Web Hosting Talk : Web Hosting Main Forums : Running a Web Hosting Business : How do you stop spam coming out of your server?

[zildjian2000]

Spam hasn't really been that big of a problem (a few fraud accounts here and there) until we started our free host. What do you do to stop spam coming out of the server? We are considering just getting rid of PHP all together but I really don't want to do that.

[sanjin]

Require better verification. You're shooting yourself in the foot if you are going to give a hosting account to anyone and everyone without some kind of verification.

Why not require that the user send you a postcard for verification (http://nic-nac-project.org/index.php)? That should help weed out the troublemakers; they will just go elsewhere for the most part.

[siforek]

You'll get spammers here and there, but especially with free service. A strict spam policy in your TOS helps.

[zildjian2000]

sanjin

Thats a bit extreme, most people are way to impaitent to do that, you would lose quite a bit of customers that way. They won't want to take the time to get the post card and then send it, and then wait for me to recieve it.

skshost
That won't help at all, for one, these are free hosting clients, there is no way to know that their information is real and no way to charge them for anything they have done for their misuse. And even in the case they were a paid client, the most likely case is it was with a stolen credit card or with a stolen PayPal account. If I was having this problem with paid clients I would simply use phone verification, however, with free clients its a whole different story, because the cost to call them (though I am really considering it), the only way to crack down is on the server end.

[sanjin]

Ah, I see, you do make a good point. Why not require phone verification on their end? Get a VoIP line and make them call you as soon as they get the account -- that alone should make it more difficult to get the account just for fraudulent purposes...

[bullfrog]

I also like the idea of them calling you. If you can, get voip with an answering machine so they can just quote their domain or account number or something like that for activation. Then they must just allow a little while for activation.

That way you weed out most of the spammers. If the free clients are so cheap that they can't even make a call to get GIVEN free hosting, then why even bother with that client?

[zildjian2000]

I agree, that is probabely the best move.

[XeHSean]

Just work to eliminate these fraud orders, and delete the existing fraudulent accounts. This will resolve your SPAM problems

[HostRefugee-Vince]

What type of information are you collecting at signup? Name, Address, Phone, IP Address?

Generally, spammers use fake information. Use WhitePages.com for a reverse phone / reverse address search. Use geolocation to see their IP's City and compare it to the City they gave you when signing up. If any details don't match up, don't activate the account. If your doing domain based free-hosting, check their domains whois for differences in the info they gave you.

[zildjian2000]

XeHSean
Not really, its not like there are 5 spammers out there, theres enough to keep going for the entire life of my company

HostRefugee-Vince
We do collect all that information, we just never checked it, thats a good idea, I think I'll do that. I also now am using a online answering machine and going to require people to leave their name, domain, and reason why the need the hosting account.

[Biju]

Normally you could not stop spam so easily, Spams are either sent

1. Some Script written down in PHP or anyothe language.
2. Direct spam through their mail servers.

These are the ways which an A/c can send via your server. There are also other ways, but that could result another name as Hacking activity of your own server by your client through an annoymous way.


To control

Try to find who is sending and how is he sending. This can make u ban the a/c or find the way.

Monitor each a/c through any email spam software.

[zildjian2000]

Can you suggest any spam software? Esspically one that works with WHM and will automatically suspend any account that appears to be sending spam?

[zildjian2000]

I don't know why you decided to define spam, that’s not the issue at hand.

Additionally, yes, there are things that can be done to prevent spam, e.g. any spam software that exists, such as Spam Assassin and junk mail folders, however, what I'm looking for is software that detects spam on a server and stops it, such as stops mass emails etc which I'm sure exist, or at least could be programmed pretty easily. All it would have to do is monitor emails coming out of a server and when there are x amount, suspend that account; it should be a piece of cake for any experience programmer.

Anyway, what you are talking about isn't what I need or what this is about, the email filters that are prevalent on Google are those for incoming spam, not outgoing.