Hello, I just noticed a tidal wave of mails coming from [EMAIL PROTECTED] on a couple of mailrelays I manage.
All these mails are obviously spam messages. But they seem to have something in common besides the [EMAIL PROTECTED] They either have no MX record, which is great because callouts just detect these spams. Or they all have MX pointing to mail.$randomdomain.tld which point to the same IP. Here are a few samples. # nslookup Name: mail.ruedesabbeysses.com Address: 72.232.95.68 Name: mail.randyschuckman.com Address: 72.232.95.68 Name: mail.promosinternational.com Address: 72.232.95.68 Name: mail.primerentalstore.com Address: 72.232.95.68 Name: mail.prcfoods.com Address: 72.232.95.68 So it would be almost trivial to block these spams with a dnsdb ACL call to the MX. But there should be a "blacklist" to match the addresses. Does anybody know of such a blacklist or is it a great opportunity to create one? Also what are your opinions about this kind of filtering? Best Regards -- 010100100110010101101110011000010111010101100100 010000010110110001101100011000010111001001100100
smime.p7s
Description: S/MIME Cryptographic Signature
-- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
