spamIssues

Shared hosting presents a big spam problem,  below we will explain the problems and give your our solution.

Obviously most of what we do to eliminate SPAM must remain a secret, or spammers might use it to circumvent the system, but we discuss how we keep our IPs from being blacklisted and what we do to stop both incoming and outgoing spam.

 

Incoming SPAM

Q1. Will I get all of my email.

A1. We only subscribe to the most trustworthy (DNS)RBL (Realtime Blackhole Lists), so spams are only rejected if your sender is listed on one of those lists. If they are listed then the email is bounced back to them specifying which list their server appears to be listed on. So the sender will be aware that the message did not get through.

We also check the SPF record for the senders domain, and perform Greylisting when we first see a senders email address.

So as long as the email is not sent from a spammer, you will get ALL of your email.

 

Q2. What is Greylisting

A2. If our email server receives a new incoming mail that has not been rejected due to RBLs or SPF issues, it considers three pieces of information.

  1. The Sender’s email address
  2. The Recipient’s email address
  3. The network IP the address from sent from.

These 3 things combined make a “greylist key”, if this key already exists in the servers database the email is allowed through, if not, the key is written to the database, and the senders email server is told that our server is too busy to accept incoming mail at this moment, and to try redelivery shortly.

Spamming scripts will give up and not try to redeliver the mail, whereas legitimate mail servers will understand this perfectly and try to deliver the mail again in a few minutes time. When the mail is redelivered, the “greylist key” will already have been placed into the database so the mail is allowed through.

 

Q3. How should I configure my server to be able to deliver mail to UnixGuru.

A3. Any correctly configured email server should work, but make sure the following is done.

  • Your HELO/EHLO strings does not supply an IP Address, but a FQDN (Fully Qualified Domain Name) i.e. mail.company.com
  • The IP of your server must match the resolved IP of FQDN as supplied in your HELO/EHLO string
  • The reverse lookup of the FQDN must match the IP of your server.
  • The FQDN must therefore exist and be resolvable
  • The domain must not be a domain hosted at UnixGuru, as otherwise it would not expect to see it arrive externally.
  • The SPF DNS record must be set correctly.

 

Outgoing SPAM

Q1. On shared hosted, regardless of a customer website IP address, all mail leaves the server via the servers IP address, so a single user can blacklist an IP for everyone else.

A1. UnixGuru’s email systems sends and received emails through the IP address the website is hosted on, this limits the number of users who would be affected should an IP become blocked.

  • We check the blacklisting of each IP address daily
  • If a customer has a dedicated IP only that customer is affected, and can only have harmed themselves.
  • If your business requires email to always be available, we would suggest you buy a dedicated IP address

 

Q2. Compromised sites, like un-updated WordPress sites, can cause a lot of spam.

A2. UnixGuru’s email system counts the number of bounced messages sent by each script and authenticated user.

  • If a script sends emails to more non-existent email addresses than our threshold allows, the email server will not deliver any more emails from that script directory until the problem has been fixed and the administrator releases the block. (This stops the server from getting marked as a spammer and ensures the user fixes their issue).
  • If an authenticated user crosses this threshold, the email account is considered compromised and their password must be reset by a privileged user. i.e. A customer must have their password reset by a reseller or administrator.