Apologies if this question has been asked before, or the answer
should be obvious.
If Spamdyke detects a blacklisted address in the list of recipients,
does it kill the entire connection (thus preventing the message being
delivered to any recipient), or does it accept the message for the
Dossy Shiobara wrote:
Could use a .qmail file for each of those spamtrap addresses which
passes the message off to a script which plucks out the sender's IP
address (from the appropriate Received: header) and appends it to your
ip-blacklist-file.
Because spammers may send mail from legitimate
Apologies in advance for what is undoubtedly going to turn out to be a D'oh!
error on my part, but I'm running out of ideas here.
I'm trying to block incoming mail from French snowshoe spammer multi-fax.fr,
who sends mail from a range of IP addresses and changes domain names every day
to try
Sebastian Grewe wrote:
Just a quick question: have you considered using RDNS blacklist instead?
Then you wouldn't need that many IPs for the same mail host.
Thanks for the suggestion. But this particular spammer has a different
invented domain name for each IP that they use (vedalcom.net,
Watching the logs on my new mail server, I'm having the pleasure of seeing
spamdyke knocking lots of incoming spam on the head.
In most cases, the incoming messages are getting taken out by RBL_MATCH,
SENDER_NO_MX or RDNS_MISSING rules. A lot of the messages would eventually
fail anyway because
On Sep 1, 2012, at 11:17 AM, J.R. Lillard j...@hyphen.org wrote:
I have a client that uses spamdyke but I am new to it. I've read through the
documentation so I am vaguely familiar with it now. They have been under a
DDOS attack for about a month now. It's not enough to bring their
BC wrote:
Yes. I realize that the impact of the delay is infrequent, but when it
happens, it's really annoying, and it impacts productivity. In my case,
it usually happens when an email confirmation or notification of some
sort is required to do something. This is the absolute worst time for
On Mar 8, 2014, at 6:52 AM, Gary Gendel g...@genashor.com wrote:
Almost all of my uncaught spam comes from two domains:
colocrossing.com
hostnoc.net
Color me unsurprised. I even think I know which spammer you're referring to.
HostNoc/BurstNet has long had a reputation of being a
BC wrote:
On 3/8/2014 7:03 AM, Angus McIntyre wrote:
TL;DR: if you null-route every IP that HostNoc owns, it will make a
dramatic difference to the amount of spam you see.
To what does the TL;DR refer?
TL;DR is Internet slang for 'Too Long; Didn't Read'. As it's used now,
it's a way
On Jun 3, 2014, at 11:25 AM, David dmilho...@wletc.com wrote:
How in the world do I stop these annoying emails.
according to the headers they change the
From:
Subject:
and the domains and ips change as well.
It looks like an affiliate spammer. They typically rent a block of IP addresses
One user on my server has attracted the attention of a spammer who seems
to use a very particular pattern for their sporged 'From' addresses. The
relevant lines in the log look like:
spamdyke[14011]: ALLOWED from: spamtopic-user=mydomain@spamdomain.com
to: u...@mydomain.com origin_ip ...
On 2015-06-22 11:55, Alessio Cecchi via spamdyke-users wrote:
one sender (and only this one) is unable to send email to my users,
this is the error in spamdyke log:
Jun 22 05:47:37 mx01 spamdyke[1066]: DENIED_OTHER from:
i...@domain.net to: j...@domain.com origin_ip: 98.18.75.3 origin_rdns:
What log file are those messages from? Are they from '/var/log/maillog'?
If so, you might look at /var/log/qmail/smtp/current to see if it offers
anything you can use. On my system, spamdyke lines in that log include:
origin_ip: 1.2.3.4
so if these attacks cause text to be written to
I think spamdyke implements greylisting by sending a 421 Temporary
Failure code on first connection. That might be what's happening here.
Greylisting is off by default, but if you have it turned on you could
set `graylist-level` to `none` to turn it off. If you want to keep it on
but just fix it
14 matches
Mail list logo
