Fri Apr 28 17:49:19 UTC 2006
I've been running DCC + greylisting for what seems like several years now. The effectiveness has of course been extraordinary -- until about April 17th, I had seen about eleven messages (total) get through since the turn of the year (out of hundreds, or probably thousands). However, since April 17th, I've been seeing about one a day get through both DCC and greylisting. The headers invariably look like this: ======= Return-Path: <Fellows.firstname.lastname@example.org> Received: from mail.nbizloan.com (mail.nbizloan.com [18.104.22.168]) by dakota.newsnation.com (8.13.6/8.13.6) with ESMTP id k3R5keoT020181 for <email@example.com>; Thu, 27 Apr 2006 00:46:40 -0500 From: Energizers<Fellows.firstname.lastname@example.org> To: email@example.com Subject: Get yourself energized with ephedra Date: 27 Apr 2006 01:39:22 -0400 Message-Id: <13637687@jarnjwoekjZ-kldezewj> X-DCC-EATSERVER-Metrics: dakota 1166; Body=1 Fuz1=1 Fuz2=1 ======== Where "nbizloan.com" varies, but is almost always of the form "mail.something.com". Additionally, the IP addresses of the mail server and the web server hosting the pitch have never been in the SBL-XBL (etc.) that I have seen. The pitches are rather ordinary -- viagra, inkjet refills, etc. Any ideas? I've clicked through all the unsubscribe links (I've actually had luck with the ones that purport to follow CAN-SPAM) but don't expect much resolution.
More information about the DCC