Spam fighting solutions PLEASE!

[EchoHost]

Ok so I'm going crazy with all the spam here! I've tried spamassasin + mailscanner and all that happened is I lost a lot of legit e-mails, some e-mails took a very long time to get delivered to my inbox and server load was much higher. So I stripped it all down and just started doing spam filtering on my side.

I want a better solution and I don't mind paying, I've read a few things abotu ASSP. Is this worth it. What about ASSP deluxe http://www.grscripts.com/screenshots.html ?

Thanks!

 

[nyjimbo]

I hate to recommend this but I found that a huge percentage of spam comes from countries you could probably do without.

We have taken to blocking wide ranges of IP's from Russia, France, Poland, etc..

Even with spam rules or RBL services like Spamhaus or NJABL we still have to deal with the connections, handshake, rejections and all the i/o and processing it takes to do it.

Blocking massive ranges of IP's via software or hardware firewalls just cuts off any TCP talk at all and reduces spam as well.

So much spam is tricky enough to get around normal rule sets, at least cutting them off earlier reduces ALL traffic from the bad guys so at least a good percentage of the garbage is never even seen.

 

[EchoHost]

Yea I'd love to do that but it's a bit too risky. A few other criteria I forgot to mention:

1) We get a constant dictionary attack either from the same guy or multiple guys (alexa rating for the domain is ~1,100)
2) A TON of rejected mail

So basically I don't want a spam program that keeps a log of these because i would have to clear it every day or just get too big in general.

 

[Infopro]

Yea I'd love to do that but it's a bit too risky. A few other criteria I forgot to mention:

1) We get a constant dictionary attack either from the same guy or multiple guys (alexa rating for the domain is ~1,100)
2) A TON of rejected mail

So basically I don't want a spam program that keeps a log of these because i would have to clear it every day or just get too big in general.

After reading at least three of your posts in separate forums all seeming to have to do with the same thing, I've only got 2 suggestions for you.

1) Search these forums for the answers you seek, you're not the first that wishes to know this stuff. It's all here.

2) If all else fails, hire a pro. http://www.configserver.com/cp/cpanel.html


He has the answer to your problems I'm sure of it. Look around the forums a bit more.

 

[twhiting9275]

I want a better solution and I don't mind paying, I've read a few things abotu ASSP. Is this worth it.

I'd say ASSP is most definitely worth it. I've used it over the past year and it's incredibly intuitive.

 

[Gene Steinberg]

Ok so I'm going crazy with all the spam here! I've tried spamassasin + mailscanner and all that happened is I lost a lot of legit e-mails, some e-mails took a very long time to get delivered to my inbox and server load was much higher. So I stripped it all down and just started doing spam filtering on my side.

I want a better solution and I don't mind paying, I've read a few things abotu ASSP. Is this worth it. What about ASSP deluxe http://www.grscripts.com/screenshots.html ?

Thanks!

You know, with a little judicious adjustment, SpamAssassin is just about perfect for us. The settings in WHT and cPanel 11 give us plenty of elbow room to block 99% of spam, but we check the option to create a Spam folder, so we can keep tabs on legitimate mail.

My SpamAssassin setting is 4. And we have Exim, via WHT, adjusted to delete anything with a 10 or more rating. and we have also selected the option labeled "Reject mail at SMTP time if the sender host is in the zen.spamhaus.org, or bl.spamcop.net rbl."

We've never lost a single e-mail we needed to receive that we are aware of, and mistakenly flagged legitimate messages are minimal with tha setting.

FYI: We have four busy sites on a VPS system, with several hundred legitimate messages received every day. We have used dedicated e-mail hosting, with supposedly advanced spam settings, and it was no better.

Of course, these settings might not work for you, but for the variety of mail we get, it's just fine and I have no complaints. The Spam filters are not overwhelming, and everything is manageable.

Peace,
Gene Steinberg
Co-Host, "The Paracast"
www.theparacast.com

 

[mambovince]

I hate to recommend this but I found that a huge percentage of spam comes from countries you could probably do without.

We have taken to blocking wide ranges of IP's from Russia, France, Poland, etc..

Even with spam rules or RBL services like Spamhaus or NJABL we still have to deal with the connections, handshake, rejections and all the i/o and processing it takes to do it.

Blocking massive ranges of IP's via software or hardware firewalls just cuts off any TCP talk at all and reduces spam as well.

So much spam is tricky enough to get around normal rule sets, at least cutting them off earlier reduces ALL traffic from the bad guys so at least a good percentage of the garbage is never even seen.

AFAIK, most spam originates from servers hosted in the US

- Vince

 

[philwebservices]

Fighting SPAM

i have use ConfigServer's dictionary attack tool ... just a little perl script that would deny ip's doing dictionary attack , works great for me ... i'll let you guys know tomorrow how it would turn out since most of the attacks starts Tuesday(my time) Philippines.

 

[_Chris_]

I hate to recommend this but I found that a huge percentage of spam comes from countries you could probably do without.

We have taken to blocking wide ranges of IP's from Russia, France, Poland, etc..

Even with spam rules or RBL services like Spamhaus or NJABL we still have to deal with the connections, handshake, rejections and all the i/o and processing it takes to do it.

Blocking massive ranges of IP's via software or hardware firewalls just cuts off any TCP talk at all and reduces spam as well.

So much spam is tricky enough to get around normal rule sets, at least cutting them off earlier reduces ALL traffic from the bad guys so at least a good percentage of the garbage is never even seen.

Very interested in this - how did you do it please ? Is it possible on shared servers please ?

Any help much appreciated.

Chris.

 

[twhiting9275]

AFAIK, most spam originates from servers hosted in the US

Correct
According to project honeypot (what a name ).

Top-25 Countries
Where Spam Servers
Are Located

#1 [United States] United States (15.6%)
#2 [China] China (15.3%)
#3 [Korea] Korea (7.3%)
#4 [Germany] Germany (5.8%)
#5 [Poland] Poland (5.0%)
#6 [Brazil] Brazil (4.5%)
#7 [France] France (4.0%)
#8 [Italy] Italy (3.8%)
#9 [Spain] Spain (3.7%)
#10 [Russian Federation] Russian Federation (3.2%)
#11 [United Kingdom] United Kingdom (2.9%)
#12 [India] India (2.6%)
#13 [Turkey] Turkey (2.5%)
#14 [Japan] Japan (1.9%)
#15 [Taiwan] Taiwan (1.9%)
#16 [Thailand] Thailand (1.4%)
#17 [Israel] Israel (1.4%)
#18 [Argentina] Argentina (1.2%)
#19 [Chile] Chile (1.0%)
#20 [Peru] Peru (1.0%)
#21 [Netherlands] Netherlands (0.9%)
#22 [Canada] Canada (0.9%)
#23 [Malaysia] Malaysia (0.9%)
#24 [Mexico] Mexico (0.9%)
#25 [Egypt] Egypt (0.8%)