Pls recommend Anti-Spam for cpanel Server

hbhb

Well-Known Member
Dec 1, 2006
67
0
156
Hi,

I have been getting a lot of spam lately despite cpanel has it's own filter and etc but some users do not know how to configure things like spamassasin.

I am looking for a simpler, yet powerful antispam filter and really works for whole server itself without configuring per account. I do not mind 3rd party components that requires licensing so long as it is not too expensive.

Anyone can recommend one?
 

AndyReed

Well-Known Member
PartnerNOC
May 29, 2004
2,221
4
193
Minneapolis, MN
I have been getting a lot of spam lately despite cpanel has it's own filter and etc but some users do not know how to configure things like spamassasin.
Installing SpamAssassin or Mailscanner doesn't mean you'll be spam free. You'll have, as a system administrator, to configure, import spam rules, and train your spam application to weed out spam. Either SpamAssassin or MailScanner are both good.
 

hbhb

Well-Known Member
Dec 1, 2006
67
0
156
normal users (new to web hosting) do not know how to write the rules.. that's the problem, i myself do not know really how to set a proper rules. is there any documentation or tutor you can forward me to englight me more about setting a recommended rules?

update: i find a lot inside http://www.rulesemporium.com/rules.htm but do not know how get it installed
 
Last edited:

Daniel15

Well-Known Member
Oct 7, 2006
86
1
156
Palo Alto, CA (originally Melbourne, Australia)
cPanel Access Level
Website Owner
Twitter
I'd suggest to install MailScanner using the package at http://configserver.com/free/mailscanner.html. Once you've done that, install MailWatch (a web interface for MailScanner). Once both are installed, open MailWatch, and choose Reports --> Message Operations. This lists all the qurarantined messages. From here, you can mark the messages as Spam or Ham (mark a few at a time).

Teaching it what is spam and what isn't trains the bayes database, and after a while, it starts working really well.

To keep your rules up to date, I'd suggest to use Rules Du Jour (I can't find the link at the moment, hopefully someone else will post it). Note that you'll need to edit the config so it has these lines in it:
Code:
SA_DIR="/etc/mail/spamassassin";
SA_RESTART="/etc/init.d/MailScanner restart";
As the defaults won't work.
 

nwilkens

Well-Known Member
May 4, 2006
59
0
156
Monroe MI
cPanel Access Level
DataCenter Provider
Rules

The rules at rulesemporium can be directly downloaded and placed in the spamassassin directory. Which is typically /etc/mail/spamassassin/

Then, you need to test the rules and ensure you are not getting errors, you can do this by running 'spamassassin --lint'; if this comes back with no errors, restart spamassassin.

The rulesDuJour script : http://sandgnat.com/rdj/rules_du_jour should be utilized to auto update your rules.

Also, I found that this is a good starting point for SARE rules, then add/remove/write additional rules as required.

http://www.rulesemporium.com/rules/70_sare_adult.cf
http://www.rulesemporium.com/rules/70_sare_bayes_poison_nxm.cf
http://www.rulesemporium.com/rules/70_sare_evilnum0.cf
http://www.rulesemporium.com/rules/70_sare_header0.cf
http://www.rulesemporium.com/rules/70_sare_html0.cf
http://www.rulesemporium.com/rules/70_sare_obfu0.cf
http://www.rulesemporium.com/rules/70_sare_specific.cf
http://www.rulesemporium.com/rules/70_sare_stocks.cf
http://www.rulesemporium.com/rules/70_sare_unsub.cf
http://www.rulesemporium.com/rules/72_sare_redirect_post3.0.0.cf
http://www.rulesemporium.com/rules/99_sare_fraud_post25x.cf

Hope this helps.

Nick
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,465
30
473
Go on, have a guess
I'd actually recommend using the sa-update feature that comes with SpamAssassin to download the current SA rules and the additional SARE rules. It's much easier to do that using rules_du_jour and you don't have to worry about changing URL's, etc.
 

RTCruiser

Active Member
Jun 28, 2006
36
0
156
After using Spamassassin for the past five years, I've switched to ASSP. It does a great job of filtering much more spam than SA ever did, and it has a very user-friendly way for end users to whitelist an email address... they just send that person an email.

It does take a little fussing with the server to make sure the MTA is routed through it, and after that takes a couple of weeks to "learn" what spam is, but after it's set up it does a fantastic job.