Well spews.org the bain of existance is once again at it.

What does everyone use to fight off spammers and try to not get added? Right now we are using a primative list that we unblock people from to let them send mail.

If they send 100 messages in 15 minutes they are automatically added to the spammer list. The problem is all these ligit customers get blocked. So they have to call up and we unblock them after we find out what they are sending/why.

The problem is a real spammer could get unblocked pretty easily.

What solutions (elegant?) does anyone use? What does cpanel do? What does everybody else do?

HELP!!!

How not to get listed in SPEWS? Easy: read abuse@ and postmaster@ your domain and kill off spammers when complaints come in. if your upstream has a bad reputation for allowing spammers to remain on their network, even if you get no complaints about your own users, it won't matter since they will be the ones responsible for the listing.

How to avoid spammers signing up? Manually review each order that comes in. Check Spamhaus (.org), spamsites (.org), SPEWS (.org), Google (.com) for any indication that the account you're about to set up is a known spammer. If any slip through, kill them swiftly.

We don't place any particular restrictions on the amount of mail people can send - it would be hard to police that across many servers, and people with mailing lists and the like will get irritated at the amount of time it would take to do a rather large mailing. Attention to what's going on at the server level and diligence in resolving spam complaints is really the only way to go.

Is it successful this way?

Sure. I killed off a spammer this morning because I noticed a higher than average number of emails in the queue. Other spammers we've rejected outright because we found their history in google or checked the list at Spamhaus and found them there. Really, though, it's impossible to catch everyone. So, say you don't notice a large amount of mail in the queue, but someone does write to abuse@yourdomain.com with a complaint. Review it quickly, take a look at what the user is doing, and zap them if necessary. Respond to the person who complained, thank them for the report, tell them the spammer is nuked, and off you go. The best way to end up on blacklists is by ignoring a problem.

Agreed. The best way to avoid blocklisting is to address complaints in a professional manner rather than ignoring them. Server level spam filtering is difficult since it often blocks legitimate email. We also preview our orders for signs of suspicion (a good practice for fraud prevention as well). And of course, your server should be configured properly not to allow open relay.

Being listed on spews can be a big headache since there is no procedure offered for getting unlisted. Sometimes they list an entire block of IPs at a datacenter - even if the IP you are using is not associated with the spammer's it will be included in that block.
That's not the best method in my opinion, but if that happens you can try working together with the other IP owners/ISP's.

Greetings:

SPAM is defined as unsolicited email.

I'm not sure who was the person to be credited for the idea that if a client sends out x messages per y period of time they are a SPAMmer.

But whoever that person was, please hit them on the head with a nerf base ball bat until either your arm falls off or their head hurts <smile>.

Did that person ever consider that clients can have mailing lists of their customers?

I can only imagine signing up as a client of the company that had this idea implemented, trying to send out emails to existing clients, and then getting the site killed off.

Now, that is customer service... NOT.

I agree with review of new sign ups as mentioned by Annette.

Thank you.