Re: "Dear Customer" spam in the BTS
What about spamassassin? Wouldn't spamassassin and its databases not be the
better way? I made good experiences with spamassassin on my mail servers.
My configuration was a little bit weired, I admit. As I was using spamassassin
and clamav together, it was very effective. Note, that I never used amavis,
which most people are using this way. In my configuration besides of strict
postfix rules, I piped everything first through spamassassin (with bogofilter
and all the other good stuff), and then what was not rejected by spamassassin
through clamav - directlly from spamassassin's output into clamav input - no
amavis.
This worked very well after a good learning phase.
But I guess, you are doing this already. If so, just aplogize my noise.
Happy hacking!
Hans
> Spam e-mails like these that contain a zip with a windows executable
> can easily be blocked based on file extension using the foxhole rules
> for clamav (http://sanesecurity.com/foxhole-databases/). And clamav
> can probably also be used to automatically clean the bug archive of
> such messages.
>
>
> Kind regards,
>
> Jeroen Dekkers
Reply to: