Anyone figure out how to deal with snowshoe spam?
Question asked by Andrew Stein - 12/4/2014 at 2:09 PM
Unanswered
I've posted about this before, but figured I'd try again.  For the past 6 months we've seen the snowshoe spam attacks as described at the below articles:
http://www.symantec.com/business/support/index?page=content&id=AL1589
https://drjohnstechtalk.com/blog/2014/05/enom-source-of-recent-spam-campaigns/
 
At the end of this post is an example of a this type of spam.
 
I've used Bruce's latest anti-spam settings, but the problem is that many of the messages slip through before they are caught by any of the RBLs.   I've been checking them against mxtoolbox.com's blacklist check and they'll come up clean on all 100 checks (see attached pic.)
 
Many of the domains that we've been hit with were registered the day we received the spam, but the last few I've checked were registered years ago.  All seem to be registered via enom.   
Has anyone found a way to deal with them yet?
 
 
 
Example:
Unbelievable Transformations That Will Absolutely Shock You!
Iggy Azalea And 4 Moms Transform Their Bodies in 4 Weeks
Finally, they were outed after dropping a bottle at the airport yesterday. A famous "Celebrity" caught them cheating with an internet-product that is helping women everywhere lose pounds super fast.
 
 
What Do You Think?
Recent Facebook Comments
Jill Sanders: LOL, this is no longer a secret why dosent everyone know about this? If not everyone should.
2 minutes ago
Carry Rasftove: OK so where do I get it?????? I seen this but it was not in any store....
8 minutes ago
 
More comments can be seen on the site

 
Thank you for being part of a special community. | From:Love-Care Team 170 Clover Ridge Angier NC - S e t t i n g s
 
 
 
Omg. Long story short:
 
 

4 Replies

Reply to Thread
0
Andrew Stein Replied
Interesting thing I noticed. It takes about 5-10 minutes between us receiving the first email from one of these domains until it gets caught by one of the URIBLs like Spamhaus DBL. It's still enough time for a user to get 3 or so emails before they are blocked.
0
Linda Pagillo Replied
Hi Andrew. We at Mail's Best Friend offer a small selection of FREE add-ons for your Smartermail server that can really help to combat this type of spam. We offer Declude, which is free of charge. We also offer content filters for Declude which were built to specifically combat this type of spam. They are also free. Last, but not least, we offer a free plug-in for Declude called The Gauntlet. If you are interested in reading more about these products, we offer documentation and the product downloads on our website: http://mailsbestfriend.com/downloads. Again.. all of these products are 100% free of charge and they all work with Smartermail. Please let me know if there is anything I can do to help.
Linda Pagillo
Mail's Best Friend
Email: linda.pagillo@mailsbestfriend.com
Web: www.mailsbestfriend.com
Authorized SmarterTools Reseller
Authorized Message Sniffer Reseller
 
0
Andrew Stein Replied
Linda, I actually tried installing Declude earlier today as well as Message Sniffer. So far it is catching things that the RBLs wouldn't have caught I need to see if we are getting false positives now.
0
Linda Pagillo Replied
Very good! If you see FPs just let me know and I can help with that also. Thanks.
Linda Pagillo
Mail's Best Friend
Email: linda.pagillo@mailsbestfriend.com
Web: www.mailsbestfriend.com
Authorized SmarterTools Reseller
Authorized Message Sniffer Reseller
 

Reply to Thread