SPAM Score N/A


#1

Each day I receive MANY SPAM messages from the domain internettrafficformulaa.com, which land in my Quarantine folder. I have SPAM filtering set to quarantine messages with a SPAM score of 1.9 or higher. I have blacklisted internettrafficformulaa.com yet the messages still land in my quarantine folder. The SPAM Score shows as N/A.

What can I do to effectively block internettrafficformulaa.com at the server? Are they spoofing the sender’s address?


#2

You might give us a set of full headers to look at…


#3

Return-Path: tc@ccgworld.com
X-Original-To: tc@ccgworld.com
Delivered-To: x13544181@homiemail-mx5.g.dreamhost.com
Received: from localhost (caiajhbihbdd.dreamhost.com [208.97.187.133])
by homiemail-mx5.g.dreamhost.com (Postfix) with ESMTP id 898111561C8
for tc@ccgworld.com; Tue, 1 Apr 2014 18:15:39 -0700 (PDT)
X-DH-Qurantine-Move: hello
X-Quarantine-ID:
X-Amavis-Alert: BAD HEADER SECTION Non-encoded 8-bit data (char E2 hex):
Subject: Increase your home\342\200\231s value with […]
X-Spam-Flag-Was: YES
X-Spam-Score: 64
X-Spam-Level: ****************************************************************
X-Spam-Status: Yes, score=x tag=-999 tag2=999 kill=1.9 BLACKLISTED tests=[]
autolearn=unavailable
Received: from connor.dreamhost.com ([208.97.132.17])
by localhost (diehard.dreamhost.com [208.97.132.157]) (amavisd-new, port 10024)
with ESMTP id AtTJrHiZEZRX for tc@ccgworld.com;
Tue, 1 Apr 2014 16:29:10 -0700 (PDT)
Received: from 4rdk1e4p.internettrafficformulaa.com (unknown [107.158.204.102])
by connor.dreamhost.com (Postfix) with ESMTP id 4426B2CA802A
for tc@ccgworld.com; Tue, 1 Apr 2014 16:29:09 -0700 (PDT)
Received: by 0000dee5.4rdk1e4p.internettrafficformulaa.com
(amavisd-new, port 21437) with ESMTP id 00VNFCOSR00DEUONAJYGE5;
for tc@ccgworld.com; Tue, 1 Apr 2014 16:29:09 -0700
Content-Transfer-Encoding: 8bit
Date: Tue, 1 Apr 2014 16:29:09 -0700
Subject: Increase your home’s value with Solar (Government Incentives)
From: “US SOLAR DEPT” USSOLARDEPT@internettrafficformulaa.com
Message-ID: 14437107426241443718187921429@4rdk1e4p.internettrafficformulaa.com
Content-Language: en-us
MIME-Version: 1.0
To: tc@ccgworld.com
Content-Type: text/html; charset=us-ascii


#4

wait, now that I more carefully read your original request I have to wonder what the expectation is? It seems that the messages are being quarantined?

Are you expecting to never see the message? not even as quarantined? I"m note sure that’s possible.

FWIW, I don’t like automated spam filters personally (they never seem to think like I do), if I notice I’m getting a particular kind of spam tho I create my own filters/rules for it. I also use the old school technique of creating an alias for almost every web form that I fill out so that I can simply cancel a problematic inbound address.


#5

Thanks for your reply.

Yes, I thought that since I blacklisted the message using SPAM Assassin that the message would not appear in my Quarantine folder. I get SO many SPAM messages a day that it was my hope to drastically reduce the couple of hundred messages that hit my Quarantine folder each day. If I let it go for a few day or a week, my Quarantine folder gets quite large.

If what you say is true, I do not see any functionality in using the Blacklist feature of SPAM Assassin. Conversely, I do see functionality in the Whitelist feature.

It has gotten to the point that email is no longer a reliable form of communication. Two tin cans connected by a string is more reliable. And you can count on a private conversation.


#6

Trying to blacklist by domain isn’t really effective; in addition to the fact that spam can come from thousands of “throwaway” domains/servers, the actual domain in the headers can be simply spoofed to avoid that kind of filter.

What I’d really love to see implemented (…or figure out if there’s a way to set effectively in existing filters) is “whitelist-only” filtering. This isn’t terribly effective for folks expecting random “fan mail” from wherever, but for thems of us that have a fairly narrow list of contacts that we’d accept mail from it would pretty much eliminate spam from top-to-bottom.