[svlug] Bad email
Karsten M. Self
kmself at ix.netcom.com
Wed Mar 30 03:25:29 PST 2005
on Tue, Mar 29, 2005 at 12:57:05PM -0500, Skip Evans (skip at venomouspenguin.com) wrote:
> Robert Hajime Lanning wrote:
> ><quote who="Skip Evans">
[Getting lots of spam]
> >Grep for the queue ID. "j2RC8ORJ030415"
> >Sendmail puts different information in different log entries.
> >The only real way to match them up is via the queue ID.
> I am now under the impression this could be worm-spam from a very
> large number of infected machines out there.
Again: if you can find some source IPs, you can get a better idea of
what you're dealing with.
In particular, there are numerous DNSBLs which deal with email abuse,
including open proxy / open relay lists. Which may or may not catch the
particular spam you're dealing with. But given a set of IPs, you can
test against several of the major lists. Google will turn up several
pages you can enter this into, or a short shell script will do the
> If so, isn't it kind of impossible to block it? This server answers
> email for diamond dealers in NYC and can get legitimate email from
> anyone in the world, so how would you go about sorting out the spam
> from the real?
If you don't mind ingesting it, spamassassin will kill this sort of
thing pretty reliably.
Karsten M. Self <kmself at ix.netcom.com> http://kmself.home.netcom.com/
What Part of "Gestalt" don't you understand?
You're not a user, nitwit.
- Jeff Waugh, describing GNOME users.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: Digital signature
Url : http://lists.svlug.org/archives/svlug/attachments/20050330/35de0138/attachment.bin
More information about the svlug