ConfigServer Community Forum

We are still getting hammered by spam from .pw .me .us .bix etc Top level domains

When it was just .us and .pw we blocked the entire tld but now that list is growing and we can block them all ..

what Im wondering is can see simply change the bayes scoring to assign any email from those tlds a higher level of scrutiny - or perhaps set it so that any email from *.me starts out with a higher bayes score

just looking for ways to stem the recent increase in spam since the vast majority is from these little known tlds

Did you use CSF to block those domains? That is a big load on the IPtables. We found success using the blacklist rules.

Change to your own TLDs that are bothering you.

Put this:

From: /\.pw$/ yes
From: /\.info$/ yes
From: /\.ru$/ yes

Those are tabs, not spaces


in the spam.blacklist.rules

THanks for the reply

Do you know of a way that could be used by Account holders in Cpanel ?

That way Im not blocking from the entire server BUT the Customers/Account holders could choose to block the Spamming TLDs themselves

Sarah,

Can we get a response on this? I would actually like to add additional scores to all emails from certain domains so they score higher but have not been able to find out how to accomplish this.

Will continue to search the forum....

Thanks in advance
Jim

Jim,

I don't think bayes is the way to handle this situation. You would probably need to add your own spamassassin rules, which is not really something we can offer help with. There are instructions on writing SA rules here: http://wiki.apache.org/spamassassin/WritingRules

Once you've done that you could also look at using the "SpamAssassin Rule Actions" setting in the MailScanner configuration if you want to take specific actions for emails that hit your new rules.

Regards,
Sarah