|

»

»

»

SpamAssassin - Users

Avoid spam 'La Sante Est Bonne'

View: New views

5 Messages — Rating Filter: Alert me

	Avoid spam 'La Sante Est Bonne' by phil89 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi, How could i avoid theses spam ? i have replace my company name by 'societe' Regards Philippe De : David Lxxx [mailto:dlarcheveque@...] Envoyé : mardi 1 juillet 2008 13:36 À : 'Philippe Cxxx' Objet : TR: Maintenant, je Suis Encore en Bonne Sante. Un exemple de spam reçu en début d'après-midi : Return-Path: <pscreyeszamora@...> Delivered-To: dlarcheveque@... Received: by mail.societe.fr (Postfix, from userid 513) id 1A788E874; Tue, 1 Jul 2008 13:14:41 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.1.8 (2007-02-13) on mail.societe.fr X-Spam-Level: ** X-Spam-Status: No, score=4.7 required=6.2 tests=BAYES_50,HTML_MESSAGE, MR_NOT_ATTRIBUTED_IP,NO_RDNS,RCVD_IN_DYNABLOCK,RCVD_IN_SORBS, RCVD_IN_SORBS_DUL autolearn=no version=3.1.8 Received: from bianchet-9c435d (unknown [79.0.238.53]) by mail.societe.fr (Postfix) with ESMTP id 062BCE79D; Tue, 1 Jul 2008 13:14:36 +0200 (CEST) Received: from [79.0.238.53] by smtpb.co.fresno.ca.us; Tue, 1 Jul 2008 12:22:08 +0100 From: La Sante Est Bonne <pscreyeszamora@...> To: <ygarnier@...> Subject: Maintenant, je Suis Encore en Bonne Sante. Date: Tue, 1 Jul 2008 12:22:08 +0100 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0006_01C8DB75.1466D800" X-Mailer: Microsoft Office Outlook, Build 11.0.6353 Thread-Index: Aca6QNJ4HDQU6IIFUKME9X0D8P0D1F== X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2663 Message-ID: <01c8db75$1466d800$35ee004f@...> Status: De : La Sante Est Bonne [mailto:pscreyeszamora@...] Envoyé : mardi 1 juillet 2008 13:22 À : ygarnier@... Objet :** Maintenant, je Suis Encore en Bonne Sante. Meilleure medecine et les meilleures Pillules seulement pour vous. Rendez-vous de EuroPharmacie de l'Internet et son enthousiasme sont correctement. Ainsi, beaucoup de choix et peu couteuse ... il ya seulement ici. Ces Pilules sont vraiment les meilleurs. Le meilleur de fabrication et de production. Prix que vous aimez.
	Re: Avoid spam 'La Sante Est Bonne' by mouss-2 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Philippe Couas wrote: > Hi, > > How could i avoid theses spam ? > > i have replace my company name by 'societe' > Block it in your postfix. here are some hints (that you may or may not be able to use): - its helo is not fqdn. so it can be blocked by reject_non_fqdn_helo_hostname - the PTR for the client is host53-238-dynamic.0-79-r.retail.telecomitalia.it. if you have a recent postfix, you can use check_reverse_client_hostname_access to block clients witha PTR matching .telecomitalia.it or if you don't want to block the whole domain, /\d[-\.]\d..telecomitalia\.it$/ (pcre style). Otherwise, just train Bayes (with BAYES_99, you would have cought it). > Regards > > Philippe > > De : David Lxxx [mailto:dlarcheveque@...] > Envoyé : mardi 1 juillet 2008 13:36 > À : 'Philippe Cxxx' > Objet : TR: Maintenant, je Suis Encore en Bonne Sante. > > > Un exemple de spam reçu en début d'après-midi : > > Return-Path: < <mailto:pscreyeszamora@...> > pscreyeszamora@...> > Delivered-To: <mailto:dlarcheveque@...> dlarcheveque@... > Received: by mail.societe.fr (Postfix, from userid 513) > id 1A788E874; Tue, 1 Jul 2008 13:14:41 +0200 (CEST) > X-Spam-Checker-Version: SpamAssassin 3.1.8 (2007-02-13) on mail.societe.fr > X-Spam-Level: *** > X-Spam-Status: No, score=4.7 required=6.2 tests=BAYES_50,HTML_MESSAGE, > MR_NOT_ATTRIBUTED_IP,NO_RDNS,RCVD_IN_DYNABLOCK,RCVD_IN_SORBS, > RCVD_IN_SORBS_DUL autolearn=no version=3.1.8 > Received: from bianchet-9c435d (unknown [79.0.238.53]) > by mail.societe.fr (Postfix) with ESMTP > id 062BCE79D; Tue, 1 Jul 2008 13:14:36 +0200 (CEST) > Received: from [79.0.238.53] by smtpb.co.fresno.ca.us; Tue, 1 Jul 2008 > 12:22:08 +0100 > From: La Sante Est Bonne < <mailto:pscreyeszamora@...> > pscreyeszamora@...> > To: < <mailto:ygarnier@...> ygarnier@...> > Subject: Maintenant, je Suis Encore en Bonne Sante. > Date: Tue, 1 Jul 2008 12:22:08 +0100 > MIME-Version: 1.0 > Content-Type: multipart/alternative; > boundary="----=_NextPart_000_0006_01C8DB75.1466D800" > X-Mailer: Microsoft Office Outlook, Build 11.0.6353 > Thread-Index: Aca6QNJ4HDQU6IIFUKME9X0D8P0D1F== > X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2663 > Message-ID: < <mailto:01c8db75$1466d800$35ee004f@pscreyeszamora> > 01c8db75$1466d800$35ee004f@pscreyeszamora> > Status: > > > > De : La Sante Est Bonne [mailto:pscreyeszamora@...] > Envoyé : mardi 1 juillet 2008 13:22 > À : ygarnier@... > Objet : Maintenant, je Suis Encore en Bonne Sante. > > > Meilleure medecine et les meilleures Pillules seulement pour vous. > Rendez-vous de EuroPharmacie de l'Internet et son enthousiasme sont > correctement. Ainsi, beaucoup de choix et peu couteuse ... il ya seulement > ici. > > Ces Pilules sont vraiment les meilleurs. Le meilleur de fabrication et de > production. Prix que vous aimez. > > > > >
	Re: Avoid spam 'La Sante Est Bonne' by sm-7 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi Philippe, At 04:44 01-07-2008, Philippe Couas wrote: >How could i avoid theses spam ? > >i have replace my company name by 'societe' [snip] >X-Spam-Level: **** >X-Spam-Status: No, score=4.7 required=6.2 tests=BAYES_50,HTML_MESSAGE, >MR_NOT_ATTRIBUTED_IP,NO_RDNS,RCVD_IN_DYNABLOCK,RCVD_IN_SORBS, >RCVD_IN_SORBS_DUL autolearn=no version=3.1.8 You can learn it as spam to get a higher score from Bayes. Some french rules were posted last month. See whether they hit that message. Regards, -sm
	Re: Avoid spam 'La Sante Est Bonne' by Michelle Konzack-2 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Salut Philippe, Am 2008-07-01 13:44:52, schrieb Philippe Couas: > Hi, > > How could i avoid theses spam ? Avec procmail? It is a EuroPharmacy spam :0B * ! TO_users@spamassassin\.apache\.org * EuroPharmac(ie\|y) /dev/null > > i have replace my company name by 'societe' But not infodev? Greetings Michelle Konzack Systemadministrator 24V Electronic Engineer Tamay Dogan Network Debian GNU/Linux Consultant -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ ##################### Debian GNU/Linux Consultant ##################### Michelle Konzack Apt. 917 ICQ #328449886 +49/177/9351947 50, rue de Soultz MSN LinuxMichi +33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com) signature.pgp (196 bytes) Download Attachment
	Re: Avoid spam 'La Sante Est Bonne' by Justin Mason :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Michelle Konzack writes: > Salut Philippe, > > > Am 2008-07-01 13:44:52, schrieb Philippe Couas: > > Hi, > > > > How could i avoid theses spam ? > > Avec procmail? > > It is a EuroPharmacy spam > > :0B > * ! TO_users@spamassassin\.apache\.org > * EuroPharmac(ie\|y) > /dev/null Hmm. Michelle, is this a SpamAssassin list, or a procmail list? ;) More seriously, if one was to use this recipe, any mention of the single "magic word" in a mail sent to any address other than this list's, will immediately cause that mail to be sent to the bit-bucket. This is false-positive-prone, and with major consequences. It is a good deal safer to use SpamAssassin rules, allowing false positives to be rescued from the "spam" folder if/when they misfire. (The nature of the real world is that there will _always_ be false positives.) This was a core design decision I made when first designing SpamAssassin, in response to this kind of brittle, dangerous procmail recipe. --j.