hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : BoxTrapper Spam Trap ???
Reply

Forum Jump

BoxTrapper Spam Trap ???

Reply Post New Thread In Hosting Security and Technology Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old
I Like Beer!
 
Join Date: Sep 2008
Location: Sweden
Posts: 1,196

BoxTrapper Spam Trap ???


hello. can anyone tell me more about BoxTrapper Spam Trap ?

why should us disable it on share hosting?

what about the vps with only root user ?



Sponsored Links
  #2  
Old
Web Hosting Master
 
Join Date: Nov 2001
Location: Vancouver
Posts: 2,416
Requiring verification emails is moronic, particularly for a ROOT user.

You are required by RFC to receive legitimate Postmaster and Abuse mail. Some abuse reporting systems are fully automated and will never reply to a request for verification.

Sure, you can whitelist various services, provided you know about them ahead of time; but you can't whitelist the world!

If you are relying on system like BoxTrapper (which apparently also puts a load on the box) that merely says your anti-spam system is very weak elsewhere.

PS: do not receive and read mail as root.

__________________
“Even those who arrange and design shrubberies are under
considerable economic stress at this period in history.”

  #3  
Old
******* Unleaded
 
Join Date: Feb 2004
Posts: 3,829
Quote:
Originally Posted by mwatkins View Post
Requiring verification emails is moronic, ...
Amen to that.

Our policy on the signup page:

"we do not respond to whitelisting requests of any kind"

__________________
edgedirector.com
managed dns global failover and load balance (gslb)
exactstate.com
uptime report for webhostingtalk.com

Sponsored Links
  #4  
Old
Newbie
 
Join Date: Apr 2009
Posts: 14
*

Quote:
Originally Posted by nimafire View Post
hello. can anyone tell me more about BoxTrapper Spam Trap ?

why should us disable it on share hosting?

what about the vps with only root user ?
Box Trapper can actually cause a TOS violation. Consider this. You get spamvertised...hard. For each spam that hits your account, an e-mail goes out. What happens if your host (like most good ones) has an hourly or daily e-mail limit? and You hit it? You get a TOS.

DUMBEST thing I ever saw was a company that will remain nameless that had catch-all address AND BoxTrapper turned on.

On shared hosting.

Not only did the account get TOS'd but it took an admin to go in and clear the mail queue of over 500,000 messages

And to use your root user account for anything other then emergency root level maintenance is just plain wrong.

Consider a better Spam solution.

Larry

  #5  
Old
Newbie
 
Join Date: Jun 2008
Posts: 15
Spam Assasin Spam Trapper

I am getting bazootles of spam messages - mostly from
my own email address (other people's names as the sender)
I'd guess that at least 90% of the messages I'm now receiving
are junque.

I set up spam assasin and it has cut down drastically on
the number of spam messages....

Can anyone tell me how/if I can separate my REAL email
address from the spam messages?

in the whitelist/blacklist, it does not show the sender's name -
only the email address.

Or, can anyone suggest a better solution? Spam Assasin has brought some sanity back into my life. Thanks Karen

  #6  
Old
Newbie
 
Join Date: Apr 2009
Posts: 14
Quote:
Originally Posted by kmiller View Post
I am getting bazootles of spam messages - mostly from
my own email address (other people's names as the sender)
I'd guess that at least 90% of the messages I'm now receiving
are junque.

I set up spam assasin and it has cut down drastically on
the number of spam messages....

Can anyone tell me how/if I can separate my REAL email
address from the spam messages?

in the whitelist/blacklist, it does not show the sender's name -
only the email address.

Or, can anyone suggest a better solution? Spam Assasin has brought some sanity back into my life. Thanks Karen
Well, since you are not going to be SENDING into your server from YOUR e-mail address, blacklisting your e-mail address would stop it entirely. SA only looks at incoming messages not outgoing ones


Last edited by LarrrardTx; 05-04-2009 at 09:53 PM. Reason: Darn Sticky Keyboard Typos
  #7  
Old
Newbie
 
Join Date: Jun 2008
Posts: 15
BoxTrapper Spam Trap

I send messages to myself all of the time.. things
that I want to remember, links that I want to look up/
keep .... so, it DOES matter that my own address would
NOT be blacklisted. Karen

  #8  
Old
Newbie
 
Join Date: Apr 2009
Posts: 14
Sorry, I was forgetting that I use one address on my server, and aprivate e-mail address for stuff I want to keep that I e-mail to myself. I send from the private address to the server address that gets spammed, and that way my mail goes through.

Not everyone does it that way though, So I did some digging and here is a possible solution.

In the whitelist from section put your e-mail address like so:
karen@yourserver.com.213.154 where you replace the e-mail address with your real e-mail address followed by the last two octets of your servers IP . This tells SA that unless the mail originated off of your server, it is not you, and that it should then not pass it through.

Or you can edit your .spamassassin/user_prefs to put this in
trusted_networks followed by your server IP address and then save the file. You can fin this in your cPanel File Manager

  #9  
Old
Newbie
 
Join Date: Jun 2008
Posts: 15
Thanks a bunch for the "fix".

Unfortunately, I used my primary address to
sign up for some things and have ended up
with a mailbox full of crap... now, having
to clean it up.

Again, thanks. Karen

  #10  
Old
Web Hosting Master
 
Join Date: Nov 2001
Location: Vancouver
Posts: 2,416
Don't feel bad - it just takes one address - eventually it'll show up on Spam lists everywhere.

Blocking Spam, especially for one individual, is not that hard. Coming up with a good solution that meets the needs of a broad landscape of different users is much harder.

Best piece of advice: try to block Spam from even hitting your mail queue -- this means SpamAssassin won't even have to look at the mail. The vast majority of inbound Spam can be blocked simply with a decently configured SMTP server.

Reject mail that doesn't come from a host with a proper fully qualified host name. That step alone cuts 1/3 of the inbound Spam attempts on a daily basis - never hits your mail queue. I'm talking many, many, thousands of pieces of junk.

Reject mail that doesn't originate from a valid domain. Reject mail that doesn't contain a valid sender. Basically you want to reject mail that doesn't meet at least basic mail RFC norms. In my experience this leads to very few problems with real senders, certainly in recent years. Once upon a time being so dogmatic used to be a bigger problem but the Spam issue has caused legitimate mail senders to clean up their acts, too.

The other big benefit for ensuring your mail server isn't accepting tons of junk into the queue for SpamAssassin to look at later is that it a) greatly reduces the load on your machine(s) and, perhaps even more importantly, you don't end up with a ton of mail reject notices to deal with or a difficult policy decision to make with respect to bounces.

__________________
“Even those who arrange and design shrubberies are under
considerable economic stress at this period in history.”


Last edited by mwatkins; 05-05-2009 at 12:49 PM.
  #11  
Old
Newbie
 
Join Date: Jun 2008
Posts: 15
It seems that, a VERY short time after I get a message
that someone has sent a bulk mailing to - without using
BCC - I get a tonne of crap mail. Don't know if it
actually corresponds but I read them the riot act.

Am now using a gmail address for all personal mail
and forwarding ones that I want to keep to my
personal account.

  #12  
Old
Newbie
 
Join Date: Jun 2008
Posts: 15
Quote:
Originally Posted by mwatkins View Post
Best piece of advice: try to block Spam from even hitting your mail queue -- this means SpamAssassin won't even have to look at the mail. The vast majority of inbound Spam can be blocked simply with a decently configured SMTP server.

Reject mail that doesn't come from a host with a proper fully qualified host name. That step alone cuts 1/3 of the inbound Spam attempts on a daily basis - never hits your mail queue. I'm talking many, many, thousands of pieces of junk.

Reject mail that doesn't originate from a valid domain. Reject mail that doesn't contain a valid sender. Basically you want to reject mail that doesn't meet at least basic mail RFC norms. In my experience this leads to very few problems with real senders, certainly in recent years. Once upon a time being so dogmatic used to be a bigger problem but the Spam issue has caused legitimate mail senders to clean up their acts, too.

The other big benefit for ensuring your mail server isn't accepting tons of junk into the queue for SpamAssassin to look at later is that it a) greatly reduces the load on your machine(s) and, perhaps even more importantly, you don't end up with a ton of mail reject notices to deal with or a difficult policy decision to make with respect to bounces.
Can you direct me to directions for configuring the server?

Thanks Karen

  #13  
Old
Web Hosting Master
 
Join Date: Nov 2001
Location: Vancouver
Posts: 2,416
What mail server are you running?

__________________
“Even those who arrange and design shrubberies are under
considerable economic stress at this period in history.”

Reply

Related posts from TheWhir.com
Title Type Date Posted
Successful Ingredients for Stopping Outbound Spam Blog 2013-07-30 09:54:15
Outbound Spam Causing Sleepless Nights? Blog 2013-05-13 09:52:21
Spammy Hosting Clients Won't Affect Your Site Ranking: Google Blog 2013-04-10 13:36:07
US Highest Spam Volume in the World: Eleven Email Security Report Web Hosting News 2013-02-13 16:37:44
eleven Email Security Report Finds European Countries Top Spam Senders in October, November Web Hosting News 2014-05-01 08:22:32


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
WHT Host Brief Email:

We respect your privacy. We will never sell, rent, or give away your address to any outside party, ever.

Advertisement:
Web Hosting News:
WHT Membership
WHT Membership



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?