On 22.11.2014 22:05, Ted Mittelstaedt wrote:
That's a lot of work, there's a much easier way Just search your /var/log/maillog for user unknown messages, and create email addresses for the unknown users which are showing up multiple times over multiple days. It's a great trick because it gets spammers who already have email addresses in their spamlists and who are too lazy to remove them when they get a user unknown message from the mailserver. I have a pretty old domain - I've seen user unknown messages for users who cancelled mailboxes on the domain over a decade ago. I figure 10 years of getting user unknown messages is long enough for any real humans and for legitimate mailing lists to remove those entries.
From my opinion, this is not a good idea as you are going to put those servers onto your list. This way you'll blacklist bulk senders, with badly configured or even not bounce management, but they are not all spammers!
--
Aban Dokht aban.do...@abando.de
system administrator of 0 day abusers DNSBL bl.dbrs.de
------------------------------------------------------------------
pgpVnKwYd7_9s.pgp
Description: PGP signature
