## No help required , this is just an info for you guys ##
Hi,
we have a new kind of spammer at our mailborder:
1qOF7T-002mUk-2Y H=(timesquareas.yachts) [216.9.227.107] Warning:
processing file "" for "To: XXXXXXXXXXXXXXXXX -> From:
ATTENTION\360\237\222\245-30%%\360\237\222\245 /
R=ATTENTION\360\237\222\245-30%%\360\237\222\245"
1qOF7T-002mUk-2Y H=(timesquareas.yachts) [216.9.227.107]
F=<XXXXXXXXXXXXXXXXX> temporarily rejected after DATA: MYSQL: query
failed: Illegal mix of collations (utf8mb4_general_ci,COERCIBLE) and
(latin1_german1_ci,IMPLICIT) for operation 'regexp'
As logs show, the mailserver just sends spam a mass, so no big deal when
it's not processed ;) There are other pure spam servers generating this
message.
As it looks, a spammer is sending UTF8mb4 encoded shit in "mail from:"
or "rcpt to:" which than collides with our data structure.
Unfortunatly, it's not clear which regexp is meant ( there are many,
really ) , in general is there a meaningful way for a log message where
or which the query failed as local debug attempts are pointless unless
we know what the spammer uses exactly :)
## No help required , I found the table without further infos ;) This
just an info for you guys ##
best regards,
Marius
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/
