SPAM

What is Spam?

Would you like to...

Print this pagePrint this page

Email this pageEmail this page

Add to favoritesAdd to favorites

Spam is defined many different ways, but the official “legal” definition of spam is:

 

“E-mail spam, also known as junk e-mail, is a subset of spam that involves nearly identical messages sent to numerous recipients by e-mail. A common synonym for spam is unsolicited bulk e-mail (UBE). Definitions of spam usually include the aspects that email is unsolicited and sent in bulk. "UCE" refers specifically to unsolicited commercial e-mail.” - http://en.wikipedia.org/wiki/E-mail_spam

 

In general “spam” is any message that the recipient did not wish to receive. There are many agencies/companies/tools that assist users in reporting spam. One of the more widely used ones is SpamCop (www.spamcop.net). SpamCop allows you to submit a message to them for parsing and they will send the spam complaint on your behalf.

 

Most spam complaints we receive are due to one of the following reasons (please note this is not a complete list, just examples):

 

1) Insecure SMTP server (open relay)

2) Exploited CGI or PHP scripts.

3) Infected server (Trojan/virus)

 

The most common method to help prevent spam if you run a mail server is to ensure that your server requires authentication to send any outbound email. This would include disabling the ‘nobody’ user from sending email. The ‘nobody’ user is the user that the Apache HTTPd server typically runs as. By enabling authentication you require that the person sending email have a valid username and password. This will allow you to track the source of the spam down (should there be an outbreak) and prevent them from further spamming.

 

If the complaint is in regards to a mailing list or subscribed newsletter that you run then please unsubscribe the user from your mailing list and block their email address from receiving any further communications.

 

We also highly recommend that you add in a header or some other identifying string to your newsletter or mailing list emails that would allow you to easily track the reporting party down. A large majority of the reporting agencies (SpamCop included) redact the reporting parties email address. Adding in this unique identifier allows you to find and remove the reporting party without having to go through SpamCop and asking the end-user to provide you with their email address.

 

Another thing to watch out for is exploited CGI scripts or exploitable PHP scripts. Any script that has the ability to send out email has a high likelihood of being exploited by spammers once they find it. There are controls that you can enable in your mail server that will enable you to track down the ‘source’ script of a spam complaint. cPanel provides this feature however it is not enabled by default.

 

Please keep in mind that spam not only harms your reputation as a company but also reflects negatively on us for hosting accounts that are prone to spam. For our full AUP and examples of what happens in the event of a complaint, please see http://pqcservice.net/aup.html

Esta resposta lhe foi útil?

 Imprimir este Artigo

Veja também

Rootkit help

RootKit -- Spyware and Junkware detection and removal toolGo to Rootkit Hunter homepage, and...

Brute Force Detection

BFD -- Brute Force Detection BFD is a shell script which parses security logs and detects...

DoS: looking at open connections

Here is a command line to run on your server if you think your server is under attack. It prints...

URL injections information

URL Injection attacks typically mean the server for which the IP address of the attacker is bound...

My server has been blocked by Abuse. What do I do?

Generally the abuse department will not block your server unless one of the following...