jj-ml wrote: > I've received once a day a spam from [EMAIL PROTECTED] > (fidbroker.com) Since it is a french company and i live in france, i > call them (the phone number is in the spam) and tell them to stop. > They told me they will do so, but of course they don't do anything. > > Obsiouly, they already had pb with their previous ISP and change > their email address.
If the sender address is consistent in any way, blacklist them. If not, check the message headers or body to see if there's anything consistent between messages that you can write a rule or set of rules for. If you feel like making the effort, track down their ISP and let them know that their user is generating spam. > So i want to submit the website and their email to a RBL so that > everybody can tag them as spam. > How to do so? http://www.surbl.org and http://www.uribl.com both accept submissions in one form or another. Check through their websites and see if they're what you're looking for. > second pb: in some of them, there is a big attachment (> 500k) so it > doesn't go throw spamassassin. How to resolv that pb? On my systems, I'd do one or more of these: -> Create a procmail rule that sends these to /dev/null (based on sender, Recieved: headers, or some sort of check on the attachment) -> Tweak processing in MIMEDefang (a sendmail "milter") to delete or reject these messages -> Add an entry in the sendmail access map to block the sender or relay server outright - along with a suitable "Go away, spammer" message -> Drop the relay's IP into my firewall (I only do this in extreme cases, such as a thoroughly BROKEN remote server with nonresponsive admins - I've had to do this ONCE) -kgd -- Get your mouse off of there! You don't know where that email has been!
