Mailinglist Archive: opensuse (3513 mails)

< Previous Next >
Re: [opensuse] I'm getting spam that has been cleared by www.dnswl.org
  • From: "Carlos E. R." <robin.listas@xxxxxxxxxxxxxx>
  • Date: Tue, 13 Jan 2009 02:14:29 +0100 (CET)
  • Message-id: <alpine.LSU.2.00.0901130202360.5049@xxxxxxxxxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Content-ID: <alpine.LSU.2.00.0901130207000.5049@xxxxxxxxxxxxxxxx>


On Monday, 2009-01-12 at 15:39 -0300, Cristian Rodríguez wrote:

Carlos E. R. escribió:

X-PHP-Script: mail.nuevavision.com.pe/webmail/index.php for
82.128.35.170, 82.128.35.170

There you have the guilty, a PHP webmail script.. contact server admin
of mail.nuevavision.com.pe and tell them that
mail.nuevavision.com.pe/webmail/index.php is being used for spamming..
either an spammer got access to an account in the server, or the script
misuses php's mail() function (not uncommon, it is hard to use it correctly)

Humm! :-}

I don't think I can contact the hundred of sysadmins responsible for the hundreds of spams I receive a day. What I can do is adjust my spamassassin configuration so that it detects most spam - and it appears that I can not trust www.dnswl.org so as to give a -8 score just because the mail passed by a certain server: ie, my solution is to decrease that score ten times.

The mx1.suse.de is good, but that doesn't mean that any email that passes through there is safe. Per is probably right, separating the remailer to another server could be a good thing.


- -- Cheers,
Carlos E. R.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAklr6vcACgkQtTMYHG2NR9XFrgCfTBe81Q6DjFsk3N9gZsl7VHvY
RAcAnA4Y1SLrfQv3MlQD4bl1frPhp1he
=dli4
-----END PGP SIGNATURE-----
< Previous Next >