• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Feature Request: Effective anti-spam system

Working for Parallels I expected you would say so.

I used SA for a long time and even after much tweaking at best it caught half of the spam, but with that came another 10% false positives - mails that were not spam but that SA designated as such.

With Gmail I have received 19,229 spams since February 6th. These were all caught by Gmails spam filter and moved to the spam folder. Perhaps a handful slipped through the filter and ended in my inbox. One or two false positives were triggered as spam and ended in the spam folder. That is the kind of spam filter I need.
 
You can use following solution instead SA, for example:

Our MagicSpam partner has a good resource for that. If you think your server is causing 'backscatter', this may be when you have your SpamAssassin or email server configured to 'bounce' spam, but they get bounced to forged addresses. You might want to consider MagicSpam for Plesk, which blocks that traffic, rather than bouncing it.

New FAQ's

Q. Can MagicSpam for Plesk work with the SpamAssassin Module?

A. Yes, MagicSpam acts during the SMTP phase, and your SpamAssassin works after. MagicSpam and SA will work happily together, and SpamAssassin server loads will drop significantly.

Q. My SpamAssassin load is going through the roof! Help!

A. Have you considered MagicSpam for Plesk? One of the simplest and easiest add-ons for Plesk, it not only stops the majority of attacks before it hits SpamAssassin, but rejects the bulk of trojan and bot generated emails without adding to server load.

Q. Can I use RBL's or Blacklists with Plesk?

A. Yes, you can. But you might find it simpler and easier to use the MagicSpam Module for Plesk. This allows for simpler management, whitelisting, blacklisting and full logging of all SMPT traffic, both HAM and SPAM, and it comes with automatic subscriptions to many of your favourite RBL's

Q. I tried to deliver a bounce message to this address, but the bounce bounced!

A. This can happen when a spammer forges a from signature. It is called 'backscatter', and can get you on blacklists, even though you didn't send the email. Spammers try to 'bounce' emails off of your server. You need to 'reject' emails instead of bouncing them whenever possible. There is a Spam Module from one of our partners which is especially good at stopping the majority of this problem. Visit our store, or http://www.magicspam.com for more information.
 
Thanks for the suggestion, however, I try to find any positive references or comments about this product here but the only references to it is your recommendations in different threads. That doesn't bring along warm feelings in me for this product. I'm also somewhat taken back by the price of $11/month which pratically doubles the cost of Plesk for something that I feel ought to be part of Plesk for the price we pay for it.
 
The real secret to getting maximum utility out of any anti-spam system is getting the bayesian classifier trained up for the user. Regardless of the system used (google is using postini) a poorly trained and/or poisoned bayes db can shift your results widely. It is in fact the closest thing to a silver bullet in the anti spam world. So here are some basic recommendations to improve the accuracy of SA and Bayes in general:

1) If you havent already done so, install dcc, pyzor and razor on the system. These are P2P networks of known anti-spam signatures. Add the atomic yum repo with the following:
wget -q -O - http://www.atomicorp.com/installers/atomic |sh
yum install dcc pyzor razor-agents

2) Do you use RBLs now? Consider turning them off at the smtp layer and ON inside spamassassin with a very high (12 or above) score. This is to train the bayes db faster, and is in fact one of the methods used by outfits like postini.

3) Spamassassin will automatically create the bayes db for spam messages based on the score as mentioned above. Anything below 0.1 will be learned as Ham (good) and 12 or above as spam. Your bayes db doesnt even activate until it has 200 ham messages and 200 spam messages... and it doesnt get good at its job until it has 2000 of each. You can see what your bayes db looks like with: sa-learn --dump magic /path/to/bayes/db

4) Ham beats spam. The super secret to the success of a bayes method of identifying spam is get the good stuff. A single good email is worth a hundred spam messages, the way I go about this is to use a single common bayes db for all users on the system... and run SA against OUTBOUND messages. Outbound messages (unless you're a spammer!) are always ham of the highest quality (heh) which you can use to train the system automatically without any user interaction.

This has already been packaged up and is available for plesk for free (speech/beer) in the qmail-scanner package. Added bonus, it also supports clamav
 
Spam issues

I totally agree, gmail does a much better job then SA. I do not have any idea why, however instead of living with that, lets make it better. I have two, questions/suggestions.

1. add another option to SA, we have the delete at a set level, now I would like to keep that option but also have a mark but not delete.
example --- delete all emails that score above 5
----mark but do not delete messages that score between 2 and 5

2. This may be more of a Plesk issue. Make it so that I can see out going emails by domain.
This would be a HUGE help in pinning down which site has a poor form or has a client sending spam.

PLEASE respond if you know of any info I am missing.
Sincerely,
Brad
 
maybe eleven.de with it's expurgate filter is the better solution, then training a bayes filter. It's not for free (but they offer a free version for personal filtering -> spamfence.net) but they guarantee less then 0,00001% FalsePositive Rate.

It can be integrated in SpamAssassin, but better way is to use expurgate as front mail gateway to forward mails to your main mail server. They also offer ASP hosted service with changeing MX records and forwarding mails after classification to your server.

Sorry this should not be merchandising, i use expurgate since 3 years and I'm very happy with it. If you have questions, let me know. I will try to find an answer for you.
 
Thanks for the inputs, however, I think for the price charged for Plesk there ought to be a working spam system - and no, I don't think SA can be called "working", not as it stands. Maybe with ART's added modules, but it ought to come from Parallels as an integrated packed for the price we pay for Plesk.
 
We've found the built in product to be next to useless, the MagicSpam product we had some customers try and it rejected enough legit email that they also considered it useless and has us remove it, the Spam Guardian product from 4psa.com so far has been the best option we've found for Plesk and it is about 10% as effective as Google's Postini or MXLogic's services, so we've yet to find anything that does even a decent job in Plesk, we're stuck giving our customers the best of the bad options available.
 
Second

I second that request.

In the past 3 months I have had three clients move their e-mail systems because of spam and missing e-mails. A cornerstone of my business is crumbling.

DC
 
Back
Top