On Mon, 14 Dec 2020, Dominic Raferd wrote:
On 14/12/2020 11:01, Iulian Stan wrote:
I am also receiving a lot of spam from google (aparently always domain is
trix.bounces.google.com)
https://pastebin.com/DW6dvdxP <https://pastebin.com/DW6dvdxP>
To my surprise, you seem to be right. In my logs I have a number of these
(but not a huge number) over the last year, they have almost all been blocked
by SA (not using bayes) - but not blocked by earlier defences. I have
received only a handful of such mails that have passed SA; now when I check
them all definitely spam/phishing. The IPs all seem to be Google's (within
CIDR 209.85.128.0/17). I'm going to add a couple of points scoring to
anything from trix.bounces.google.com.
I'll add a rule for that to my sandbox and we'll see what happens.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
The belief in one’s own moral superiority eventually
erases the conscience. After all, if one is morally superior
to others, then no conscience is needed. All actions and behaviors
are acceptable because they’re done in an effort to
make the world a better place. -- I&I Editorial
-----------------------------------------------------------------------
Tomorrow: Bill of Rights day
