It seems almost overwhelming, the sheer amount of garbage that attempts to get to you through your inbox. It may be trying to sell you Viagra, concert tickets, ripped software, or turn your computer into a soldier in the latest botnet, but all spam has two things in common.
An entire industry has popped up around stopping the daily deluge of spam mail. The Can Spam Act did absolutely nothing to stop or staunch the flow – legitimate businesses that cared about their reputation weren’t doing it, and spammers didn’t much care because they knew their chances of getting caught and prosecuted were next to nil.
It fell on the administrators of email systems and end users to combat what they didn’t want to see.
As administrators of the servers that house the email systems, it is up to us to put enough roadblocks in the spammers way that we stop as much of those emails as we can, but we have to do it carefully so that we don’t accidentally get legitimate email stopped at the gate as well. As you can imagine, its not an easy task and if everyone had to come up with their own systems it would be even harder.
While we write a few rules ourselves, we generally employ known spam fighting techniques developed by others to decide who we will, and won’t, take mail from. Some, but not all, of those techniques are:
You can see that whether mail servers will actually talk to one another is much like judging who to dance with at a bar – pass off the wrong line, don’t follow the local courtesies, or act like an complete idiot, and eventually, no one will talk to you and you’re going home alone and rejected.
Once we decide that a piece of mail passes our tests for whether it’s more than likely legitimate, then we pass it off to you and you get to decide what to do with it.
Most of you do a big, fat, nothing, relying on us to decide whether your email is legitimate, assuming that if we let him into the bar and poured him a drink, he’s ok.
You have a number of tools in your cPanel that can dramatically lower the amount of spam that you get in your inbox and for the most part, these tools remain unused by the vast majority of hosting clients. Your first tool is MailScanner.
There are three things in MailScanner that you can do that will make a difference.
MailScanner is not the only tool in your arsenal, though this takes a bit more time, and a b it more work.
You also have Mail Filters, both Account Wide and per email address. You can find both the accounts in your “Mail” area in cPanel.
You can filter mail with a series of “If it says this in the subject but not this in the body” and so on and cause those emails to be deleted regardless of their spam score and regardless of who they are from.
By gathering your spam for a week and looking at the text, you’ll discover patterns to some of the spams and some key words and phrases that you probably would never think anyone would legitimately email you for any reason. One filtering system I saw was at 7 pages of filters with keywords I just don’t think anyone would need to use when emailing a support desk, like “Viagra”.
Here’s a snippet of ours:
I mostly work with headers because their patterns seem to be repetitive, the easiest to match, and I can’t find histories of people emailing me with some of these “weasel words” in the subject line. After working on it for a while eventually, I was able to bring the helpdesk spam down to almost nothing.
A final word about the unsubscribe link at the bottom of emails – you know how everyone says don’t use it? Use it, but with caution.
If you click on the unsubscribe link and the page you land on asks you to enter your email, don’t. That is likely a spammer trying to harvest valid email addresses and common wisdom says giving them information is not your best course of action here.
If you click that link and it already has your email address and its telling you to click something else to confirm you want to unsubscribe, it is more likely than not a legitimate list and you will be legitimately unsubscribed. If you have any questions, do a Google search – most places use professional mailing list services to lend themselves legitimacy and help their legitimate marketing email go through. A little snooping around might help tell you one way or another whether it’s a good idea to click.