OT - has my email domain been hijacked?
Schlaegel
777tahder at schlaegel.com
Thu Sep 15 06:55:05 UTC 2005
On 9/14/05, kevin.kempter at dataintellect.com
<kevin.kempter at dataintellect.com> wrote:
> Thanks for the info.
>
> Can you send me info on what a spam assasin filter to catch these will need to
> look like?
Here are some rules I added to my user_prefs file after setting
"allow_user_rules 1" in local.cf.
My goal was to insure the joe-job bounces were deleted, not remove
spam, which I receive little of. I turned off Bayes and neutered
auto_whitelist. I would have completely turned off auto_whitelist if I
could have figured out how. The rules still need to have their score
adjusted, as most of the matches are guaranteed bounces.
I based the rules on my large collection of bounce messages and
http://permalink.gmane.org/gmane.discuss/5381
# From bounce matches
header BOUNCE_FROM_MAILER_DAEMON From =~ /mailer-daemon/i
describe BOUNCE_FROM_MAILER_DAEMON From: mailer-daemon, probably an
automated message
score BOUNCE_FROM_MAILER_DAEMON 5
header BOUNCE_FROM_BLACKHOLE From =~ /blackhole/i
describe BOUNCE_FROM_BLACKHOLE From: blackhole, probably an automated message
score BOUNCE_FROM_BLACKHOLE 5
header BOUNCE_FROM_POSTMASTER From =~ /postmaster/i
describe BOUNCE_FROM_POSTMASTER From: postmaster, probably an
automated message
score BOUNCE_FROM_POSTMASTER 5
header BOUNCE_FROM_POST_OFFICE From =~ /Post Office/i
describe BOUNCE_FROM_POST_OFFICE From: Post Office, probably an
automated message
score BOUNCE_FROM_POST_OFFICE 5
header BOUNCE_FROM_MAIL_DELIVERY_SYSTEM From =~ /Mail Delivery System/i
describe BOUNCE_FROM_MAIL_DELIVERY_SYSTEM From: Mail Delivery
System, probably an automated message
score BOUNCE_FROM_MAIL_DELIVERY_SYSTEM 5
header BOUNCE_FROM_MAIL_DELIVERY_SUBSYSTEM From =~ /Mail Delivery
Subsystem/i
describe BOUNCE_FROM_MAIL_DELIVERY_SUBSYSTEM From: Mail Delivery
Subsystem, probably an automated message
score BOUNCE_FROM_MAIL_DELIVERY_SUBSYSTEM 5
header BOUNCE_FROM_MAIL_ADMINISTRATOR From =~ /Mail Administrator/i
describe BOUNCE_FROM_MAIL_ADMINISTRATOR From: Mail Administrator,
probably an automated message
score BOUNCE_FROM_MAIL_ADMINISTRATOR 5
header BOUNCE_FROM_SYSTEM_ADMINISTRATOR From =~ /System Administrator/i
describe BOUNCE_FROM_SYSTEM_ADMINISTRATOR From: System
Administrator, probably an automated message
score BOUNCE_FROM_SYSTEM_ADMINISTRATOR 5
header BOUNCE_FROM_INTERNET_MAIL_DELIVERY From =~ /Internet Mail Delivery/i
describe BOUNCE_FROM_INTERNET_MAIL_DELIVERY From: Internet Mail
Delivery, probably an automated message
score BOUNCE_FROM_INTERNET_MAIL_DELIVERY 5
header BOUNCE_FROM_MAIL From =~ /mail/i
describe BOUNCE_FROM_MAIL From: mail, possibly an automated message
score BOUNCE_FROM_MAIL 1
# Subject bounce matches
header BOUNCE_FAILURE_NOTICE Subject =~ /failure notice/i
describe BOUNCE_FAILURE_NOTICE Subject: 'failure notice', bounce message
score BOUNCE_FAILURE_NOTICE 5
header BOUNCE_DELIVERY_STATUS_NOTIFICATION Subject =~ /delivery
status notification/i
describe BOUNCE_DELIVERY_STATUS_NOTIFICATION Subject: 'Delivery status
notification', probably bounce
score BOUNCE_DELIVERY_STATUS_NOTIFICATION 1
header BOUNCE_DELIVERY_FAILED Subject =~ /delivery failed/i
describe BOUNCE_DELIVERY_FAILED Subject: 'delivery failed', bounce message
score BOUNCE_DELIVERY_FAILED 1
header BOUNCE_MAIL_DELIVERY_FAILED Subject =~ /Mail delivery failed/i
describe BOUNCE_MAIL_DELIVERY_FAILED Subject: 'Mail delivery failed',
bounce message
score BOUNCE_MAIL_DELIVERY_FAILED 5
header BOUNCE_UNDELIVERABLE Subject =~ /Undeliverable:/i
describe BOUNCE_UNDELIVERABLE Subject: Undeliverable
score BOUNCE_UNDELIVERABLE 1
header BOUNCE_RETURNED_MAIL Subject =~ /Returned mail/i
describe BOUNCE_RETURNED_MAIL Subject: 'Returned mail', bounce message
score BOUNCE_RETURNED_MAIL 5
header BOUNCE_MAIL_COULD_NOT_BE_DELIVERED Subject =~ /Mail could
not be delivered/i
describe BOUNCE_MAIL_COULD_NOT_BE_DELIVERED Subject: 'Mail could
not be delivered', bounce message
score BOUNCE_MAIL_COULD_NOT_BE_DELIVERED 5
header BOUNCE_UNDELIVERED_MAIL Subject =~ /Undelivered Mail/i
describe BOUNCE_UNDELIVERED_MAIL Subject: 'Undelivered Mail', bounce message
score BOUNCE_UNDELIVERED_MAIL 5
header BOUNCE_RETURNED_TO_SENDER Subject =~ /Returned to Sender/i
describe BOUNCE_RETURNED_TO_SENDER Subject: 'Returned to Sender',
bounce message
score BOUNCE_RETURNED_TO_SENDER 5
use_bayes 0
fold_headers 0
auto_whitelist_factor 0
More information about the fedora-list
mailing list