Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 43 replies
  • Subscribers 1 subscriber
  • Views 24098 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

A lot more spam over last 1-2 months

UDPride
We have Mail Protection license on one of our UTM120s and we've been getting considerably more spam over the last 1-2 months. For the longest time it filtered out almost all the junk mail, but now I'm getting 20+ spams a day in my email box. Not sure whats going on, but it feels like the spam filters are no longer working as efficiently.

I am currently using the following RBLs in this order:

1. zen.spamhaus.org
2. bl.spamcop.net

I have the filter set to block "Confirmed Spam".

Not sure if this is the problem or if  should be looking elsewhere. As I said, it worked fine for months but the last month or two has been quite ugly. For the cost of the license it should be working better of late. I get more spams than legitimate emails now. I have not made any changes to the settings in the UTM120 in months so its not because of anything I might have changed.

Thanks,
Chris


This thread was automatically locked due to age.
Parents
  • 0
    since update to 9.2, we have also a lot more spam mails, but the really big spam is coming since 2 weeks.

    Last 30 days:
    RDNS/HELO checks 42%
    Antispam Engine 30%
    RBL 27%
    BATV 2%

    SMTP simple mode
    RBL: zen.spamhaus.org
    imap.bl.blocklist.de
    mail.bl.blocklist.de
    b.barracudacentral.org
    drone.abuse.ch
    bl.spamcop.net

    Reject at SMTP Time: OFF

    Reject invalid HELO / missing RDNS: ENABLED
    Do strict RDNS checks: DISABLED
    Use Greylisting: DISABLED
    Use BATV: ENABLED
    Perform SPF check: DISABLED

    Any idea?
  • 0 in reply to SIKN
    since update to 9.2, we have also a lot more spam mails, but the really big spam is coming since 2 weeks.

    Last 30 days:
    RDNS/HELO checks 42%
    Antispam Engine 30%
    RBL 27%
    BATV 2%

    SMTP simple mode
    RBL: zen.spamhaus.org
    imap.bl.blocklist.de
    mail.bl.blocklist.de
    b.barracudacentral.org
    drone.abuse.ch
    bl.spamcop.net

    Reject at SMTP Time: OFF

    Reject invalid HELO / missing RDNS: ENABLED
    Do strict RDNS checks: DISABLED
    Use Greylisting: DISABLED
    Use BATV: ENABLED
    Perform SPF check: DISABLED

    Any idea?


    yes turn on strict rdns, greylisting, and spf checking for starters.

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

Reply
  • 0 in reply to SIKN
    since update to 9.2, we have also a lot more spam mails, but the really big spam is coming since 2 weeks.

    Last 30 days:
    RDNS/HELO checks 42%
    Antispam Engine 30%
    RBL 27%
    BATV 2%

    SMTP simple mode
    RBL: zen.spamhaus.org
    imap.bl.blocklist.de
    mail.bl.blocklist.de
    b.barracudacentral.org
    drone.abuse.ch
    bl.spamcop.net

    Reject at SMTP Time: OFF

    Reject invalid HELO / missing RDNS: ENABLED
    Do strict RDNS checks: DISABLED
    Use Greylisting: DISABLED
    Use BATV: ENABLED
    Perform SPF check: DISABLED

    Any idea?


    yes turn on strict rdns, greylisting, and spf checking for starters.

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

Children
No Data
Unfiltered HTML