On Tue, Mar 24, 2020 at 12:01:46PM +0530, KADAM, SIDDHESH wrote:
> Team,
>
> Anyway of blocking attached spam mail of Corona.
>
it's hitting more than 9 points for me with updated rules.
Most relevant hits are:
1.0 FORGED_SPF_HELO No description available.
0.5 KAM_NUMSUBJECT Subject ends in numbers excluding current years
0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML
tag
0.2 KAM_DMARC_NONE DKIM has Failed or SPF has failed on the message
and the domain has no DMARC policy
1.3 BITCOIN_SPAM_01 BitCoin spam pattern 01
1.3 BITCOIN_EXTORT_01 Extortion spam, pay via BitCoin
0.5 PDS_BTC_ID FP reduced Bitcoin ID
2.5 BITCOIN_SPAM_05 BitCoin spam pattern 05
Do you have updated rules ?
Are you using KAM.cf rules as well ?
Which rules does this message hits for you ?
Giovanni