Our mail system is tough on
Unsolicited Commercial Email (UCE, JunkMail or Spam).
We reject mail from unknown domains. We do not permit relay through our hosts.
We also maintain blacklists and AI filters that reject the vast majority of
JunkMail.
Most of this is done automatically for our clients.
Our Mail clients unconditionally accept WebEstate's right to configure Anti
Spam measures.
We can neither guarantee that we shall delete all Spam, nor that all legit mail
will be delivered.
The default user configuration rejects Junk Mail.
It may occasionally reject legitimate Mail that appears to be Spam.
Upon request, we can let more of the Spam through, but it is still possible
that on rare occasions, legit mail may be lost for other reasons.
We installed these measures to
block SPAM and enhance the Security & Performance of your eMail
System:
Step 1
|
Every sender is checked in realtime
against various global Anti Spam Databases.
If anyone tells you that he was unable to send mail to one of your mail
accounts,
it's very likely that either their eMail address or Domain (IP-No.) is
listed in one of the public Anti-Spam databases.
In that case the rejected sender should have seen an Error-Report with
his mail agent (Outlook, Eudora, whatever...),
specifying the exact reason for the reject including the web address of
the blacklist.
He may then look up the relevant database on the web and find out himself.
Maybe it's someone else on the same Domain spamming.
Any listing on the Anti-Spam databases can be quickly taken out via Web
Interface provied the spamming stops.
|
Step 2
|
All incoming mail is scanned for particular patterns of
Spam mail using
SpamAssassin
&
Vipul's Razor
Suspect Mail will be tagged as spam and delivered to you by default. Spammers
will be auto-reported to public blacklists.
We now added a new configuration tool for controlling individual per-domain
Spam handling.
This tool is available from your WebServer's Control Panel via the new
menu item "SpamFilter Settings".
Instructions how to use this new tool have been included there.
Currently, you have 4 basic options
:
| 0.
|
Disable
Spam checks completely.
|
| 1.
|
Enable
Spam checks but receive
all Spam.
Incoming Mail will be Spam-checked and delivered including results
of spam check. Spammers will get auto-reported. |
| 2.
|
Redirect
any mail that has been considered
Spam
Incoming mail will be spam-checked
and delivered to your local named "spam" or "promotion"
account, or else to the Mailserver's Spam account.
The sender receives "delivery
successfull" response. |
| 3.
|
Block
any mail that has been
considered Spam - incoming mail
will be spam-checked and delivered to your local named "spam"
or "promotion" or else to the Mailserver's spam account.
The sender receives "delivery
failed permanently" response. |
There are many other options configuration, like
blacklisting domains or email addresses,
auto-reporting spammers,
whitelisting any sender's account's or domains or whitelist any of your
individual mail accounts.
The Spam Filter settings are domain-wide settings.
They can (except for whitelist_to) not be customized on a per-account-base.
That may be possible with a later implementation of our software.
|
|
Step 3
|
All our client servers are periodically checked
for unsecure scripts and validated not to function as
"open mail relays".
|
| Step 4
|
All Mail that passes
step 1-3 will be scanned by
Trend's InterScan Virus scanner
to reduce the chance of delivering infected files to you, our clients.
Virus pattern files are updated automatically and checked for daily, to
assure that we catch even the latest viruses.
When a Virus is found, our system will try to separate the Virus from the
message body and mail warnings to the sender and to the recipient.
The separated message body will be included with the Virus-Warning.
Please find LIVE information about the latest Virus threats
on
our Website . |
We use the services of these antiSpam
organizations & Spam Blackholes
to detect Spammers:
Any unwanted and unsolicited Spam that still get's
through our filters may be reported directly to any of the organizations listed
above.
The most easy way to report Spam is to send the
complete message to
qSpam@ORBZ.org or
Spam@ORBZ.org .
If you want to report spam, these organisations need
the complete spam email including the message full headers.
Have a look at their websites.
You find a rather technical, but very interesting
coloboration of Spam related information here:
Chris Hardy's qMail AntiSpam HowTo
Please let us know, if you want your mail server to
be excluded from any of these
security and anti-Spam measures.
We shall keep you informed of future developments
and updates.
The Spam-Identification Tactics we use include:
- Header Analysis:
Spammers use a number of tricks to mask their identities, fool you into
thinking they've sent a valid mail, or fool you into thinking you must
have subscribed at some stage. SpamAssassin tries to spot these.
- Text Analysis:
Again, Spam Mails often have a characteristic style (to put it politely),
and some characteristic disclaimers and CYA text. SpamAssassin can spot these,
too.
- Blacklists:
We employ useful existing blacklists, such as
rbls.org, SpamAssassin and others.
- SpamAssassin
is a mail filter to identify spam.
Using its rule base, it uses a wide range of heuristic tests on mail headers
and body text to identify "spam",
also known as unsolicited commercial email.
A frontend for editing the per user settings for SpamAssassin has been integrated
into the Server Control Panel
-
Razor and Pyzor are collaborative spam-tracking databases, which work by taking
a signature of spam messages. Since spam typically operates by sending an
identical message to hundreds of people, Razor and Pyzor short-circuit this by allowing
the first person to receive a spam to add it to the database, at which point everyone else will be able to automatically block it.
Once identified, the mail can then be optionally tagged
as spam for later filtering using the user's own mail admin settings.
