Author: Cyborg Date: To: exim-users Subject: Re: [exim] How to block using exim re:[doctor@nk.ca: Your account
has been hacked! You need to unlock.]
Am 27.01.19 um 14:42 schrieb Graeme Fowler via Exim-users: > On 27 Jan 2019, at 12:33, The Doctor via Exim-users <exim-users@???> wrote:
>> am certain many of you have seen this, but how do you block / bounce said
>> below e-mail via exim using spamassassin / clamd ?
> Install at least the ‘phish’ database from SaneSecurity into ClamAV and let it do the heavy lifting with its’ Fake.Coin signatures. As Jeremy mentioned, doing it manually is a whack-a-mole job.
>
> You won’t catch all of them all of the time, but you’ll get rid of a lot. On Friday & Saturday we rejected nearly 40000 & 30000 messages respectively on that detection alone (with no complaints), and we’re up to 10000 today already.
>
> Graeme I guess, you are not using spamhaus or a similar dns ip blocking service,
as the sheer amount of "got hacked" fraud messages is insane itselft.
@All: Do your mailservers a favour:
Do not waste cpu cycles on spamassassin & co checks, if you can avoid
those spammers, when they try to connect.
