Solved

Trapping Spam with SpamAssassin

Posted on 2014-03-25
3
279 Views
Last Modified: 2014-03-31
I know next to nothing about working with SpamAssassin other than it is available for my shared server through my C-Panel.

I am on a small network that I am responsible for.

I have the filter set for '++++'

I made the mistake of clicking on an 'unsubscribe' button and now I am flooded with spam. All of them are using an identical template which is

The advertisers name and link

The advertisers catch phrase and link

The advertisers one line pitch and link

A jpg ad with link
Majority of spam is using this same template
The header reads the score as this:
 Content analysis details:   (-1.4 points, 4.0 required)
 
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
 -0.4 RP_MATCHES_RCVD        Envelope sender domain matches handover relay domain
 -1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
                             [score: 0.0000]
  0.0 HTML_MESSAGE           BODY: HTML included in message
  0.9 RAZOR2_CHECK           Listed in Razor2 (http://razor.sf.net/)
X-Spam-Flag: NO

Open in new window

The score is lower that most of the newsletters I get from trusted vendors.

Is there a way to stop this?

I can't afford to be too aggressive and start flagging legitimate mail to others on the network, however, as a safety measure I have setup a mailbox to redirect the flagged mail so that I can look it over and deliver it to the proper recipient if need be.

What do the Experts say?
0
Comment
Question by:David Brugge
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
3 Comments
 
LVL 26

Author Comment

by:David Brugge
ID: 39954504
I have been checking the links to see if any of them had a common domain or subdomain to indicate the source, but no luck.

I did notice, however, that everyone has the same physical address in the jpg.

Since it is in a jpg, it's not going to show up on any test. (drat)

All have this same address at the bottom
Which may or may not be legitimate.
http://www.crec.com/downloads/retail/MillerSquareShoppingCenter/MillerSquareShoppingCenterFlyer.pdf

A google search lists JTZ Publishing Co, agents for JTZ Group in Trinidad as just one of the tenets. I don't find this company or the shopping center address on any watch lists.

So back to square one
0
 
LVL 26

Accepted Solution

by:
David Brugge earned 0 total points
ID: 39956860
Either this isn't an active EE area, or I'm asking the question in the wrong way. I'll withdraw the question and look elsewhere.
0
 
LVL 26

Author Closing Comment

by:David Brugge
ID: 39966132
No response.
0

Featured Post

Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
An introduction to the wonderful sport of Scam Baiting.  Learn how to help fight scammers by beating them at their own game. This great pass time helps the world, while providing an endless source of entertainment. Enjoy!
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question