[CentOS] my spammer list

Fri Mar 30 13:49:18 UTC 2012
Bob Hoffman <bob at bobhoffman.com>

On 3/30/2012 7:48 AM, Markus Falb wrote:
> On 30.3.2012 05:26, Nataraj wrote:
>
>> The way that I finally got rid of all the residual spam that makes it
>> through greylisting, SPF, spamassassin, clamav is to handout unique mail
>> addresses and use black/whitelists.  So for example if I assign an email
>> address for incoming mail from a mailing list and then setup a whitelist
>> entry that only allows that address to receive email from the
>> mailservers that serve that mailing list and then blacklist all other
>> incoming mail to that address it is very effective.
> But how to tell which mailservers are "serving" that mailing list?
> That's the thing SPF or similar is supposed to do, isn't it? Don't tell
> me you are looking at the MX Records! Incoming and Outgoing Mailservers
> are not the same necessarily.
>
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
clients...senders...helo... from the logs and the mailings. Usually in 
the bulk commercial 'legitimate' spammers there entire system is 
configured correctly, as are their headers, to avoid spamassassin and 
common mail screenings.
 From that you slowly whittle them down.
 From this I have found certain bulk mailers, especially political and 
real estate, have a certain grouping of outgoing relays...like 
'ala'mail.net, 'ala'mode.com, vocus.com, vocsmail.com, etc...

and once I got all the others out it was very evident based on the 
layout of the mail who is sending it...basically like 4 or 5 types... 
Kinda cool to start seeing the patterns.