Hi all, I'm using SA-3.2.5 on Linux and my system is being deluged with spam that isn't being caught, apparently from botnets. I'm using botnet-0.7. The subject is random and the "Received from" header is always an unresolvable IP. Is there a more robust botnet plugin that may be more effective? Botnet-v08 was catching too many FPs. (score too high). The body is also quite random -- enough so as to keep bayes usually at 50 or less.
Is there a later version of SA that's stable? Here's the relevant headers: Received: from [78.97.185.89] (unknown [78.97.185.89]) Message-ID: <krszdjkabfqdkcf.iodbkvqhqtyymyw83588989...@[78.97.185.89]> Subject: Where is this bar? MIME-Version: 1.0 Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: 7bit Date: Sat, 13 Jun 2009 04:05:44 -0400 (EDT) X-Virus-Scanned: by amavisd-new at mydomain.com X-Spam-Status: No, hits=4.9 tagged_above=-300.0 required=5.0 use_bayes=1 tests=BAYES_50, BOTNET, HTML_MESSAGE, MIME_HTML_ONLY, RDNS_NONE, URIBL_BLACK X-Spam-Level: **** The body is HTML and contains the following: Click here to view this message as a web page. Copyright © 2002-2009 by the Pyahqql, Inc. All rights reserved. Click here if this picture is blocked Home | Contact Us | Privacy Policy | Terms of Use | Unsubscribe | Where can I go from here? Thanks, Alex
