01-Sep-2014

No surprises
Except perhaps that the first half of August shows a large amount of attempts to abuse the mailserver to relay messages – likely to be spam. The files are not that big, and the sizes decrease in time; there has been an outbreak on 24-Aug-2014, where the anti-relay log was over 30 blocks in size: just 124 records – 119 form one address: 113.78.39.167, between 10:15 and 10:20 – just 5 minutes, by wlyx068@163.com – a domain that I know to be a Chinese source of trouble. There will be no possibility but block this address (and all that are related to this domain) in the router….I’ve done quite a lot already, but this one was still missing.
Spam is limited today, compared to some years ago. But either the notorious spammers have been taken offline, or are blocked to access my LAN – I don’t know. But though the number of messages are dramatically lower, the percentages of rejected mail are still relatively high:
PMAS statistics for August
Total messages    :   2046 = 100.0 o/o
DNS Blacklisted   :      0 =    .0 o/o (Files:  0)
Relay attempts    :    493 =  24.0 o/o (Files: 31)
Accepted by PMAS  :   1553 =  75.9 o/o (Files: 31)
  Handled by explicit rule
         Rejected :    917 =  59.0 o/o (processed),  44.8 o/o (all)
         Accepted :    301 =  19.3 o/o (processed),  14.7 o/o (all)
  Handled by content
        Discarded :    130 =   8.3 o/o (processed),   6.3 o/o (all)
     Quarantained :    170 =  10.9 o/o (processed),   8.3 o/o (all)
        Delivered :     35 =   2.2 o/o (processed),   1.7 o/o (all)