Discussion in 'The Lounge' started by jamesp57, Jul 24, 2014.
Anyone else noticing an increase in spam?
XRumer probably released its monthly update scripts...
New version out in March.
We've seen a massive uptick of spam recently as well. It also seems to be DDoS season again...
I think maybe you notice it more because you have A M S and P in your username.
I keep getting these damn 'Notice to Appear" emails. They keep originating from different mail servers. I'm almost to the point where I'm just going to reject all emails that have zip attachments. For every 1 that's legitimate there must be 100 that are viruses/spam.
I have been getting them for months, maybe even a year now. I worked with KH Support about setting up the right filters and now they all go to the spam folder.
Over ten years ago, I was having a lot of problems with spam. Changing emails to avoid the problem was not an option.
What I found then (and still use today) was Mailwasher. It's a great product and, coupled with SpamCop reporting, can be a invaluable tool in your arsenal against spammers.
The main thing I like about Mailwasher is that you can view the e-mail and bounce it without letting the sender know that it was seen. No other program that I know of can do that.
Secondly, it displays the true link next to the spoofed link.
You can set up friends, white lists, black lists, etc with ease and its Pro version will handle as many e-mail accounts as you want to throw at it.
And, by linking to SpamCop and using its reporting system, you can help identify the culprits. That helps us all as the offenders are identified to others like SpamAssassin.
I like to use MailScanner for protecting all my customers from crap mail it checks with 4 different black hole lists including SpamCop has global and local black and white listing, spam level settings, blocking by IP's I also am blocking .eu and .pw with all kinds of reports it will take a bit for MS to learn whats bad and whats not.
I might be getting 6-12 spams a day.
I assume you set the filters in /etc/cpanel_exim_system_filter
Can you post the filters here please or email them to me.
Also looking how to block all incoming messages from imnica.com
If you could share that filter both Fred and I would greatly appreciate it.
I'll try and remember to do this in the morning.
@phpAddict , @Fred
Sorry for the long delay. I've been working on new release of a website all week.
I really didn't do anything special. I just looked at what the common text were in all the emails, then went into my cPanel, under Mail went to Account Level Filtering. I created a filter called 'crap emails'.
For the Rules, I selected 'Body' in the first drop down box, 'contains' in the second. I did this five times for each of the following lines of text:
The copy of the court notice is attached to this letter. Please, read it thoroughly.
Please, read it thoroughly.
download the copy of the court notice attached herewith to read the details.
The copy of the court notice is attached to this letter
You may find the detailed pretrial notice attached to this letter.
For the Actions, I selected 'Deliver to folder' for the first drop down, and in the text block I have '/DOMAIN.com/USER/.Junk'
Just enter your domain and user name.
This is what has worked for me.
Let me know if you have any questions.
Oh' I thought you were doing server level filtering. Never mind then, account level filtering is cake.
Yes I am also looking for server level filtering. Thanks anyway @Chimpie
Isn't there a file available somewhere or a website that one can download filters from?
I'm still very new to VPS hosting. In fact, everything with KnownHost works so well that I've pretty much been able to 'set it and forget it'.
If you want to give me a step by step guide of what to look for on the server side I'll be more than happy to see if there's something different.
Here is the documentation for the exim filters
Currently I am reactive to spam and filter on account level as well but I would like to be pro-active and filter on server level.
That would cut out a lot of support tickets from my users.
I have the public blacklists enabled, you would think with all of these same spam emails everyone seems to get that it would stop them, but since they're not, server level filtering would make it much easier to stop them on all accounts, rather than having to create the account level filter in each individual account. WHM should have a server level email filter that's as easy to use as the account level filter.
The blacklists helps a lot but as long as users click on links in emails they not suppose to click on the problem will just carry on and probably escalate.
Problem is dynamic IP's, although blacklisted, usually are not blocked. Not much point in blocking all of "British Telecoms" dynamic IP's No one in the UK will be able to go anywhere or send any emails.
Server wide filtering is the only option...
These have started to die down. Now I'm getting 'Delta Air Lines' spam. There's no pattern in the body of the email so I can't create a rule just yet.
Separate names with a comma.