Help/Advice Needed - Email/SPAM Filter - New SSD-2 cPanel 60 w LS Server, CloudFlare, etc...

geob

New Member
#1
Hello All,

I am brand new to the KH family, with a VPS SSD-2 with cPanel 60, LS Server, LS Cache. I have been designing websites since 1993 and have had many different hosts and types over the years. All where fully managed, apparently much more so the KH's definition of Managed. I also preferred to us DirectAdmin more so the cPanel (but I am working on learning it more). So I need some help/advice.

I have read that cPanel 60 made alot of changes and couple with the fact that I use LS Server it seems I am having a hard time finding relevant info and setups on this exact configuration. So for fear of doing more harm the good. I am forced to create a thread and seek your expert advice, rather then diving in blindly and learning hard lessons that I can not afford to make. I need to get this server 100% setup and optimized for 20 or so small websites, 1/2 of which is WordPress with only a few WordPress e-coms that may have some traffic (hopefully) in the future.

KH won't setup ClourFlare so I am working on doing that myself, and hopefully correctly as I have been reading different, contradicting things on what is best/right. So if you have any tips/advice please don't hesitate.

My other main issue now at the moment are:

1 - Preventing mail server from being unnecessarily blacklisted. Seems to happen all the time before and no one was spamming.

2 - Setting it up with an better Email/SPAM filtering and/or optimize the one built in.

I understand it comes with Spamassain which I guess is better then nothing, but never seems to do much. Then again I may not have had the settings setup best. I was/am afraid to automatically delete higher thresholds for fear of false positives.

So I would love some info on some of the ideal setups/settings you guys are happy with running on the latest cPanel.
I have read this thread here How to stop spam -- DEAD in its tracks!! But realize that is a little older and from what I have read cPanel made a lot of changes and improvements (hopefully) in the latest 60 version. So if that approach is the way to go is there anything I need to do differently to apply it to my server.

Also if there are any other addons or services or anything that may be better. I have been sending some clients to Google Apps in order to use their email with excellent SPAM Filtering, but hate to have to do that for various reasons. I am also using Mailfoundry appliances/services at another host as well.

Thank you all very much for your help I really appreciate it and happy to be part of the family one I get this server setup perfectly to start actually using it.

Thank you!
Geo
 

geob

New Member
#2
Upon doing further research, seems ASSP Deluxe and Mailscanner are 2 cost effective, popular options.

Any one have any advice one way or the other?

Thank you...
Geo
 

KH-Jonathan

Director of Managed Services
Staff member
#3
VPS SSD-2 with cPanel 60, LS Server, LS Cache
That's a great starting build :)

I have read that cPanel 60 made alot of changes and couple with the fact that I use LS Server it seems I am having a hard time finding relevant info and setups on this exact configuration
EasyApache 4 is still relatively new. Add Litespeed to the mix and you've got a "brand new animal" of sorts. I doubt you'll face any serious issues but at the same time there's not a ton of info out in the wild about it. So far any issues I've seen with Litespeed due to EA4 have been very minor and not affected the serving of websites in any way.

I need to get this server 100% setup and optimized for 20 or so small websites
Our default build should have you good to go. It's designed for exactly that :)

Preventing mail server from being unnecessarily blacklisted. Seems to happen all the time before and no one was spamming.
Make sure your clients are using secure email passwords on email accounts. Keep all scripts up to date.

That's all I've ever done on my personal servers and I've never been blacklisted personally in 12-15 years of hosting stuff online. If you control all the content (nothing resold) that makes it a cakewalk to keep your server clean since you control it all :)

Upon doing further research, seems ASSP Deluxe and Mailscanner are 2 cost effective, popular options.
I'm not familiar with Mailscanner (are you referring to something from ConfigServer)? I have seen ASSP and while it seems to do a decent job, I wouldn't recommend it. It engrains itself into cPanel pretty heavily in some nasty ways that makes troubleshooting things very difficult, and I've never been a fan of it. To me it just feels hacky. I've seen it cause some weird and bizarre problems for customers in the past where the end solution was to drop it.
 

geob

New Member
#4
Jonathan,

Thank you very much for the reply.

Yes I am having a hardtime finding relevant info on this "new animal", coupled with my lacking of advanced server admin experience leaves me second guessing everything.

Correct it is ConfigServer's MailScanner. I have read of others going to that, from ASSP Deluxe due to cPanel upgrade issues. Apparently not to friendly with that. Which other then that is sounds good. But you information has me concerned and now leaning towards digging up more info about ConfigServers MailScanner.

Thank you sir!
Geo
 

KH-Jonathan

Director of Managed Services
Staff member
#5
I've never dealt with Mailscanner but I've never seen it cause any issues either, if that helps.

EDIT - I do know of customers who've installed and use it.
 

Dan

Moderator
#6
Morning @geob

I got your PM about this but will respond here.

The biggest issue I could see with ASSP Deluxe would be cPanel updates breaking it. I personally have not historically had that problem because I always ran the cPanel updater manually after an update had been out a while and GRscripts had updated ASSP by the time I updated. However now with EA4 it requires the updater to be configured to run daily, got my fingers crossed on that.

Other than that ASSP has worked fairly well for me, I've had a couple of issues of course one of which the developer had to actually log in and look at/fix himself. As with any system it needs a good amount of spam and valid email to figure out what's good and bad so there could possibly be a space issue depending on how much space you give your clients. Email and space is always an issue with people that use IMAP though :)

I've never used Mailscanner although @Dave G does and you can read about it in his post here.

I can see one difference would be major to me, Mailscanner does not whitelist people that your users email. I would venture a guess and say that the argument against doing that is that if there is a breach and a bunch of spam gets sent out from the server then all of those addresses would then be whitelisted. The whitelist in ASSP is a flat text file though and it could always be edited to remove them.

My biggest issue is always that people do not train the system. They don't send the email back to the system that an email they received was spam so if spam gets through the only way the system knows about it is if you, the Administrator, see it while browsing through the good mail and you report it. If it were simply a button they could click it would be a different story perhaps and it is for the Admin but not for the user.

So to end I am going to say that when it comes to spam filtering there is no perfect system. The spam always changes, it's never from the same addresses, it's never to the same addresses, etc etc. It's an endless battle and in those times when it changes some are going to get through until the database catches up to the new schema and catches it. I would recommend starting with the thread that you mentioned and seeing how it does, if it becomes too much then switch to an alternative. Perhaps if SpamAssassin supports it use a double threshold: up to one point it is known to be spam and can be blackholed then from there up to the next threshold it can be marked ***possible spam*** and the user is then at least alerted and they would then (hopefully) report that it is actually spam.

Hope that helps!
 

geob

New Member
#7
Dan,

Thank you so much for the reply and spending time in sharing you experience. Very helpful information!

Your manual update strategy is smart and usually how I like to do things. So now with EA4 we have to keep auto updates enabled? If that is the case, I guess it is going to be hard for ASSP Deluxe to stay ahead of this. Which is certainly something for me to consider right-off-the-bat. And certainly a fingers-crossed situation for you.

I was leaning towards ASSP Deluxe if the update process is still manageable, like you mentioned. Though @KH-Jonathan comment scares me a little about the code of ASSP Deluxe. But I read a lot of users, like yourself, have been very happy with it. Hopefully this EA4 update issue doesn't change that.

So I will certainly read that post about MailScanner. Thank you for that. I have not seen that one, yet.

Or simply just start out with an optimally configured SpamAssasin and maybe some GreyListing, which seems is built in now. As after learning a little more about the post I linked to above, How to stop spam -- DEAD in its tracks!! may mainly be about adding Greylisting in the older versions of cPanel. But admittedly I do not understand it all.

Anyway thanks again!
Geo
 
Top