Seeker Posted October 9, 2008 Posted October 9, 2008 I use the SpamCop email system both for receiving mail sent to my spamcop.net address and for reading, filtering, and forwarding email in a POP3 mailbox at another domain. Is there any way to find out how much of my held mail (i.e., spam) is being received at the spamcop.net address as differentiated from email POP'ed from my other domain addresses? If the amount of spam received at spamcop.net is the overwhelming majority, I would consider changing my SpamCop address to reduce volume. I have a catch-all mailbox in my domain. I'd love to be able to analyze the spam that arrives there to get a list of addresses it is being sent to. I'd like to distinguish between legitimate addresses that are being spammed vs. dictionary attacks. Any ideas on how I might do that? Thanks for any suggestions. Guy
StevenUnderwood Posted October 9, 2008 Posted October 9, 2008 I have a catch-all mailbox in my domain. I'd love to be able to analyze the spam that arrives there to get a list of addresses it is being sent to. I'd like to distinguish between legitimate addresses that are being spammed vs. dictionary attacks. Any ideas on how I might do that? I would look in the headers of the mail coming from your domain catch-all then use webmail (or oru favorite client) to search on something found there. That would tell you what came through that gateway. All mail will have the spamcop fingerprints, however. I've used that method from time to time to see how effective the various blocklists have been and more importantly for setting my SpamAssassin settings.
DavidT Posted October 10, 2008 Posted October 10, 2008 Perhaps you could create one or more filters to apply to your Held mail folder in the webmail interface. You could have it move the messages sent to other domains to other folders, for example. DT
michaelanglo Posted October 11, 2008 Posted October 11, 2008 I use the SpamCop email system both for receiving mail sent to my spamcop.net address and for reading, filtering, and forwarding email in a POP3 mailbox at another domain. Is there any way to find out how much of my held mail (i.e., spam) is being received at the spamcop.net address as differentiated from email POP'ed from my other domain addresses? As noted elsethread using the SpamCop webmail's filter facility does some of what you want. The Search facility, searching Trash and/or Held will also work Thus To: does not contain 'spamcop.net' AND CC: does not contain 'spamcop.net' and To: does not contain 'personal.tv' AND CC: does not contain 'personal.tv' will find how many emails were sent using bcc: and thus require more work. and the obvious changes will tell you how many were sent with legitimate rather than dictionary addresses.(you will have to list them all). To: contains 'sales[at]personal.tv" OR CC: contains 'sales[at]personal.tv" OR To: contains 'postmaster[at]personal.tv" OR CC: contains 'postmaster[at]personal.tv" Note searches can be saved. HTH
Recommended Posts
Archived
This topic is now archived and is closed to further replies.