Over the past few months, I've noticed a huge increase in spam like what I'm seeing below. I usually see 2-4 identical email bodies from different IPs in the same /24 block. After the bust of spam comes in, we never see the same spam again. Happens throughout the day. I'm wondering if anyone else is seeing this and what can be done about. To summarize, it passes greylisting, rDNS, SPF, RBL and URIBL checks. Details below:
First, the header:
Return-Path: <brysonkeller@jmtudor-com.gasfourref.com>
Received: from jmtudor-com.gasfourref.com (jmtudor-com.gasfourref.com [89.46.121.110]) by redacted with SMTP;
Wed, 10 Sep 2014 16:12:31 -0400
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Top Calorie Counting Mistake <Keller@gasfourref.com>
Date: Wed, 10 Sep 2014 13:13:46 -0700
Subject: Reset Your Metabolism
To: <redacted>
Message-ID: <September.20140910051519.13395.1572.34522-3@gasfourref.com>
Reply-to: <Bryson_Keller@mx1.gasfourref.com>
X-SmarterMail-Spam: SPF_Pass, DK_None, DKIM_None
X-SmarterMail-TotalSpamWeight: 0
The IP address 89.46.121.110] has a PTR record: jmtudor-com.gasfourref.com. It follows the greylisting rules, has a valid SPF record, etc.
While this particular email is now listed in the dbl.spamhaus.org and multi.uribl.org URIBLs, at the time I get them the blacklists haven't picked them up yet (checking at mxtoolbox.com.)
Below is the body of the email. They all follow the typical format: promoting a link followed by a bunch of text at the bottom trying to screw up bayesian filters.
Does it feel like your a mouse on a running wheel?
You've tried every tip in the book to slim-down but nothings working?
It is most likely because it was recently discovered that we have been told the wrong thing about weight-loss since we were young.
=================================================
What are we talking about... The Food Pyramid Did you know that a new food pyramid was released?
As a result of this, Public Health experts released ONE tip that will reset your metabolism and have you burning fat rapidly.
Public Health > Gov > Research > Results
modify alerts
1 9 4 8 a b b e y ln
danville, IN 46122
[evq group]
ast week someone was nice enough to leave one of those shortened grocery carts on my property. I went to return it to the store it came from, and was told old carts are discarded and are mostly grabbed out of dumpsters by the homeless. In short they didn't want it back. So now I have a grocery cart and I love DIY projects as well as prepping for when , so naturally I need some ideas on what to use it for. I had a set of four rather tough rubber tires that came off a small wagon laying around, so I changed those out
with the small slick ones the cart had. The cart manuveurs
off road fairly well and with little trouble. Can't wait for some idea
Scrap metal or use it in your work shop as a work surface, to push around tools. I have a little two shelf cart, I keep in my narrow garage, to wheel out to my truck when wrenching, it's nice to have a place to put my drink and tools for those of us who don't have the luxury of a work bench in a large garage. Unless you plan to push it on city streets in a bug out situations, retrofitting a shopping cart for anything but smoothed pavement is a waste of time and effort IMHO. If you want something to move through woodlands or rough terrains this is what you need.
It appears that RBLs are catching the majority of these messages, but there are still enough new domains being created at such a pace that there hasn't been time to blacklist the IPs and domain names.