Re: flood/spammer's new tactics
- From: John Thompson <john@xxxxxxxxxxxxxxxxxx>
- Date: Thu, 16 Aug 2007 16:51:44 -0500
On 2007-08-16, Robert M. Riches Jr. <spamtrap42@xxxxxxxxxxx> wrote:
The flood/spammer has adapted (just like the Borg). From
what I can see, the common denominator of about half of
today's round is:
X-Complaints-To: abuse@xxxxxxxxxxx
That is easy enough to filter out without much collateral
damage. However, most of the other half appear to have the
following:
NNTP-Posting-Host: 24.174.213.62
X-Complaints-To: abuse@xxxxxx
Unfortunately, when I tried filtering in slrn on the NNTP
posting host, it didn't work--none of the postings got
marked green. A quick grep of my archived "good" historical
postings show the rr.com line for many good postings.
I'm hoping the current bozo will go away in a couple of
days, reducing the urgency to install and set up leafnode,
at least in the short term.
Does anyone else have good leads in filtering out this new
round of junk?
Try escaping the "." like this:
NNTP-Posting-Host: 24\.174\.213\.62
Works here with slrn, but the spewer changes things often enough that
I've needed a lot of new rules anyway.
--
John (john@xxxxxxxxxxx)
.
- Follow-Ups:
- Re: flood/spammer's new tactics
- From: SINNER
- Re: flood/spammer's new tactics
- References:
- flood/spammer's new tactics
- From: Robert M. Riches Jr.
- flood/spammer's new tactics
- Prev by Date: Re: Cron job not working
- Next by Date: Terminal freezes when ssh session disconnects
- Previous by thread: Re: flood/spammer's new tactics
- Next by thread: Re: flood/spammer's new tactics
- Index(es):
Relevant Pages
|
