On 7/26/11 8:41 PM, Karsten Bräckelmann wrote:
Did the message genuinely come from Dell? The named $director entity? Or
was it an ESP on behalf of Dell?
noop, dell directly, with a DNSWL_MED credit on the email with the
default rules SA has for DNSWL.I did reply back and tell the user that
that email finally qualifies them to take the management training class
at mcdonalds and that they should go back to their local mcd's and fill
out the application again.
most spam from 'legit' ESP's force the 'can spam' 'opt out/full physical
address' footers. they really don't like compliants and ip's being
blacklisted by ip reputation lists like spamcop, dcc, spamhaus, etc.
(of course the non legit ones just get a new ipv6 address every 15 mins :-)
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
>*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
* Certified SNORT Integrator
______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________
