• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question Best solution in order to stop incoming spam to a plesk server

S

SalvadorS

Regular Pleskian
Server operating system version
Debian 11.8
Plesk version and microupdate number
18.0.56
Hello,

We are receiving a lot of spam in our servers in the last days/months. It seems that backlist like b.barracudacentral.org, bl.spamcop.net or zen.spamhaus.org does not stop the spam we received and spamassassin is good but a lot of spam is coming.

So I want to know what are you doing to stop the incoming spam in a plesk server.

Thanks a lot.

Regards
 
If your SPF policy is set to "reject if SPF resolves to fail" you can change it to "reject if SPF resolves to softfail", that will take care of the more egregious spam, altough some customers might object because it will also reject mails from real domains who have not been properly configured.

Alternatively, you could also increase the scores of certain spamassasin rules or create your own rules in /etc/spamassassin/local.cf :
Code: 
score SPF_FAIL 10.0
score SPF_SOFTFAIL 5.0

That will NOT reject the emails but it will identified them as SPAM.
 
JVG said:
Alternatively, you could also increase the scores of certain spamassasin rules or create your own rules in /etc/spamassassin/local.cf :
Code: 
score SPF_FAIL 10.0
score SPF_SOFTFAIL 5.0
Click to expand...

Sidenote, it will be really helpful if Plesk could integrate in the UI these /etc/spamassassin/local.cf basic configurations.
 
JVG said:
Sidenote, it will be really helpful if Plesk could integrate in the UI these /etc/spamassassin/local.cf basic configurations.
Click to expand...
You can do all of this and more using our Warden Anti-spam and Virus Protection extension. If money is tight and you don't want to use our extension then I recommend looking over this KB article for how to set tighter SMTPD restrictions in Postfix (Warden sets these automatically but you can do it manually if you want). This should help out a lot:

 
danami said:
You can do all of this and more using our Warden Anti-spam and Virus Protection extension. If money is tight and you don't want to use our extension then I recommend looking over this KB article for how to set tighter SMTPD restrictions in Postfix (Warden sets these automatically but you can do it manually if you want). This should help out a lot:

Click to expand...

So you change these lines in /etc/postfix/main.cf:
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated
smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
Click to expand...
For these new ones:

smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_reverse_client_hostname
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_invalid_helo_hostname
smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated, reject_unknown_sender_domain
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unknown_recipient_domain
smtpd_data_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining
Click to expand...

I am going to test it. Thank you.
 
It seems most of these anti-spam "hosts" (zen.spamhaus.org and so on) are not pingable... why? does somebody know that?

Thank you very much for your feedback(s).
 
You must log in or register to reply here.

Similar threads

S
Question Best solution to stop incoming spam in a plesk server
Replies
1
Views
2K
Ohya
O
C
Question Analysing Sender IP in Mail Headers
Replies
0
Views
2K
Change Maker
C
T
Input Plesk Email Security - treatment of SPF softfail
Replies
2
Views
2K
TomBoB
T
llucas
Question How to proceed with a cloned website in plesk
Replies
5
Views
1K
llucas
llucas
B
Issue High latency, unreliable performance & 522 errors on a Plesk server that ran fine for 6+ months
Replies
8
Views
2K
HHawk
HHawk
Back
Top