New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Yes
A link please dear sir?
Add bl.mxrbl.com to your RBL list and you’ll gain the fruits of my labor
thanks but this is regarding outbound email
In other words, major email providers like Gmail and Hotmail and Outlook are marking emails from your IPs as junk mail?
Use MXroute, they are very cheap but very prem..
mailchannels
yes sir! Can you please direct me to a book or any other good resource that I can use to educate myself?
We are using cPanel/WHM and exim.
mxroute and mailchannels can not be used as my bosses think they would boot us soon. Happned with sendgrid.
So basically you are sending spam or stopped paying? Why else would sendgrid boot you?
The original problem.. some of our customer are sending spam every now and then...
We have thousands of sites... a few hundred clients
If it's a cPanel server: https://www.configserver.com/cp/osm.html
If it's not, you're pretty much stuck building your own solution or paying a lot of money.
Me, I parse logs and push them to a PHP page behind a HTTP auth that shows the top 10 senders every hour, and when anything looks out of place I go hunting. If it's intentional spam, I kick them out as you should. If it's a compromised password, I change their password and notify them. If it keeps happening, I kick them out.
If you're not holding your customers accountable and you're not monitoring or building automation around it, you're either out of luck or looking to pay someone a LOT of money to take care of it for you. Think tens of thousands of dollars up front (or more) to start talks with someone like MailChannels about an in-network solution, or someone like OVH uses to to provide an appliance that spies on email leaving the network: https://www.vadesecure.com/en/isp-products/
But if money isn't an object, then you should reach out to MailChannels and Vade Secure about in-network solutions that you can deploy with their help. They're going to cost more than some employees, but they're going to help you solve it with a scalable solution. Note that I'm not referring to MailChannels Cloud, which is what others would be referring to. More like the solutions we discussed with them at DigitalOcean while I was there (but ultimately didn't pull the trigger on).
maybe these customers using the WordPress website and these websites infected by malware.
so use anti-malware to clean the customer website.
e.g pyxsoft or
https://www.malwarebytes.com/business/edr/server-security
As @jar said OSM is quite good, just a little unpolished(?). Use it with an active malware scanner like CXS or imunify so they can quarantine infected files before they send out spam.
You can build your own scripts to integrate with these but some spam would still leak out that'd need to cleaned up manually.
You can filter outgoing emails. It is a more difficult job.
I use it to block sending to wrong domains (gemail.com, otmail.com, ...).
The articles I based are:
https://documentation.cpanel.net/display/CKB/Scan+Outgoing+Mail
https://documentation.cpanel.net/display/CKB/How+to+Customize+the+Exim+System+Filter+File
https://www.assistanz.com/block-outgoing-mails-particular-domains-using-cpanel-filter-rule/
You can use ASSP Deluxe, I had 2 license but I stop using it and configure cPanel with RBL, Custom rules, etc.
Thank you everyone.
I filter outbound emails with Rspamd. If they exceed a certain spam score, they are rejected.
You should also limit the number of emails per account per hour or so.
What kind of solution did you try/use now?
Poach an employer from SES team.
Added this yesterday. For now it only triggers on very few IPs that are already blocked by many other lists.
But will definitely keep monitoring it. Nice of you to contribute this.
One more for @gwnd1989:
Have you tried DCC/bulkiness scoring. I find it works extremely well with other rules that may have low predictive power by themselves. E.g.
bulk AND from_freemail
. Since your users shouldn't send mass mails, you can block anything that's bulky for DCC.sincerily I surrended! Because it's really a lost cause...so I prefer pay service like gsuite and living happy
Fine your bad clients.
This is certainly against your TOS to use your service to send spam.
An employee would be cheaper, but if you have a trillion or two lying around unused...
Thank you everyone, my seniors opted for rspamd
Easy. Find out who's behind the spam. Locate them, order them a proper escort since they've never seen 🐈 anyway and they'll simmer down soon enough.
Instructions were unclear. Escort sent SPAM
Don't worry they have medicine for that spam these days