On 03/29/2012 03:00 PM, Bob Hoffman wrote: > Hello, > Thanks to some nice people on here and other forums I have pretty much > finalized my whole mail system on centos 6.x. > > With all the checks, greylisting, dev/null of any 8+ spam level SA, I > still get a few mails. > > It seems like everytime I enable a new protectant, the mail stops > spamming for a few hours...then the spammers decide I am worthy of using > better methods against me..and more come. LOL. > > I am down to just 10-15 a day. > Anything that gets through all that I set up now goes to a spammers list > that I add to the access file of postfix. > > http://bobhoffman.com/spammers.html > > that is the link to my list. I am trying to sort them out into > political, real estate, bulk spammers, etc. > The worst part is the bulk emailers are not on any black list. It is > very hard to find their mail MX until they actually send you one. > Many will be blocked, then a new alternate of theirs comes through. > > I could not find a list of bulk commercial spammers so I thought I would > start one. As I progress it will become more defined, but right now a > big list with some categories after it. > > Hope it helps. > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos You won't be able to track them easily because they hop around from network to network. Sometimes I can recognize them by seeing the same spams repeatedly, also, different IP addresses connecting and guessing passwords for the same list of users. But I rarely get those anymore since I have blocked pop/imap logins from outside of the US. You can report them to spamcop.net and that may help to provide some incentive for ISPs to kick spammers off their network. The way that I finally got rid of all the residual spam that makes it through greylisting, SPF, spamassassin, clamav is to handout unique mail addresses and use black/whitelists. So for example if I assign an email address for incoming mail from a mailing list and then setup a whitelist entry that only allows that address to receive email from the mailservers that serve that mailing list and then blacklist all other incoming mail to that address it is very effective. With a decent whitelist/blacklist tool it's fairly easy to implement. I used to get literally hundreds of spams a day and now I probably average about 2 per week. You can also get on the spamassassin mailing list and add more plugins and work on tuning the spamassassin config. You can also play with sa-learn. For me though the black/whitelisting works quite well. Nataraj