[ALUG] Huge increase in spam
huge at huge.org.uk
Tue Oct 24 10:17:34 BST 2017
On Tue, 2017-10-24 at 10:01 +0100, Laurie Brown wrote:
> Hi all,
> Well, after many years of my Linux mail filters working very well, I've
> noticed a significant increase in spam over the last week, and last
> night I got 33 alone, an unheard of number.
> Has anyone else noticed this?
Yep. Not only am I getting a massive increase in spam (from near enough
zero to 40 or 50 a day), but they're much bigger than previously - near
enough a megabyte each. IMO this is closer to a DoS attack than it is
> I use postfix, blacklists, postgrey, spamassassin (and a Bayesian DB),
> with all the usual postfix settings to discourage spammers. I also use a
> honeytrap third party MX server which traps and records some spam.
> Normally, once in a while I'll see a small increase in soam, and then
> the RBLs kick in and it stops after a few hours. However, I can't even
> find much of a pattern in the emails; there are a couple of regular IPs
> - now firewalled out - but in the main they are random. There must be a
> massive Windows-based botnet out there with some new spamming software
> on it. It's certainly dealing with grey-listing now.
> Ideas anyone?
Sadly not, at the moment. I'm just gritting my teeth and training my
filters up. Due to the enormous size of the emails, I am looking
filtering solutions that run over IMAP, rather than having to download
the garbage first (that and Sieve scripts that run at my ISP), but apart
from that, I run much the same stuff as you.
Today is Boomtime, the 5th day of The Aftermath in the YOLD 3183
Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn.
More information about the main