Hi list, anybody else annoyed by right-wing political spam produced by hosts infected by Sober.G ? (well it maybe a local problem to german speaking users ... anyway it might spread)
We are facing a dramatic increase of SMTP traffic due to that. Since there is no attachment AV doesn't get it. Since there is no 'normal' sign of spam (like multiple recipients, junk characters etc.) spamfilters are unlikely to get it either. So my blacklisting logic (discribed earlier here) has no chance to stop those hosts from sending us mail. They _do_ have valid hostnames, so RDNS doesn't either. The only thing I found is, that in the logs at pos. 5 'senderdomain' I find bogus. Now: *) why does RDNS not check ? *) where can we put a filter to do so ? pre-data sounds promising Any comments ? I will try to put up a filter for that as soon as I find some time ... Goesta -- Wiener Hilfswerk - EDV 1072 Wien, Schottenfeldgasse 29 Tel: 512 36 61 DW 407 / Fax 512 36 61 33 -- Attached file included as plaintext by Ecartis -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQNAV0+EKFiIqAG4fAQISbgf7BOHpt512LB51uGs+f+gzUOqkgg4FrXGt t2MndZ/MZKGvoCvvKP5Hle1mmrLXPePFUosOsK9Co34Vh2ox+QX02JcwpdwyrkLg FfaR9Kp4kZRDAm9Mykc1Lpb8j/JRbpumMjo3tmYWBCbAwOSO3YPK6OOGmrCIIm4k mHZIp0KEePrT3X3n9O4G2GioQ/QRKQbN+Oo+rMgulrPkoT4ujD35Iqnhv506HCYD RaVwe4zcTm9pW7+bfYahOxo3xD3g1v31b6CBE+JO+HqllrePBb/zWb99r4DXo55a wxmla/DBBdbUbI9CGiCsJFZxsVcsWMG0zAMUEkIEE5aMsD5xHkZzUg== =RF+6 -----END PGP SIGNATURE----- - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
