[milters] Archive

Lists Index Date Thread Search

Article: 1382
From: G1OGY \(Dave\)
Date: 2006-12-28 18:49:05 -0500
Subject: Have they cracked it? (Or am I simply paranoid?)

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------


I post here for two reasons.
1) It (sort of) involves milter-spamc
2) m'learned friends hereon tend to consider more carefully than some.

Tale:
I have received a series of ~apparent~ porn spam (not a flood) during the past few days -
the sort of thing that tempts in text with
tales of grandmothers and young men and/or young women of asian parentage wielding certain
implements.
These are common - a few sentences and a URL.  They score 20/25++ on the vocabulary
employed and are generally rejected.

All of the ones that have infiltrated are addressed to the same email address and have
circumvented the barriers through:
   milter-spamc[<pid>]: <message id> timeout before input from SPAMD server
   milter-spamc[<pid>]: <message id> SPAMD status line failure

There appears to be no 'common denominator' in the mail headers (other than the To:
address).

In each event the server was not busy with a previous item - minutes (well, 10s of
seconds) had elapsed - and in each case, only a
few seconds later, the server correctly scans and deals with the next item.

Is there anyone with wisdom to impart? or were these simply lucky/unlucky (depending on
one's standpoint) breaks?

System:
Redhat 9, 2.4.20-46.9.legacysmp + Sendmail 8.13.1 + milter-spamc/0.25.321 (a free one) +
Spamassassin 3.1.7 on Perl 5.8.0

Many thanks
-- 
Dave Gilligan, G1OGY
_______________________________________
United Kingdom.  JO01GR82
WWW: <www.g1ogy.com> <www.m1cro.org.uk>



Lists Index Date Thread Search