Re: MS mail bombs
In linux.debian.user, Ron Johnson <ron.l.johnson@cox.net> wrote:
> On Sat, 2003-09-20 at 00:22, Steve Lamb wrote:
> > On Fri, 19 Sep 2003 23:08:42 -0600
> > "Walt L. Williams" <wwilliams@intergate.com> wrote:
> > > Is there anyone else out there being mail bombed with emails
> > > that look like there from M$? The rate at which their coming
> > > is increasing exponentially.
> >
> > My solution has been exim4, exiscan-acl, clamav, spamassassin and liberal
> > use of shorewall's blacklist.
>
> Does that prevent the emails from being downloaded from the ISP's
> pop3 server in the 1st place?
I asked this on alt.os.linux. I was told to search freshmeat.net for a
perl script called "poppy." It will get headers only, and ask what you
want to do with the mail one by one, but it also includes a script
called spamkill, which does okay.
I'm debugging some changes I made now. I tweaked it so if my email
isn't in the To:, Cc:, or Bcc: header it should be considered spam.
Right now To:, and Cc: both work.
Any other headers that I need to check for?
BTW my normal traffic had been 23-30 messages a day for about two weeks,
it was close to half that 2 months ago. I know I've topped 350 in the
last 24 hours.
I wonder if this is a particularly nasty bug, or we're feeling the
effects of Verisign's decision to claim *.com and *.net?
Michael C.
--
mcsuper5@usol.com http://mcsuper5.freeshell.org/
Registered Linux User #303915 http://counter.li.org/
Reply to: