[prev in list] [next in list] [prev in thread] [next in thread]
List: spamassassin-users
Subject: Re: sa-update does not pick up newest German spam wave
From: Robert Schetterer <robert () schetterer ! org>
Date: 2008-12-02 16:05:18
Message-ID: 49355CBE.7020802 () schetterer ! org
[Download RAW message or body]
Richard Hartmann schrieb:
> Hi all,
>
> this mail:
>
> Subject: Die E-Mail Adresse foo@bar wird gesperrt
>
> Body:
> Sehr geehrte Damen und Herren,
>
> Ihre Email "foo@bar" wird wegen Missbrauch innerhalb der naechsten 24
> Stunden gesperrt. Es sind \d{2} Beschwerden wegen Spamversand bei uns
> eingegangen.
> Details und moegliche Schritte zur Entsperrung finden Sie im Anhang.
>
> Attachment:
> randomly named zip file which contains an exe
>
> Is not picked up by SA, yet. sa-update did not get any rules against
> it either. Does anyone have a ready-made rule against this, already?
> If not, what doc should I read to create my own?
>
>
> Thanks,
> Richard
Hi Richard,
in my german mail domains ( well spam bombed ever )
i didnt recieve one of this wave, so
you might use more advanced blocking mehtods on smtp
income level at your server, ie use clamav-milter, rbls etc
after all ,you might do sa-learn --spam with a sample mail
and spamassassin should catch it, and use pyzor,razor etc
checks too, this should reduce incomming of such mails to a minimum
and else left should be marked short after a spam wave start
--
Best Regards
MfG Robert Schetterer
Germany/Munich/Bavaria
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic