Results 1 to 13 of 13
  1. #1
    Join Date
    Sep 2008
    Location
    NL,IR
    Posts
    1,491

    BoxTrapper Spam Trap ???

    hello. can anyone tell me more about BoxTrapper Spam Trap ?

    why should us disable it on share hosting?

    what about the vps with only root user ?

  2. #2
    Join Date
    Nov 2001
    Location
    Vancouver
    Posts
    2,422
    Requiring verification emails is moronic, particularly for a ROOT user.

    You are required by RFC to receive legitimate Postmaster and Abuse mail. Some abuse reporting systems are fully automated and will never reply to a request for verification.

    Sure, you can whitelist various services, provided you know about them ahead of time; but you can't whitelist the world!

    If you are relying on system like BoxTrapper (which apparently also puts a load on the box) that merely says your anti-spam system is very weak elsewhere.

    PS: do not receive and read mail as root.
    “Even those who arrange and design shrubberies are under
    considerable economic stress at this period in history.”

  3. #3
    Quote Originally Posted by mwatkins View Post
    Requiring verification emails is moronic, ...
    Amen to that.

    Our policy on the signup page:

    "we do not respond to whitelisting requests of any kind"
    edgedirector.com
    managed dns global failover and load balance (gslb)
    exactstate.com
    uptime report for webhostingtalk.com

  4. #4

    *

    Quote Originally Posted by nimafire View Post
    hello. can anyone tell me more about BoxTrapper Spam Trap ?

    why should us disable it on share hosting?

    what about the vps with only root user ?
    Box Trapper can actually cause a TOS violation. Consider this. You get spamvertised...hard. For each spam that hits your account, an e-mail goes out. What happens if your host (like most good ones) has an hourly or daily e-mail limit? and You hit it? You get a TOS.

    DUMBEST thing I ever saw was a company that will remain nameless that had catch-all address AND BoxTrapper turned on.

    On shared hosting.

    Not only did the account get TOS'd but it took an admin to go in and clear the mail queue of over 500,000 messages

    And to use your root user account for anything other then emergency root level maintenance is just plain wrong.

    Consider a better Spam solution.

    Larry

  5. #5

    Spam Assasin Spam Trapper

    I am getting bazootles of spam messages - mostly from
    my own email address (other people's names as the sender)
    I'd guess that at least 90% of the messages I'm now receiving
    are junque.

    I set up spam assasin and it has cut down drastically on
    the number of spam messages....

    Can anyone tell me how/if I can separate my REAL email
    address from the spam messages?

    in the whitelist/blacklist, it does not show the sender's name -
    only the email address.

    Or, can anyone suggest a better solution? Spam Assasin has brought some sanity back into my life. Thanks Karen

  6. #6
    Quote Originally Posted by kmiller View Post
    I am getting bazootles of spam messages - mostly from
    my own email address (other people's names as the sender)
    I'd guess that at least 90% of the messages I'm now receiving
    are junque.

    I set up spam assasin and it has cut down drastically on
    the number of spam messages....

    Can anyone tell me how/if I can separate my REAL email
    address from the spam messages?

    in the whitelist/blacklist, it does not show the sender's name -
    only the email address.

    Or, can anyone suggest a better solution? Spam Assasin has brought some sanity back into my life. Thanks Karen
    Well, since you are not going to be SENDING into your server from YOUR e-mail address, blacklisting your e-mail address would stop it entirely. SA only looks at incoming messages not outgoing ones
    Last edited by LarrrardTx; 05-04-2009 at 09:53 PM. Reason: Darn Sticky Keyboard Typos

  7. #7

    BoxTrapper Spam Trap

    I send messages to myself all of the time.. things
    that I want to remember, links that I want to look up/
    keep .... so, it DOES matter that my own address would
    NOT be blacklisted. Karen

  8. #8
    Sorry, I was forgetting that I use one address on my server, and aprivate e-mail address for stuff I want to keep that I e-mail to myself. I send from the private address to the server address that gets spammed, and that way my mail goes through.

    Not everyone does it that way though, So I did some digging and here is a possible solution.

    In the whitelist from section put your e-mail address like so:
    karen@yourserver.com.213.154 where you replace the e-mail address with your real e-mail address followed by the last two octets of your servers IP . This tells SA that unless the mail originated off of your server, it is not you, and that it should then not pass it through.

    Or you can edit your .spamassassin/user_prefs to put this in
    trusted_networks followed by your server IP address and then save the file. You can fin this in your cPanel File Manager

  9. #9
    Thanks a bunch for the "fix".

    Unfortunately, I used my primary address to
    sign up for some things and have ended up
    with a mailbox full of crap... now, having
    to clean it up.

    Again, thanks. Karen

  10. #10
    Join Date
    Nov 2001
    Location
    Vancouver
    Posts
    2,422
    Don't feel bad - it just takes one address - eventually it'll show up on Spam lists everywhere.

    Blocking Spam, especially for one individual, is not that hard. Coming up with a good solution that meets the needs of a broad landscape of different users is much harder.

    Best piece of advice: try to block Spam from even hitting your mail queue -- this means SpamAssassin won't even have to look at the mail. The vast majority of inbound Spam can be blocked simply with a decently configured SMTP server.

    Reject mail that doesn't come from a host with a proper fully qualified host name. That step alone cuts 1/3 of the inbound Spam attempts on a daily basis - never hits your mail queue. I'm talking many, many, thousands of pieces of junk.

    Reject mail that doesn't originate from a valid domain. Reject mail that doesn't contain a valid sender. Basically you want to reject mail that doesn't meet at least basic mail RFC norms. In my experience this leads to very few problems with real senders, certainly in recent years. Once upon a time being so dogmatic used to be a bigger problem but the Spam issue has caused legitimate mail senders to clean up their acts, too.

    The other big benefit for ensuring your mail server isn't accepting tons of junk into the queue for SpamAssassin to look at later is that it a) greatly reduces the load on your machine(s) and, perhaps even more importantly, you don't end up with a ton of mail reject notices to deal with or a difficult policy decision to make with respect to bounces.
    Last edited by mwatkins; 05-05-2009 at 12:49 PM.
    “Even those who arrange and design shrubberies are under
    considerable economic stress at this period in history.”

  11. #11
    It seems that, a VERY short time after I get a message
    that someone has sent a bulk mailing to - without using
    BCC - I get a tonne of crap mail. Don't know if it
    actually corresponds but I read them the riot act.

    Am now using a gmail address for all personal mail
    and forwarding ones that I want to keep to my
    personal account.

  12. #12
    Quote Originally Posted by mwatkins View Post
    Best piece of advice: try to block Spam from even hitting your mail queue -- this means SpamAssassin won't even have to look at the mail. The vast majority of inbound Spam can be blocked simply with a decently configured SMTP server.

    Reject mail that doesn't come from a host with a proper fully qualified host name. That step alone cuts 1/3 of the inbound Spam attempts on a daily basis - never hits your mail queue. I'm talking many, many, thousands of pieces of junk.

    Reject mail that doesn't originate from a valid domain. Reject mail that doesn't contain a valid sender. Basically you want to reject mail that doesn't meet at least basic mail RFC norms. In my experience this leads to very few problems with real senders, certainly in recent years. Once upon a time being so dogmatic used to be a bigger problem but the Spam issue has caused legitimate mail senders to clean up their acts, too.

    The other big benefit for ensuring your mail server isn't accepting tons of junk into the queue for SpamAssassin to look at later is that it a) greatly reduces the load on your machine(s) and, perhaps even more importantly, you don't end up with a ton of mail reject notices to deal with or a difficult policy decision to make with respect to bounces.
    Can you direct me to directions for configuring the server?

    Thanks Karen

  13. #13
    Join Date
    Nov 2001
    Location
    Vancouver
    Posts
    2,422
    What mail server are you running?
    “Even those who arrange and design shrubberies are under
    considerable economic stress at this period in history.”

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •