You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by johnjinsf <jo...@blacktrip.com> on 2011/10/10 12:47:27 UTC
Blacklisting By Mail Server Rather Than By An Email Address
I have recently changed the company that hosts my email and they use
SpamAssassin.
In the SpamAssassin Configuration I have entered several email addresses in
the Blacklist which has worked fine.
One thing I have noticed with one particular spammer is that they send out
their emails using fake sender addresses
which bear no resemblance to either their domain (XXX.com) or their mail
server address (mail.XXX.com).
When an email is received in this form it is of no use to enter the fake
sender email address into the blacklist
because they use something very different the next time.
Is there a way of blacklisting the mail server which would prevent any mail
originating from that server being received?
Many thanks
--
View this message in context: http://old.nabble.com/Blacklisting-By-Mail-Server-Rather-Than-By-An-Email-Address-tp32622830p32622830.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: Blacklisting By Mail Server Rather Than By An Email Address
Posted by RW <rw...@googlemail.com>.
On Mon, 10 Oct 2011 13:47:28 +0100
RW wrote:
> On Mon, 10 Oct 2011 03:47:27 -0700 (PDT)
> johnjinsf wrote:
>
> > Is there a way of blacklisting the mail server which would prevent
> > any mail originating from that server being received?
> >
>
> I don't think there is a way to blacklist a server unless the provider
> allows you to create SA rules. If it does then:
>
>
> header BAD_SERVER X-Spam-Relays-Untrusted =~ /helo=mail.XXX.com /i
> score BAD_SERVER 3.0
Forgot to escape the dots
/helo=mail\.XXX\.com/
Re: Blacklisting By Mail Server Rather Than By An Email Address
Posted by johnjinsf <jo...@blacktrip.com>.
RW-15 wrote:
>
>
> I don't think there is a way to blacklist a server unless the provider
> allows you to create SA rules.
>
Many thanks for your replies and suggestions.
I haven't seen where my hoster allows for users to create rules,
but I'll open a ticket with their help desk to ask if they do.
--
View this message in context: http://old.nabble.com/Blacklisting-By-Mail-Server-Rather-Than-By-An-Email-Address-tp32622830p32627953.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: Blacklisting By Mail Server Rather Than By An Email Address
Posted by RW <rw...@googlemail.com>.
On Mon, 10 Oct 2011 03:47:27 -0700 (PDT)
johnjinsf wrote:
> Is there a way of blacklisting the mail server which would prevent
> any mail originating from that server being received?
>
I don't think there is a way to blacklist a server unless the provider
allows you to create SA rules. If it does then:
header BAD_SERVER X-Spam-Relays-Untrusted =~ /helo=mail.XXX.com /i
score BAD_SERVER 3.0
Re: Blacklisting By Mail Server Rather Than By An Email Address
Posted by Benny Pedersen <me...@junc.org>.
On Mon, 10 Oct 2011 03:47:27 -0700 (PDT), johnjinsf wrote:
> Is there a way of blacklisting the mail server which would prevent
> any mail
> originating from that server being received?
is sender domain(s) rfc-ignorant ?, "sendmail -bv abuse@example.org"
"sendmail -bv postmaster@example.org", what results come back to you ?,
root is geting this mails :=)
if domain is rfc-ignorant please list them as so here
http://www.rfc-ignorant.org/
next step depends on meta rules in spamassassin
"i got a new email address" was something i seen last year, but not
much anymore :=)
suggested plugins to add SAGREY, with caches first time senders