Lots of spam to office addresses?

E

Elenaki2017-11-22 13:03:58

Fight against spam

Elenaki, 2017-11-22 13:03:58

Recently began to receive a lot of spam to office addresses. Of course, I filter as best I can, but we have mail on a separate mail server and the hoster there is not very kind, says that he cannot set up a filter by subject (why?).
In the web interface that I go to for checks, you can only block by a specific address (but addresses rarely repeat) or by domain (deletes something, but does not cover everything).
I can not understand the logic of the spammer. The letters are allegedly coming from Russian girls who are temporarily abroad. They don't ask for money. They write that they found the address in social networks and want to communicate. The texts are always standard, the subject of the letter is either Hi or Hey. At the end there is always an e-mail on a rambler, often non-existent.
Why send letters from non-existent addresses with non-existent addresses inside??? Why can't a hoster delete emails with the same subject line as SPAM? It is clear that no one will write about working with such headings.
On the domain that appears most often, I sent a letter to abuse. They haven't answered yet (but should they? or is it just to inform them?)
What else can be done? Every day 5-6 letters arrive, I have 5 addresses, not all are the same, one is generally clean, there were only mailings that were difficult to unsubscribe from and I also blacklisted them.
BUT! ALL addresses that are indicated in the letters are not those from which the letter came, but to which are indicated in the text as a link - ALL from rambler'a. Does this mean something? I know that rambler mail is a hotbed of spam, but how to swear at it, if often there is no such address? And if there is, then spam did not come from him ...
PS The company is not in Russia, has nothing to do with Russia and Rambler, never received mail from Russian domains. The spam domains - in, vn, ca, pl, ir, it - also have nothing to do with us.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

A

Alexander Chernykh, 2017-11-22
@sashkets

You do not need to understand the spammer's logic. All incoming mail must pass a series of basic checks on the server (for example, the presence of a PTR record in the sender's DNS, etc.). This will not solve the issue 100%, but cuts off a significant proportion of spam.
What has passed the basic check must go through the anti-spam system, which already decides whether the message is delivered to the mailbox. A false positive is possible, but then it should be possible to pull out such a message and "Spam folders", or send it to spam, which the system recognized as a normal message (this is training). The anti-spam system should be profiled and trained (each user has their own settings)
. Apparently, you only have a basic set.
The output is
1. Build your mailer with anti-spam. Here are the options: based on free software or buy commercial antispam
2. Transfer your mail to a sane service: Yandex, gmail, mailru, something else ... They are paid like gmail, there are free ones like Yandex. In any case, you need to read the conditions
Something like this

E

Elenaki, 2017-11-24
@Elenaki

Yandex and mailru are not for us. I wrote that we are not in Russia and do not work with Russian domains.
Our mail server is paid, I just don't know how to communicate with hosters who answer any question - we can't, or wait, maybe it will pass by itself.
I wrote to him again. And not just that there is a lot of spam, but with an analysis so that I don’t think that I’m just sitting there.
Yesterday I was not at work. Today I read the answer from the hoster - he says that he has strengthened the filters.
In fact, yesterday and today there was absolutely no garbage, and on Wednesday evening - a little. Maybe he actually stepped up. Or maybe just gone.