05-20-2009, 01:24 AM
|
|
Newbie
|
|
Join Date: May 2009
Posts: 9
|
|
ThePlanet Server Spam Problem!
Hi,
I am looking for any advice on how to best deal with email spam.
Here is what's up...
I recently got a dedicated server with The Planet. WHM/Cpanel...
I am a designer and starting to host my clients. So far i've setup about 5 different clients and everyone says the same thing...
Since they've switched to my server the email spam they get to their emails is out of control.
I asked The Planet for help and they said to make sure some spam filters were automatically checked for each account in my WHM and in their unique cpanel accounts, and they are but it hasnt helped. They also have a spam service but i do not want to pay any more per month than i already am.
What would cause this to be so bad versus my clients old servers?
Secondly, what open source solutions are there out there and who is the best to hire to install them on my server?
Any advice is greatly appreciated.
Thanks!
Dave
|
05-20-2009, 01:26 AM
|
|
iNET Interactive
|
|
Join Date: May 2006
Location: San Francisco
Posts: 7,154
|
|
First, can you check what spam protection in particular you're currently using?
|
05-20-2009, 01:31 AM
|
|
Newbie
|
|
Join Date: May 2009
Posts: 9
|
|
Just the one that came with my WHM install...
SpamAssassin Spam Filter
This wasn't checked before, but i made sure it is now for each account. Clients said that helped a bit but its still a TON of spam.
Same sites on their old hosts, this was not an issue.
|
05-20-2009, 01:34 AM
|
|
Newbie
|
|
Join Date: May 2009
Posts: 9
|
|
Also, in WHM Tweak Settings, i have this set to FAIL
Default catch-all/default address behavior for new accounts. "fail" is usually the best choice if you are getting mail attack
|
05-20-2009, 01:38 AM
|
|
WHT Addict
|
|
Join Date: May 2009
Posts: 149
|
|
Disallow mass mailing accounts
PHPSUEXEC will be good
|
05-20-2009, 01:48 AM
|
|
Newbie
|
|
Join Date: May 2009
Posts: 9
|
|
Quote:
Originally Posted by John Mark
Disallow mass mailing accounts
PHPSUEXEC will be good
|
This will help stop incoming spam? Or stops outgoing spam? I need to get rid of the incoming.
|
05-20-2009, 02:53 AM
|
|
Junior Guru Wannabe
|
|
Join Date: May 2009
Posts: 68
|
|
Check some of the spam mails randomly, are all of them coming from same server ?
once we had this, and found it was from a 3 particular IPs, just blocked them.
__________________
█SurmountHosting.com
█ CPanel • RvSkins • Fantastico deLuxe • PHP5 • Zend Framework • IonCube • Ruby On Rails • No Over-Selling!
Last edited by SurmountHosting; 05-20-2009 at 03:03 AM.
|
05-20-2009, 02:57 AM
|
|
Web Hosting Master
|
|
Join Date: Dec 2007
Posts: 3,612
|
|
I suppose that you need to take care of the emails not to be added to the spam lists.
|
05-20-2009, 03:13 AM
|
|
Platinum quality
|
|
Join Date: Jul 2005
Location: New Jersey, US
Posts: 1,295
|
|
Phpsuexec is not going to help incoming spam.
The best thing to do easily to stop spam is enabling RBL and Spamassasin in the WHM Exim configuration editor.
That should greatly reduce the amount of spam you get.
If you want a more aggressive approach, then additional addons like mailscanner, clamav, etc., can be added.
__________________
 PlatinumServerManagement (also known as PSM)
The OLDEST and LARGEST server management provider in the USA, with 15+ employees and growing!
Providing quality support for OVER 14 years! Currently supporting over 3,000 servers monthly!
www.PlatinumServerManagement.com Proud member of the NJ BBB & Chamber of Commerce, and Authorized Cpanel Partner. |
05-20-2009, 03:58 AM
|
|
Design and Hosting Solutions
|
|
Join Date: May 2005
Location: New York
Posts: 736
|
|
indeed - simply enabling spamassasin wont quite be good enough - try enabling the RBL lookups (to sbl.spamhaus.org etc ) and blocking mail with invalid HELO, Sender Address Verification (simple check to verify existence of the sender's domain), and blocking of mail at smtp time for a score >10 or >12
Good place to start.
__________________
█ Perigee Global Corporation
█ Design, Development and Hosting Solutions
█ Dedicated Servers, CDN, Hosted E-Mail, Web Hosting, VPS & Cloud Servers
█ 1.212.400-7632 www.perigeeglobal.com
|
05-20-2009, 01:21 PM
|
|
Web Host Extraordinaire!!!
|
|
Join Date: Dec 2007
Location: Indianapolis, Indiana USA
Posts: 14,315
|
|
Quote:
Originally Posted by jNive
indeed - simply enabling spamassasin wont quite be good enough - try enabling the RBL lookups (to sbl.spamhaus.org etc ) and blocking mail with invalid HELO, Sender Address Verification (simple check to verify existence of the sender's domain), and blocking of mail at smtp time for a score >10 or >12
Good place to start.
|
All good pieces of advice - it's unfortunate that hosts have to go to such lengths to protect the inboxes of their clients from spam.
__________________
█ Michael Denney - MDDHosting, LLC - Professional Hosting Solutions
█ LiteSpeed Powered - Shared, Reseller, Semi-Dedicated, and VPS
█ For high-end shared accounts ideal for business, check out our Semi-Dedicated offerings!
█ http://www.mddhosting.com/ - Providing Quality Services since 2007
|
05-20-2009, 02:02 PM
|
|
Design and Hosting Solutions
|
|
Join Date: May 2005
Location: New York
Posts: 736
|
|
indeed - if you want to avoid backscatter problems, avoid using Sender Verification Callouts (will not work at all where sender domains MX uses greylisting for example) and avoid sending NDR's for anything to non-local address senders - such errors should always be communicated directly back to the sending SMTP server and not what you think is the sender - something which is usually faked in spam resulting in 'NDR BLasting' effectively of innocent mailboxes :_0
I use an ESVA Virtual Appliance to great affect in combination with a cPanel server currently - very useful system - however I strongly advise people to start off with the included tools with cPanel first to get used to issues which appear and need to be tackled when dealing with spam filtering without resulting in the blocking of good mail etc :-)
ALso, check Mailbox Quota at SMTP time - helps prevent mail being accepted and then ending up sending an NDR back to a forged sender :-)
__________________
█ Perigee Global Corporation
█ Design, Development and Hosting Solutions
█ Dedicated Servers, CDN, Hosted E-Mail, Web Hosting, VPS & Cloud Servers
█ 1.212.400-7632 www.perigeeglobal.com
|
05-20-2009, 03:46 PM
|
|
Newbie
|
|
Join Date: May 2009
Posts: 9
|
|
Thanks for the help guys. Here is what the planet said to do. Is this also good advice? Blacklisting emails seems like a bad route as in my experience blacklisting a fake email never does anything.
------------
Dear Customer,
1. I apologize for the inconvenience this may be causing you. You can blacklist the spam emails. You can also add an SPF to everydomain. Here is a link that will show you how to and then you will just need to add them in WHM under the DNS Functions.
http://old.openspf.org/wizard.html?m....com&submit=Go!
------------
By the way, i do not have a good admin person anymore. I am more focused on selling design and the server is just an add on service for my design clients.
I need to hire a good server admin person who can install all of the things you guys have been talking about. The guy i was using disappeared.
Can anyone recommend someone?
|
05-20-2009, 04:02 PM
|
|
Newbie
|
|
Join Date: May 2009
Posts: 9
|
|
Quote:
Originally Posted by jNive
indeed - simply enabling spamassasin wont quite be good enough - try enabling the RBL lookups (to sbl.spamhaus.org etc ) and blocking mail with invalid HELO, Sender Address Verification (simple check to verify existence of the sender's domain), and blocking of mail at smtp time for a score >10 or >12
Good place to start.
|
Thanks for the advice....
I went into Exim Config Editor in WHM and tried to find the things you mentioned.
Not sure if i did them right....
1) i Enabled RBL, checked zen.spamhaus.org
2) under ACL Options, i checked this, is this the right one?
** Require incoming SMTP connections to send a HELO that does not match this server's local domains.
I didnt see sender address verification nor did i see an option for smtp time at the amounts you put. The first option that is checked says this though:
SpamAssassinTM: Reject mail with a spam score greater than 20 at SMTP time. [?]
Sorry im clueless on this stuff. Just trying to figure out which stuff i should check in here. All these settings are just whatever the default install had already.
|
05-20-2009, 04:25 PM
|
|
Design and Hosting Solutions
|
|
Join Date: May 2005
Location: New York
Posts: 736
|
|
untick the 20, and more will appear, select 10 or 12 (score of 5= spam, but will be tagged and delivered, score of 10 or higher will be blocked and not deliver)
Also, SPF only protects your domain from being used by spammers when sending to other hosts, so at best it will prevent you from receiving NDRs relating to emails you never sent, and only then if you qualify with -all.
Also, it may depend on the version of WHM you are using (stable, current, edge) some options may not be available in the stable branch etc.
Another possible option is to block email addressed to your hostname ( someuser@hostname.yourdomain.com ) for example - commonly done to target a system-wide mailbox or a catchall.
__________________
█ Perigee Global Corporation
█ Design, Development and Hosting Solutions
█ Dedicated Servers, CDN, Hosted E-Mail, Web Hosting, VPS & Cloud Servers
█ 1.212.400-7632 www.perigeeglobal.com
|
| Thread Tools |
Search this Thread |
|
|
|
| Display Modes |
 Linear Mode
|
| Postbit Selector |
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
|
|
| Login: |
|
|
| Advertisement: |
|
|
| Web Hosting News: |
|
|
|
