Facebook
Twitter
stas styler
Basic Pleskian
Dear pleskers,
I need your help. I'm providing shared hosting over a server with approx 250 domains most of them are wordpress websites.
The server has 1 IP.
We are connected to MailChannels and this month we got huge bill of exceeding the plan with houndred thousands of spam mail (SPOOFED).
I've been googling and trying to block it but with not much luck. Eventually I limited outgoing mail to 20 per hour.
I know that in these cases I need to use SPF + DKIM + DMARC which I did.
My question is, what are the best practices for a shared hosting provider that has alot of domains and only 1 IP (all services are on the same server).
What I did was:
DMARC on each domain in DNS template - v=DMARC1;p=reject;pct=100;rua=mailto:[email protected]
DKIM signing, tried doing it but there are too many domains, how do I enable it server wide?
SPF on each domain in DNS template - v=spf1 ip4:<my-server-ip-address-here> +a +mx +a:<my-servers-domain-name-here> -all
Am I doing something wrong? I really need some advice and help because currently somehow bots can spoof my clients domains.
I need your help. I'm providing shared hosting over a server with approx 250 domains most of them are wordpress websites.
The server has 1 IP.
We are connected to MailChannels and this month we got huge bill of exceeding the plan with houndred thousands of spam mail (SPOOFED).
I've been googling and trying to block it but with not much luck. Eventually I limited outgoing mail to 20 per hour.
I know that in these cases I need to use SPF + DKIM + DMARC which I did.
My question is, what are the best practices for a shared hosting provider that has alot of domains and only 1 IP (all services are on the same server).
What I did was:
DMARC on each domain in DNS template - v=DMARC1;p=reject;pct=100;rua=mailto:[email protected]
DKIM signing, tried doing it but there are too many domains, how do I enable it server wide?
SPF on each domain in DNS template - v=spf1 ip4:<my-server-ip-address-here> +a +mx +a:<my-servers-domain-name-here> -all
Am I doing something wrong? I really need some advice and help because currently somehow bots can spoof my clients domains.
