spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Benny Pedersen ...@junc.eu>
Subject Re: New bitcoin ransom message today
Date Thu, 13 Dec 2018 22:25:07 GMT
Chip M. skrev den 2018-12-13 22:33:
> As requested:
> 	http://puffin.net/software/spam/samples/0061_bitcoin_splosion.txt
> I MUNGED the "To".
> It's the latest of two sent to me by an awesome volunteer. :)
> 
> First thoughts:
> Both were base64 encoded.
> Both have "disclaimers" that they're not terrorists. :roll-eyes:
> 
> John Hardin: I'll ask for a full bundle from this volunteer (he's in
> your time zone), and send you full spamples of everything relevant.
> 	- "Chip"

Authentication-Results: linode.junc.eu; dmarc=fail (p=quarantine 
dis=none) header.from=IowaHoneypot.com
Authentication-Results: linode.junc.eu; dkim=none; dkim-atps=neutral

is it possible to solve ?

dont make dmarc policy if not dkim signed, if spf is important disable 
dkim in dmarc f= param

to the above spample, its valid dkim signed ?, blacklist it based on 
that so, no need to be using btc on it

good xmax

Mime
View raw message