At 10:30 PM 10/7/97 +0200, Ralf Meyer wrote:
First nslookup 22.214.171.124 (uu.net most likely?)
then complain to postmaster@, abuse(_at_)(_dot_)
I don't think he was asking how to complain about cyberpromo spam. He was
asking how to filter it out.
FTR - The InterNIC whois record for cyberpromo.com still doesn't show an
update (since January of this year), so they haven't moved to new digs just
yet. His NS7.CYBERPROMO.COM server hasn't shown a record update at
InterNIC since April. The 205.199.2 netblock is still shown as owned by
And, of course if you read the news, you'll know that a Federal Judge
ordered AGIS to continue to provide services to Cyberpromo out for a 30 day
period, as provided in their contract. Spot checks on several of the
Cyberpromo domains show that they don't appear to be live (except for the
A very simple recipe I use:
# save header because I'm curious
bounces most spam. But some still get thru.
It should be noted that this recipe MUST be placed after filters for
mailing lists (some of which change addresses or other characteristics with
too much frequency), and doesn't handle mail which is intentionally bcc'd.
Personally, if I were to employ such a filter, I'd put the messages into a
file rather than bouncing them. With the filter as-is, if something comes
through and gets handled by this recipe, you've lost the message - you
can't come back to it to read it when you realize that something has gone
I compress all my archival files to conserve disk space (see my previous
post on this thread, where I pipe the spam through gzip). Most of my mail
is text-only, occassionally I get binaries. Even so - SPAM is almost
invariably text-only - which compresses well.
Please DO NOT carbon me on list replies. I'll get my copy from the list.
Sean B. Straw / Professional Software Engineering
Post Box 2395 / San Rafael, CA 94912-2395