5 Hosting Tips for Leading a Spam-Free Life
Print Article
5 Hosting Tips for Leading a Spam-Free Life
Are you tired of opening your email, only to be deluged with spam? More than 90% of email is spam, and that percentage is increasing. Dealing with spam is not only frustrating, it consumes your valuable time.
There are, however, several tools at your disposal to fight this menace.
1.Register your domain privately.
When you register a domain name, your name, address (or company address), telephone number, email address, etc. will go in the WHOIS database. Due to ICANN requirements, you must provide your registrar (the company that registers your domain) with accurate information.
Unfortunately, spammers frequently get people’s email addresses from the WHOIS database, which contains all public domain registration information.
We recommend that you register your domain with a company that offers domain privacy (also called WHOIS privacy or delegated WHOIS). Such a company will provide their contact information to WHOIS for your account. If anyone wants to contact you, they will have to go through your registrar first.
A 2007 survey conducted by the ICANN Survey and Stability Committee, conducted using randomly generated (but validly formed) email addresses that only appeared in the WHOIS database, found the following:
Over a 90 day period, ten addresses that did not use domain privacy received 278,370 spam emails.
Over the same period, ten addresses that used domain privacy received 284 spam messages.
The difference is significant. Make sure your registrar offers free or low-cost domain privacy!
2.Disable Your Catchall Mailbox.
Many web hosting providers offer a “catchall” service for emails. When enabled, a catchall will take all emails that are:
• sent to any validly formed email address at your domain;
• not associated with a specific mailbox; and
• not associated with another forwarder
and forward them to an address you specify. This is useful for catching misspellings and typos of actual email addresses at your company.
However, because any email address, even a group of random characters, that ends in “@yourbiz.com” will go to your catchall, spammers will send countless spam messages to your catchall mailbox.
As spam has become increasingly prevalent, the better practice is to disable the catchall. Instead, specify as many likely legitimate addresses as you can, including common misspellings of employee names as well as addresses such as info@yourcompany.com, admin@yourcompany.com, etc. Forwarders are usually appropriate for these addresses.
3.Enable SpamAssassin.
This powerful open-source anti-spam tool is part of the cPanel interface, and is available as an add-on for the Plesk interface in both Windows and Linux versions. In cPanel, it is generally disabled by default. Just click on SpamAssassin under “Mail”, then click “Enable SpamAssassin.”
The preset settings for SpamAssassin should be adequate for most users. However, you’ll also see a “Configure” button on the SpamAssassin main page. This will allow you to specify senders that you want blacklisted (messages automatically blocked) or whitelisted (messages automatically accepted, without spam-checking).
You can also set the sensitivity of the SpamAssassin filter. SpamAssassin uses a battery of tests, assigning points (or fractions of a point) to messages that meet certain criteria for “likely spam.” By default, a total point score of 5 is used to characterize a message as spam. By increasing that point score, you make it less likely that a message will be characterized as spam. To filter more aggressively, just lower the threshold score.
Messages that SpamAssassin identifies as spam will be delivered (by default) to your Inbox with a modified subject line, beginning with *****SPAM*****, so you can set your email client to automatically filter them from there.
Finally, once you are comfortable with SpamAssassin’s accuracy, you can tell SpamAssassin to delete spam messages automatically on the server, or to send them to a “spambox” folder. If you enable both Autodelete and Spambox (and you haven’t configured them for different point thresholds), Autodelete will take priority and the suspected spam messages will be deleted.
4.Set up Server-Side Account Level and User Level Filtering with cPanel.
You’ll probably find it easier to use Account Level Filtering and User Level Filtering, both in a user-friendly interface in cPanel.
These utilities permit fairly advanced spam filtering, and can be used for other filtering purposes as well – for example, placing messages from your different clients into separate folders. User-level filters are always processed after the main account filter.
You can integrate these filters with SpamAssassin. To filter all mail that SpamAssassin has marked as spam, just choose “Spam Status,” “begins with,” and then enter “Yes” in the box. To filter all mail that SpamAssassin has marked as with a spam score of 5.0 or greater, choose “Spam Bar,” “contains,” and then enter “+++++” in the box. To filter messages with a spam score of 4, you would use ++++, etc.
5.Enable BoxTrapper.
If you have really bad spam problems, try BoxTrapper, also available through the Mail section of the cPanel interface. It requires that senders respond to a verification message before you accept their email. Once they have verified as legitimate senders, they are added to a whitelist and no longer required to verify. Email addresses to whom you have sent messages are also automatically added to the whitelist.
Conclusion:
You are not helpless against spammers. You can keep these unwanted messages away by registering your domains privately; by not using “catchall” emails; and by using utilities such as SpamAssassin, Account/User Level Filtering, and BoxTrapper.