Huge spam increment in mid-May

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Huge spam increment in mid-May

PeterD
Reviewing May reports i see a huge spam increment in mid-May that lasted 5 days aprox... 

Has someone noticed this as well?  maybe a new active bot-net?

----
Pedro
Reply | Threaded
Open this post in threaded view
|

Re: Huge spam increment in mid-May

David Jones
On 06/01/2018 01:46 AM, Pedro David Marco wrote:
> Reviewing May reports i see a huge spam increment in mid-May that lasted
> 5 days aprox...
>
> Has someone noticed this as well?  maybe a new active bot-net?
>
> ----
> Pedro

Do you have any examples?  I have had a quiet past 2 weeks with almost
zero reports of junk by my users.  So either my rules are currently
tuned well to block the current spam/phishing campaigns or something.  I
assumed a botnet had been take down.  I usually have to deal with a few
compromised accounts sending spam each week but not lately.  It's been nice.

I would like to see some examples via pastebin to check my mail
filtering logs.

--
David Jones
Reply | Threaded
Open this post in threaded view
|

Re: Huge spam increment in mid-May

PeterD

>Do you have any examples?  I have had a quiet past 2 weeks with almost
>zero reports of junk by my users.  So either my rules are currently
>tuned well to block the current spam/phishing campaigns or something.  I
>assumed a botnet had been take down.  I usually have to deal with a few
>compromised accounts sending spam each week but not lately.  It's been nice.
>I would like to see some examples via pastebin to check my mail
>filtering logs.


No David, sorry i have no samples... just "numbers" in reports...


Reply | Threaded
Open this post in threaded view
|

Re: Huge spam increment in mid-May

David Jones
On 06/01/2018 04:47 AM, Pedro David Marco wrote:

>
>  >Do you have any examples?  I have had a quiet past 2 weeks with almost
>  >zero reports of junk by my users.  So either my rules are currently
>  >tuned well to block the current spam/phishing campaigns or something.  I
>  >assumed a botnet had been take down.  I usually have to deal with a few
>  >compromised accounts sending spam each week but not lately.  It's been
> nice.
>  >I would like to see some examples via pastebin to check my mail
>  >filtering logs.
>
>
> No David, sorry i have no samples... just "numbers" in reports...
>

Does this mean you are accurately blocking them then if the reports are
showing them and there are no complaints from users about missing email?
  I would skim over these subjects to make sure you aren't overblocking.
  Also I usually check the rule hits to make sure they look consistent
with spam.

--
David Jones
Reply | Threaded
Open this post in threaded view
|

Re: Huge spam increment in mid-May

Daniele Duca
In reply to this post by PeterD

This is my actual spam stream (orange) for the last month. I don't see increases worthy to be noted.

Maybe you can share your numbers? Do you do prequeue rejects and maybe noted a spike there?

Daniele


On 01/06/2018 11:47, Pedro David Marco wrote:

>Do you have any examples?  I have had a quiet past 2 weeks with almost
>zero reports of junk by my users.  So either my rules are currently
>tuned well to block the current spam/phishing campaigns or something.  I
>assumed a botnet had been take down.  I usually have to deal with a few
>compromised accounts sending spam each week but not lately.  It's been nice.
>I would like to see some examples via pastebin to check my mail
>filtering logs.


No David, sorry i have no samples... just "numbers" in reports...