Forum Home

Replying to a message from: Tommy

There is a kind of spams,using dailup ip and forged hotmail to send. IP,subject,Body change time to time,maybe hundreds of ip and will send thousands of such spams daily. Though the server can detected it as spams,but housands of such spams at quarantine is trouble for you.

If SPF result and DMARC result at header,maybe i can set a rule: if header contains: transitioning domain of hotmail.com does not designate,then set very high score and delete it.

 

Received: from [(223.199.18.110)] by server with Xeams SMTP; Tue, 11 May 2021 10:00:19 +0800 (CST)
X-SM_EnvelopeFrom: dvbngggiuy@hotmail.com
X-SM_SENDER_IP: 223.199.18.110
X-SM_HeloStrInEnvelope: ehlo hotmail.com
X-SMRecipient: xiedang@xxxx.com
X-SM_RECEIVED_ON: Tue, 11 May 2021 10:00:19 +0800 (CST)
From: dvbngggiuy@hotmail.com
Subject: =?GB2312?B?QbT66V+3osaxMTUyLTk2NTktMDgxMg==?=
To: xiedang@xxxx.com
Content-Type: text/plain;charset="GB2312"
Content-Transfer-Encoding: 8bit
Date: Tue, 11 May 2021 10:00:13 +0800
X-Priority: 3
X-Mailer: Microsoft Outlook Express 5.00.2919.6700
X-SMForgedSender: yes

Received: from [(112.66.255.133)] by server with Xeams SMTP; Tue, 11 May 2021 09:54:57 +0800 (CST)
X-SM_EnvelopeFrom: zxsatjd@hotmail.com
X-SM_SENDER_IP: 112.66.255.133
X-SM_HeloStrInEnvelope: ehlo hotmail.com
X-SMRecipient: liangan@xxxx.com
X-SM_RECEIVED_ON: Tue, 11 May 2021 09:54:57 +0800 (CST)
From: zxsatjd@hotmail.com
Subject: =?GB2312?B?1f255reixrExMzQyMzkxMzYzOA==?=
To: liangan@xxxx.com
Content-Type: text/plain;charset="GB2312"
Content-Transfer-Encoding: 8bit
Date: Tue, 11 May 2021 09:54:51 +0800
X-Priority: 3
X-Mailer: Foxmail 4.1 [cn]
X-SMForgedSender: yes

Received: from [(223.199.26.89)] by server with Xeams SMTP; Tue, 11 May 2021 10:50:49 +0800 (CST)
X-SM_EnvelopeFrom: mkjhy@hotmail.com
X-SM_SENDER_IP: 223.199.26.89
X-SM_HeloStrInEnvelope: ehlo hotmail.com
X-SMRecipient: hlw@xxxx.com
X-SM_RECEIVED_ON: Tue, 11 May 2021 10:50:49 +0800 (CST)
From: =?GB2312?B?wdbPyMn6?= <mkjhy@hotmail.com>
Subject: =?GB2312?B?v6rGsWwzNTMwbDQyODk2?=
To: hlw@xxxx.com
Content-Type: text/plain;charset="GB2312"
Content-Transfer-Encoding: 8bit
Date: Tue, 11 May 2021 10:50:44 +0800
X-Priority: 3
X-Mailer: Microsoft Outlook Express 5.50.4133.2400
X-SMForgedSender: yes