Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


how to fight spam?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

how to fight spam?

Hi there,

Is there a guide or a book I can refer on fighting spam on shared servers?

We are into our 2nd IP range now and having big time issues fighting spam.

Many thanks

Thanked by 1truweb

Comments

  • Yes

  • @Actavus said:
    Yes

    A link please dear sir?

  • jarjar Patron Provider, Top Host, Veteran

    Add bl.mxrbl.com to your RBL list and you’ll gain the fruits of my labor

  • @jar said:
    Add bl.mxrbl.com to your RBL list and you’ll gain the fruits of my labor

    thanks but this is regarding outbound email

  • raindog308raindog308 Administrator, Veteran

    @gwnd1989 said: thanks but this is regarding outbound email

    In other words, major email providers like Gmail and Hotmail and Outlook are marking emails from your IPs as junk mail?

  • edited September 2020

    @gwnd1989 said:
    Hi there,

    Is there a guide or a book I can refer on fighting spam on shared servers?

    We are into our 2nd IP range now and having big time issues fighting spam.

    Many thanks

    Use MXroute, they are very cheap but very prem..

  • @gwnd1989 said:

    @jar said:
    Add bl.mxrbl.com to your RBL list and you’ll gain the fruits of my labor

    thanks but this is regarding outbound email

    mailchannels

  • @raindog308 said:

    @gwnd1989 said: thanks but this is regarding outbound email

    In other words, major email providers like Gmail and Hotmail and Outlook are marking emails from your IPs as junk mail?

    yes sir! Can you please direct me to a book or any other good resource that I can use to educate myself?

    We are using cPanel/WHM and exim.

  • mxroute and mailchannels can not be used as my bosses think they would boot us soon. Happned with sendgrid.

  • lentrolentro Member, Host Rep

    @gwnd1989 said:
    mxroute and mailchannels can not be used as my bosses think they would boot us soon. Happned with sendgrid.

    So basically you are sending spam or stopped paying? Why else would sendgrid boot you?

  • @lentro said:

    @gwnd1989 said:
    mxroute and mailchannels can not be used as my bosses think they would boot us soon. Happned with sendgrid.

    So basically you are sending spam or stopped paying? Why else would sendgrid boot you?

    The original problem.. some of our customer are sending spam every now and then...
    We have thousands of sites... a few hundred clients

  • jarjar Patron Provider, Top Host, Veteran
    edited September 2020

    If it's a cPanel server: https://www.configserver.com/cp/osm.html

    If it's not, you're pretty much stuck building your own solution or paying a lot of money.

    Me, I parse logs and push them to a PHP page behind a HTTP auth that shows the top 10 senders every hour, and when anything looks out of place I go hunting. If it's intentional spam, I kick them out as you should. If it's a compromised password, I change their password and notify them. If it keeps happening, I kick them out.

    If you're not holding your customers accountable and you're not monitoring or building automation around it, you're either out of luck or looking to pay someone a LOT of money to take care of it for you. Think tens of thousands of dollars up front (or more) to start talks with someone like MailChannels about an in-network solution, or someone like OVH uses to to provide an appliance that spies on email leaving the network: https://www.vadesecure.com/en/isp-products/

    But if money isn't an object, then you should reach out to MailChannels and Vade Secure about in-network solutions that you can deploy with their help. They're going to cost more than some employees, but they're going to help you solve it with a scalable solution. Note that I'm not referring to MailChannels Cloud, which is what others would be referring to. More like the solutions we discussed with them at DigitalOcean while I was there (but ultimately didn't pull the trigger on).

  • maybe these customers using the WordPress website and these websites infected by malware.
    so use anti-malware to clean the customer website.
    e.g pyxsoft or
    https://www.malwarebytes.com/business/edr/server-security

  • As @jar said OSM is quite good, just a little unpolished(?). Use it with an active malware scanner like CXS or imunify so they can quarantine infected files before they send out spam.

    You can build your own scripts to integrate with these but some spam would still leak out that'd need to cleaned up manually.

  • truwebtruweb Member
    edited September 2020

    You can filter outgoing emails. It is a more difficult job.
    I use it to block sending to wrong domains (gemail.com, otmail.com, ...).
    The articles I based are:
    https://documentation.cpanel.net/display/CKB/Scan+Outgoing+Mail
    https://documentation.cpanel.net/display/CKB/How+to+Customize+the+Exim+System+Filter+File
    https://www.assistanz.com/block-outgoing-mails-particular-domains-using-cpanel-filter-rule/

  • DewlanceVPSDewlanceVPS Member, Patron Provider

    You can use ASSP Deluxe, I had 2 license but I stop using it and configure cPanel with RBL, Custom rules, etc.

  • Thank you everyone.

  • m4num4nu Member, Patron Provider

    I filter outbound emails with Rspamd. If they exceed a certain spam score, they are rejected.

    You should also limit the number of emails per account per hour or so.

    Thanked by 2vpsGOD vimalware
  • @gwnd1989 said:
    Thank you everyone.

    What kind of solution did you try/use now?

  • Poach an employer from SES team.

  • m4num4nu Member, Patron Provider

    @jar said:
    Add bl.mxrbl.com to your RBL list and you’ll gain the fruits of my labor

    Added this yesterday. For now it only triggers on very few IPs that are already blocked by many other lists.

    But will definitely keep monitoring it. Nice of you to contribute this.

    Thanked by 1jar
  • m4num4nu Member, Patron Provider

    One more for @gwnd1989:

    Have you tried DCC/bulkiness scoring. I find it works extremely well with other rules that may have low predictive power by themselves. E.g. bulk AND from_freemail. Since your users shouldn't send mass mails, you can block anything that's bulky for DCC.

  • sincerily I surrended! Because it's really a lost cause...so I prefer pay service like gsuite and living happy

  • Fine your bad clients.

    This is certainly against your TOS to use your service to send spam.

  • raindog308raindog308 Administrator, Veteran

    @vimalware said: Poach an employer from SES team.

    An employee would be cheaper, but if you have a trillion or two lying around unused...

    Thanked by 1vimalware
  • Thank you everyone, my seniors opted for rspamd

  • serv_eeserv_ee Member
    edited September 2020

    Easy. Find out who's behind the spam. Locate them, order them a proper escort since they've never seen 🐈 anyway and they'll simmer down soon enough.

  • @serv_ee said: order them a proper escort since they've never seen 🐈 anyway and they'll simmer down soon enough.

    Instructions were unclear. Escort sent SPAM

  • @sdglhm said:

    @serv_ee said: order them a proper escort since they've never seen 🐈 anyway and they'll simmer down soon enough.

    Instructions were unclear. Escort sent SPAM

    Don't worry they have medicine for that spam these days

Sign In or Register to comment.