Sometimes I have been able to determine that the sender IP was
from a cloud provider or similar in which case I added a firewall
rule blocking the whole IP range. That helped in the way that the
spammer even isn't allowed to talk to my mail server and thus
could not be added to the spammers list of confirmed mail servers.
/john
\ufffdOn Sun, Nov 04, 2018 at 05:09:41PM -0600, Bob Friesenhahn bfriesen@... [milter-greylist] wrote:
> On Sun, 4 Nov 2018, Fred Smith fredex@... [milter-greylist] wrote:
>
> > I've been using milter-greylist for a couple of years, with a huge
> > reduction in spam.
> >
> > the past week or so I've had a huge increase, and looking at
> > /var/log/maillog I can see that one of the main culprits is being
> > auto-whitelisted! Also:
>
> Recently I have found it necessary to explicitly blacklist blocks of
> IP addresses which are used by spam factories and use mailers which
> just don't give up so they are eventually white-listed. For some
> reason these IP addresses have not found their way into DNS
> blacklists. After I blacklisted the blocks of IP addresses, the
> amount of spam getting through dropped dramatically.
>
> By sorting greylist.db, I see that many more blocks of IP addresses
> now need to be added to the blacklist.
might they be forged/spoofed addresses, such that the mail is not actually
from those addresses? If so blacklisting blocks of them may be blocking
innocent bystanders. So to speak.
Fred
--
---- Fred Smith -- fredex@... -----------------------------
The Lord detests the way of the wicked
but he loves those who pursue righteousness.
----------------------------- Proverbs 15:9 (niv) -----------------------------