I'm having an increased amount of junk getting through due to it coming
from Hotmail and Yahoo's servers which makes any type of pre-filter
stuff like RBL's, Greylisting, Sender Verification useless which leaves
me to rely on Spamassassin. I cannot block hotmail and Yahoo (although
I would like to personally) as our users receive valid email from them.
I have emailed there abuse but it seems more like a blackhole.
I was advised by the Postfix mailing lists to see if anyone here can
help me out.
Important Note: I am planning on upgrading the Spam Gateway we are
operating to utilise Maia Mailguard and therefore allow easier training
of the spam filter which will hopefully help in fixing the problem
anyway but was wondering if anyone ha some tips on how to kill this junk.
I have added higher scores such as "score DRUGS_ERECTILE 7.31" but that
doesn't help with all the spam.
Examples are below.
##############################
Microsoft Mail Internet Headers Version 2.0
Received: from mx.3rdmill.com.au ([xxx.xxx.xxx.xxx]) by
3msyd1.nsw.3rdmill.com.au with Microsoft SMTPSVC(6.0.3790.3959);
Tue, 26 Aug 2008 07:12:23 +1000
Received: from localhost (localhost.localdomain [127.0.0.1])
by mx.3rdmill.com.au (Postfix) with ESMTP id CFD6AFEAF
for
; Tue, 26 Aug 2008 07:12:24 +1000 (EST)
Received: from mx.3rdmill.com.au ([127.0.0.1]) by localhost
(3msydmxg.nsw.3rdmill.com.au [127.0.0.1]) (amavisd-maia, port 10024)
with ESMTP id 06003-05 for ; Tue, 26 Aug 2008
07:12:12 +1000 (EST)
Received: from n1.bullet.mail.re3.yahoo.com
(n1.bullet.mail.re3.yahoo.com [68.142.237.108])
by mx.3rdmill.com.au (Postfix) with SMTP id 152B8FE72
for ; Tue, 26 Aug 2008 07:12:05 +1000 (EST)
Received: from [68.142.230.28] by n1.bullet.mail.re3.yahoo.com with
NNFMP; 25 Aug 2008 21:12:02 -0000
Received: from [216.252.111.166] by t1.bullet.re2.yahoo.com with NNFMP;
25 Aug 2008 21:12:02 -0000
Received: from [127.0.0.1] by omp101.mail.re3.yahoo.com with NNFMP; 25
Aug 2008 21:12:02 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 710810.31677.bm@omp101.mail.re3.yahoo.com
Received: (qmail 14637 invoked by uid 60001); 25 Aug 2008 21:12:02 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
s=s1024; d=yahoo.com;
h=X-YMail-OSG:Received:X-Mailer
ate:From:Reply-To:Subject:To:Cc:MIME-Version:Content-Type:Message-ID;
b=MoHka6GIK4EPE9h69cCWTi6GTwzEKJQsemn1tMAKkC+3aqBJ Jm6X8nUBiDj8TRgG2AkBZOVfAH7YsujX/hjWyGgrc/KMNjQtygxd/SNmVQQfZKx9FEueCSK4OAk0joY/V8LBOvvrOtSHvfnQpcgClrSsRrFJ5iTjU/30kPeZJnU=;
X-YMail-OSG:
mwVfClMVM1kM9GhmjadPth3DGxGMJJTDHLJxFCGCGWcNvZViq6 NFYpOzOSRIqsmteUiJfFKq3Q1YM3NITcYFHcFdUzAlf39soSr9 xmj2QJkMtcWnsEPpQAYZxojCTXA-
Received: from [90.54.180.225] by web57511.mail.re1.yahoo.com via HTTP;
Mon, 25 Aug 2008 14:12:02 PDT
X-Mailer: YahooMailWebService/0.7.218.2
Date: Mon, 25 Aug 2008 14:12:02 -0700 (PDT)
From: Jamie Microdissection
Reply-To: jamiemicrodissection1673096@yahoo.com
Subject: Firmer and longer erections shut
To: vavero@starmedia.com
Cc:
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-ID: <472879.14519.qm@web57511.mail.re1.yahoo.com>
X-Virus-Scanned: Maia Mailguard 1.0.2
X-Spam-Status: No, hits=0.002 tagged_above=-999 required=5.31
tests=BAYES_50=0.001, HS_INDEX_PARAM=0.001
X-Spam-Level:
Return-Path: jamiemicrodissection1673096@yahoo.com
X-OriginalArrivalTime: 25 Aug 2008 21:12:23.0984 (UTC)
FILETIME=[44ECFB00:01C906F7]
-----Original Message-----
From: Jamie Microdissection [mailto:jamiemicrodissection1673096@yahoo.com]
Sent: Tuesday, 26 August 2008 7:12 AM
To: vavero@starmedia.com
Cc:
Subject: Firmer and longer erections shut
think worm mules fly blaze.
http://groups.google.com/group/sdeli...illpewtyr2neat
##################################################
Microsoft Mail Internet Headers Version 2.0
Received: from mail.icfrith.com.au ([xxx.xxx.xxx.xxx]) by
icfmail1.icfrith.com.au with Microsoft SMTPSVC(5.0.2195.6713);
Mon, 25 Aug 2008 11:29:40 +1000
Received: from localhost (localhost.localdomain [127.0.0.1])
by mail.icfrith.com.au (Postfix) with ESMTP id 951DD2B956
for ; Mon, 25 Aug 2008 11:14:07
+1000 (EST)
X-Virus-Scanned: Debian amavisd-new at icfrith.com.au
X-Spam-Score: 2.54
X-Spam-Level: **
X-Spam-Status: No, score=2.54 required=5.31 tests=[BAYES_50=0.001,
DCC_CHECK=2.17, HTML_MESSAGE=0.001, URI_HEX=0.368]
Received: from mail.icfrith.com.au ([127.0.0.1])
by localhost (icfsydmxg-vm.icfrith.com.au [127.0.0.1])
(amavisd-new, port 10024)
with ESMTP id QptAnYEjlOsy for ;
Mon, 25 Aug 2008 11:14:05 +1000 (EST)
Received: from BAY0-OMC3-S10.bay0.hotmail.com
(bay0-omc3-s10.bay0.hotmail.com [65.54.246.210])
by mail.icfrith.com.au (Postfix) with ESMTP id E4D912B99C
for ; Mon, 25 Aug 2008 11:14:02
+1000 (EST)
Received: from BAY113-W51 ([65.54.168.151]) by
BAY0-OMC3-S10.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959);
Sun, 24 Aug 2008 18:29:34 -0700
Message-ID:
Content-Type: multipart/alternative;
boundary="_6d082c57-ec4b-42db-aaa6-f421809ee165_"
X-Originating-IP: [201.83.252.234]
From: Dorothy Brown
To:
Subject: Licensed pharmaceutical professionals from our pharmacy are
available 24/7 for you.
Date: Mon, 25 Aug 2008 01:29:33 +0000
Importance: High
MIME-Version: 1.0
X-OriginalArrivalTime: 25 Aug 2008 01:29:34.0525 (UTC)
FILETIME=[07D4EED0:01C90652]
Return-Path: dorothyxqsdzips@hotmail.com
--_6d082c57-ec4b-42db-aaa6-f421809ee165_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
--_6d082c57-ec4b-42db-aaa6-f421809ee165_
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
--_6d082c57-ec4b-42db-aaa6-f421809ee165_--
________________________________________
From: Dorothy Brown [mailto:dorothyxqsdzips@hotmail.com]
Sent: Monday, 25 August 2008 11:30 AM
To: roslyn.holcombe@icliffs.com
Subject: Licensed pharmaceutical professionals from our pharmacy are
available 24/7 for you.
Importance: High
Attractive prices and high quality is our motto.
www.cid-1a15c26c02719644.spaces.live.com
#########################################