Friends, Romans, Countrymen......could I lean on you for some tips on how to clean NDRs out of my spamtrap feed? As I ramp it back up I want to make sure I'm tagging mail correctly. I may include NDRs and other types of backscatter in some of my calculations, but I definitely want to denote what it is, as accurately as I can.
Could you offer up some suggestions on things to look for? Null return path/sender header is the big thing, if every NDR was formatted properly, that would catch it all. But I'm seeing a significant amount of bounces that don't have a null sender, so I'm probably also going to resort to some sort of text string matching. So if you have a big ole list of strings or individual string suggestions, please feel free to leave them in comments.
All feedback is welcome, and thanks!
Spammers quickly adopting social media
3 hours ago
2 comments:
If you want to be aggressive, even if it means going too far, ignore ALL messages with any of the following 'FROM' address aliases:
"mailer-daemon@"
"mailer-daemon2@"
"mail-daemon@"
"mail-daemon2@"
"postmaster@"
"hostmaster@"
If you want to be less aggressive, combine the above with a blacklisting of the message's sending IP on UCEPROTECT's backscattter list.
(ignoring cases where only one of these two things occurs)
Thanks!
Post a Comment