[spamdyke-users] Cannot reject these mails

Tue, 15 Jul 2008 06:23:18 -0700 

List,
About once a get we get a lot of spam messages like the one I attach its headers
here (3)
I tried to block those Ips, see (2), but it still gets through.
Any ideas why?
I might end up adding that domain in the sender-blacklist, but I wonder why it's
not blocked by the ip-blacklist.
Thanks for your thoughts, 
Sergio

(1) /**** Spamdyke config file ****/
# spamdyke.conf 3.1.8
# SM - 24-ene-08
#
reject-empty-rdns=yes
reject-unresolvable-rdns=yes
log-level=2
local-domains-file=/var/qmail/control/rcpthosts
max-recipients=10
idle-timeout-secs=400
graylist-dir=/var/spool/graylist
graylist-min-secs=300
graylist-max-secs=1814400
ip-whitelist-file=/var/qmail/control/whiteiplist
greeting-delay-secs=5
#archivo para poner los que NO acepta como sender
sender-blacklist-file=/var/qmail/control/sender-blacklist
sender-whitelist-file=/var/qmail/control/whitelist
ip-blacklist-file=/var/qmail/control/ip-blacklist
#validar BlackList Publicas
check-dnsrbl=zen.spamhaus.org
check-dnsrbl=bl.spamcop.net

(2) /****  excertp from ip-blacklist file ****/
#dotzero SPAMMERS
200.123.189.81
200.49.148.190
200.49.155.85

(3) /**** Email headers ****/
>From - Tue Jul 15 09:33:16 2008
X-Account-Key: account3
X-UIDL: 1216096014.32211.Virtuality,S=8467
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:

Return-Path: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
Received: (qmail 32199 invoked by uid 89); 15 Jul 2008 04:26:51 -0000
Received: by simscan 1.2.0 ppid: 32191, pid: 32192, t: 11.6379s
         scanners: clamav: 0.88.2/m:38/d:1456 spam: 3.1.1
X-Spam-Checker-Version: SpamAssassin 3.1.1-nk (2006-03-10) on Virtuality
X-Spam-Level: ****
X-Spam-Status: No, score=4.5 required=7.0 tests=BAYES_99,HTML_MESSAGE,
        MIME_HTML_ONLY,RCVD_IN_ORDB autolearn=no version=3.1.1-nk
Received: from unknown (HELO freemail-02-ar.wavenet.com.ar) (200.49.148.190)
  by mail.netkey.com.ar with (DHE-RSA-AES256-SHA encrypted) SMTP; 15 Jul 2008
04:26:40 -0000
Received: from Martin ([200.123.189.81])
        by freemail-02-ar.wavenet.com.ar (200.49.148.190)(Merak 8.0.3) with
ASMTP id WM120360
        for <[EMAIL PROTECTED]>; Tue, 15 Jul 2008 01:26:39 -0300
Date: Tue, 15 Jul 2008 01:26:38 -0300
Mime-version: 1.0
Subject: =?ISO-8859-1?Q?DOTZERO_anuncia_nuevos_cursos_y_tem=E1ticas?=
From: DOTZERO Red de Talento <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Message-Id: <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Original-recipient: rfc822;[EMAIL PROTECTED]
Content-Type: text/html; charset="ISO-8859-1"
Content-transfer-encoding: quoted-printable

_______________________________________________
spamdyke-users mailing list
[email protected]
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Reply via email to