Hi all, I have a fedora15 system with spamassassin-3.3.2 and for quite some time I've been trying to block this frequent pattern originating from various networks, but always a similar short body with a URI:
http://pastebin.com/raw.php?i=iquXBnH0 The domain in this sample isn't currently blacklisted that I could find, but I've recorded seeing it on my network previously. While I could create a rule to block this specific domain, or submit it to a RBL, I'd appreciate any ideas how to more generally block them, rather than by one characteristic in the message. Maybe this is addressed in v3.4? Any way to determine what botnet it is a part of? Ideas greatly appreciated. Thanks, Alex
