[lug] Stopping the New Generation of Spam
Alisdair Davey
ard at pergamentum.com
Sun Dec 3 12:52:42 MST 2006
On Sun, 2006-12-03 at 12:19 -0700, Bill Thoen wrote:
> Over the last 2-3 months I've been getting a *lot* more spam than ever
> before and Spamassassin doesn't seem to be reacting fast enough or
> effectively enough to deal with it. In particular, it doesn't seem to be
> able to block these messages filled with random snippets of english
> text and/or those where the message is embedded as an image. It also looks
> like some of these spams are coming form large networks of compromised
> machines (same message comes from many different unrelated IPs) so blocking
> by IP is less effective. I used to get about 250 spams a day, but now it's
> up to 350-500 a day, and it's increasing.
Just out of interest are you using the extra rules from Rule Emporium or
the DCC / razor plugins? Are you using things like the FuzzyOCR/Imaginfo
plugins to spamassassin for the image spam. What MTA are you using? Have
you implimented greylisting, greetpause etc? Do you use SBL+XBL for
rejection at connection time? Have you looked at things like the
Mailscanner framework with your own custom spamchecker? Hopefully the
answer to all these questions isn't yes...
Cheers
Alisdair
--
Alisdair Davey ard at pergamentum.com
2066 Dailey Ln www.pergamentum.com
Superior, CO 80027
More information about the LUG
mailing list