SPAM, How to block?

This is the area for a general support questions, discussions and information that you can read and share. Post your experiences, stats and tricks and tips that are not covered elsewhere. Remember, for questions please search the FAQ first, as your question may already be answered.

Moderators: wizard, magicspam

Post Reply
Gator767
Posts: 9
Joined: Mon Apr 20, 2009 5:22 pm

SPAM, How to block?

Post by Gator767 » Fri Feb 12, 2010 12:36 pm

Hi, i need your help, i was checking a post on this forum about lots of viagra spam emails.. i receive a lot of them.. im attaching my settings of my best pratices rules and my ip reputation settings..

maybe you could check what is wrong in my settings to avoid more of this spam:

these are the headers of 3 emails:

Return-Path: <postmaster@dominiocreativo.com>
Delivered-To: 1-postmaster@dominiocreativo.com
Received: (qmail 14438 invoked from network); 12 Feb 2010 12:05:14 -0600
Received: from unknown (HELO ?190.68.26.165?) (190.68.26.165)
by dominiocreativo.com with (RC4-MD5 encrypted) SMTP; 12 Feb 2010 12:05:14 -0600
From: "Pfizer VIAGRA (c) Direct-Trade" <postmaster@dominiocreativo.com>
To: postmaster@dominiocreativo.com
Subject: Dear postmaster Extreme 75% discounts
MIME-Version: 1.0
Content-Type: text/html; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit




Return-Path: <bettyvrmfdwis@hotmail.com>
Delivered-To: 49-ebunbury@dominiocreativo.net
Received: (qmail 9289 invoked from network); 12 Feb 2010 11:14:43 -0600
Received: from blu0-omc2-s15.blu0.hotmail.com (65.55.111.90)
by casinogoldnetwork.com with SMTP; 12 Feb 2010 11:14:43 -0600
Received: from BLU149-W23 ([65.55.111.72]) by blu0-omc2-s15.blu0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959);
Fri, 12 Feb 2010 09:56:28 -0800
Message-ID: <BLU149-W233AF67C99F7F51E7F0162B74D0@phx.gbl>
Return-Path: bettyvrmfdwis@hotmail.com
Content-Type: multipart/alternative;
boundary="_af40df64-a16d-437f-af57-1e877d30d343_"
X-Originating-IP: [88.188.112.49]
From: Betty Johnson <bettyvrmfdwis@hotmail.com>
To: <philip@donahuestudios.com>
Subject: 0rder your_Geenric Vigara the fastest way.
Date: Fri, 12 Feb 2010 17:56:28 +0000
Importance: Normal
In-Reply-To: <6XMLDthOD003183f6@blu0-omc2-s6.blu0.hotmail.com>
References: <6XMLDthOD003183f6@blu0-omc2-s6.blu0.hotmail.com>
MIME-Version: 1.0
X-OriginalArrivalTime: 12 Feb 2010 17:56:28.0749 (UTC) FILETIME=[B3AC77D0



Return-Path: <ramos@rxreorder24.com>
Delivered-To: 49-ebunbury@dominiocreativo.net
Received: (qmail 14290 invoked from network); 12 Feb 2010 12:03:24 -0600
Received: from v021.nexlink.ch (80.86.202.50)
by rapidmegasearch.com with SMTP; 12 Feb 2010 12:03:24 -0600
Received: from agturuh (172.169.237.203)
by v021.nexlink.ch; Fri, 12 Feb 2010 19:45:11 +0100
Message-ID: <009601c4eef5$181e8197$8170ec73@agturuh>
Reply-To: <ramos@rxreorder24.com>
From: <ramos@rxreorder24.com>
To: <ebunbury@dominiocreativo.net>
Subject: ###SEXBESTSELLERS!
Date: Fri, 12 Feb 2010 19:45:11 +0100
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0099_01C4EC73.81708197"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165

And these are my settings:

Image
Image

magicspam
Posts: 1563
Joined: Tue Oct 28, 2008 2:27 pm

Re: SPAM, How to block?

Post by magicspam » Fri Feb 12, 2010 3:01 pm

For the first message, we would recommend enabling check_ip_reverse_dns, as that IP doesn't resolve to a domain.

The second message was sent from hotmail. Because they're a large free email provider, it's difficult to use SMTP checks to determine if the message is spam or not. Instead, a content-filtering mechanism (such as SpamAssassin) may be a better choice in this instance.

As for the third entry, it has now been added to Rats-SPAM, which you are already using.

Let us know if you have any questions.

-- MagicSpam Support Team --
-- MagicSpam Support Team --

Post Reply

Return to “General Discussions and Support Questions”

Who is online

Users browsing this forum: No registered users and 13 guests