If any here do not see the need, let me share a small edited sample from my SmarterMail smtp server logs (with about 100-200 users). This sample is from this month so far, and shows spam (over 790 spams) from throughout a range of 8192 IP's from DFW Datacenter:
https://whois.arin.net/rest/net/NET-67-222-128-0-1.htmlIf some would like to see the whole sample, please message me privately (I don't think we can do attachments here?). This sample shows:
1. How spammers would appear to be in bed with some cheap hosting companies (like DFW)
2. How spammers send out spam from a wide range of IP's over many days/months to fool the anti-spam engines.
3. The need for the features requested above! And this sample is only from 1 datacenter IP range of many!
4. The following DFW IP ranges sent spam:
67.222.132.x
67.222.134.x
67.222.147.x
67.222.151.x
67.222.152.x
67.222.154.x
67.222.155.x
67.222.158.x
5. It is debatable but to combat this type of spam, some would suggest the only way to beat it is to blacklist the entire IP range until such time as Cesspools like DFW either get their act together or go out of business. But then there is the issue of removal . . .
6. Existing anti-spam technology is primarily reactionary, and is not sufficient to stop this type of spam. By the time an IP gets on a blacklist, the spammer has already moved to the next IP.
A little sample (private info replaced with generic):
[2016.11.02] 14:52:37 [67.222.152.35][28122905] rsp: 220 small.mailserver.net
[2016.11.02] 14:52:37 [67.222.152.35][28122905] connected at 11/2/2016 2:52:37 PM
[2016.11.02] 14:52:37 [67.222.152.35][28122905] cmd: EHLO fulltrendsbiz.com
[2016.11.02] 14:52:37 [67.222.152.35][28122905] rsp: 250-small.mailserver.net Hello [67.222.152.35]250-SIZE 104857600250-AUTH LOGIN CRAM-MD5250-8BITMIME250 OK
[2016.11.02] 14:52:37 [67.222.152.35][28122905] cmd: MAIL FROM:<violetclark@fulltrendsbiz.com> BODY=7BIT
[2016.11.02] 14:52:37 [67.222.152.35][28122905] rsp: 250 OK <violetclark@fulltrendsbiz.com> Sender ok
[2016.11.02] 14:52:37 [67.222.152.35][28122905] cmd: RCPT TO:<User1@domain1removed>
[2016.11.02] 14:52:37 [67.222.152.35][28122905] rsp: 250 OK <User1@domain1removed> Recipient ok
[2016.11.02] 14:52:37 [67.222.152.35][28122905] cmd: DATA
[2016.11.02] 14:52:37 [67.222.152.35][28122905] rsp: 354 Start mail input; end with <CRLF>.<CRLF>
[2016.11.02] 14:52:38 [67.222.152.35][28122905] rsp: 250 OK
[2016.11.02] 14:52:38 [67.222.152.35][28122905] Data transfer succeeded, writing mail to 159841558.eml
[2016.11.02] 14:52:38 [67.222.152.35][28122905] cmd: QUIT
[2016.11.02] 14:52:38 [67.222.152.35][28122905] rsp: 221 Service closing transmission channel
[2016.11.02] 14:52:38 [67.222.152.35][28122905] disconnected at 11/2/2016 2:52:38 PM
[2016.11.04] 08:55:03 [67.222.147.15][5143480] rsp: 220 small.mailserver.net
[2016.11.04] 08:55:03 [67.222.147.15][5143480] connected at 11/4/2016 8:55:03 AM
[2016.11.04] 08:55:03 [67.222.147.15][5143480] cmd: EHLO read1so.millionaireguidetime.top
[2016.11.04] 08:55:03 [67.222.147.15][5143480] rsp: 250-small.mailserver.net Hello [67.222.147.15]250-SIZE 104857600250-AUTH LOGIN CRAM-MD5250-8BITMIME250 OK
[2016.11.04] 08:55:03 [67.222.147.15][5143480] cmd: MAIL FROM:<James-Crowdy@read1so.millionaireguidetime.top> BODY=7BIT
[2016.11.04] 08:55:03 [67.222.147.15][5143480] rsp: 250 OK <james-crowdy@read1so.millionaireguidetime.top> Sender ok
[2016.11.04] 08:55:03 [67.222.147.15][5143480] cmd: RCPT TO:<User2@domain4removed>
[2016.11.04] 08:55:03 [67.222.147.15][5143480] rsp: 250 OK <User2@domain4removed> Recipient ok
[2016.11.04] 08:55:03 [67.222.147.15][5143480] cmd: DATA
[2016.11.04] 08:55:03 [67.222.147.15][5143480] rsp: 354 Start mail input; end with <CRLF>.<CRLF>
[2016.11.04] 08:55:03 [67.222.147.15][5143480] rsp: 250 OK
[2016.11.04] 08:55:03 [67.222.147.15][5143480] Data transfer succeeded, writing mail to 159848301.eml
[2016.11.04] 08:55:04 [67.222.147.15][5143480] cmd: QUIT
[2016.11.04] 08:55:04 [67.222.147.15][5143480] rsp: 221 Service closing transmission channel
[2016.11.04] 08:55:04 [67.222.147.15][5143480] disconnected at 11/4/2016 8:55:04 AM
[2016.11.10] 00:56:57 [67.222.155.182][58729386] rsp: 220 small.mailserver.net
[2016.11.10] 00:56:57 [67.222.155.182][58729386] connected at 11/10/2016 12:56:57 AM
[2016.11.10] 00:56:57 [67.222.155.182][58729386] cmd: EHLO fuijio9.satisfybloodsugarlow.top
[2016.11.10] 00:56:57 [67.222.155.182][58729386] rsp: 250-small.mailserver.net Hello [67.222.155.182]250-SIZE 104857600250-AUTH LOGIN CRAM-MD5250-8BITMIME250 OK
[2016.11.10] 00:56:57 [67.222.155.182][58729386] cmd: MAIL FROM:<JanetMcCarthy@fuijio9.satisfybloodsugarlow.top> BODY=7BIT
[2016.11.10] 00:56:58 [67.222.155.182][58729386] rsp: 250 OK <janetmccarthy@fuijio9.satisfybloodsugarlow.top> Sender ok
[2016.11.10] 00:56:58 [67.222.155.182][58729386] cmd: RCPT TO:<User3@domain4removed>
[2016.11.10] 00:56:58 [67.222.155.182][58729386] rsp: 250 OK <User3@domain4removed> Recipient ok
[2016.11.10] 00:56:58 [67.222.155.182][58729386] cmd: DATA
[2016.11.10] 00:56:58 [67.222.155.182][58729386] rsp: 354 Start mail input; end with <CRLF>.<CRLF>
[2016.11.10] 00:56:58 [67.222.155.182][58729386] rsp: 250 OK
[2016.11.10] 00:56:58 [67.222.155.182][58729386] Data transfer succeeded, writing mail to 159869284.eml
[2016.11.10] 00:56:58 [67.222.155.182][58729386] cmd: QUIT
[2016.11.10] 00:56:58 [67.222.155.182][58729386] rsp: 221 Service closing transmission channel
[2016.11.10] 00:56:58 [67.222.155.182][58729386] disconnected at 11/10/2016 12:56:58 AM
[2016.11.15] 09:09:30 [67.222.132.59][37524607] rsp: 220 small.mailserver.net
[2016.11.15] 09:09:30 [67.222.132.59][37524607] connected at 11/15/2016 9:09:30 AM
[2016.11.15] 09:09:30 [67.222.132.59][37524607] cmd: EHLO chunky.brainhealthmineway.top
[2016.11.15] 09:09:30 [67.222.132.59][37524607] rsp: 250-small.mailserver.net Hello [67.222.132.59]250-SIZE 104857600250-AUTH LOGIN CRAM-MD5250-8BITMIME250 OK
[2016.11.15] 09:09:30 [67.222.132.59][37524607] cmd: MAIL FROM:<Brain.Health.Tips@chunky.brainhealthmineway.top> BODY=7BIT
[2016.11.15] 09:09:30 [67.222.132.59][37524607] rsp: 250 OK <brain.health.tips@chunky.brainhealthmineway.top> Sender ok
[2016.11.15] 09:09:30 [67.222.132.59][37524607] cmd: RCPT TO:<User3@domain4removed>
[2016.11.15] 09:09:30 [67.222.132.59][37524607] rsp: 250 OK <User3@domain4removed> Recipient ok
[2016.11.15] 09:09:30 [67.222.132.59][37524607] cmd: DATA
[2016.11.15] 09:09:30 [67.222.132.59][37524607] rsp: 354 Start mail input; end with <CRLF>.<CRLF>
[2016.11.15] 09:09:30 [67.222.132.59][37524607] rsp: 250 OK
[2016.11.15] 09:09:30 [67.222.132.59][37524607] Data transfer succeeded, writing mail to 164961530.eml
[2016.11.15] 09:09:30 [67.222.132.59][37524607] cmd: QUIT
[2016.11.15] 09:09:30 [67.222.132.59][37524607] rsp: 221 Service closing transmission channel
[2016.11.15] 09:09:30 [67.222.132.59][37524607] disconnected at 11/15/2016 9:09:30 AM