Fight against Spam

In this guide, we will see how to fight against spam.

Context

As a host, it is our responsibility to fight against spam and to ensure that the servers we host respect the legislation in force and more generally the rules of good conduct laid down by the providers of messaging (Gmail, Hotmail, Orange, Free, etc.).

Indeed, the server's IP address must not be blacklisted by one or more email providers.

In case of bad reputation of the IP address, the sending of emails to the subscribers of these email providers would be blocked by them. In other words, your correspondents would no longer receive your emails.

Worse, some email providers take into account the reputation of the entire IP class of the server, or even the host's network as a whole.

Therefore, in order to ensure that its customers receive the best possible delivery quality to the major courier providers, we have developed a new service offering.

Any hosting company must take strict measures to regulate the outgoing mail traffic from its network.

How we fight spam

To fight against spam, we use several technologies:

  • Consultation of the RBL (blacklists) as SpamCop : all our MX servers (mail reception) check the SpamCop databases and reject any relay identified as a spammer.
  • Incoming mail filtering with the help of anti-spam SpamAssassin. Each e-mail is assigned a score based on a number of tests. Above a certain score, we consider that the message may be spam. In this case, we tag the subject of the e-mail with the keyword *SPAM*. This allows each client to set up email filters. Beyond a higher score, we consider that the mail is spam with certainty and we delete it.
  • Recipient verification (ChkUser) to reject illegitimate emails from the session SMTP and avoid generating "bounces" that could clog up the mail server.
  • Outgoing mail filtering in order to limit the spam coming out of our network and preserve the reputation of our servers.

How you can fight spam

  • First, only distribute your e-mail address to people who are strictly necessary
  • Then, avoid subscribing to free mailing lists or newsletters: often your e-mail is resold or rented to other companies.
  • Finally, never include your e-mail address on your website Spam robots are constantly scanning the Web and can recognize an e-mail in the source code HTML. Draw your e-mail address on a picture instead GIF or PNG that you insert on your site.

Identity theft

Sometimes you may be shocked to see your contacts or yourself receiving spam with your own e-mail address as the sender.

This is a very common practice of spammers who thus arouse the reader's curiosity and manage to make him read the content.

How is this possible? Just imagine that you can't prevent your neighbor from putting your name and address as a sender on his postal mail. On the Internet, it's the same, and spammers take advantage of it.

Technologies such as SPF now allow to limit the damage. You can use them on a private server physics or virtual.

Microsoft case

Among the most used email providers, Microsoft, which hosts among others the @hotmail, @msn, @outlook mailboxes, is by far the one that is the strictest and sometimes even excessive in its policy against spam.

As a result, we rely on these tools to alert our customers who may be engaging in practices that Microsoft considers spamming, whether or not they know it.

In case of abuse, we filter port 25 to block any mail sending from your server.

Procedure

In case of abuse, our support team opens a ticket containing a CSV file for the concerned customer. This file represents in spreadsheet form the activity of the incriminated IP address over the last days and/or weeks.

Here are the headers (columns) of the CSV file:

  1. Start date of the shipment
  2. End date of the shipment
  3. RCPT commands
  4. The DATA commands
  5. Recipient Messages
  6. Filter result
  7. Complaint rates
  8. start sending to trap account
  9. end of sending to trap account
  10. Number of emails sent to trap accounts
  11. Origin (HELO)
  12. Example of a sending email address

Explanation

  • The RCPT TO command number of mailboxes registered during the period
  • DATA commands:  is the number of emails sent during the period
  • The Message Recipients:  is the number of valid mailboxes
  • Filter result: These are the global results of spam filtering applied to all messages to Hotmail users.
  • Complaint rate: This is the number of complaints divided by the number of recipients of the email during the activity period. Unlike the automatic filter, this is a result based on the user experience who consider the mail as undesirable.
  • Number of emails sent to trap accounts Trap accounts are accounts created by Microsoft that do not solicit mail. Thus, all messages sent to trap accounts are logically considered as unwanted.

We open an abuse ticket in the following cases:

  • Your shipments generate a high complaint rate compared to the average of our customers;
  • Microsoft considers your mailings as undesirable (filter result in red);
  • Your server sends emails to trap accounts;
  • The shipping addresses seem fancy and unrelated to your server;
  • The volume of emails sent over the period is very high;
  • The number of invalid recipients is significant.

Naturally, our action to cut off service to combat spam is proportional to the severity of the abuse.

What to do

If you are the originator of these mailings

First, you must necessarily improve the quality of your mailings, here are some tips :

  • First, make sure that you have collected the approval (opt-in) of your recipients
  • Then, systematically include an unsubscribe link allowing any recipient to easily unsubscribe from your mailings
  • Then manage the error returns (full mailboxes or no longer existing...) to automatically unsubscribe these users
  • Finally, try to dilute your mailings over time, to avoid sending too many emails in a short period of time

If you are not the originator of these mailings

There is at least one security hole serious enough to allow a remote user to exploit your server without your knowledge.

This security breach can have consequences on your activity: intrusion, theft or deletion of data, etc.

You should therefore take this alert very seriously and initiate immediate investigations:

    • On the one hand, on the application side: review all your Web applications, especially CMS and their extensions.
    • WordPress, Joomla, etc.) and their extensions.
    • On the other hand, on the system side: perform a security audit of your server and ensure OS and Panel updates.

We can then help you through our outsourcing services.

Need to go further

In shared hosting, we must first make overall choices for all customers. We cannot apply custom filters to fight spam. If you are not satisfied with the level of aggressiveness of the anti-spam, you have two options:
  • First, discover Microsoft 365a professional messaging solution that is offered by the official Microsoft service.
  • Secondly, discover our service offersr private physics or virtual which allow you to have a server all to yourself and therefore to edit customized anti-spam rules.
Updated on 11 April 2022

Related Articles