How to stop new spam |
Post Reply 
|
| Author | ||
WebGuyz 
Senior Member 
Joined: 09 May 2005 Location: United States Status: Offline Points: 348 |
 Post Options
 Thanks(0)
 Quote Reply
 Topic: How to stop new spamPosted: 06 June 2006 at 2:14pm |
|
|
Getting tons of spam emails with same FROM & TO and all just have sequence of numbers in subject and body. Tried a regex as below but I'm stopping regular emails as well. Can't enable the option to reject same from-to in SF in my case. Anyone found a good way to stop it using rejex? ((?i)Subject:.[0-9])
Thanks! |
||
|
http://www.webguyz.net
|
||
 |
||
|
sgeorge
Senior Member
Joined: 23 August 2005 Status: Offline Points: 178 |
Post Options
Thanks(0)
Quote Reply
Posted: 06 June 2006 at 3:00pm |
|
|
Hey man, can you post some examples of subjects or messages with the sequences?
Also, I can tell right now why the filter you mention above is catching too much - it's way too broad: . - will match any character [0-9] - will match any single digit Put together, your RegEx statement will block subjects such as I like July 4th Confirmation ID #235623 10 reasons you should return my phone calls Stephen |
||
|
||
|
Wes
Guest Group 
|
Post Options
Thanks(0)
Quote Reply
Posted: 06 June 2006 at 3:39pm |
|
|
I had the same too, http://isc.incidents.org/ even reported such yesterday also as they were watching it and had numerous reports of the same. What I trying to figure out is why SPF (which we use and implement for our domain) didn't stop the messages. After tracking them in the log, it was found that the were autowhitelisted which is baffling to me to figure out why they were white listed.
|
||
|
||
|
sgeorge
Senior Member
Joined: 23 August 2005 Status: Offline Points: 178 |
Post Options
Thanks(0)
Quote Reply
Posted: 06 June 2006 at 3:50pm |
|
|
That is odd, Wes. Does the log entry indicate what caused the messages to be whitelisted? You coud post the log entry (without the email addresses) here?
Stephen |
||
|
||
|
WebGuyz
Senior Member
Joined: 09 May 2005 Location: United States Status: Offline Points: 348 |
Post Options
Thanks(0)
Quote Reply
Posted: 06 June 2006 at 3:51pm |
|
|
Here is what I want to catch: Subject: 455
The common denominator is that the first character is a number but the length varies and i don't want to catch stuff anywhere else but the first number after Subject:^(I use ^ to represent a space) |
||
|
http://www.webguyz.net
|
||
|
||
|
sgeorge
Senior Member
Joined: 23 August 2005 Status: Offline Points: 178 |
Post Options
Thanks(0)
Quote Reply
Posted: 06 June 2006 at 4:12pm |
|
|
I see. Funny you should mention ^. In RegEx, ^ can be used to force it to identify the beginning of a line. $ Can be used to represent the end of a line.
Hopefully this will do:
Stephen |
||
|
||
|
WebGuyz
Senior Member
Joined: 09 May 2005 Location: United States Status: Offline Points: 348 |
Post Options
Thanks(0)
Quote Reply
Posted: 06 June 2006 at 4:42pm |
|
|
Not catching anything at all. Will try to study the regex stuff some more. Thanks! |
||
|
http://www.webguyz.net
|
||
|
||
|
Marco
Senior Member
Joined: 07 June 2005 Location: Netherlands Status: Offline Points: 137 |
Post Options
Thanks(0)
Quote Reply
Posted: 07 June 2006 at 4:41am |
|
|
I have a couple of those in the QDB too, is it actually spam? is a product pushed? the mails in the DB look harmless.
A bit offtopic but: You guys know what i think is a real problem: Spammers can read over your shoulders in this open forum! On top of that: they can set up a testbed with spamfilter ISP free version and try out all sorts of combinations to see if SF will pass it through..... Think about it. Suppose i would say: block any email with subjects that only have digits: next that would happen is that random characters are inserted.. we are allways one step behind. This is because of the way email traffic works: it's scheme is: "allow anything, unless this and that", it would be better if it was "block all, but allow under certain conditions". (like a firewall) Unfortunately, this method cannot be used by ISP's, but it can for companies. Since companies are an important target for spams maybe this approach should be implemented into SF somehow. Something like a 'reverse bayesian filter', a filter that learns solely of good emails, and has the power to stop anything, unless it is recognised a beeing a 'good' mail.
Edited by Marco |
||
|
Anyone who is capable of getting himself made president, should on no account be allowed to do the job. D.Adams
|
||
|
||
|
WebGuyz
Senior Member
Joined: 09 May 2005 Location: United States Status: Offline Points: 348 |
Post Options
Thanks(0)
Quote Reply
Posted: 07 June 2006 at 7:46am |
|
|
The spam is harmless but its also a way to harvest email addresses, no rejection means a valid email address. Its costing me time by customers who don't get usually get spam calling me and asking me what this is. I had 5 phone calls and one from a customer who has 150 users and they were all getting them and bugging the admin who was ended up bugging me. I agree that SF is successfull and as a result has become a target by the dark side.
|
||
|
http://www.webguyz.net
|
||
|
||
Topic Options
sgeorge wrote:
|
Post Reply
|
|
Tweet
|
| Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
This page was generated in 0.180 seconds.