Spam coming through RSS Back to forum
@Norbert Fehlauer: This seems to be a phishing email and not a spam: are there any URLs in the body? Also, I noticed that something already detected this as spam (see the [Ates-Spam] tag in the subject). Are all email subject tagged liked that? Maybe blacklisting this tag using a Keyword Blacklist entry with a subject scope is the simplest solution...
Yes, all those Mails seem to be tagged like that one. I did block the IP as it seems to come just from 2 IPs till now. I'll try to get the body of one of those mails to see if there is any URL inside.
Regards
Norbert
Is it ok, to post the content here, or would it be better to send it via mail (where to)?
Regards
Norbert
Hi, lately I'm getting a lot of spam coming through.
Thats one example, but they are all the same just different recipients:
-------------------------------------------------------------------------------
-- EVENT SUMMARY --
Time: 28.01.2012 17:45:59 GMT+0100 Mitteleuropäische Zeit
Sender Email:
Recipient Email: customer-address (I removed the original address)
Related IP: 62.146.33.44
Action: (not available)
Email Subject: [Ates-Spam] - [Ates-Spam] - Ihre Kreditkarte wurde ausgesetzt, weil wir ein Problem festgestellt, auf Ihrem Konto.
-- EVENT MESSAGE --
Email passed checks.
-- EVENT DETAILS --
Filtering Point: On Arrival
Event Class: Pass
Severity: Information
Server: "my-server"
Event Source: SMTPSVC-2
HELO Domain: apofis.udag.de
Message ID: <[email protected]>
Log Mode: Verbose
ORF Version: 5.0 "Margherita" DEVBUILD-REV06, DEBUG
-------------------------------------------------------------------------------
Any tipp how I could stop those kind of spam without blacklisting the sending IPs?
Regards
Norbert