spam from odd TLDs - can we assign higher bayes score by TLD

Discuss our MailScanner install script and MailScanner itself
5 posts Page 1 of 1
silver_2000
Junior Member
Posts: 115
Joined: 18 Dec 2006, 01:55


We are still getting hammered by spam from .pw .me .us .bix etc Top level domains

When it was just .us and .pw we blocked the entire tld but now that list is growing and we can block them all ..

what Im wondering is can see simply change the bayes scoring to assign any email from those tlds a higher level of scrutiny - or perhaps set it so that any email from *.me starts out with a higher bayes score

just looking for ways to stem the recent increase in spam since the vast majority is from these little known tlds
JasGot
Junior Member
Posts: 20
Joined: 10 Jan 2008, 17:16


Did you use CSF to block those domains? That is a big load on the IPtables. We found success using the blacklist rules.

Change to your own TLDs that are bothering you.

Put this:

From: /\.pw$/ yes
From: /\.info$/ yes
From: /\.ru$/ yes

Those are tabs, not spaces


in the spam.blacklist.rules
silver_2000
Junior Member
Posts: 115
Joined: 18 Dec 2006, 01:55


THanks for the reply

Do you know of a way that could be used by Account holders in Cpanel ?

That way Im not blocking from the entire server BUT the Customers/Account holders could choose to block the Spamming TLDs themselves
JDStallings
Junior Member
Posts: 55
Joined: 10 Dec 2006, 10:04


Sarah,

Can we get a response on this? I would actually like to add additional scores to all emails from certain domains so they score higher but have not been able to find out how to accomplish this.

Will continue to search the forum.... :D

Thanks in advance
Jim
Sarah
Moderator
Posts: 809
Joined: 09 Dec 2006, 22:49


Jim,

I don't think bayes is the way to handle this situation. You would probably need to add your own spamassassin rules, which is not really something we can offer help with. There are instructions on writing SA rules here: http://wiki.apache.org/spamassassin/WritingRules

Once you've done that you could also look at using the "SpamAssassin Rule Actions" setting in the MailScanner configuration if you want to take specific actions for emails that hit your new rules.

Regards,
Sarah
5 posts Page 1 of 1