I'm running Red Hat EL4 with SA 3.1.4 and postfix/procmail.
Since yesterday I moved the mailserver to a new datacenter, and I'm not sure if it's related, but but now I get more spam then ever. The server is connected with 1 NIC on a private subnet and routed via the firewall to the internet, I allready denied access from one local IP with iptables that sended ALOT of spam to my users.
Alot of spam still gets properly filtered by SA but some spam manages to get in the inboxes. Mostely messages containing a subject wich starts like Re:RX....
What is the best way to block these kind of spams? My score is 3,0 atm but these spammails hardly get a core higher then 1
I have pasted some more detailed info below from the headers (my IP's and adressess are scrambled for privacy purposes).
Thanks for all suggestions!
Ivago
Header info
+++++++++++++++++++++++++++++++++++++++++++++
| Return-Path: <[EMAIL PROTECTED]
> X-Spam-Checker-Version: SpamAssassin 3.1.4 (2006-07-25) on SOKAHO2.studioo.be X-Spam-Level: X-Spam-Status: No, score=0.1 required=3.0 tests=BAYES_50,FORGED_RCVD_HELO, HTML_MESSAGE autolearn=ham version=3.1.4 X-Original-To: [EMAIL PROTECTED] Delivered-To: [EMAIL PROTECTED] Received: from kcg-inc.com (ALagny-152-1-35-110.w83-112.abo.wanadoo.fr [83.112.228.110 ]) by mail.studioo.be (Postfix) with SMTP id D55B4103FDC for <[EMAIL PROTECTED]>; Sun, 27 Aug 2006 21:57:30 +0200 (CEST) Received: by 192.168.xxx.64 with SMTP id QTRtOfzW; for <[EMAIL PROTECTED]>; Sun, 27 Aug 2006 12:59:10 -0700 Message-ID: <[EMAIL PROTECTED]> Reply-To: "Hagen Mckechnie" <[EMAIL PROTECTED]> From: "Hagen Mckechnie" <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: RXnyhe Date: Sun, 27 Aug 2006 12:59:10 -0700 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0001_01C6C9D8.96D1AB40" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Status: RO X-UID: 12839 Content-Length: 2363 X-Keywords: |
