Setting Up Spam Protection
To protect your users from spam, you can use the following tools with your Panel:
- SpamAssassin spam filter. It is a powerful spam filter that uses a wide variety of local and network tests to identify spam signatures.You can configure the spam filter so as to either delete suspicious messages when they come to your mail server, or change the subject line and add “X-Spam-Flag: YES” and “X-Spam-Status: Yes” headers to the messages. The latter can be useful for users who prefer to filter mail with mail filtering programs installed on their own computers.
To learn more about SpamAssassin, visit http://spamassassin.apache.org.
To configure and switch on the SpamAssassin filter, proceed to the section Setting Up SpamAssassin Spam Filter. - DomainKeys (available only for Linux hosting). DomainKeys is a spam protection system based on sender authentication. When an e-mail claims to originate from a certain domain, DomainKeys provides a mechanism by which the recipient system can credibly determine that the e-mail did in fact originate from a person or system authorized to send e-mail for that domain. If the sender verification fails, the recipient system discards such e-mail messages. To configure the DomainKeys system on your server, refer to the section Switching on Spam Protection Based on DomainKeys.
- DNS blackhole lists. This spam prevention system is based on DNS queries made by your mail server to a database, which contains known and documented sources of spam, as well as an extensive listing of dynamic IP addresses. Any positive response from this database should result in your mail server returning a ‘550’ error, or rejection of the requested connection.To configure your mail server for working with DNSBL databases, proceed to the section Switching On Spam Protection Based on DNS Blackhole Lists.
- Sender Policy Framework (available only for Linux hosting). This spam prevention system is also DNS query-based. It is designed to reduce the amount of spam sent from forged e-mail addresses. With SPF, an Internet domain owner can specify the addresses of machines that are authorized to send e-mail for users of his or her domain. Receivers that implement SPF then treat as suspect any e-mail that claims to come from that domain but fails to come from locations that domain authorizes.To learn more about SPF, visit http://www.openspf.org/howworks.html.
To enable filtering based on SPF, proceed to the section Setting Up Support for Sender Policy Framework System. - Server-wide black and white lists. Black and white lists are standard mail server facilities. You can use black and white lists to block or receive mail from specific servers. Your mail server retrieves domain names and IP addresses of servers which attempt to establish connection with it. If a domain name is matched against black list entries, your server refuses the connection. Thus, the potential spam message will be never received. If an IP address is matched against white list entries, your server receives a message from the sender without using the spam protection systems such as sender authentication, greylisting, or DNSBL.To set up server-wide black and white lists, proceed to the section Setting Up Server-wide Black and White Lists.
- Greylisting (available only for Linux hosting). Greylisting is a spam protection system which works as follows: For every e-mail message that comes to the server, sender’s and receiver’s e-mail addresses are recorded in a database. When a message comes for the first time, its sender and receiver addresses are not listed in the database yet, and the server temporarily rejects the message with an SMTP error code. If the mail is legitimate and the sending server is properly configured, it will try sending e-mail again and the message will be accepted. If the message is sent by a spammer, then mail sending will not be retried: spammers usually send mail in bulk to thousands of recipients and do not bother with resending.The greylisting protection system also takes into account the server-wide and per-user black and white lists of e-mail senders: e-mail from the white-listed senders is accepted without passing through the greylisting check, and mail from the black-listed senders is always rejected.
When the greylisting support components are installed on the server, then greylisting is automatically switched on for all domains. You can switch off and on greylisting protection for all domains at once (at Tools & Settings > Spam Filter Settings), or for individual subscriptions (in Control Panel > Mail tab > Change Settings).
