spam

Discussion:

spam

(too old to reply)

s***@gmail.com

2015-02-15 19:20:10 UTC

We are receiving a lot of spam from canadian health&care,
The body of the mail has always a http link on the first line.
In fact there is always one line. The hyperlink is always changing.
Can I reject the mails with body_checks if there is a http link on first line?

Burkhard Ott

2015-02-16 02:50:26 UTC

Permalink

Post by s***@gmail.com
We are receiving a lot of spam from canadian health&care,
The body of the mail has always a http link on the first line.
In fact there is always one line. The hyperlink is always changing.
Can I reject the mails with body_checks if there is a http link on first line?

Yes. However I would do more header checks, hostname checks etc., before
I reject it.
Why, if you take the message and delete it the spammer reachaed his goal,
you accepted the email. If you can reject it because the senders MTA is
not a valid sender hostname or not the official MX, you can already
reject the email. That way you don't waste resources on your server and
the spammer is unable to deliever the email to your MTA.
They learn fast un you should see in a short time period, that the
delievery 'tries' goe down.

cheers

s***@gmail.com

2015-02-16 08:09:19 UTC

Permalink

Ok, but they are using different mta's from multiple countries. I did not find any string to do a header check or something else.

Burkhard Ott

2015-02-17 01:54:32 UTC

Permalink

Post by s***@gmail.com

Ok, but they are using different mta's from multiple countries. I did
not find any string to do a header check or something else.

Check if these multiple MTA's are a valid sender MTA for @domain. If not,
reject.

Continue reading on narkive:

Search results for 'spam' (Questions and Answers)