[Rspamd-Users] Rules for different separated spam words such as pharmac=euticals or pharmaceutic*als
Knut Krüger
rspam.mailing at kk-computer-service.de
Mon Mar 11 12:58:59 UTC 2024
Am 11.03.24 um 12:28 schrieb G.W. Haywood:
>
> You might be better off looking for indications of the sources of the
> spam rather than the content. Try looking at the headers to see if
> there are any common characteristics which help you identify the
> unwanted messages. I find blocking by ASN fairly effective, but if
> you really are up against a world-wide botnet of hijacked boxes it's
> going to be difficult to identify them all. I use p0f to try to
> identify compromised Windows boxes but it isn't especially reliable.
>
Thank you for your Answer.
It looks like a bot net. Each mail is slightly different and from
different IPs. Always different URL to buy the medicine, but always the
same medicines for men
I will have a look to p0f
More information about the Users
mailing list