I finally got to deploying greyscanner on my mailservers,
and did something similar: trap every recipient address
with two or more digits in the user part (one digit could
be a typo, say a '2' before the '@'). This catches most of it.
I forget, did you previously say whitelisting with
I see it too. I also use greyscanner to catch spammers and I see
a lot of spam to random numbers and letters@mydomains. So I trap
all hosts sending to addresses with numbers in them (as I don't
have any legit accounts with numbers). This catches almost all spam.
I finally got to deploying
(It seems like some of my mail do not go through to misc@, perhaps some of my
ISPs outgoing mailservers are blacklisted..?)
* Peter N. M. Hansteen (pe...@bsdly.net) wrote:
http://undeadly.org/cgi?action=articlesid=20120604050025 and references
therein show a 'works for me' example config
On Mon, 5 Nov 2012 07:52:50 +0100, Joakim Aronius wrote:
* Kurt Mosiejczuk (kurt-openbsd-m...@se.rit.edu) wrote:
Jan Stary wrote:
Strangely, the only occurence of 2.139.201.210 in the last month's
maillog is just this; that's half an hour after it got WHITE.
What happend at Mon Oct 29
Rod Whitworth glis...@witworx.com writes:
I have had a stack of both sides of the invalid address email stuff for
some time.
I make all the ficticious addresses into spam traps. That way I punish
the fools whose servers return mail whence it came not. They just get
tarpitted and I don't
On 2012-11-01, Jan Stary h...@stare.cz wrote:
Anyway, it seems (some) spambots got less demented and actually do
resend, getting themselves whitelisted - thus working themselves
around the whole premise of greylisting.
Not the whole premise... A good part of it is to just delay the mail,
this
* Kurt Mosiejczuk (kurt-openbsd-m...@se.rit.edu) wrote:
Jan Stary wrote:
Strangely, the only occurence of 2.139.201.210 in the last month's
maillog is just this; that's half an hour after it got WHITE.
What happend at Mon Oct 29 14:49:24 CET 2012 that made it WHITE?
Anyway, it seems
/ Kurt Mosiejczuk wrote on Thu 1.Nov'12 at 16:02:06 -0400 /
Jan Stary wrote:
Strangely, the only occurence of 2.139.201.210 in the last month's
maillog is just this; that's half an hour after it got WHITE.
What happend at Mon Oct 29 14:49:24 CET 2012 that made it WHITE?
Anyway, it seems
For instance on one mailserver I took over, I noticed that after adding
a Spamhaus sbl-xbl check, required rDNS, and other basic stuff like
requiring a legitimate HELO/EHLO, spam attempts dropped by perhaps a
factor of 100. It was shocking.
When you required rDNS I bet false positives went
For instance on one mailserver I took over, I noticed that after adding
a Spamhaus sbl-xbl check, required rDNS, and other basic stuff like
requiring a legitimate HELO/EHLO, spam attempts dropped by perhaps a
factor of 100. It was shocking.
Required rDNS, so false positives went up by a
On Fri, Nov 02, 2012 at 09:55:56AM +, Kevin Chadwick wrote:
When you required rDNS I bet false positives went up by a factor of
1000.
No, legitimate traffic remained steady and not a single complaint was
registered. YMMV.
Back on topic, in my personal experience, spamd is more effective
Jan Stary wrote:
Strangely, the only occurence of 2.139.201.210 in the last month's
maillog is just this; that's half an hour after it got WHITE.
What happend at Mon Oct 29 14:49:24 CET 2012 that made it WHITE?
Anyway, it seems (some) spambots got less demented and actually do
resend,
On Thu, 1 Nov 2012 20:49:39 +0100
Jan Stary h...@stare.cz wrote:
After cleaning my spamdb on the first of last month,
I see that there are 572 WHITE hosts now.
Only a handfull of those are legitimate (my mailserver
is very low traffic, basically just mail for my family).
Looking at the
On 1 November 2012 12:49, Jan Stary h...@stare.cz wrote:
Here is a typical host:
WHITE|2.139.201.210|||1351517497|1351518564|1354630766|2|1
which is 210.red-2-139-201.staticip.rima-tde.net.
It tried to connect at Mon Oct 29 14:31:37 CET 2012,
and got WHITE at Mon Oct 29 14:49:24 CET 2012.
On Thu, Nov 01, 2012 at 08:49:39PM +0100, Jan Stary wrote:
After cleaning my spamdb on the first of last month,
I see that there are 572 WHITE hosts now.
Only a handfull of those are legitimate (my mailserver
is very low traffic, basically just mail for my family).
You and I have similar
15 matches
Mail list logo