The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cpanel Add Ons for Spam

Discussion in 'E-mail Discussions' started by ramorse, Jun 10, 2015.

  1. ramorse

    ramorse Well-Known Member

    Joined:
    Sep 6, 2003
    Messages:
    201
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    I am still looking for a better spam fighting solution. Cpanel blog posted the following about 3 addons (all commercial license) but there are zero reviews or ratings in the Cpanel App store for any of them. Here's the blog post:

    http://blog.cpanel.com/3-cpanel-whm-add-ons-for-fighting-spam-email/

    I am wondering if anyone has used any of these, if so, could you share your experience, or if you have used other add ons or third party services to help fight the onslaught of spam.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    Have you considered using the Greylisting feature available in cPanel version 11.50? It's documented here:

    11.50 Release Notes - Greylisting

    Note that version 11.50 is currently only available in the "Current" and "Edge" build tiers.

    Thank you.
     
  3. ramorse

    ramorse Well-Known Member

    Joined:
    Sep 6, 2003
    Messages:
    201
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Thanks. I have looked at Greylisting and eagerly await 11.50 to be available in the Release tier as that's what our servers are set to. Any ETA?
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    There's a target for the middle of June, but we don't have any time frame expectations as release dates can always change based on issues we find or new bugs that are discovered.

    Thank you.
     
  5. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,281
    Likes Received:
    37
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    The greylisting available in 11.50 works pretty good so far. Some things to keep in mind:

    1. If you enable the option to whitelist connections passing SPF, you will allow a lot of spam to come through that may otherwise be blocked. [NOTE: This feature is enabled by default in 11.50]
    2. If you disable the option to whitelist connections passing SPF, be prepared to manually whitelist a lot more address space where valid emails are coming from, especially address space of larger service providers and webmail services. You will end up blocking a lot more spam that with this option disabled though.
    3. The cPanel-provided default list of whitelisted addresses / address space is mediocre at best. I believe the reason why it falls short is because [I believe] that cPanel is hedging there bet that everyone will keep the whitelisting-by-SPF-passage enabled, which will negate the need for cPanel to make the default whitelist more populated and (b). Although you should see #2 above
    4. whitelisting based upon rDNS / partial rDNS is still a must-have.
    5. cPanel should not be providing even a minimal amount of whitelist entries because then they are on the hook for keeping them up to date -- and I've already noticed that among the companies they attempt to whitelist in the default whitelist, they have fallen short on the necessary address space that they have added for various webmail providers / large ISPs.
    Why is rDNS / partial rDNS whitelisting a must-have? Well, to be most effective against spam, one cannot whitelist hosts that pass SPF checks. And if one does not whitelist hosts that pass SPF checks, one has to add quite a bit more individual address space in. And, for a lot of the providers [Yahoo certainly comes to mind], their rDNS clearly indicates the function of the connecting mail IP address. And you can much more easily whitelist scattered blocks of IP space that is used by Yahoo for sending mail if you are able to whitelist based upon partial rDNS. If that's not available, you have to do much more involved searches of the IP address space that Yahoo has in use for legitimate email delivery.

    So far I've built up a pretty good starting base of whitelisted entries. I do NOT whitelist hosts that pass WPF. The greylisting so far is doing a great job thrarting off spam [that spam that doesn't retry]. And for the spam that does retry, the mere fact that the hosts are being deferred for a period of time makes it much more probable that those hosts will be listed on various RBLs and URIBLs by the time they do connect and pass the greylisting mechanism. This, of course, assumes that you are using decent RBLs in the first place to block during SMTP, and that you have the URIBL plugin enabled in SpamAssassin and are using it affectively.

    I give cPanel a thumbs-up for the new cpgreylistd . This post is not meant to bash anyone at cPanel. I just wanted to relay my experience thus far with cPanel's greylisting, as well as throw an idea or two at the cPanel developers who maintain cpgreylistd -- with the hope that they will consider adding whitelisting based upon rDNS / partial rDNS.

    Mike
     
  6. ramorse

    ramorse Well-Known Member

    Joined:
    Sep 6, 2003
    Messages:
    201
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Thank you for your report. I've just started using this on one server and so far have found it pretty good. I am kind of concerned about the default whitelist.

    "So far I've built up a pretty good starting base of whitelisted entries."

    Would you be willing to share?
     
  7. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,281
    Likes Received:
    37
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    Let me look into that. My customerbase is mostly within a fairly defined geographical area,and so a lot of the entries in my list would be trivial / nonuseful for most people. And I haven't yet explored how the whitelist information is stored. If it's stored in in a flat text file I may be willing to share. If it's stored in an sql format, it's probably going to be more of a pain for me than it would be a benefit to you or anyone else.

    I'll get back to you.

    m
     
  8. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,384
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    I figure it's only a matter of time before spammers begin utilizing their own SMTP service, which would queue, hold, and retry their spam messages. This would get around greylisting servers.
     
  9. ramorse

    ramorse Well-Known Member

    Joined:
    Sep 6, 2003
    Messages:
    201
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    So, what are we to do? Still looking for a better solution to spam onslaught.
     
  10. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    One other alternative would be to host all of your email on a third-party mail server with native SPAM blocking features. However, I don't really see a downside to the Greylisting feature until spammers begin widespread methods of circumventing it.

    Thank you.
     
Loading...

Share This Page