Portal Home > Knowledgebase > Articles Database > Spam, Spam, ohh and more Spam
Spam, Spam, ohh and more Spam
| Posted by Ryan - HostATree, 11-12-2009, 10:26 PM |
| Recently we have been getting lots of spam at our help desk. We block the emails but it seems like that never stops it, they just use a different email then.
The header and body of the emails pretty much look like this:
ôÏÒÇÏ×ÁÑ ÍÁÒËÁ òáôï÷îéë® / óðáóáôåìøîùê ëòõç®
(ÂÙ×ÛÁÑ ÔÏÒÇÏ×ÁÑ ÍÁÒËÁ óðáóáôåìø, ÐÒ-×Á áï "üÆÆÅËÔ", õËÒÁÉÎÁ)
ÐÒÉÇÌÁÛÁÅÔ ×ÓÅÈ ÐÏÌØÚÏ×ÁÔÅÌÅÊ òÕÎÅÔÁ ÐÒÉÎÑÔØ ÕÞÁÓÔÉÅ
× ËÏÎËÕÒÓÅ ÎÁ ÌÕÞÛÉÊ ÒÅËÌÁÍÎÙÊ ÌÏÚÕÎÇ 2009 - 2010 ÇÏÄÁ
Anyone else get stuff like this?
|
| Posted by MikeDVB, 11-12-2009, 10:50 PM |
| Can't say that we have... Do you have sender verification callouts turned on as well as something like SpamAssassin/Postini/etc?
|
| Posted by trustedurl.com, 11-12-2009, 10:54 PM |
| Checkout mailfoundry or one of the barracuda appliances. Should block all of that stuff; Can't say I've seen an increase in those; definitely more virus mails.
|
| Posted by MikeDVB, 11-12-2009, 11:00 PM |
| I've *always* seen a huge amount of virus mails. There's even one out there that's sending mail as though it comes from us - hopefully the receiving servers are checking SPF and rejecting those!
|
| Posted by Sparrow-Sean, 11-12-2009, 11:06 PM |
| Mdd, We can only hope - I had an old e-mail with my ISP, In 3 months I collected +1000 spam e-mails. It's a never ending battle that seems to be failing us.
|
| Posted by MikeDVB, 11-12-2009, 11:11 PM |
| Most ISPs don't have adequate spam filtering from what I've seen.
|
| Posted by N|Kitmitto, 11-12-2009, 11:14 PM |
| We used to get that stuff everyday, multiple per day. The finally stopped after about 6 months.
|
| Posted by Ryan - HostATree, 11-12-2009, 11:18 PM |
| Great only 5 months more to go. We have thought about enabling a verification sender but we feel this would be just one more hassle for our customers. However we may have to enable it soon if this gets out of hand.
|
| Posted by wirefusemedia, 11-12-2009, 11:28 PM |
| Does the spam email come from just one ip? If so just ban it.
Check if characters sent are valid ASCII chars for the time being, if not deny the support request.
|
| Posted by web-1, 11-12-2009, 11:39 PM |
| Everyone should be aware of these exploits in osCommerce and osCMax shopping cart software. (11/09/2009)
It allows sending of spam without logging in, and possibly uploading of files. The "sender" becomes YOU, the merchant, which is a trusted source by customers.
You need to fix this immediately on any servers you have. It's a easy fix.
http://www.oscmax.com/blog/michael_s...x_204_released
http://www.oscmax.com/blog/michael_s...upload_exploit
I also disabled "admin/mail.php" for good measure since that's what they actually use to send spam. Search your apache logs.
LFD (part of CSF firewall) will report the excessive e-mails, but only AFTER the SPAM is sent to all your customers and possibly others.
|
| Posted by Ryan - HostATree, 11-14-2009, 02:14 AM |
| Sounds risky. However we use WHMCS.
|
| Posted by bentink, 11-14-2009, 07:23 AM |
| Better is to use only ticket with captcha instead of email
|
| Posted by njoker555, 11-14-2009, 02:45 PM |
| we get spam but none of those random characters, my gaming forum gets posts with that crap though, it's annoying.
and captcha is useless if you have an actual person doing the spam.
|
| Posted by MikeDVB, 11-14-2009, 03:38 PM |
| Good for keeping out spam, annoying for your customers who are mobile and got an SMS about their site being offline and want to fire off an email to support about it real fast.
A better option is adequate spam filtering including Sender Verification Callouts as suggested... If you think it would be a pain for your clients.... don't host your site on the same server as your clients.
|
| Posted by SSD-Greg, 11-14-2009, 05:34 PM |
| I never really recived spam emails, I gess its because my companies were never stablized... I do see post on some forums I use to hang out on like that. Try puting a spam verfication is it coming in threw a contact form or just threw someones email?
|
| Posted by peter_anderson, 11-14-2009, 06:23 PM |
| I get emails from various companies selling French translation crap. Rosetta stone or something.
Really annoying. They keep changing their emails, so blocking does not good.
|
| Posted by ZKuJoe, 11-14-2009, 08:49 PM |
| ASSP has worked wonders for our servers, we ended up buying an ASSP Deluxe license so we could monitor and configure everything through WHM but it's free otherwise.
|
| Posted by soulhunter, 11-14-2009, 09:04 PM |
| 1 for ASSP: it works wonderfully.
|
| Posted by brianoz, 11-15-2009, 12:10 AM |
| Check out nolisting - will cut 40% of spam at almost no cost.
Also use the usual spam filtering stuff like spamassassin etc.
If all of that doesn't work, set up Google postini for a month or two on that MX/domain. It's cheap at US$12 per filtered mailbox.
|
| Posted by Ryan - HostATree, 11-15-2009, 12:11 AM |
| I think we have it under control now. We have blocked all emails coming from a .ru domain.
|
| Posted by MikeDVB, 11-15-2009, 01:42 AM |
| Sounds good
|
| Posted by soulhunter, 11-15-2009, 09:12 AM |
| Nice, but the thing is: you will start to get more spam at some point, it is just a matter of time.
I can suggest: Install ASSP, it will help you with the spam, it is free, and it is easy to setup, also it have whitelists, which lets you whitelist your customers so that a mail from them is *never* blocked.
|
Add to Favourites 
Print this Article
Also Read
