Getting a lot of spam from .tk domains – kill it with spamassassin

Seems they are cheap to set up, spammers set up domainkeys / SPF too! Here’s a spamassassin rule (don’t use it if you get valid mail from .tk): header      NAUGHTY_FROM_TLD  From   =~ /@[a-z0-9\-\.]+\.(tk)/i describe    NAUGHTY_FROM_TLD  From address is from a naughty TLD (eg .tk) score       NAUGHTY_FROM_TLD  2.8 UPDATE: Looks like the spammers get a free …

Continue reading ‘Getting a lot of spam from .tk domains – kill it with spamassassin’ »

Steam emails not arriving

I run my own email server and never have any trouble with email delivery – however recently some steam emails failed to arrive. I checked I wasn’t in any blacklists with senderbase, then dug further. Turns out I had SSL enabled on my MTA but using my old cert which was SHA1 & revoked (with …

Continue reading ‘Steam emails not arriving’ »

VirusAction script for clamsmtp

I’ve recently configured my MTA to drop emails with embedded MS Office Macros (a very popular way of distributing malware). You can get the odd valid macro-enabled Office doc, so I’ve written a script to alert me when emails are dropped, it’s available on GitHub Configure in /etc/clamsmtpd.conf as below: VirusAction: /usr/local/bin/clamsmtp-action.py -t postmaster@yourdomain.com (other …

Continue reading ‘VirusAction script for clamsmtp’ »