Question Anti-SPAM options for Plesk

[VojkanC]

Today we have plenty of SPAM, Phishing, Viruses and Ransomwares that it's very risky and time-consuming to just don't use any protection.

I've tried to rely on desktop anti-spam solutions but configuring and maintaining them on many machines is too time-consuming and end users are still bothered by these.

I've tried using SpamExperts. For it work you need to change your MX records with theirs. I didn't like that from the start. Their documentation is old and outdated and their support is literally non-existent if you only pay for one small server. They didn't even want to help me with basic installation and configuration. When I finally managed to configure it, it worked OK, but for any changes in the configuration, I was redirected to their external app (not part of Plesk). After some time I had minor issues, but since I didn't have support I decided to test alternative solutions.

I played with setting up SpamAssasin/Clam myself, but since hosting is my side job I didn't have time nor energy to spend hours reading, testing, reconfiguring.

A few months back I started using Warden Anti-spam and Virus Protection by Danami. Their solution is based on SpamAssassin, it's extensions and Clam which I liked from the start (I don't need to rely on external MX servers).
For now, I managed to configure it (with the great help of their support team, thank you Marcel Evenson).
What I liked the most about this solution is that they helped me better understand my SPAM problem and to configure various filters that will keep the SPAM out.

Now, after 4 months of using Warden, I must say that everything works and that I keep about 90% of unwanted emails out.

What protection do you use and how are your experiences?

 

[MrDynamite]

Oh yeah, I understand you very well. Despite the great strides the world has made in the fight against spam, as of 2018, Cisco Talos reports spam makes up 85% of all daily emails, with most originating in the United States, followed closely by Brazil, and China. According to Forbes, advertising about products and services comprise 98 percent of all that junk being sent. It's crazy, yeah? But it’s the remaining two percent of spam email that keeps cybersecurity researchers up at night. Things like phishing emails that steal your logins. Well, I am trying to confront all this stuff by using CleanTalk which is a good Akismet alternative. I found it while reading akismet review.

 

[Brujo]

take into consider to add to your vote also Plesk Email security extension and still Magicspam is available and has it user base

 

[MarkM]

Looks like you left out external filtering devices - spam filtering appliances such as from Barracuda.

Baruwa is also pretty slick; which is based on MailScanner.

 

[danami]

@VojkanC Thanks for the kind words! I'm my experience its best to use some good RBLs like b.barracudacentral.org to handle the bulk of the bulk of the spam at the MTA level then let SpamAssassin handle the reset. SpamAssassin when properly configured is very effective. Also work on SpamAssassin 4 is coming along nicely. It has a few new plugins that work very well.

 

[robotic]

I've installed Pyzor und Razor with Spamassassin and it works very well.

Many datacenters have DNS resolvers setup with systemd-resolve, which have rate limits for queries of DNSBLs.
In those cases Spamassasin couldn't match against DNSBLs and a lot of spam comes thru.
It's easy to setup Spamassasin to use the local bindd to query DNSBLs.
Maybe Plesk could have a checkbox for that.

Just add a file under

/etc/spamassassin/65_dns.cf

with a single line

dns_server 127.0.0.1

and restart Spamassasin.

 

[danami]

@robotic Yes good advice. Most people don't realize that you need to tell SpamAssassin to use different DNS servers as all free DNS servers like Google DNS are blocked from issuing too many queries.