Hi there For the past few weeks we've experienced a large increase in missed spam. It's Pharma-related, one sentence plus a link.
The interesting features are: * every Subject line is different. They're aren't Bayes-busters either - all Pharma related - but shall we say "innovative" in their use of English. I do mean every one is different too. I can see one get through, and if I search for the Subject line in the logs, I see that it was sent to only one person! This is a level of sophistication I haven't seen/noticed before * the single sentence sometimes refers to Pharma - sometimes not * obviously the SA RBL/SURBL tests don't pick these If one gets through and I wait 10-20 minutes and re-run it, it typically increases it's score from 2/5 to >10/5 - so graylisting would definitely help. But we don't "do" graylisting. There's really not much to chew on with these messages. How are others dealing with them? Here's an example - it's already been picked up by network tests - but it demonstrates the format http://pastebin.com/W6wXq4RX -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
