounding like a better option. The IPs change
way
too quickly for me to be able to keep up with updating a DNSBL. It's
funny -- despite all MXs having the same weight, mail03 is really the
one that's pounded with these pump-and-dump spams. M
On Thu, 13 Jun 2013, Alex wrote:
There's anecdotal reports that spammers focus on backup MX hosts in the
hopes they are less-well-protected. You might also try changing the MX
weighting and see if that causes the spam to concentrate on a specific MX
host. That might give you a little more positi
Hi,
On Wed, Jun 12, 2013 at 3:07 PM, Benny Pedersen wrote:
> Ben Johnson skrev den 2013-06-12 18:26:
>
>> Isn't this the function that Bayes is intended to serve, rather precisely?
>
> sa-grey plugin might help, spammers change sender address and ips, so lets
> track it, works well here, rbl is n
Hi,
On Thu, Jun 13, 2013 at 6:53 PM, John Hardin wrote:
> On Thu, 13 Jun 2013, Alex wrote:
>> I'm thinking this is sounding like a better option. The IPs change way
>> too quickly for me to be able to keep up with updating a DNSBL. It's
>> funny -- despite all MXs having the same weight, mail03 i
On Thu, 13 Jun 2013, Alex wrote:
John Hardin wrote:
As was suggested earlier: greylisting?
I'm thinking this is sounding like a better option. The IPs change way
too quickly for me to be able to keep up with updating a DNSBL. It's
funny -- despite all MXs having the same weight, mail03 is rea
Hi,
On Wed, Jun 12, 2013 at 2:54 PM, Daniel McDonald
wrote:
> On 6/12/13 1:25 PM, "Alex" wrote:
>
>> John Hardin wrote:
>>> As was suggested earlier: greylisting?
>>
>> I really don't think my users would tolerate the delay, so I've never
>> implemented it. They would have vendors calling them o
Neil,
I'm sorry but I can't disclose the logs. fortunately 95% of them were
blocked by blacklisting or greylisting. I just wanted to know if other
people see a massive increase of spam the last weeks.
On Wed, Jun 12, 2013 at 9:31 PM, Benny Pedersen wrote:
> Alex skrev den 2013-06-12 20:25:
>
>
Alex skrev den 2013-06-12 20:25:
John Hardin wrote:
As was suggested earlier: greylisting?
I really don't think my users would tolerate the delay, so I've never
implemented it. They would have vendors calling them on the phone
complaining, not to mention users. From what I understand the dela
Ben Johnson skrev den 2013-06-12 18:26:
Isn't this the function that Bayes is intended to serve, rather
precisely?
sa-grey plugin might help, spammers change sender address and ips, so
lets track it, works well here, rbl is not a content, but url is, in
other words, if one check rbl in mta s
On 6/12/13 1:25 PM, "Alex" wrote:
>
> John Hardin wrote:
>> As was suggested earlier: greylisting?
>
> I really don't think my users would tolerate the delay, so I've never
> implemented it. They would have vendors calling them on the phone
> complaining, not to mention users. From what I un
Hi,
# 2013 cars local dealership
http://pastebin.com/3bEMiV3B
>>>
>>> URI in that sample
>>>
>>> pohformed.com listed on black.uribl.com
>>> pohformed.com listed on jp.surbl.org
>>> pohformed.com listed on sc.surbl.org
>>> pohformed.com listed on dbl.spamhaus.org
>>
>> I know I should ha
On Wed, 12 Jun 2013, Alex wrote:
I know I should have mentioned that. Yes, I'm using the above RBLs,
and they're all correctly tagged here now.
I was hoping for something more preemptive to trigger on these more
generally because the IPs are only used for a short while, but long
enough to get 2
On 6/12/2013 12:22 PM, Alex wrote:
> Hi,
>
>>> # 2013 cars local dealership
>>> http://pastebin.com/3bEMiV3B
>>
>> URI in that sample
>>
>> pohformed.com listed on black.uribl.com
>> pohformed.com listed on jp.surbl.org
>> pohformed.com listed on sc.surbl.org
>> pohformed.com listed on dbl.spamh
Hi,
>> # 2013 cars local dealership
>> http://pastebin.com/3bEMiV3B
>
> URI in that sample
>
> pohformed.com listed on black.uribl.com
> pohformed.com listed on jp.surbl.org
> pohformed.com listed on sc.surbl.org
> pohformed.com listed on dbl.spamhaus.org
I know I should have mentioned that. Yes,
On 06/12/2013 05:09 PM, Alex wrote:
# 2013 cars local dealership
http://pastebin.com/3bEMiV3B
URI in that sample
pohformed.com listed on black.uribl.com
pohformed.com listed on jp.surbl.org
pohformed.com listed on sc.surbl.org
pohformed.com listed on dbl.spamhaus.org
using SA 3.4 it adds:
Hi,
On Wed, Jun 12, 2013 at 9:03 AM, Neil Schwartzman wrote:
> Uhm. perhaps some snippets from the maillogs, or examples?
I thought I would take the opportunity to post a few I'm seeing and
can't figure out. I've created a bunch of local subject rules, and
continually train them with bayes, but
Uhm. perhaps some snippets from the maillogs, or examples?
On Jun 12, 2013, at 5:59 AM, polloxx wrote:
> Dear list,
>
> We see massive spamruns since begin june. Are other people also similar runs?
> They fill our maillog. Fortunately most is blocked.
smime.p7s
Descrip
Dear list,
We see massive spamruns since begin june. Are other people also similar
runs? They fill our maillog. Fortunately most is blocked.
19 matches
Mail list logo
