[Dshield] Re: semi-legit spammers (was Exchange 5.5)

Ellen Clary ellen at dgi.com
Wed Mar 13 16:32:45 GMT 2002


>
> Message: 11
> From: Sue Young <smy at gcmlp.com>
> Subject: RE: [Dshield] Exchange 5.5
> Date: Tue, 12 Mar 2002 17:21:17 -0600
>
> [Scanmail]
> I quarantine my mail until I'm sure the rule is rock
> solid.
> Then I have it delete any applicable messages.  There were several domains
> that
> generated half the spam I caught.  Some of the worst are:
>
> pm0.net
> azoogle.com
> mb00.net
> ombramarketing.com
> developingdots.com
>
> The only problem is that The Screen Savers newsletter is the only worthwhile
> thing
> that comes out of mb00.net.  I'd rather just check their web page and avoid
> the 15
> minutes a day it would take to look at all the other crap they send out.
>
> Don't send hatemail to the above sites.  I actually like them since they're
> honest
> and don't forge headers.  That makes it my choice to screen them out.
>
> Sue Young


I've been keeping track of the semi-legit spammers/marketing domains and using
myself as a test case (since my account gets a lot of spam anyway).

pm0.net, mb00.net, postmastergeneral.net are all owned by MindShare Design who
makes email software and hosts a lot of marketing lists.  However they offer a
global unsubscribe from their home page.  Once I did that, I haven't heard a
peep from them.  It's certainly possible they sold my address, but I really
can't tell.

The biggest effect for us was configuring sendmail to check with the orbz.org
open relay list, and then blocking Korea.  Most spam we get now are the really
stupid spammers who send it directly, or the clever ones that scan for open
relays on cable/dsl networks.

Anyone know of mail scanning tools that run under Linux that I could put on our
firewall?  I see that Trend Micro has ported Interscan to Linux - any others?

Ellen Clary
Senior System Administrator
Dynamic Graphics




More information about the list mailing list