SPAM Assassin
Oliver Garrett Burton
ogburton at ogburton.com
Fri May 10 18:32:38 UTC 2024
Hi,
The syntax you are looking for is *.domain.com --the dot will get rid of
those subdomains.
In many cases you have to look at the headers rather than the address
presented in the e-mail client to find out what the real sending domain was.
SPAM Assassin settings below 5 really clobber a lot of legitimate e-mail.
I worked for a few years as the Senior Systems Engineer for an ISP and
once you get to this level of attack you may need to resort to blocking
them by IP at your firewall.
Good luck,
Garrett
On 5/10/24 09:21, Michael D Wailes wrote:
> Hello!
>
> I have a question about SPAM Assassin and hoping maybe I can find some
> help here.
> My inbox is getting bombed with SPAM right now -- so bad that I've had
> to set the SPAM Assassin Threshold Score to 1 and am still getting
> 40-60 emails a day that are slipping through.
> I've attempted to also blacklist the domains that are consistently
> sneaking through but don't think I have those set correctly. I'm
> hoping someone here can offer some insight.
>
> Most of these spammers are using sub-domains such as, m.domain.com, so
> I've been setting the domain in the blacklist filter like this:
> *domain.com
>
> Shouldn't that cover any and all traffic from the specified domain?
>
> --
> *Michael Wailes*
> mwailes at mdwailes.com
>
>
>
--
Oliver Garrett Burton
E-mail:ogburton at ogburton.com
Sent From My Linux Desktop
🐧🐧🐧
Powered by Penguins
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nclug.org/pipermail/nclug/attachments/20240510/25cd3a5e/attachment.htm>
More information about the NCLUG
mailing list