Sorry if this is repeated. I checked spammassassin site, read docs, googled, searched this forum...
I have a dedicated server with Plesk 8.0.1 and SpamAssassin 3.0.6, and would want to upgrade it to 3.1.7. "yum" does nothing, Plesk does not include upgrade options, webmin either, and my Linux knowledge is not so high to download an RPM from the official site and attempt to update it myself in the production server.
I also don't know if this would solve the problems we have now. Around 80% mail is spam, and some customers are really burned about their mailboxes being full of spam. We told them that it would be better when we upgraded from Plesk 7.5 and spamassassin 2.7... but only got *a bit* better.
I own a personal site in another hosting company and I love their spam control. They put all the spam-marked mails in a subfolder called /spam (lets say, katixa/spam). I can configure my Outlook to download them, or just, do nothing. And believe me, I receive VERY little spam in my mailbox, and a LOT of it in my spam folder.
They have SpamAssassin configured with 5 or 7 hits (not sure now). We are configuring customers with 4 hits required to flag.
So... I don't know if we just need to update SA to 3.1.7 (so like an antivirus, it filters better), or we need to do something else.
I tried SBL lists from spamhaus but only derived into some customers not being able to send mail.
I would need someone to tell me how to upgrade to SA 3.1.7, and also enlighten me a bit about this spam issue and the ways good hosting companies used to deal with.
Let me clarify that we do not sell hosting services. We develop websites and other multimedia stuff, and we host this sites in a dedicated server (around 75 domains).
The real great problem with spam today is not the simple spam but the bounced spam, a.k.a. collateral spam. Some web hosting companies disables the email server of customers victims of bounced spam. The spam was not originating from your VPS, it was bounced off of it. For example, say sender [email protected] sends to the nonexistent [email protected]; [email protected] will get a bounce message from 2.com saying that [email protected] does not exist.Now say that [email protected] sends a message to [email protected], but pretends to be [email protected]. [email protected] will send the bounce message to [email protected] and consider it SPAM. Plesk 8 has a lot of enhancements against bounced spam but Spam Assassin have not effective actions to block real spam and sometimes blocks an important message you are expecting considering it "spam". Bounced spam is mostly used these days by spammers. This is normal: Anyone on the internet can use another person's email address to send spam. All it takes is to fake the email address in your email software. If I want I can use [email protected] to send spam. If you wish you can contact the source network at which the email was generated to report abuse, which is unlikely to result in any resolution usually.
By default Qmail will accept mail for any domain name that is properly listed in the rcpthosts/virthosts file. However, it doesn't verify that the username exists. As a result, when a message gets processed, a new MAILER DAEMON message is created. Spammers will take advantage of this to send their spam through a server (they put the intended recipient in the FROM box and a domain which behaves like this in the TO box). Plesk has pre-set Qmail to deny accepting the message altogether if the user does not exist on the server.
Using qmHandle you can examine Qmail fine with external queue that is just the spammers making the bounced spam. Recently we deleted over 8,000 external queues in a VPS per day using qmHandle. Plesk 8.0.1 has an option for detect bounced email: into your plesk CP click Server, then click Mail, Mail Queue in Server-wide mail preferences and you will see the messagens found...
Rapid tut on this issue:
Setting Up Site-Wide Preferences for Handling Mail to Nonexistent Users (Mail Bounce) When somebody sends an e-mail message to an e-mail address that does not exist under your domain, the mail server, by default accepts mail, processes it, and when it finds out that there is no such a recipient under the domain, it returns the mail back to sender with the ?this address no longer accepts mail? notice. You can choose to: - Change the default notice if you do not like it, - Forward all such mail to the desired e-mail address, - Reject such mail without accepting it and without notifying senders. This setting can decrease mail server load caused by a large amount of spam, which is often sent to randomly generated user names. However, for spammers, this can somewhat speed up scanning your mail server for valid e-mail addresses. To configure the site-wide settings for handling mail to nonexistent users: 1 Click the Domains shortcut in the navigation pane. 2 Click the required domain name in the list. 3 Click the Mail icon. 4 Click Preferences. 5 Choose a desired option and specify the information as required. 6 Click OK. Introducing Similar Changes to a Number of Mail Accounts at Once To introduce similar changes to a number of mail accounts at once: 1 Click the Domains shortcut in the navigation pane. 2 Click the required domain name in the list. 3 Click the Mail icon in the Services group. 4 Select the check boxes corresponding to the mail accounts you wish to modify. 5 Click Group Operations. 6 Adjust the settings as desired: - Select Enable to enable the respective option for all selected mail accounts. - Select Disable to disable the respective option for all mail accounts you selected. - Leave Do not change selected for the options you do not want to modify. 7 Click OK.