spamassassin-users October 2010 archive
Main Archive Page > Month Archives  > spamassassin-users archives
spamassassin-users: Constant .info domain spam

Constant .info domain spam

From: Julian Yap <julianokyap_at_nospam>
Date: Tue Oct 12 2010 - 20:32:39 GMT

NOTE: I changed the domains below to 'dot info' as the mailing list
rejected my initial submission.

I'm pretty sure it's not just me but there is some constant spamming
from dot info domains. Perhaps for the past 2 months or so.

Often they send hundreds per day and consistently from the same IP's.

Are people using automated IP blacklists or something like that?

Some examples, today I am being bombed by:
laura_hurtbis817@treebluff dot info -
Go.Longer.902@peterosey dot info -
Alert.911@woodghost dot info -
Bankruptcy.Updates@bestetroqu dot info -
nick@maracaoonline dot info -
lisa@feeloffers dot info -
Beth@briesie dot info -
claudia_lauffe@redpinesales dot info -

The HELO is usally something like:
uri225.redpinesales dot info
rjwi4.woodghost dot info
lvhi11.maracaoonline dot info
esi139.feeloffers dot info
yyi131.bestetroqu dot info

So I'm thinking it's the same spammer/spam network/spam program you
buy off the shelf.

Any thoughts on combating this onslaught?

- Julian