On Sun, 20 May 2018, Jerry Malcolm wrote:
I'm getting a ton of what I would consider the most basic spam ever.... a
single "Hello" (or "Hi", or "Greetings", etc) followed by a spam link, sent
'from' a known contact, but usually containing a bunch recipients. SA seems
to catch almost all of my spam, except this one type.
I just received a huge wave of the following email. Is there a rule I am
missing that should be catching this?
X-SpamAssassin_115: 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The
query to URIBL was blocked.
X-SpamAssassin_116: See
X-SpamAssassin_117:
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
X-SpamAssassin_118: for more information.
Not a rule, no. You need to set up a local recursive (NON-FORWARDING!)
name server for your MTA and SpamAssassin to use. You're forwarding your
DNS query traffic to a larger shared server where your queries are
aggregated with others', which is exceeding the URIBL free query limits,
so you are not getting useable results for URIBL queries.
See https://wiki.apache.org/spamassassin/CachingNameserver and do not
focus only on the "caching" part.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Journalism is about covering important stories.
With a pillow, until they stop moving. -- David Burge
-----------------------------------------------------------------------
416 days since the first commercial re-flight of an orbital booster (SpaceX)