[Mimedefang] [OT?] Random Word Spam
Juergen Kleff
juergen.kleff at gmx.de
Wed Feb 8 04:03:58 EST 2012
Am Dienstag Februar 7 2012 22:20 schrieb Richard Laager:
> We've got a customer who is receiving 1 message per second! that
> consists solely of random English words stuck together (both subject and
> body). This has been happening for 24-36 hours.
>
> As far as I can see, it's coming from hijacked accounts all over the
> place (hundreds or thousands of servers) with varying sender addresses.
>
> Is anyone else seeing this sort of thing?
>
> Any idea how I might combat this?
>
> I'd love to bulk submit these messages and report them back to the
> admins of the compromised servers, if that might do some good.
Do you use greylisting? (for example milter-greylist
http://hcpnet.free.fr/milter-greylist/ )
Do the mails indeed come from real mailservers or do they come from
compromised dial-in computers? If coming from real mailservers, greylisting
would not really help in most cases, but worth a try...
Depending on your mailserver you could increase throttling, though this
would affect legitimate mail also...
Feeding the mails to spamassassin's bayes database could perhaps help, in
spite of the random words. But you should keep an eye on it for the risk of
false positives.
Everything in the headers is different? Nothing common in them?
Reporting is never bad, but it depends on the admins whether it will help...
had quite different experience with this over the years.
Wondering what other ideas will come up :-)
Regards
Juergen
--
Diese E-Mail wurde klimafreundlich
und atomstromfrei erzeugt:
http://www.atomausstieg-selber-machen.de/
More information about the MIMEDefang
mailing list