ConfigServer Community Forum

It is not a waste of time, just in 9 hours today one of our server has blocked:
Blacklisted Message count: 1,482

Consider yourself lucky. The ones I've tried, where they have negative reputations, are just a handful.

Peace,
Gene

@Sergio - are you seeing any additional server load using blocking in MS?

Thanks

Here's an update.

cPanel 11.46.0 (build 9) with SpamAssassin 3.4.0. Wasn't that version supposed to fix at least some of that excessive spam problem?

It doesn't.

Suggestions?

Peace,
Gene

lots of the new spam is coimg from odd ball TLD

try blocking the entire TLD

the newest one to hit my server hard is .link
Ive seen good results with blocking entire TLDs that no human will likely use

we are a US based server with relatively low email volume
I block
*@*.me
*@*.in
*@*.eu
*@*.asia
*@*.link
since they all have been responsible for spam spikes recently

It would be awesome if Chirpy built this TLD block in to his front end so it could be done on the server level AND the current cpanel account level

I'm on cpanel 11.46 as well, and still seeing a ton of spam make it through the filters. Anyone come up with a solution for this yet? I'm thinking we might have to go with an external anti-spam solutions...

I been looking for about a week now trying to find an easy way to block TLD's using mailscanner here. I found it!! A forum post from 2008 on there has the answer. Here is what they wrote. I have tested it and it does work. Make sure you do a Mailscanner reload for the rules to take effect. This should cut down spam a ton for me!!!
Change the below TLD's to what TLD you want to block.

Put this:

From: /\.pw$/ yes
From: /\.info$/ yes
From: /\.ru$/ yes

Those are tabs, not spaces


in the spam.blacklist.rules

I get a little confused where my spamassasin is 'wrapped up' in mailscanner...from what I've hear Sarah say, configserver has no control over spam, it's just a "packaging" script allows you to do a couple of extra things. Can we go to the spamassasin wiki and learn there? I've heard that there are some "drop in" rulesets, etc.

Long time cPanel, MailScanner user also, happy for many years. Lately (6 mos.) customers are complaining about the increase in SPAM. Invariably, the header indicates a low SA score. Here's a sample:
X-Admin8-Mailscanner-Spamcheck: not spam, SpamAssassin (not cached, score=-0.8, required 3, BAYES_00 -1.90, DCC_CHECK 1.10, HTML_MESSAGE 0.00, SPF_HELO_PASS -0.00, SPF_PASS -0.00, UNPARSEABLE_RELAY 0.00)
X-Admin8-Mailscanner-From: sandramiller@bligeste.top
X-Spam-Status: No
Begin Your Home Career Today

Our servers are supported by Liquid Web, & when inquiring about how to reduce spam here's what they said (not realizing we were using the MailScanner FE plugin):

"To get spam assassin to work the best you need to train the software. The only way to do that is by logging in to webmail and marking the spam emails as spam. Once you get about 20 marked it should start picking out the spam better. If you can mark up 100 as spam it you should see a quick drop off in received spam.
Regards,
Alex"

Is there a way to "TRAIN" SA while using the MailScanner FE? I am not seeing a SPAM setting in either of our webmail clients. (Squirrel Mail & Round Cube)

If we eliminate the MailScanner FE plugin will we be able to "train" SA to recognize these low scoring messages?

You can use MailWatch to train the bayes database. This FAQ tells you how:

http://www.configserver.com/techfaq/index.php?faqid=27

Regards,
Sarah