Hi Goesta, if you are running Spamassassin, some rulesets for stopping those mails are described right here:
http://www.heise.de/newsticker/foren/go.shtml?read=1&msg_id=5832097&forum_id=57381 good look, Achim Am Mi, 2004-06-16 um 11.41 schrieb Goesta Smekal: > Hi list, > anybody else annoyed by right-wing political spam produced by hosts infected > by Sober.G ? (well it maybe a local problem to german speaking users ... anyway > it might spread) > > We are facing a dramatic increase of SMTP traffic due to that. Since there is > no attachment AV doesn't get it. Since there is no 'normal' sign of spam (like > multiple recipients, junk characters etc.) spamfilters are unlikely to get it > either. > > So my blacklisting logic (discribed earlier here) has no chance to stop those > hosts from sending us mail. They _do_ have valid hostnames, so RDNS doesn't > either. > > The only thing I found is, that in the logs at pos. 5 'senderdomain' I find > bogus. Now: > > *) why does RDNS not check ? > > *) where can we put a filter to do so ? pre-data sounds promising > > Any comments ? I will try to put up a filter for that as soon as I find some > time ... > > Goesta - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
