On Tue, 2009-02-24 at 14:58 +0200, Johann Spies wrote:
> The following link describes a problem we are experiencing:
> http://www.joewein.net/blog/2009/01/21/google-groups-spam-abuse-reporting-broken/
>
> It seems to me the only way to counter that type of spam is to
> do a curl or wget on each url in a message an submit the content
> thereof to Spamassassin. But you can't do that on 200000 emails per
> day and I am not sure how to handle such a process from exim.
That is a *very* bad idea anyway. Reasons include automated verification
of live recipient addresses to spammers and unsubscribing from legiti-
mate newsletters. Not an exhaustive list...
> I am sure I am not the only one having to deal with this kind of
> spam. How do you counter it?
Yes, I too get spam with google groups URIs. Typically scores quite
high, though. So I guess the answer would be "I deal with it by running
SA..." ;)
More seriously, unless you provide raw samples [1], including the rules
hit on your system, there's probably not much else to say.
guenther
[1] Upload them somewhere, maybe use a pastebin. Do not post them to the
list.
--
char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
