Dave,
A lot of the largest static spammer organizations use this software, but
unfortunately a good number of fully legitimate companies use it also.
PowerMTA also allows for full customization of the header formating and
many spammers edit this to be nondescript as well. I would guess that
maybe 30% of static spam (where the spammer uses leased/owned IP space)
utilizes PowerMTA.
I personally use some extensive filtering to categorize E-mail into bulk
(anything sent in volume or automated) and personal E-mail (stuff sent
by an E-mail/webmail client), and then I set my weighting tolerances
differently as obviously stuff that isn't clearly non-forged personal
E-mail is were the spam is. Weighting PowerMTA more aggressively,
though not blocking it outright is a start in that direction, but only
part of the solution unless you wish to block some legitimate stuff as well.
Matt
Dave Beckstrom wrote:
I'm seeing a lot of spam with this in the headers:
PowerMTA(TM) v3.0c2
Is powerMTA mainly a spam tool or do legitimate mailers use it too? Just
trying to decide if I can add some weight if that header exists.
Also of late I'm seeing a lot of spam containing ssl in part of the domain
name:
Return-Path: <nore...@realnightlywork.com> Wed Jan 13 15:03:22 2010
Received: from ssl.realnightlywork.com [173.45.68.45] by
Anyone adding weight if the domain contains ssl?
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to imail...@declude.com, and
type "unsubscribe Declude.JunkMail". The archives can be found
at http://www.mail-archive.com.
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to imail...@declude.com, and
type "unsubscribe Declude.JunkMail". The archives can be found
at http://www.mail-archive.com.
