Plesk 12.x / Windows :: SPAM Filter Literally Doing Nothing?
Sep 8, 2014
A few months before I updated to Plesk 12 I noticed a huge jump in uncaught spam - I hoped the update to Plesk 12 might solve this but no luck.
I have now changed the spam sensitivity on my account 1, the idea being I would then whitelist the domains I want to get through but literally nothing is getting marked as spam. Users on other domains on the same server are reporting the same.
switched to ipower.com and not getting any help - really stuck as my customer wanted better spam filtering so I went to them on a recommendation and I do not know how to turn on and what is the best setting for spam filtering with their panel. Also using HORDE where I can set a filter using rules but it only works if I log on and hit apply filter so my customer still gets it in his in box -
Almost all mail adresses on my server is getting a spam mail from same mail marketing company everyday and i want to block them... Normally i just add the mail address to blacklist from "Spam Filter Settings" but this company is opening new addresses everyday and it is impossible to add all of them to blacklist so i need adding it as a regex to the blacklist...
The company i am talking about is opening mail addresses every day like below...
As you can see all mail addresses begin with "nrt"+"6 digits of day"+"free mail provider", so right now i am using the regex below and it is already added to the blacklist but they are still able to send me... What can i do now?
Microsoft Windows Server 2008 R2 Service Pack 1 Panel version 11.0.9 Update #59, last updated at Oct 3, 2013 02:06 AM MailEnable version 5
I see in the plesk documentation that the screen to enable SPAM filtering for an individual there is an option to "Move spam to the Spam folder". I don't see that option so I am wondering if it is only available on some versions of Plesk, or in combination with certain mail servers. How to make that option available?
As a web host or ISP what do you think is best to do? do spam/virus filtering, or don't touch mail and let the user do what they want with it? (no chance of false positives, or lost mail, this way)
I work for an ISP and we have a barracuda and we get tons of calls from customers regarding lost mail and such as when you're filtering such a large varitey of mail its very hard to have a "perfect" filter. Mail that a car dealership gets and what a hospital get is totally different, for example.
Also in terms of web hosting the filtering will put a reasonable load on the server during peak spamming hours.
So just curious, as a ISP/webhost customer do you think your host should do filter or do you rather manage that yourself?
We have identified that messages from your IP are being filtered based on the recommendations of the Symantec Brightmail filter as well as our internal Smart Screen Filters. The filter was initiated by Hotmail at (5/20/2009 12:00:00 AM) PST due to a large volume of emails that were sent prior to this time.
We will be happy to work directly with Symantec on your behalf to investigate and possibly resolve this problem. In order to move forward, we will need examples of the messages that were caught by the Brightmail filters.
I am running a small hosting operation and would like to know more about SPAM filtering and controlling. SpamAssasin is installed on my server but it does not do much. I was looking into different solution with a anti-spam device and would like to know which one is recommended the most: sonicwall, barracuda or symantec? (total email addresses is less than at thousand)
How much CPU & RAM load does your spam filter put on your VPS? It seems logical that the more mailboxes hosted, the more VPS resources the spam filter will consume - especially if any of the email addresses are targeted by spammers (or the user is careless and gives out their email address everywhere - as many do).
It's become so much with some of our subscribers that we have had to offer a hardware spam filter, to keep the load off the VPS. It's been great in that the VPS's protected by it have seen a dramatic performance increase....but are these subscribers unique in some way?
And so here is my question...how much CPU is everyone's spam assassin/spam filter using and how many mailboxes do you host on your VPS? very curious...
Anyone else have problems with Yahoo Spam filters being overzealous? I recently setup a new domain and a few email accounts. After sending a few test messages to my Yahoo email, each one of them was flagged as spam. I changed the text to a more regular email, with no controversial words and still the same result. I notice that Yahoo regularly traps some newsletters I subscribe to in my spam filter, but rarely, if ever legitimate emails. I checked with my web host who informed me they are not on any spam blacklists and that I would have to contact Yahoo. Yahoo's help is quite a maze (designed to make you lose interest and move on), so before I continue hunting for how to contact Y!, I thought I would come here to see if this is a common problem (with a common fix).
I'm wondering if theres anything I can install on the server that will either filter or track outgoing spam. I don't want to limit the number of emails sent per hour or anything, I just want to be able to maybe search through some flagged emails or something. Or if they send the exact same email more than x times it can disable their account... I'm not sure
I just found out all my mails sent to Gmail are marked as spam. However, if I check my IP address in independant grass-root spam databases, my IP address isn't blacklisted. I checked 7 of them. Do you know how to solve this problem
I am trying to install Spam assassin on Plesk 12.0.18 on windows server 2012 r2 . I am getting error:
Error: Unable to set Plesk SpamAssassin 3.3.2 as the default Spam Filter: defpackagemng failed: Execute spammng.exe --check failed with error code 1: Unable generate the unique file name by template D:Program Files (x86)ParallelsPleskAdditionalPerlsiteetcmailspamassassinlocal.cf[*].bak: directory D:Program Files (x86)ParallelsPleskAdditionalPerlsiteetcmailspamassassin does not exist
I have tried re-installing and installing spam assassin from command and as per the solution given in below KB: URL....But I an still not able to install in on the server. I have checked all directory paths are correctly located.
If I go in plesk panel to: Home > Tools & Settings >IP Address Banning > Jails > managing Filters > add filter > type in name & filtercontent and save I get "Information: The jail filter was added". But i can not see the new added filter in the Plesk Filter List (still just the 12 Filters in the list).
On the filesystem > /etc/fail2ban/filter.d/ i can see the new file but with the extension .local - usulay the file is named like xyz.conf
The output of /usr/local/psa/admin/sbin/f2bmng --get-filters-list
I want to create a Sieve filter for my email account using the Webmail interface of Horde.When I save a script at /ingo/basic.php?page=filters I get the following error message:Please note: My system language is German. See my translation of the German error messages within braces.
Skript nicht aktualisiert ("Script not updated"): exception 'Ingo_Exception' with message 'Beim Aktivieren des Skripts ist ein Fehler aufgetreten. Fehlermeldung des Treibers ("Error while activating the script. Error message of the driver"): exception 'Ingo_Exception' with message 'Verbindungsaufbau abgelehnt' ("Connection refused") in /usr/share/psa-horde/ingo/lib/Transport/Timsieved.php:87
Is there a way to modify / create Sieve filters without Horde?
I want to send a notification (by an email to SMS gateway) when a specific email arrives. I see that Roundcube has a sieve filter option called "Send Notification" and it has three input boxes which have no tooltips and I am unable to find any documents telling me what to fill in those boxes.
The boxes are:
Method Options Message
The Message is obvious enough, but the other two?
For the method, I tried mailto:<firstname.lastname@example.org>
I left the options blank, typed in a short message and tried to save the filter, but it gave me an error message "Unable to save filter - server error occurred". Annoyingly, it then wiped out what I had typed and started me with a blank rule again. I also tried without the < and > round the email address.
Any clues as to proper syntax and what the options are?
Also, is it necessary to have another action after the Send Notification action to file the email away somewhere, or will it just be left in the inbox anyway if the only action is the notification?
Seems this started when upgrading to a version of 12. It was working a few days ago and only seems to affect mailing lists. I found a google Cached thread here where Igor was assisting some folks as late as Aug 4 and referenced this was "reported to development (PPP-10678 for your reference)" it seems the forums on Parallels changed or something because several Google links are not working and resulting in having to used cached results for the two links below.
I am able to disable SPF and the e-mails go through just fine however this was working with SPF enabled before a recent upgrade.
Page 1 [URL] ....
Page 2 [URL] ....
This is the error message displayed in /var/log/maillog Sep 24 01:38:35 controlpanel postfix/smtpd: connect from localhost[127.0.0.1] Sep 24 01:38:35 controlpanel postfix/smtpd: D565017C013E: client=localhost[127.0.0.1] Sep 24 01:38:35 controlpanel greylisting filter: Starting greylisting filter...
We are successfully using fail2ban on our server (CentOS 6.6, Plesk 12.0.18), that is, jails running and blocking potential intruders
However, we tried to create a custom jail for the CMS that is being used by most of our clients.
I followed the instructions (Tools & Settings > IP Address Banning (Fail2Ban) > Jails > Manage Filters > Add Filter) and created the filter I wanted, but then it does not appear in the list, even though it displays a message reading that the filter was created successfully. Then, if I try to create a new Jail, the filter is not available from the list.
Looking at the directory /etc/fail2ban/filter.d/ I can find a file that has the same name as the filter I created, with a .local extension (the file name does not contain whitespaces or other special characters)...
I have set up a vacation filter in Horde, but only in once in a while it really returns a vacation message, depending on who is sending an email. In most cases,the message arrives without triggering a response.The messagelog shows two scenarios, one for an successful vacation response and one for emails that fail to trigger a response.Sucessful event:
Oct 9 10:48:24 server dovecot: service=lda, email@example.com, ip=. sieve: msgid=<408-EAS2941777BF41EEBE6640B691D3A00@axy.gbl>: sent vacation response to <firstname.lastname@example.org> and then Oct 9 10:48:24 server qmail: 1412844504.308454 starting delivery 21782: msg 33566019 to remote email@example.com then the message is stored into the users inbox.
Unsuccessful event: Oct 9 10:55:39 server dovecot: service=lda, firstname.lastname@example.org, ip=. sieve: msgid=<trinity-90b5e87d-183b-49b8-8e3e-d2f98b96df3e-1412844932925@uvw-com>: discarded vacation reply to <> then the message is stored into the users inbox.
The actual version of Plesk (v12.0.18) on Centos 6.5 with Dovecot & Qmail is beeing used.
I keep having tons of spams in the Drop folder of my Windows SMTP which I enable only for sending out forms. How do you normally stop this? I cant stop the SMTP as it is for forms usage. Relays are already set to my local IPs
I have a Plesk 8.6 box and every so often I get alerted to the fact its being used to send out huge amounts of SPAM. I currently have to just remove the remaining mail in the queue using a utility qmhandle.
I look at the logs on the server but cant see where its been sent from.
Also I checked to see if its an open relay and all the testing I have done shows its not, so I can only assume its an account thats been compromised.
Thing is I cannot see in the logs how and which account is being used...