Page 1 of 2 12 LastLast
Results 1 to 40 of 43
  1. #1
    Join Date
    Dec 2005
    Posts
    40

    How Do You Fight Spam?

    Hello everyone i was taking some information to take the best way to fight SPAM!!!

    I was reading many reviews abotu 4 AntiSpam that people use commonly:

    - SpamAssasi
    - DSpam
    - ASSP
    - MailScanner

    I would like to know if you have some experience with them and if you have some of this product in you server / platfom / hosting / etc ...

    At first time from all the reviews that i read, the best for me was DSpam, it seems that it have a good system to block spam and cosume low resources.

    So let's talk !

    Sorry for my english, im spanish ...

  2. #2
    I use to actually contact them individually but I not just use plugins to do it all for me! lol

  3. #3
    Join Date
    Oct 2004
    Location
    Kerala, India
    Posts
    4,750
    Spamassassin and mailscanner are more popular. Dspam will have nice interface to manage spams. If you see much of spam activity on your server, you will need to study the mail logs and then configure spamassassin with the options available. A properly configured SA would fight the spams well.
    David | www.cliffsupport.com
    Affordable Server Management Solutions sales AT cliffsupport DOT com
    CliffWebManager | Access WHM from iPhone and Android

  4. #4
    Join Date
    Dec 2005
    Posts
    5
    Please check mailcleaner.org this is really good software. You can install it on VPS and manage spamming.

  5. #5
    Join Date
    Nov 2001
    Location
    Vancouver
    Posts
    2,416
    Your list misses the most important aspect of fighting spam... a properly configured mail server.

    I could shut off my content filter (DSpam) right now and users would not notice an increase in the amount of spam they receive; the only thing they would notice is that what little spam makes its way into their mail boxes (most people - a handful a month, some zero) isn't tagged as [Spam] in the subject line.

    Depending on content analysis to do the majority of the work is misplaced effort.
    “Even those who arrange and design shrubberies are under
    considerable economic stress at this period in history.”

  6. #6
    You can download Ad-aware SE personal from Google extras, Spybot Search and Destroy from Google search, and SpyWare Blaster from google search. Yahoo has the best spam blocker...so if spam is pouring in, well you can do this: You know your Junk/Bulk folder?......click on it....and if there are any spam emails......select each of them (click on the small squares)......and click 'Report" or something like that......and Yahoo will block all the emails that come from that person. Or if you want to use some cash.......then Upgrade your Yahoo email.

  7. #7
    Join Date
    Nov 2001
    Location
    Vancouver
    Posts
    2,416
    Why would you download a "client" program to deal with Spam when you can easily block the vast majority of it at the server. Before it enters your mail queue?

    Put another way, using end-user client anti-spam software (or even relying upon SpamAssassin on a server to block) is like locking your front and back door after the thief is already in the house rifling through your desk and underwear drawer.

    Why not bolt the door firmly shut first?
    “Even those who arrange and design shrubberies are under
    considerable economic stress at this period in history.”

  8. #8
    Join Date
    May 2009
    Location
    SLASH ROOT
    Posts
    853
    I haven't seen any issues using 'SpamAssassin'. Installing an anti-spam software alone will not make a server free from spam.

    SA will auto-learn mails and will identify which are spam and which aren't.

    But what I have been doing is to teach SA to identify spam/ham mails using the sa-learn command since auto-learn will take a lot of time.

  9. #9
    Join Date
    Mar 2009
    Location
    Israel
    Posts
    1,204
    SpamAssassin + sa-learn
    + config your mta properly to work infront of global blacklists.
    in the worst cases i have seen the solution was to put actual hardware filters infornt of the server ( done it in an SBS network not on webhosting networks).
    good filters that i used are checkpoint & fortigate.
    also, eset has a nice antispam solution.
    it all depends on your budget/needs/amount of mails.

    as for webhosting with mail boxes, the best practice is to manage a main mail gateway to filter all mail boxes from all your machines on the network ( ofcourse a main mail gateway means 2 physical servers at least to prevent downtime).
    beast5.com © - Managed Hosting Solutions 2004 - 2016

  10. #10
    Join Date
    Jan 2002
    Location
    Ohio
    Posts
    3,139
    Spam Assassin, and VERY aggressive rules.

  11. #11
    Join Date
    Dec 2005
    Posts
    40
    Well i know the capacity of SpamAssasin cause i work with this AntiSpam Offently with Pyzor + Ryzor + Bayes. But i oftenly try new software to improve the performance of the machines.

    I read tha Dspam have good timing and low resources. The rules can be put to all the users or only to 1 user. Its cans control the spam configuration of any user. And when i read that one i though if that not will consume more resources than SpamAssasin do.

    Dspam is writing in c and SpamAsssin is in Perl. They Said that is better in c cause is a language that the own machine use, so best perfomance. The test that they did with a lot of users, the performance time was so low. I think that i will test this anti spam and give some results ...

    I usually work with this configuration : Amavis + Postfix + ClamAv + Spamassasin.

  12. #12
    Join Date
    Nov 2001
    Location
    Vancouver
    Posts
    2,416
    policyd-weight (with a GeoIP patch and customized RBL rules), postfix (properly configured this will block the vast majority of incoming spam all on its own), DSpam (not for blocking, for tagging only), clamav (integrated via dspam), dovecot LDA, dovecot pop/imap -- this is what we use on our mail servers.

    Depending on which mail server (and which set of clients using it) typically we see 80 to 96 percent of all incoming mail connections blocked. Very little spam makes its way through to DSpam for content analysis. One could sub in SpamAssassin in my config and still be as happy, but SA needs more maintenance than DSpam, and in my experience, DSpam does a better job at learning spam and learning from miscategorization. Plus being written in C it has low machine overhead which is always a nice to have. We used to run SpamAssassin but switched to DSpam late last year and am happy about it.

    Since then the DSpam community has come together to take over the code and a new release is forthcoming.

    Bottom line: if you are rejecting most mail *after* it gets in your mail queue, you have problems. Many sites which rely upon SpamAssassin for a majority of their mail rejection purposes are in such a situation.

    Block spam senders early on in the process. Your machines and users will thank you.
    “Even those who arrange and design shrubberies are under
    considerable economic stress at this period in history.”

  13. #13
    Join Date
    Mar 2009
    Location
    Austin, TX
    Posts
    934
    I worked at a company that was getting between 8,000 to 13,000 spams daily. They were using SA+mailscanner+pyzor+ryzor. It worked for a year or so, I pushed ASSP into production. It literally cut remaining spam by another 90%. I cant't vouch for dspam, since I never used it.

    Paid version - cisco spam and virus blocker (lighter version of ironport, works very well too.

  14. #14
    SpamAssassin is a most widely-used open source software with variety sets of rules.
    Support Facility | 24/7 web hosting technical support services
    Technical support | Server management | Data migration

    Technical Articles

  15. #15
    Join Date
    Jun 2006
    Location
    NYC
    Posts
    1,446
    Aggressive Spamassassin rules / RBLs / SPF checking
    FiberPeer.Com | | REAL DDoS Protection | Cloud Hosting | VPS | Dedicated Servers | High Bandwidth Hosting | 1Gbps-10Gbps Unmetered
    FiberPeer DDoS Mitigation | ethProxy Upgraded! | 14-Years Experience | Emergency 24/7 Support
    Visit us @ www.fiberpeer.com

  16. #16
    Join Date
    Feb 2007
    Location
    United Kingdom
    Posts
    1,245
    I use Mailfoundry, and have found that it works well.

    From getting 1000's of spam a day I get 1/2 a day now.
    Hosting Community Talk - A new community orientated Webhosting discussion, guides, and industry news forum. Why not JOIN TODAY!
    My North Wales - A Community/Tourism discussion forum for residents and visitors to North Wales, United Kingdom.

  17. #17
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    11,686
    Spamassassin = loaded down server especially when client rules get in the way.

    Best response ?? ASSP. I've been using it for years and when properly configured it works beautifully .

  18. #18
    Join Date
    Mar 2009
    Location
    Austin, TX
    Posts
    934
    Quote Originally Posted by linux-tech View Post
    Spamassassin = loaded down server especially when client rules get in the way.

    Best response ?? ASSP. I've been using it for years and when properly configured it works beautifully .
    I agree. For open source & free, ASSP is excellent. Their web interface is daunting, but you will become to appreciate all the features. Also, ASSP WILL TAKE SOME TIME TO CONFIGURE to perfection. Same can be said about SA; and all other anti-spam solutions.

    Fritz, the ASSP main developer, can be perceived as a**hole sometimes. But he is not, he is actually kind and helpful.
    SysAdmin.xyz
    Having severs with customer data on it without proper monitoring is like having one night stand without using protections - eventually, there will be an 'oh s**t!' moment.

  19. #19
    Spamassasin seems to be the most common, it is found on a lot of cpanel servers. It has worked well for me as a host. Have had several spam attempts, All of which were blocked out, and the addresses sent to global blacklists.
    RedBridge Hosting - Cheap Web Hosting Solutions
    Click here to check out the packages we offer!
    Contact: Sales - Sales: Contact Us

  20. #20
    Join Date
    Mar 2009
    Location
    Austin, TX
    Posts
    934
    There is "ASSP Deluxe for cPanel". What it seems to be a more user-friendly front-end for users. The price isn't cheap, but I've read/heard a lot of good things about it.
    SysAdmin.xyz
    Having severs with customer data on it without proper monitoring is like having one night stand without using protections - eventually, there will be an 'oh s**t!' moment.

  21. #21
    Defeating spam with SA would be a very bad idea at least for a shared servers with 1000-2000 clients as it will eat up your CPU.

    Spam could be easily eliminated by a properly configured mail server along with RBLs and SPF.

    I recommend to keep SA off by default (with the option for the client to enable it) for large shared servers.
    [DC'S] SINGAPORE. AUSTRALIA. JAPAN. INDIA. CHINA HK. USA. UK. NETHERLANDS. GERMANY. SOUTH AFRICA
    MyCompanyWeb™: Start Your Own Professional Web Hosting Company in 24 Hours
    SkyNetHosting.Net - SEO Hosting. Reseller Hosting. Shared Hosting & VPS - 14 Years in Business!
    Dedicated IP + SSL + WHMCS + Domain Reseller + Master Reseller + 100% SSD + End User Support and More!

  22. #22
    Join Date
    Dec 2005
    Posts
    40
    Ummmmm i see that spamassasin consume a lot of resources, but its the most know program or service nowadays...

    RBLS List, i dont like to use it cause most of the Dinamic Ip have problem with that so i dont like so much that kind of use.

    SPF is a good idea if everybody config that type in their dns domain ...

    So then for this post i see that most of the people use :

    Postfix + RBLS + ASSP or DSPAM (Less Spamassasin).

    Somebody can draw their system of configuration to combat spam. I mean :

    I use that one at time in Dedicated Clients : Postfix -> Amavis -> ClamAv -> SpamAssasin -> Postfix.

    Best Regard.

  23. #23
    Join Date
    Apr 2009
    Location
    South Shileds, UK
    Posts
    72
    Exim MTA has many possibilities for fighting spam: you can use ACL and DNS Block Lists as well.
    Hosting Planet Limited
    PHP/Perl hosting | Java/JSP/Servlet hosting
    http://www.planet-hosting.net
    http://www.j-hosting.ru

  24. #24
    Join Date
    Jul 2006
    Location
    USA, EU, UK, CA, AUS
    Posts
    1,798
    SmarterMail greylisting + content filtering + rDNS etc gets about 99.95% of SPAM for us.

  25. #25
    Join Date
    Jun 2002
    Location
    Lima
    Posts
    1,321
    Does anybody use Mailchannels?

  26. #26
    Join Date
    Nov 2001
    Location
    Vancouver
    Posts
    2,416
    Quote Originally Posted by Bokudan View Post
    RBLS List, i dont like to use it cause most of the Dinamic Ip have problem with that so i dont like so much that kind of use.
    That makes no sense, in two directions.

    First, there are many types of RBLs and some of them are truly invaluable in cutting down the incoming spam, before it gets into your mail queue. Less "mail" that gets in your mail queue, the less work your content analysis component needs to do.

    Second, specific to dynamic IPs, a real mail host will not be sitting on a dynamic IP. Client software on a dynamic IP should be configured to use their ISP's mail host as a mail transfer point. Like it or not that is the way of the world, and a great many mail servers will outright reject mail that comes from a dynamic IP because a) dynamic IPs would be a spammer haven otherwise (hide your tracks) and b) end user machines on Dynamic IPs are frequent targets for worms, trojans, bots and the like, and much of this malware generates email. Block Dynamic IPs and you help protect the internet at large.

    Furthermore, not all RBLs focus on identifying Dynamic IP ranges; in fact many have other areas of focus. Some produce lists which are known spammers, with info collected through user reports or "honeypots" or their own network of monitoring stations and addresses. They all have their own unique twists.

    By using a tool like policyd-weight you can assign different weights to an RBL hit on a mail server IP. For example maybe you don't want to reject outright mail from a dynamic IP, but you do want to elevate the "spamminess" level associated with that connection - assign a lower weight. If the connection has other spam-sender like attributes (improper HELO, inclusion in other RBLs) then reject it, if not, perhaps you let it pass.

    There is no substitute to setting up a mail server and experimenting. If you want a truly great anti-spam solution you'll need to learn more about SMTP and how your mail server (MTA) works. Set up a configuration and start reading logs. Dig in and you'll learn lots.
    “Even those who arrange and design shrubberies are under
    considerable economic stress at this period in history.”

  27. #27
    Join Date
    Aug 2000
    Posts
    2,750
    Quote Originally Posted by quad3datwork View Post
    There is "ASSP Deluxe for cPanel". What it seems to be a more user-friendly front-end for users. The price isn't cheap, but I've read/heard a lot of good things about it.
    Isn't cheap? 23 Euro's (about $30 per year) for ASSP Deluxe is excellent value and I personally highly recommend it. The Load / Memory and amount of spam we recieve has dropped dramatically since we installed it.

  28. #28
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    11,686
    Quote Originally Posted by quad3datwork View Post
    There is "ASSP Deluxe for cPanel". What it seems to be a more user-friendly front-end for users. The price isn't cheap, but I've read/heard a lot of good things about it.
    God no, stay FAR away from that product!
    The developer of the product has configured a MASSIVE relay in the product itself. His response? Everyone wants it.

    So, because everyone 'wants' a mail relay, the developer supports it. Uggh!
    WHMCS Guru - WHMCS addons, management, support and more.
    WHMCS Notifications Extended - Add slack, hipchat, SMS, pushover to WHMCS !!
    Always looking for Linux, WHMCS, Support Desk work. PM for details

  29. #29
    Join Date
    Mar 2009
    Location
    Austin, TX
    Posts
    934
    Quote Originally Posted by linux-tech View Post
    God no, stay FAR away from that product!
    The developer of the product has configured a MASSIVE relay in the product itself. His response? Everyone wants it.

    So, because everyone 'wants' a mail relay, the developer supports it. Uggh!
    What you said "massive relay" & "mail relay"..... is it as in "open relay"? I don't believe anyone in their right mind would do this. Can you provide some info/links?
    SysAdmin.xyz
    Having severs with customer data on it without proper monitoring is like having one night stand without using protections - eventually, there will be an 'oh s**t!' moment.

  30. #30
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    11,686
    Quote Originally Posted by quad3datwork View Post
    What you said "massive relay" & "mail relay"..... is it as in "open relay"? I don't believe anyone in their right mind would do this. Can you provide some info/links?
    Start here and read through to my last posts in the thread (there's a couple pages). The developer refuses to see the configuration change as a 'security leak', and is so arrogant that his own crap don't stink if you listen to him.

    I showed the man proof, he refuses to listen. I point out a huge relay vulnerability, and exactly what I did to fix it(in the first post), and, again, he refuses to fix it..

    ASSP-x = FAR from trustworthy or reliable. Of course he's going to argue it is, but the results speak for themselves.
    WHMCS Guru - WHMCS addons, management, support and more.
    WHMCS Notifications Extended - Add slack, hipchat, SMS, pushover to WHMCS !!
    Always looking for Linux, WHMCS, Support Desk work. PM for details

  31. #31
    Join Date
    Oct 2007
    Location
    India
    Posts
    67
    We can use filters .. On my cpanel servers what i do is to write custom rules for each domain using vfilters . Adding rules based on foul words.. Email ids etc.. But still now a new kind of spam style is to send images of ads , sale items etc.. With the ip .. Email ids and domain changing. Each time.. I read some where that among the global email activity .. 70 % goes for spams alone.. This is going to be a major issue if globally if some basic rules or license be put for mailing.. Though it is an odd idea.. We will have to bring some thing like that as people widely use php scripts for mass mailing ads.. Etc... Alan

  32. #32
    Join Date
    May 2009
    Location
    Denver, Colorado
    Posts
    190
    Ever consider an actual hardware machine to filter SPAM? It can cover your entire network and will not slow down individual machines (email may be slightly delayed by a few seconds at peak times). Do a Google search on hardware SPAM filters, pleanty of good machines out there. Check the reviews first. Personally, we modified SpamAssassin on a dedicated machine to filter SPAM on our network, works pretty good all things considered.

  33. #33
    i used confiserver firewall and mail scanner

  34. #34
    Join Date
    Jul 2009
    Posts
    442
    i use spamassasin, sa-update, and procmail for white listing (and black listing)

    most users on the server get almost no spam.
    However, I have an email address that i use since 1997. It is attached to many online accounts over that time, both web apps and actual companies.

    it is also linked to professional services like real estate and mortgages.

    the amount of spam on this account, much of it unwanted legitimate that is not listed in blacklists comes through. spam companies who skirt rules to spam you. They buy lists from banks, amazon, and the like.

    I get about 20 a day that get through, sometimes more, during the week for that account.

    on my old hosted solution it was over 200 a day. Since setting up my own mail server it has dribbled really low.

    mail not addressed properly is eaten, as well as all spam to avoid being some kind of 'bounce server'

    so, I think although many processes will work, an account that has a lot of activity over the years will still pile on the spam regardless. luckily most shared accounts are going to be newer email acounts
    Last edited by programguy; 07-12-2009 at 11:57 AM.

  35. #35
    Join Date
    Nov 2001
    Location
    Vancouver
    Posts
    2,416
    Do not give in to defeat. I have an email like yours; it was associated with equity (stock) and futures trading so you can imagine the type of financial industry spam that is sent my way, in addition to the usual diet, phallus, and "nigerian" spam. But I get no more spam delivered to me on that account than any of my other addresses or do other regular users on the systems I manage. What I do get is a great many more *attempts*, the vast majority of which are turned away by Postfix and policyd_weight **before** the mail attempt is even accepted into an incoming mail queue.

    As I don't need that address any more I use it as a "canary in the coal mine" device; should any marked increase in delivered spam or false negative (classifying spam as ham) trends show up, I'll be alerted.

    Periodically I open up the defences for all mail addressed to that domain (and others I use for honeypot purposes), just to collect a torrent of spam to report to Spamcop.
    Last edited by mwatkins; 07-12-2009 at 12:10 PM.
    “Even those who arrange and design shrubberies are under
    considerable economic stress at this period in history.”

  36. #36
    Quote Originally Posted by albatroz View Post
    Does anybody use Mailchannels?
    We use it and LOVE it, it does an amazing job of limiting the amount of spam we receive.
    Jay

  37. #37
    Join Date
    Aug 2003
    Location
    East Coast
    Posts
    2,063
    I use a Barracuda, it's pricey but it works great. I used mailfoundry for a bit as a test and it was horrible.

  38. #38
    Join Date
    Jul 2009
    Posts
    240
    I agree that a properly configured SMTP should be the first line of defense - checks like FQDN and proper HELO should basic in an email server setup.

    My particular way of setting it up (and it works pretty decent less than 1% spam go thru):

    Postfix -> Amavisd -> Postfix -> Dovecot

    Amavisd is setup to use SA, Clamd and Dspam; Dspam and Spamd are set so that amavisd uses both of their scores in evaluating the spamminess (or hamminess) of the email.

  39. #39
    Join Date
    Apr 2002
    Location
    Auckland - New Zealand
    Posts
    1,572
    Dspam in a mail cluster (9 smtp/mx boxes) - works great for our mail cluster, with the data stored within MySQL and replicated out to each smtp box. Great performance, ease of use, maintaining is simple and doesn't require hours of administration to get right and keep right .. and with in a recent test against an ironport appliance (tested against a busy spam trap) - Dspam scored the same.

    I couldn't warrant buying and ironport based on the results.

    Oh, I like DSpam now by the way.

  40. #40
    Join Date
    Jun 2008
    Location
    India
    Posts
    261
    I vote for SpamAssassin
    Ranjith
    Light travels faster thn sound.This is why some people look bright until you actually hear them speak

Page 1 of 2 12 LastLast

Similar Threads

  1. SPF to help fight spam
    By larwilliams in forum Hosting Security and Technology
    Replies: 17
    Last Post: 04-20-2009, 07:23 AM
  2. Fight again SPAM
    By paulhuynh in forum Dedicated Server
    Replies: 10
    Last Post: 07-07-2008, 12:22 PM
  3. How to fight spam
    By SlAiD in forum Hosting Security and Technology
    Replies: 5
    Last Post: 02-05-2007, 09:08 AM
  4. How do you fight SPAM?
    By Ophelus in forum Hosting Security and Technology
    Replies: 4
    Last Post: 03-21-2003, 02:51 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •