Page 1 of 3 123 LastLast
Results 1 to 25 of 51
  1. #1
    Join Date
    Oct 2005
    Location
    Internet
    Posts
    1,161

    Spammers - What a problem..

    I'm wondering what softwares/scripts do you guys all use to try and prevent a user from sending spam from your own servers? As you should all know this can be a problem as major email providers may not only place your emails in the bulk/spam folder, but block them from that also!

    I don't understand who would buy something or even trust something from a spammer!

  2. #2
    Join Date
    Sep 2005
    Posts
    551
    Well, I know that cPanel has a setting to limit the amount of emails an account can send per hour.

  3. #3
    Join Date
    Oct 2005
    Location
    Internet
    Posts
    1,161
    Quote Originally Posted by FR-Alex
    Well, I know that cPanel has a setting to limit the amount of emails an account can send per hour.
    Yes, our default is 250/hr

  4. #4
    Join Date
    Jan 2006
    Location
    Ontario, Canada
    Posts
    958
    Yes, cPanel has many functions that you can enable to prevent spam. Do a little reading and you'll be able to prevent any sort of email spam
    Kdoubt.net - Gameing discussion, arcade, all around good fun

  5. #5
    Join Date
    May 2002
    Location
    Internet / Colorado
    Posts
    1,660
    Make sure to add in a TOS/aup policy where if you catch someone spamming you charge $250 per hour of research and to fix the problem, I caught 2 people who were spamming on my servers on purpose and not just a hack and ended up charging them each 2k after deleting their accounts, they contested the charges but the credit card company backed me up. I never got another spammer trying to use my services again

  6. #6
    Join Date
    Feb 2001
    Location
    West Michigan, USA
    Posts
    9,687
    Quote Originally Posted by bwb
    Make sure to add in a TOS/aup policy where if you catch someone spamming you charge $250 per hour of research and to fix the problem, I caught 2 people who were spamming on my servers on purpose and not just a hack and ended up charging them each 2k after deleting their accounts, they contested the charges but the credit card company backed me up. I never got another spammer trying to use my services again
    You're not saying that because you charged this one guy, that no other spammers tried to use your services again, are you?

    Professional spammers generally don't even sign up for your services. They find script exploits and send their crap out that way or they use stolen credit card/Paypal info. Locking down user accounts, etc. puts a small dent in spamming, but its more of a security and fraud issue than an email or ToS/customer issue.

    The legitimate customers that DO get caught spamming are generally the ones that are too ignorant to realize that the CD they bought with 100,000 "opt in" email addresses is bogus. Fine them, cancel them, tar and feather them...its not accomplishing a thing. Its merely punishing someone who didn't know any better. I'm not saying you look the other way, by any means, I'm just saying that those kinds of people are not the true problem.

    --Tina
    Last edited by Tina J; 11-25-2006 at 12:50 PM.
    ||| 99.999% Uptime SLA!!!
    Plenty of space and bandwidth to fit your needs!
    www.AEIandYou.com - - (WP Friendly - Premium Reseller Hosting and Cheap Dedicated Servers)

  7. #7
    Join Date
    Oct 2005
    Location
    Internet
    Posts
    1,161
    I know cPanel has tools to help prevent Spam, I was asking what you guys use. I guess everyone else uses the cPanel tools eh?

  8. #8
    Join Date
    Feb 2001
    Location
    West Michigan, USA
    Posts
    9,687
    Quote Originally Posted by LuckyAnonymous
    I guess everyone else uses the cPanel tools eh?
    No. You need to secure your servers, watch user accounts for 'exploited script' behavior and do heavy fraud screening on new orders.

    --Tina
    ||| 99.999% Uptime SLA!!!
    Plenty of space and bandwidth to fit your needs!
    www.AEIandYou.com - - (WP Friendly - Premium Reseller Hosting and Cheap Dedicated Servers)

  9. #9
    Join Date
    May 2002
    Location
    Internet / Colorado
    Posts
    1,660
    Quote Originally Posted by AH-Tina
    You're not saying that because you charged this one guy, that no other spammers tried to use your services again, are you?

    Professional spammers generally don't even sign up for your services. They find script exploits and send their crap out that way or they use stolen credit card/Paypal info. Locking down user accounts, etc. puts a small dent in spamming, but its more of a security and fraud issue than an email or ToS/customer issue.

    The legitimate customers that DO get caught spamming are generally the ones that are too ignorant to realize that the CD they bought with 100,000 "opt in" email addresses is bogus. Fine them, cancel them, tar and feather them...its not accomplishing a thing. Its merely punishing someone who didn't know any better. I'm not saying you look the other way, by any means, I'm just saying that those kinds of people are not the true problem.

    --Tina
    Well you have to remember this was about 4 years ago when a lot of spammers didn't use the methods they use now, after those two initial problems no I didn't have any other problems but of course I don't think it was because of that although you never know.

    Spammers now use a lot more methods but at the time these guys were actually companies in the UK/China doing it the old fashioned way by signing up for accounts and sending out tons of email. As I said the two people who were spamming were not just normal people whose scripts got hacked/abused, they were actually spammers trying to get away with it.
    Like passive recurring revenue you can retire on?
    You focus on building your brand, we handle all support, billing, and more.
    Pressed.net - Start your own Managed WordPress Hosting Company

  10. #10
    Join Date
    Oct 2005
    Location
    Internet
    Posts
    1,161
    Quote Originally Posted by AH-Tina
    No. You need to secure your servers, watch user accounts for 'exploited script' behavior and do heavy fraud screening on new orders.

    --Tina
    Yes, yes, yes, I know that.. Thats not what I was asking.

  11. #11
    Join Date
    Feb 2001
    Location
    West Michigan, USA
    Posts
    9,687
    Quote Originally Posted by LuckyAnonymous
    Yes, yes, yes, I know that.. Thats not what I was asking.
    I thought you were asking how to prevent people from spamming from your servers. Sorry.

    What, exactly, are you asking?

    --Tina
    ||| 99.999% Uptime SLA!!!
    Plenty of space and bandwidth to fit your needs!
    www.AEIandYou.com - - (WP Friendly - Premium Reseller Hosting and Cheap Dedicated Servers)

  12. #12
    I got PSM to install a cron that logs every email sent from the server, i then check the logs, and when you see a ridiculous number next to an account name, you look into it further, and find a ton of spam. Then i remove them and take legal action :-)

  13. #13
    Join Date
    Oct 2005
    Location
    Internet
    Posts
    1,161
    Quote Originally Posted by AH-Tina
    I thought you were asking how to prevent people from spamming from your servers. Sorry.

    What, exactly, are you asking?

    --Tina
    "I'm wondering what softwares/scripts do you guys all use to try and prevent a user from sending spam from your own servers?"

  14. #14
    Quote Originally Posted by bwb
    Make sure to add in a TOS/aup policy where if you catch someone spamming you charge $250 per hour of research and to fix the problem, I caught 2 people who were spamming on my servers on purpose and not just a hack and ended up charging them each 2k after deleting their accounts, they contested the charges but the credit card company backed me up. I never got another spammer trying to use my services again
    How did you manage to do that? I mean, normally, the merchants go with the client (customer) and there isnt much you can do if they do a chargeback. Do you require your usrs to sign a document when they purchase hosting? Otherwise, i cannot see how you won the case. Maybe you could share your experience and what you you had to provide your merchant as proof.

  15. #15
    Join Date
    Feb 2001
    Location
    West Michigan, USA
    Posts
    9,687
    Quote Originally Posted by LuckyAnonymous
    "I'm wondering what softwares/scripts do you guys all use to try and prevent a user from sending spam from your own servers?"
    Software can't really accomplish that effectively.

    --Tina
    ||| 99.999% Uptime SLA!!!
    Plenty of space and bandwidth to fit your needs!
    www.AEIandYou.com - - (WP Friendly - Premium Reseller Hosting and Cheap Dedicated Servers)

  16. #16
    Join Date
    May 2004
    Posts
    305
    Quote Originally Posted by AH-Tina
    I'm just saying that those kinds of people are not the true problem.
    Hmm. The true problem. That can be an interesting investigation.

    One practical way to define "who is the true problem" in terms of spam is to try to identify the group we could apply our efforts towards, to the greatest effect.

    What target would yield the biggest bang for the buck for each unit of time, money, energy invested?

    Imho, that target of greatest opportunity would be us, the web hosting industry.

    This industry has such enormous talents and assets, it's amazing really.

    But we are burdened with a defeatist fascination with defense, and a real lack of will and imagination on offense.

    The spammers can find us and attack us, but we just aren't smart enough to follow the money trail and return the favor.

    I know, the nature of networks has a lot to do with it, granted.

    But we use that as a reason to fail and be victims, rather than as a challenge to be greeted and overcome.

  17. #17
    Join Date
    Feb 2001
    Location
    West Michigan, USA
    Posts
    9,687
    The problem is that these people don't have regular physical addresses and don't hire regular hosting companies to send their spam from. They operate in the shadows and move around and know how to cover their tracks. Its kind of like the Nigerian money transfer scams. They're well organized and next to impossible to shut down.

    If you have some ideas on how to fix, or even put a dent in, this problem...you'd be THE MAN.

    --Tina
    ||| 99.999% Uptime SLA!!!
    Plenty of space and bandwidth to fit your needs!
    www.AEIandYou.com - - (WP Friendly - Premium Reseller Hosting and Cheap Dedicated Servers)

  18. #18
    Join Date
    Nov 2006
    Location
    Lansing, Michigan
    Posts
    139
    I like Squirreldog's preemtive imagination on dealing with Spammers. I'd like to hear the details of your thoughts or plans, if you don't mind sharing them?
    Patrick K. HendersonSales Manager
    LiquidWeb.com
    StormOnDemand.com
    Twitter: LW_Patrick

  19. #19
    Join Date
    May 2004
    Posts
    305
    Ok guys, thanks for helping me think it through.

    Clearly, I don't have THE answer. I am just using logic to observe that what we've been doing for 12 years does not work, so some kind of paradigm shift seems essential.

    I guess my main point would be that if the same energy that is currently applied to explaining why we can't make this paradigm shift was instead invested in constructive imaginative thought, we might have a shot.

    As one possibility, I picture an industry trade group, supported by dues from web hosts, bandwidth providers etc.

    This trade group hires professional detective agencies, lawyers, public relations firms, etc.

    We find'em, we sue or jail them where possible, and at the least, we make them very famous.

    The money trail seems a logical place to start, but I would entrust this to the professionals who spend their entire careers tracking people down.

    I have no illusion that we will find them all. But finding 5%, and delivering a life changing blow, will ripple throughout their community, just as their actions ripple through ours.

    And success stories printed widely in our community, and the public could change the psychological and political environment.

    People love to win, and they love to have someone to hate, it must be added. Much of this currently buried energy could be liberated with the right victories.

    We are very smart, and very rich. We shouldn't be playing the role of victims here. At the least, we should be TRYING to take the fight to them.

    Over to you. Both you guys, and many others here, will have lots of experience beyond mine. Care to share?

  20. #20
    Join Date
    Nov 2006
    Location
    Lansing, Michigan
    Posts
    139
    follow the money, and you'll find your spammers.
    Patrick K. HendersonSales Manager
    LiquidWeb.com
    StormOnDemand.com
    Twitter: LW_Patrick

  21. #21
    Join Date
    May 2004
    Posts
    305
    That makes sense to me too.

    The challenge for the web hosting industry could perhaps be defined as, how do we raise the money needed to hire the experts who can follow the money?

    Part of the paradigm shift can be to shift focus from thinking of this as primarily a technical problem, to thinking of it as a political problem. Not political problem so much in terms of laws etc, but in the broader sense.

    How do communities organize to defend themselves against threats from shadowy groups with impressive powers?

    It's the theme of the 21st century, online and offline, and we could play an important leadership role in how we deal with our online terrorists.

    The one thing it seems we've learned in the offline version of this game is that you can't stay on defense, too many targets. You have to go on offense.

  22. #22
    Join Date
    Nov 2006
    Location
    Lansing, Michigan
    Posts
    139
    ... encourage ISPs to setup more honeypots to lure these guys in and catch'm!
    Patrick K. HendersonSales Manager
    LiquidWeb.com
    StormOnDemand.com
    Twitter: LW_Patrick

  23. #23
    Join Date
    Jun 2001
    Location
    Gilroy CA.
    Posts
    468
    If you are using Exim for your MTA there are a lot of tricks you can do to stop spam. If you aren't using Exim I don't know how you live without it.

  24. #24
    Join Date
    Jun 2001
    Location
    Denver, CO
    Posts
    3,302
    Quote Originally Posted by AH-Tina
    The legitimate customers that DO get caught spamming are generally the ones that are too ignorant to realize that the CD they bought with 100,000 "opt in" email addresses is bogus. Fine them, cancel them, tar and feather them...its not accomplishing a thing. Its merely punishing someone who didn't know any better. I'm not saying you look the other way, by any means, I'm just saying that those kinds of people are not the true problem.
    --Tina
    While these folks are not a huge part of the problem, they are still part of the problem. When we have actual customers exploiting the services we offer to send out UCE, we will warn them, educate them, and if it happens again they get fined. Many people really don't seem to care what you tell them until you hit them in the wallet.

    In the end, I think the only way to fix spam is to get rid of SMTP, which was designed over 24 years ago, and move to a protocol that's designed from the ground up with an anti-spam focus. All of the "fixes" (SPF, RBLs, Tarpitting, Greylistng) out there today are merely band aides for that are trying to heal a gaping wound.
    Jay Sudowski // Handy Networks LLC // Co-Founder & CTO
    AS30475 - Level(3), HE, Telia, XO and Cogent. Noction optimized network.
    Offering Dedicated Server and Colocation Hosting from our SSAE 16 SOC 2, Type 2 Certified Data Center.
    Current specials here. Check them out.

  25. #25
    Join Date
    May 2004
    Posts
    305
    Quote Originally Posted by Jay Suds
    In the end, I think the only way to fix spam is to get rid of SMTP, which was designed over 24 years ago, and move to a protocol that's designed from the ground up with an anti-spam focus.
    Yes, sounds right to me. Great point. The culture of the Net has changed radically, and the techology hasn't kept up.

    When SMTP was deployed the Net was a relative handful of educated responsible people, almost all of whom were connected to the Net via their employer. SMTP was fine for this group and situation.

    This educated responsible group invented the Net they wished to live in, not the one they would actually have to live in. Best of intentions, not entirely realistic.

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •