On Tue, 2017-10-24 at 10:01 +0100, Laurie Brown wrote:
Hi all,
Well, after many years of my Linux mail filters working very well, I've noticed a significant increase in spam over the last week, and last night I got 33 alone, an unheard of number.
Has anyone else noticed this?
Yep. Not only am I getting a massive increase in spam (from near enough zero to 40 or 50 a day), but they're much bigger than previously - near enough a megabyte each. IMO this is closer to a DoS attack than it is advertising.
I use postfix, blacklists, postgrey, spamassassin (and a Bayesian DB), with all the usual postfix settings to discourage spammers. I also use a honeytrap third party MX server which traps and records some spam.
Normally, once in a while I'll see a small increase in soam, and then the RBLs kick in and it stops after a few hours. However, I can't even find much of a pattern in the emails; there are a couple of regular IPs
- now firewalled out - but in the main they are random. There must be a
massive Windows-based botnet out there with some new spamming software on it. It's certainly dealing with grey-listing now.
Ideas anyone?
Sadly not, at the moment. I'm just gritting my teeth and training my filters up. Due to the enormous size of the emails, I am looking filtering solutions that run over IMAP, rather than having to download the garbage first (that and Sieve scripts that run at my ISP), but apart from that, I run much the same stuff as you.
Sorry.