SPAM Education
-
- Posts: 1370
- Joined: Thu Nov 11, 2004 5:26 pm
- Location: Kingsville, Texas
SPAM Education
In times past spam filtering was fairly simple. Known spam from known providers or high-risk and we just filter. What is going on is spammers--Bosly, FTD, etc.--are acquiring servers from providers like me, GoDaddy, etc. send their spam and when they get nailed or blocked, then they move onto other providers sending out their same spam again. As a result "Add to Blacklist" or "Report as SPAM" where it blocks IP addresses may be a temporary or physcologically a good suggestion, but in truth it is not working. Spam scoring (with MXScan) is showing scores of 3.4, 4.2, 5.6, etc...meaning low scores. As a result, I cannnot block or adjust the score to go over low stuff because then legit emails get blocked. It is also difficult to go based on subject or content as some are using images and images cannot be blocked.
So what are your suggestions ME and MXScan?
So what are your suggestions ME and MXScan?
Robert Williams, Owner
www.WilliamsWebSolutions.com
#1 in MailEnable Business-Class Email Hosting - Switch to Williams Web Solutions and we will migrate your accounts to us for FREE!
We can be hired to help you with your Mail Enable server, too!
www.WilliamsWebSolutions.com
#1 in MailEnable Business-Class Email Hosting - Switch to Williams Web Solutions and we will migrate your accounts to us for FREE!
We can be hired to help you with your Mail Enable server, too!
-
- Posts: 32
- Joined: Wed Feb 03, 2010 2:04 pm
Re: SPAM Education
Mailenable doesn't care about spam. I stopped buying the upgrade insurance a while back and I am just about to the point where I am ready for the hassle of migrating to a new email platform with a company who cares.
-
- Site Admin
- Posts: 9738
- Joined: Mon Mar 22, 2004 4:44 am
- Location: Melbourne, Victoria, Australia
Re: SPAM Education
Hi,
While MailEnable provides security settings and spam filters to help stop incoming spam, its not a dedicated spam gateway. If you require a more efficient means at stopping spam then it would be ideal implementing a spam gateway and filtering the incoming mail before it hits the MailEnable server. Some that come to mind are Symantec SMTP proxy, Barracuda etc. Have you enabled SMTP reverse DNS blacklisting and URL blacklisting? Are you performing SMTP PTR checks? Have you looked in SPF checking?In times past spam filtering was fairly simple. Known spam from known providers or high-risk and we just filter. What is going on is spammers--Bosly, FTD, etc.--are acquiring servers from providers like me, GoDaddy, etc. send their spam and when they get nailed or blocked, then they move onto other providers sending out their same spam again. As a result "Add to Blacklist" or "Report as SPAM" where it blocks IP addresses may be a temporary or physcologically a good suggestion, but in truth it is not working. Spam scoring (with MXScan) is showing scores of 3.4, 4.2, 5.6, etc...meaning low scores. As a result, I cannnot block or adjust the score to go over low stuff because then legit emails get blocked. It is also difficult to go based on subject or content as some are using images and images cannot be blocked.
So what are your suggestions ME and MXScan?
Regards,
Ian Margarone
MailEnable Support
Ian Margarone
MailEnable Support
-
- Posts: 1370
- Joined: Thu Nov 11, 2004 5:26 pm
- Location: Kingsville, Texas
Re: SPAM Education
I'd prefer using an inhouse (as in on the same server) spam filter as it would be easier to adjust when needed versus relying on someone else's spam filtering. Additionally, I can afford a one-time price for annual renewal with MXScan. Those other services are way out of budget.
I had SPF but when companies like Haliburton, Slumberger, etc. (major corporations) don't have valid SPF because they host their email with Microsoft, it is hard for me to decide to enable SPF blocking if not valid. I ran into that problem a while back.
I had SPF but when companies like Haliburton, Slumberger, etc. (major corporations) don't have valid SPF because they host their email with Microsoft, it is hard for me to decide to enable SPF blocking if not valid. I ran into that problem a while back.
Robert Williams, Owner
www.WilliamsWebSolutions.com
#1 in MailEnable Business-Class Email Hosting - Switch to Williams Web Solutions and we will migrate your accounts to us for FREE!
We can be hired to help you with your Mail Enable server, too!
www.WilliamsWebSolutions.com
#1 in MailEnable Business-Class Email Hosting - Switch to Williams Web Solutions and we will migrate your accounts to us for FREE!
We can be hired to help you with your Mail Enable server, too!
-
- Site Admin
- Posts: 9738
- Joined: Mon Mar 22, 2004 4:44 am
- Location: Melbourne, Victoria, Australia
Re: SPAM Education
Hi,
Perhaps you should look into open source free spam gateways.
http://sourceforge.net/projects/scrollout/
Perhaps you should look into open source free spam gateways.
http://sourceforge.net/projects/scrollout/
Regards,
Ian Margarone
MailEnable Support
Ian Margarone
MailEnable Support
-
- Posts: 1370
- Joined: Thu Nov 11, 2004 5:26 pm
- Location: Kingsville, Texas
Re: SPAM Education
What is the difference (as in which product is better): The one from sourceforge or MXScan?
Robert Williams, Owner
www.WilliamsWebSolutions.com
#1 in MailEnable Business-Class Email Hosting - Switch to Williams Web Solutions and we will migrate your accounts to us for FREE!
We can be hired to help you with your Mail Enable server, too!
www.WilliamsWebSolutions.com
#1 in MailEnable Business-Class Email Hosting - Switch to Williams Web Solutions and we will migrate your accounts to us for FREE!
We can be hired to help you with your Mail Enable server, too!
-
- Site Admin
- Posts: 9738
- Joined: Mon Mar 22, 2004 4:44 am
- Location: Melbourne, Victoria, Australia
Re: SPAM Education
Hi,
We have not conducted any tests with the free gateway but have with Symantec products. The difference though is that MXScan is a MTA pickup event therefore the message needs to be accepted by the SMTP service in order for it to be scanned at the MTA level. The spam gateway is an SMTP proxy where the message is filtered before it hits the MailEnable server and then forwarded.
Perhaps inquire with the user in this thread who seems to know it works well and may have more information:
http://forum.mailenable.com/viewtopic.p ... rce#p93736
We have not conducted any tests with the free gateway but have with Symantec products. The difference though is that MXScan is a MTA pickup event therefore the message needs to be accepted by the SMTP service in order for it to be scanned at the MTA level. The spam gateway is an SMTP proxy where the message is filtered before it hits the MailEnable server and then forwarded.
Perhaps inquire with the user in this thread who seems to know it works well and may have more information:
http://forum.mailenable.com/viewtopic.p ... rce#p93736
Regards,
Ian Margarone
MailEnable Support
Ian Margarone
MailEnable Support
-
- Posts: 560
- Joined: Mon Nov 03, 2003 7:48 am
- Location: Cape Town
Re: SPAM Education
You could also look into installing Anti-Spam SMTP Proxy Server (ASSP) in front of your mail server: https://sourceforge.net/projects/assp/
Cheers,
Brett
Cheers,
Brett
-
- Posts: 32
- Joined: Wed Feb 03, 2010 2:04 pm
Re: SPAM Education
How about good directions on best practices for setting up a mailenable server or baseline configuration for minimal spam. Where is that?
How about some options like when a ip address tries to send spam and is rejected for no ptr, no mx record or failed spf they go into a permanent blacklist. For most it is just a little bit of time needed for them to solve those issues by getting the ptr setup or the mx record setup and then you are inundated with spam. I would rather manually remove them from the blacklist than to have the spammer fix the issues and send spam in time.
How about some options like when a ip address tries to send spam and is rejected for no ptr, no mx record or failed spf they go into a permanent blacklist. For most it is just a little bit of time needed for them to solve those issues by getting the ptr setup or the mx record setup and then you are inundated with spam. I would rather manually remove them from the blacklist than to have the spammer fix the issues and send spam in time.
-
- Posts: 32
- Joined: Wed Feb 03, 2010 2:04 pm
Re: SPAM Education
Anther great option would be to have every ip that is rejected from the DNSBL to be blacklisted permanently. It would greatly reduce the number of queries to the DNSBL. I also go through the logs everyday to look for things and I see the same IP that has been blacklisted creating hundreds or thousands of log entries trying to send spam to different email addresses. Again I would rather remove an IP from the blacklist manually if it needs to be removed.
-
- Posts: 1370
- Joined: Thu Nov 11, 2004 5:26 pm
- Location: Kingsville, Texas
Re: SPAM Education
I would had agreed with you but there is a slight problem and that is what I stated "What is going on is spammers--Bosly, FTD, etc.--are acquiring servers from providers like me, GoDaddy, etc. send their spam and when they get nailed or blocked, then they move onto other providers sending out their same spam again. As a result "Add to Blacklist" or "Report as SPAM" where it blocks IP addresses may be a temporary or physcologically a good suggestion, but in truth it is not working." It was blocked permanently at an email account level, but it ought to had been done at the server level (a good suggestion) but what happens when legit mail servers use that IP address that 2-3 years prior was blocked by a spammer. How are we to know when they were blocked without an error reported to someone that "Hey, so and so got blocked"?
Robert Williams, Owner
www.WilliamsWebSolutions.com
#1 in MailEnable Business-Class Email Hosting - Switch to Williams Web Solutions and we will migrate your accounts to us for FREE!
We can be hired to help you with your Mail Enable server, too!
www.WilliamsWebSolutions.com
#1 in MailEnable Business-Class Email Hosting - Switch to Williams Web Solutions and we will migrate your accounts to us for FREE!
We can be hired to help you with your Mail Enable server, too!
-
- Posts: 32
- Joined: Wed Feb 03, 2010 2:04 pm
Re: SPAM Education
Only want DNSBL, No MX and No PTR to be permanent until removed manually with an option to turn it on or off. I don't have too much issue with Godaddy because they take SPAM reports seriously and usually resolve the issue in a timely manner. There are some others like Colorado Crossing who have nothing but spam servers and they ignore spam complaints. I haven't found where any of my customers receive any valid email from Colorado Crossing which is why I blocked them and a whole bunch of other spam farms. A contact number in the email welcome can give someone access to make a compliant if they are blacklisted.
Webmail blacklists only affect that user who added them and email to other users goes through. The report as spam blocks email for all when the set threshold is reached. Most of my customers don't use that anyway.
Webmail blacklists only affect that user who added them and email to other users goes through. The report as spam blocks email for all when the set threshold is reached. Most of my customers don't use that anyway.
Re: SPAM Education
We are happy with our modified free Spam Assassin solution and our modified home made Quarantine Program for Mail Enable.
We have IIS on the perimeter so we have the option from our program of blocking on "SMTP Connect" too so our spam is now way way down.
What users and customers need to understand that Anti Virus and Anti Spam "get most of them". Sometimes the odd thing gets through and that's just tough luck... Some level intelligence is expected from the user in 2015 I would hope...
Scott
We have IIS on the perimeter so we have the option from our program of blocking on "SMTP Connect" too so our spam is now way way down.
What users and customers need to understand that Anti Virus and Anti Spam "get most of them". Sometimes the odd thing gets through and that's just tough luck... Some level intelligence is expected from the user in 2015 I would hope...
Scott
Re: SPAM Education
Care to share how you modified Spam Assassin or what distribution you used to start with?aahq wrote:We are happy with our modified free Spam Assassin solution and our modified home made Quarantine Program for Mail Enable.
Re: SPAM Education
Start here for how we have set ourselves up using Spam Assassin... Its relatively detailed... Use on a test server first... We have been using this for 2 odd years now and I only touch 2 spam assassin files usually.
http://forum.mailenable.com/viewtopic.php?f=7&t=24726
We have made a home made utility that manipulates the Quarantine Queues and has a much more friendly interface than the standard ME Quarantine... I can send you the source code for you to compile if you send a request to aahq@hotmail.com directly. No charge.
ME is a good product but there are just some things you need to do yourself.
Scott
http://forum.mailenable.com/viewtopic.php?f=7&t=24726
We have made a home made utility that manipulates the Quarantine Queues and has a much more friendly interface than the standard ME Quarantine... I can send you the source code for you to compile if you send a request to aahq@hotmail.com directly. No charge.
ME is a good product but there are just some things you need to do yourself.
Scott