You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by R - elists <li...@abbacomm.net> on 2011/10/27 18:15:13 UTC
real world spamassassin experiences re: processing on servers emailing from .info domains
greetings SA users
there sure seems to be a lot of from .info server spamming
wierd temp registered .info domains spamming eh?
for those of you with volume, large or small, care to share an SA tips on
how you deal with .info domains?
i would imagine there is a very small percentage of valid emails coming from
.info domains
should we just pull the plug and reject all .info from touching the smtp
server or carefully craft SA rules?
real close to doing so and just reject them all, unless there is a list of
valids out there somewhere
thank you in advance
- rh
Re: real world spamassassin experiences re: processing on servers
emailing from .info domains
Posted by Robert Schetterer <ro...@schetterer.org>.
Am 27.10.2011 18:15, schrieb R - elists:
>
> greetings SA users
>
> there sure seems to be a lot of from .info server spamming
>
> wierd temp registered .info domains spamming eh?
>
> for those of you with volume, large or small, care to share an SA tips on
> how you deal with .info domains?
>
> i would imagine there is a very small percentage of valid emails coming from
> .info domains
>
> should we just pull the plug and reject all .info from touching the smtp
> server or carefully craft SA rules?
>
> real close to doing so and just reject them all, unless there is a list of
> valids out there somewhere
>
> thank you in advance
>
> - rh
>
i cant see special high spam rates from .info domains
in general recent, so it maybe your special case
however perhaps tommorow it comes more from .xxx domains or else
you may write some ruleset for domains but i dont think
it will help a lot, over the time
--
Best Regards
MfG Robert Schetterer
Germany/Munich/Bavaria
Re: real world spamassassin experiences re: processing on servers
emailing from .info domains
Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.
On 27.10.11 17:36, Jenny Lee wrote:
>In 14 years, we never received any single legit mail from .info.
not wandering about first 4 years, because .info exists only for 10
years...
> It costs $1 per year to register an info domain, and if the people I
> do business cannot afford $10 a year for their domain, they probably
> will not give me business to start with.
well, .info as longg as the internet, is not only for business...
>We reject all .info on sendmail during transaction stage. Half of my
> rejected connections are .info (rest are same-sender/same-recipient).
of course, that's only your business and your policy, I just wanted to
state that there may be other people who can care about .info
I don't know how I do it, but fom ~5300 spams in my spambox, there's
only ~20 with .info TLD, ~80 has .info in headers and ~220 in full
body, which is just a few %.
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
10 GOTO 10 : REM (C) Bill Gates 1998, All Rights Reserved!
Re: real world spamassassin experiences re: processing on servers emailing from .info domains
Posted by Simon Loewenthal <si...@klunky.co.uk>.
Ned Slider <ne...@unixmail.co.uk> wrote:
On 27/10/11 18:36, Jenny Lee wrote:
>
>
>
>_____________________________________________
>> From: lists07@abbacomm.net
>> To: users@spamassassin.apache.org
>> Subject: real world spamassassin experiences re: processing on servers emailing from .info domains
>> Date: Thu, 27 Oct 2011 09:15:13 -0700
>>
>>
>> greetings SA users
>>
>> there sure seems to be a lot of from .info server spamming
>>
>> wierd temp registered .info domains spamming eh?
>>
>> for those of you with volume, large or small, care to share an SA tips on
>> how you deal with .info domains?
>>
>> i would imagine there is a very small percentage of valid emails coming from
>> .info domains
>>
>> should we just pull the plug and reject all .info from touching the smtp
>> server or carefully craft SA rules?
>>
>> real close to doing so and just reject them all, unless there is a list of
>> valids out there somewhere
>>
>> thank you in advance
>>
>> - rh
>>
>
>
> In 14 years, we never received any single legit mail from .info. It costs $1 per year to register an info domain, and if the people I do business cannot afford $10 a year for their domain, they probably will not give me business to start with.
>
> We reject all .info on sendmail during transaction stage. Half of my rejected connections are .info (rest are same-sender/same-recipient).
>
> You have to assess your own situation.
>
> Jenny
I haven't had to go as far as rejecting all .info domains yet, but I did
spot a trend a while back where snowshoe spammers where using
info@example.info so I block those at the MTA with a simple PCRE:
/^info@[a-z0-9]+\.info$/ REJECT Looks like snowshoe
They seem to have moved on now though as I currently see very little
.info spam make it as far as SA.
Screwfix in the UK (a large online hardware [screws and nails type]
supplier) currently send out their mailings from email@screwfix.info
even though their main site is at screwfix.com, so there are some legit
senders.
YMMV
I know a few people who run legitimate .info domains. Primarily for their friends & family. I have a .info domain that I use for testing new servers. Rather a .info than a .co.cc for testing ;)
--
If you cannot beat them, try to cĂ´ntrole them.
Re: real world spamassassin experiences re: processing on servers
emailing from .info domains
Posted by Ned Slider <ne...@unixmail.co.uk>.
On 27/10/11 18:36, Jenny Lee wrote:
>
>
>
> ----------------------------------------
>> From: lists07@abbacomm.net
>> To: users@spamassassin.apache.org
>> Subject: real world spamassassin experiences re: processing on servers emailing from .info domains
>> Date: Thu, 27 Oct 2011 09:15:13 -0700
>>
>>
>> greetings SA users
>>
>> there sure seems to be a lot of from .info server spamming
>>
>> wierd temp registered .info domains spamming eh?
>>
>> for those of you with volume, large or small, care to share an SA tips on
>> how you deal with .info domains?
>>
>> i would imagine there is a very small percentage of valid emails coming from
>> .info domains
>>
>> should we just pull the plug and reject all .info from touching the smtp
>> server or carefully craft SA rules?
>>
>> real close to doing so and just reject them all, unless there is a list of
>> valids out there somewhere
>>
>> thank you in advance
>>
>> - rh
>>
>
>
> In 14 years, we never received any single legit mail from .info. It costs $1 per year to register an info domain, and if the people I do business cannot afford $10 a year for their domain, they probably will not give me business to start with.
>
> We reject all .info on sendmail during transaction stage. Half of my rejected connections are .info (rest are same-sender/same-recipient).
>
> You have to assess your own situation.
>
> Jenny
I haven't had to go as far as rejecting all .info domains yet, but I did
spot a trend a while back where snowshoe spammers where using
info@example.info so I block those at the MTA with a simple PCRE:
/^info@[a-z0-9]+\.info$/ REJECT Looks like snowshoe
They seem to have moved on now though as I currently see very little
.info spam make it as far as SA.
Screwfix in the UK (a large online hardware [screws and nails type]
supplier) currently send out their mailings from email@screwfix.info
even though their main site is at screwfix.com, so there are some legit
senders.
YMMV
RE: real world spamassassin experiences re: processing on servers
emailing from .info domains
Posted by Jenny Lee <bo...@live.com>.
----------------------------------------
> From: lists07@abbacomm.net
> To: users@spamassassin.apache.org
> Subject: real world spamassassin experiences re: processing on servers emailing from .info domains
> Date: Thu, 27 Oct 2011 09:15:13 -0700
>
>
> greetings SA users
>
> there sure seems to be a lot of from .info server spamming
>
> wierd temp registered .info domains spamming eh?
>
> for those of you with volume, large or small, care to share an SA tips on
> how you deal with .info domains?
>
> i would imagine there is a very small percentage of valid emails coming from
> .info domains
>
> should we just pull the plug and reject all .info from touching the smtp
> server or carefully craft SA rules?
>
> real close to doing so and just reject them all, unless there is a list of
> valids out there somewhere
>
> thank you in advance
>
> - rh
>
In 14 years, we never received any single legit mail from .info. It costs $1 per year to register an info domain, and if the people I do business cannot afford $10 a year for their domain, they probably will not give me business to start with.
We reject all .info on sendmail during transaction stage. Half of my rejected connections are .info (rest are same-sender/same-recipient).
You have to assess your own situation.
Jenny
Re: real world spamassassin experiences re: processing on servers
emailing from .info domains
Posted by Brent Gardner <br...@gmail.com>.
R - elists wrote:
> greetings SA users
>
> there sure seems to be a lot of from .info server spamming
>
> wierd temp registered .info domains spamming eh?
>
> for those of you with volume, large or small, care to share an SA tips on
> how you deal with .info domains?
>
> i would imagine there is a very small percentage of valid emails coming from
> .info domains
>
> should we just pull the plug and reject all .info from touching the smtp
> server or carefully craft SA rules?
>
> real close to doing so and just reject them all, unless there is a list of
> valids out there somewhere
>
> thank you in advance
>
> - rh
>
>
I have a rule that hits on messages from .info domains and scores pretty
low by itself. I combine it with other rules and crank it pretty high.
I also have an MTA check that does PTR lookups. .info domains, and also
wierd temp-looking .org domains get caught in this very frequently.
Brent Gardner