[opensuse] blank spam
Hello, I receive on a regular basis (several a day) blank messages that are obviously spam, here two of them as examples (below): Return-Path: <Franklin_Sabrina30@corexsud.com> X-Original-To: jdd@dodin.org Delivered-To: jdd@dodin.org Received: from 94-183-247-79.shatel.ir (unknown [94.183.247.79]) by ks311900.kimsufi.com (Postfix) with SMTP id B2554C0234 for <jdd@dodin.org>; Wed, 6 May 2015 01:33:06 +0200 (CEST) Message-ID: <8[10 Return-Path: <Longoria_Devin30@activcomputing.com> X-Original-To: jdd@dodin.org Delivered-To: jdd@dodin.org Received: from 188.165.211.22 (unknown [37.1.18.77]) by ks311900.kimsufi.com (Postfix) with SMTP id C136EC0145 for <jdd@dodin.org>; Tue, 5 May 2015 23:50:41 +0200 (CEST) Message-ID: <7[10 as you can see the return path and the from are different for each message. Thunderbird anti spam do not see them. I fear filtering out all blank message may me miss some friends error. the kimsufi part is my own imap server what do you think? thank jdd -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
jdd wrote:
Hello,
I receive on a regular basis (several a day) blank messages that are obviously spam, here two of them as examples (below):
Return-Path: <Franklin_Sabrina30@corexsud.com> X-Original-To: jdd@dodin.org Delivered-To: jdd@dodin.org Received: from 94-183-247-79.shatel.ir (unknown [94.183.247.79]) by ks311900.kimsufi.com (Postfix) with SMTP id B2554C0234 for <jdd@dodin.org>; Wed, 6 May 2015 01:33:06 +0200 (CEST) Message-ID: <8[10
Return-Path: <Longoria_Devin30@activcomputing.com> X-Original-To: jdd@dodin.org Delivered-To: jdd@dodin.org Received: from 188.165.211.22 (unknown [37.1.18.77]) by ks311900.kimsufi.com (Postfix) with SMTP id C136EC0145 for <jdd@dodin.org>; Tue, 5 May 2015 23:50:41 +0200 (CEST) Message-ID: <7[10
as you can see the return path and the from are different for each message.
Thunderbird anti spam do not see them. I fear filtering out all blank message may me miss some friends error.
the kimsufi part is my own imap server
what do you think?
I think greylisting would probably solve the problem. Alternatively, you could ignore blank messages from servers with poor reverse mapping (both of them above). -- Per Jessen, Zürich (11.8°C) http://www.dns24.ch/ - free dynamic DNS, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-05-06 08:45, Per Jessen wrote:
I think greylisting would probably solve the problem.
I was going to suggest that. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlVJ4zwACgkQja8UbcUWM1xIygEAizSBZdJl0RGeBwmJh3d4Ohk0 eOayAT89GJWGRi7jbIQA/0j9E54Dr15dxsjauBO5xE0MHbSm0lscXNdAYH2H9YDT =TN4m -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Le 06/05/2015 11:47, Carlos E. R. a écrit :
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 2015-05-06 08:45, Per Jessen wrote:
I think greylisting would probably solve the problem.
I was going to suggest that.
bu greylisting what? the sedeer is each tie different! jdd -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hello, Use RBL checks, they help a lot. Both IPs are used by spammers according to zen.spamhaus.org. Regards, I. Petrov On 05/06/2015 01:40 PM, jdd wrote:
Le 06/05/2015 11:47, Carlos E. R. a écrit :
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 2015-05-06 08:45, Per Jessen wrote:
I think greylisting would probably solve the problem.
I was going to suggest that.
bu greylisting what? the sedeer is each tie different!
jdd
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJVSfPnAAoJEH8sJoKRFRU5DAQP/iZMcmVRhUs6patGFLx/WcTW ENKApgbA9g8EmOmRQeUXtiAmGWM045yTUdEcHLgSJS40I07AOuvBJuvBCV2znjqb 5e68aNnd77hUVtAKdK0oA+UChlxog7B3Lo6R4I4YsRyN7iWYm65d/a9KPuWT8CSl 7Zy65XfwTkcaYyFfoDGat06xKGbACEf74wFkZHv2JwjqF2IWboFL0p16Uivi5gAB Gkj7lTMoxm6nFqzwyt293IFtzX/qmT1LMQfGXGMeoNFeAB57jAuXjEP1PT4L6lrZ GrvoqQDuBBoZ8DWDkrcOyMAGGolYIxOLDMxqG17iRS8GIqwY7JUcz3ks/2kqy7pQ ITU/6hWQMq6NpjPI9NDk9GPlRvjtTgEXl0YwPG6zQGpqpJRMgE0JCHg7rls6EJzL ElU04QhzHoafzOQFZjAMQmHz1kBuGPbuVGiU2iBp5NL6DIRmbGNS2DZTgoQ2pZ1q Xd0Tqq0HmOPELeWxhJz8/hXEGumP0nDFqO5K5orzikdfVoi76GWeg0WufSbFLcLU DI6J1iABRL5EBhuUp6pKokJsKLbmf/i8p+XfpHHMqGWBLecioU+SuBmMTmOSC42F BJUJrBFvECkLMLh+zfHbdxgfU1HqgZVGHWak+n64UkYxaY++jYXGkdBMmwSQzxWU yqg+VGWc6G0nmi1IDz1s =OF6k -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-05-06 12:40, jdd wrote:
Le 06/05/2015 11:47, Carlos E. R. a écrit :
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 2015-05-06 08:45, Per Jessen wrote:
I think greylisting would probably solve the problem.
I was going to suggest that.
bu greylisting what? the sedeer is each tie different!
No matter. It is done in postfix /usr/share/doc/packages/postfix-doc/README_FILES/SMTPD_ACCESS_README * Threshold oriented: some SMTP server access controls attempt to raise the bar by either making the client do more work (greylisting) or by asking for a second opinion (SPF and sender/recipient address verification). The greylisting and SPF policies are implemented externally, and are the subject of the SMTPD_POLICY_README document. Sender/recipient address verification is the subject of the ADDRESS_VERIFICATION_README document. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlVJ9ZcACgkQja8UbcUWM1xRQAD/ah3hHfDmoAZZY0ra12qef8Pi PbGzNPMqpcydstHD8mYA/3iQ3khEZ7GTE/JuI+GOgjnX43sXWoq7zS0fPKyzuRM1 =pOf2 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
jdd wrote:
Le 06/05/2015 11:47, Carlos E. R. a écrit :
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 2015-05-06 08:45, Per Jessen wrote:
I think greylisting would probably solve the problem.
I was going to suggest that.
bu greylisting what? the sedeer is each tie different!
Normally you greylist everything, but you could also choose to only greylist mailservers with bad reverse mapping. -- Per Jessen, Zürich (16.6°C) http://www.hostsuisse.com/ - virtual servers, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 05/06/2015 05:47 AM, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 2015-05-06 08:45, Per Jessen wrote:
I think greylisting would probably solve the problem.
I was going to suggest that.
What is greylisting? How do I do it? -- Bob Rea mailto:gapetard@stsams.org http://www.petard.us http://www.petard.us/blog http://www.petard.us/gallery America, it was a wonderful country until they took it private and turned it into a theme park of itself -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-05-06 16:01, Bob Rea wrote:
On 05/06/2015 05:47 AM, Carlos E. R. wrote:
What is greylisting? How do I do it?
http://en.wikipedia.org/wiki/Greylisting Greylisting is a method of defending e-mail users against spam. A mail transfer agent (MTA) using greylisting will "temporarily reject" any email from a sender it does not recognize. If the mail is legitimate the originating server will try again after a delay, and if sufficient time has elapsed the email will be accepted. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlVKR4wACgkQja8UbcUWM1ydfQD/YDlRMbPi81HJo2r+VZeuV/Dg HtuCn+fCcg4fSuoK0n4A/Apu8TP/HFPGQdrVO39Q/3/Fp9My83uSXh96jEURA+y5 =6b7H -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (5)
-
Bob Rea -
Carlos E. R. -
I.Petrov -
jdd -
Per Jessen