I'm starting to think that only spammers uses the following sorts of headers:
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - onsitemail.com X-AntiAbuse: Original Domain - onsitemail.com X-AntiAbuse: Originator/Caller UID/GID - [80 80] / [80 80] X-AntiAbuse: Sender Address Domain - I haven't got a corpus to throw a test for the "X-AntiAbuse" header at? Anyone like to check it? Otherwise a simle header rule to get the subject will kill it. Phil --------------------------------------------- Phil Randal Network Engineer Herefordshire Council Hereford, UK > -----Original Message----- > From: Michele Neylon :: Blacknight Solutions > [mailto:[EMAIL PROTECTED] > Sent: 23 February 2004 17:48 > To: Colin A. Bartlett; MIKE YRABEDRA; SATalk > Subject: RE: Logo spams > > > We're still seeing a lot of these even with BigEvil, RBLs etc. > > Has anybody found a "cure" before our CTO deep sixes the rest of Asia? > > Mr. Michele Neylon > Blacknight Internet Solutions Ltd > http://www.blacknightsolutions.ie/ > http://www.search.ie/ > Tel. + 353 (0)59 9137101 > Lowest price domains in Ireland > > > -----Original Message----- > > From: Colin A. Bartlett [mailto:[EMAIL PROTECTED] > > Sent: 09 February 2004 12:01 > > To: MIKE YRABEDRA; SATalk > > Subject: RE: Logo spams > > > > > > MIKE YRABEDRA Sent: Sunday, February 08, 2004 5:42 AM > > > > > I get tons of these "We will create your Logo" spams. They all > > get through > > > with a very low, if not zero, rating. > > > > I was getting a ton of these too. Havn't seen any for a few days. > > I had been > > making rules for the domains referenced in the emails... > sort of a local > > addition to BigEvil. Two that I know I found where snapshut.info and > > conta.info. > > > > Anyone else come up with better rules for blocking these? > They seem to > > change URLs a lot. > > > > cheers, > > Colin > > > > Colin A. Bartlett > > Kinetic Web Solutions > > www.kineticweb.biz > > >
