I start to investigate the spam issue I have with #Yunohost
1) Rspamd is running correctly
2) None of the spam have Headers with a score
3) The spam has been analysed by rspamd
4) My spams have all a corrupt DKIM header ( not even an invalid sign )
I my first thought, i need to push higher the DKIM score check.
The current score is 3.45 for this spam. I think the threshold is 4 for graylist and 8 for add header.
I don't even know what I'm doing
Investigation and learning rspamd continue, I ssh port forward the webui of rspam it's cool. I know how dkim signing work but I haven't a clue about what symbol to change ... HELP HELP
Further investigation demonstrate that my spams are signed correctly with DKIM. So I will attack another angle : NIKER LES SPAMMEURS ALA RACINE🔥 🔥 🔥 🔥 🔥 🔥
Currently regrouping the pieces of shit, and export it and we will play few grep and stuff to extract some interesting information
Extract from mail text sources (.eml) IP address
grep -rhoP 'Received: from .+' . | sed "s/.*\[\(.\+\)\].*/\1/" | sort | uniq
I'm a french guy alone here.