• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Input Warden Antispam & Virus Protection Extension for Plesk

Very impressed with the product so far. Wondering if there is any sort of report that provides in-sight to the effectiveness of DNSBL sites?
Thanks for the positive feedback. As to the DNSBL effectiveness there are some online resources that will show you the effectiveness of some of the more popular DNSBLs:



Also we have a list that we recommend in our documentation:
 
I have a question, I have installed the trial of your product and so far like very much what I see.

One particular problem I have been having with a client site is a spoofed "reply to" input. Actually let me show you an example.

From: rh60 <[email protected]>
Date: June 30, 2021 at 3:56:29 AM EDT
To: [email protected]
Subject: New Message From Sente Building Group
Reply-To: "\"rh60\"" <[email protected]99.mokomichi.xyz>, rh60 <[email protected]>

If you look above you will see I have changed the client's actual domain to "realdomain.com" for this email. But in the "FROM" field it is showing a legit email address from within their domain. The "TO" field is also legit.

The only thing that is clearly wrong is the first entry in the "REPLY TO" line you can see the spammers actual email or a placeholder.

My question is can I set up a rule that would filter a message like this as SPAM and have it not go to the client? For this ONE particular client as they would NEVER send an email with TWO reply-to addresses in one email.

Thoughts?
 
I have a question, I have installed the trial of your product and so far like very much what I see.

One particular problem I have been having with a client site is a spoofed "reply to" input. Actually let me show you an example.

From: rh60 <[email protected]>
Date: June 30, 2021 at 3:56:29 AM EDT
To: [email protected]
Subject: New Message From Sente Building Group
Reply-To: "\"rh60\"" <[email protected]99.mokomichi.xyz>, rh60 <[email protected]>

If you look above you will see I have changed the client's actual domain to "realdomain.com" for this email. But in the "FROM" field it is showing a legit email address from within their domain. The "TO" field is also legit.

The only thing that is clearly wrong is the first entry in the "REPLY TO" line you can see the spammers actual email or a placeholder.

My question is can I set up a rule that would filter a message like this as SPAM and have it not go to the client? For this ONE particular client as they would NEVER send an email with TWO reply-to addresses in one email.

Thoughts?
Warden allows you to add any type of custom spamassassin rule. You could easily add a rule for this under the Warden rules tab. A similar example:

You would juse use the reply-to: field instead of the from: in the example :)
 
  1. Does this extension require extensive technical knowledge to use?
  2. Are spam messages auto-deleted after x days?
 
  1. Does this extension require extensive technical knowledge to use?
  2. Are spam messages auto-deleted after x days?
1. No not really.
2. Yes. The admin can even configure how many days they want to keep spam in the users spam folders.
 
Thank you. I’ll uninstall Plesk Email Security and install Warden over the weekend.

We’ve changed our server and the old one has MagicSpam free. The new server has Plesk Email Security and it lets through much more spam and doesn’t auto-delete email so I’m looking to change.

If I wanted can Warden only install anti-spam or must all the modules be installed?
 
Is it possible to rename the Warden Antispam and Virus Protection link in the Plesk left panel. It’s a bit long and wraps over 2 lines. I’d just like to call it Warden

47DE796F-4BA8-48B6-A68F-3744C960C08F.jpeg
 
Is there any simple way to learn from messages in the main logs page.

EG: Warden identifies an email as SPAM - is there any easy way to say it’s not spam or vice-versa?
 
EG: Warden identifies an email as SPAM - is there any easy way to say it’s not spam or vice-versa?
Yes the user can just mark the message as HAM in their desktop email client or though their webmail. Warden has real-time learning. It uses the dovecot service to train the Anti-spam system any time a user moves a message to or from their spam folder.

You can read more about it here:
 
This replies on the user doing the right thing and not simply deleting the email.

I wish the admin could simply mark spam and ham emails via the logs page. I guess it’s not possible. I used to do this with MagicSpam.
 
I wish the admin could simply mark spam and ham emails via the logs page. I guess it’s not possible. I used to do this with MagicSpam.
You can whitelist an email from the log by clicking on the recipient address then bringing up their mailbox policy but it's better for bayes real training to be done at the user level (or within Warden in the quarantine area) because then you are learning from the actual content of the message and not just the from: address which can be easily forged.
 
Back
Top