On 10 Jul 2011, at 19:55, Jeff Lasman wrote:
> On Sunday, July 10, 2011 11:30:09 am WJCarpenter wrote:
>
>> (I pay no attention to either of these cases except for occasionally
>> looking at the logs out of curiosity. They're both relatively small
>> compared to various other brute-force spam attempts and spam attempts
>> for active addresses.)
>
> I guess a few posters have missed my point when I wrote I was still accepting
> the email as an academic exercise. My whole point in keeping the domain live
> year over year is to see how much longer the spam keeps coming, as all the
> actual contact senders must have fallen off by now.
>
> I'm strongly considering automating taking all these IP#s and creating my own
> local DNS-based blocklist to run all company incoming email through, before
> checking other blacklists.
> Any opinions on that?
>
You'll want to check that the traffic really is spam. Some might be list mail that people are still subscribed to. If you rejected the mail, then lists (well, some of them) would automatically unsubscribe your addresses. You could configure Exim to reject mail when it has a list-id header, and see whether your daily reject logs decline in size over time.
> Jeff
> --
> Jeff Lasman, Nobaloney Internet Services
> Post Office Box 52200, Riverside, CA 92517
> Our blists address used on lists is for list email only
> Phone +1 951 643-5345, or see: "http://www.nobaloney.net/contactus.html"
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
--
Ian Eiloart
Postmaster, University of Sussex
+44 (0) 1273 87-3148