• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

Issue email spoofing & spam

stas styler

Basic Pleskian
Dear pleskers,

I need your help. I'm providing shared hosting over a server with approx 250 domains most of them are wordpress websites.
The server has 1 IP.
We are connected to MailChannels and this month we got huge bill of exceeding the plan with houndred thousands of spam mail (SPOOFED).

I've been googling and trying to block it but with not much luck. Eventually I limited outgoing mail to 20 per hour.
I know that in these cases I need to use SPF + DKIM + DMARC which I did.
My question is, what are the best practices for a shared hosting provider that has alot of domains and only 1 IP (all services are on the same server).

What I did was:
DMARC on each domain in DNS template - v=DMARC1;p=reject;pct=100;rua=mailto:[email protected]
DKIM signing, tried doing it but there are too many domains, how do I enable it server wide?
SPF on each domain in DNS template - v=spf1 ip4:<my-server-ip-address-here> +a +mx +a:<my-servers-domain-name-here> -all

Am I doing something wrong? I really need some advice and help because currently somehow bots can spoof my clients domains.
 
Back
Top