Jump to content

Yahoo spam


sehh

Recommended Posts

Posted

Hello everyone,

I'm quite happy with my SMTP (postfix) spam protection, it uses several RBL's and also a list of milters for content scanning, including grey listing.

But, I do get some spam, all of them seem to have one common characteristic, they come from yahoo. Maybe yahoo with its current financial problems has started accepting "donations" to forward spam?

My question is what to do with yahoo. Their servers pass all the typical tests (SPF, etc) so their emails seem quite legitimate. Since I don't want to block yahoo entirely, is there some other trick that you guys have come up with?

Thank you.

Posted

That is always a problem. Everyone struggles with the issue of the balance between false-positives, missing valid emails, and false-negatives, getting some spam.

This is often a problem with large providers like Yahoo where you can not use the domain nor IP addresses to filter incoming email.

Posted

So I take it that this is a common problem?

Based on the above, content filtering is the only way to go then (spamassassin bayes etc), at least as a last resort.

Posted

Ah, Yahoo. When I was running my own server a few years back, also Postfix, at least 90% of the incoming mail that had some kind of connection with Yahoo (either implied by the alleged sender, or arriving via one of their servers) was spam. My solution was to have a blanket ban on mail from Yahoo. There was the occasional bit of work on my part reviewing what had been rejected, so I could manually maintain a small list of exceptions.

  • 1 month later...
Posted

I would have to concur with this post. 95% of the spam I receive comes from Yahoo e-mail servers.

Received: from [98.139.213.9] by tm13.bullet.mail.bf1.yahoo.com

Received: from [98.139.215.142] by nm18.bullet.mail.bf1.yahoo.com

Received: from [98.139.211.204] by tm17.bullet.mail.bf1.yahoo.com

Received: from [66.196.81.171] by nm16.bullet.mail.bf1.yahoo.com

Received: from nm16.bullet.mail.bf1.yahoo.com ([98.139.212.175])

Received: from [98.139.213.8] by tm17.bullet.mail.bf1.yahoo.com

Received: from [66.196.81.171] by nm1.bullet.mail.bf1.yahoo.com

Received: from [98.138.226.179] by nm23.bullet.mail.ne1.yahoo.com with NNFMP; 31 Mar 2016 21:48:26 -0000

Received: from [98.138.226.58] by tm14.bullet.mail.ne1.yahoo.com with NNFMP; 31 Mar 2016 21:48:26 -0000

And then, they domain name for the spamming site is from goDaddy.
Hardly get spam from other e-mail servers....maybe I should knock on wood.
Dennis

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...