Tips on how to cut down on Spam.

Use a separate email address when you post messages to any public forum, such as newsgroups and mailing lists.
Never use your personal email address for this purpose -- or you'll be flooded with spam. Then, you can quickly go through the email in this account to see what's spam and what isn't. And your main personal email address won't be as clogged with spam.

Consider acquiring multiple email addresses for different purposes.
This helps you to identify different sources and senders, and lets you filter more effectively.

Use Disposable Email Addresses.
You can subscribe to services online that provide you with disposable addresses that can be deleted if they begin to attract spam messages.

You can create a unique address for each email newsletter or forum you subscribe to. Then, when an email address begins getting spam, you 'throw it away' and start using another email address.

This works because the disposable email addresses actually forward to a real email address of yours. The software lets you track which addresses are getting spam, and you can just resubscribe using a new, spam-free address.

http://sneakemail.com

Another one of these services is http://10minutemail.com/ it creates an email address for you to use for 10 minutes to get verification letters to forums etc. The email box 'self destructs' in 10 minutes.

Remove your email address from your website.
If you list or link to your email address, you can expect to be spammed.

Address-harvesting robots will spider your site and extract them. So remove them wherever possible and use web-based forms instead. This will drastically cut down the amount of spam you receive if you have a website. A new web 2.0 way of displaying your e-mail these days is like such: marc[at]gmail.com marc.at.gmail.com.

NEVER buy anything from a company that spams.
Don't visit their sites or ask for more information. (If you respond to their spams, you're encouraging them to continue spamming -- they only need a tiny fraction of responses to be profitable.)

There's another reason not to buy anything from a company that spams: over 95% of spam offers are scams! In fact, not responding to spam is the single most effective way to not get scammed on the Internet.

Filter your email. Using filters is key to managing your email effectively. It may take a short time to figure out how to do this, but it's definitely worthwhile.

For more anti-spam filtering information, visit:
http://email.about.com/cs/spamfiltering/

For more on negative spam filtering, visit:
http://email.about.com/library/howto...spamfilter.htm

Consider subscribing to a spam prevention service.
We're not enthusiastic about these services, but many people find them invaluable. They range from the good to the bad to the downright ugly, and from free to fee-based.

Remove your websites Catch-all Mailbox.
I realize this is valuable to some, but removing this prevents dictionary-attacks on your domains email addresses

Set Spam Assassin filter level to 3 or lower.
While watching mail come into our network. 99% of anything that scores over a 3 is spam. This may not get all of it but it will most definitely take care of some of it.


This list is just a few tasks you can do to help prevent spam taken from different sources on the internet. Some of it is hosting 101, and some is not. I hope this helps!

[oglee]

These are great tips Marc. Thank you for taking the time and making the effort to help out. Perhaps these boards can be turned into a resource of information, communication and positivity once again!

[onsitetech]

Hey Marc,

Nicely done!

Now if we can tell our clients to do the same.

Thank you two! I know it's not the ultimate solution to our spam issues we all share, but it every little bit helps!

Another thing I'm pretty sure alot of people who may use spam assassin over look is the Bayesian Filtering.

Quote:

The Bayesian classifier in Spamassassin tries to identify spam by looking at what are called tokens; words or short character sequences that are commonly found in spam or ham. By enabling this option, you will be using a community trained database, based on all the messages learned by this server. Presently, no user interaction is allowed, so the auto-learning mechanism should provide good results.

This does help alot combined with the '3' point rating. This is a small check box on the left bottom panel of the Spam Assassin interface.

[Brangwyn]

While we're on the subject of reducing SPAM then, please could someone consider overriding the default HSphere SPF records to something more restrictive, "V=SPF1 MX ~ALL" creates more problems than it's worth IMO.

Worst case if H-Sphere can't be changed you could at least publish a valid record on hsphere.cc so we can get customers to include this into their own records eg "v=spf1 MX include:hsphere.cc -all" (particularly useful if they use other external mail servers in addition to Vortechs).

Something like "v=spf1 ip4:216.81.64.0/20 ip4:216.157.128.0/19 -all" would be more appropriate given the current mail server setup.

Quote:

Originally Posted by Brangwyn

While we're on the subject of reducing SPAM then, please could someone consider overriding the default HSphere SPF records to something more restrictive, "V=SPF1 MX ~ALL" creates more problems than it's worth IMO.

Worst case if H-Sphere can't be changed you could at least publish a valid record on hsphere.cc so we can get customers to include this into their own records eg "v=spf1 MX include:hsphere.cc -all" (particularly useful if they use other external mail servers in addition to Vortechs).

Something like "v=spf1 ip4:216.81.64.0/20 ip4:216.157.128.0/19 -all" would be more appropriate given the current mail server setup.

Here is the SPF records for your domain depending on which mailserver you are on. This are more specific for your domain, as well as allowing your domain to send from the forward server as well as the spam filter. Mail sent from any other IP address could be flagged as bad if the receiving mail server is checking SPF records.

Quote:

MAIL
v=spf1 ip4:216.157.145.20 ip4:216.157.146.2 ip4:216.157.144.214 a:yourdomain.com mx:mail.yourdomain.com ~all

MAIL2
v=spf1 ip4:216.157.145.22 ip4:216.157.146.2 ip4:216.157.144.214 a:yourdomain.com mx:mail.yourdomain.com ~all

MAIL3
v=spf1 ip4:216.157.145.23 ip4:216.157.146.2 ip4:216.157.144.214 a:yourdomain.com mx:mail.yourdomain.com ~all

MAIL4
v=spf1 ip4:216.157.145.24 ip4:216.157.146.2 ip4:216.157.144.214 a:yourdomain.com mx:mail.yourdomain.com ~all

MAIL5
v=spf1 ip4:216.157.145.25 ip4:216.157.146.2 ip4:216.157.144.214 a:yourdomain.com mx:mail.yourdomain.com ~all

MAIL6
v=spf1 ip4:216.157.145.26 ip4:216.157.146.2 ip4:216.157.144.214 a:yourdomain.com mx:mail.yourdomain.com ~all

MAIL7
v=spf1 ip4:216.157.145.27 ip4:216.157.146.2 ip4:216.157.144.214 a:yourdomain.com mx:mail.yourdomain.com ~all

MAIL8
v=spf1 ip4:216.157.145.28 ip4:216.157.146.2 ip4:216.157.144.214 a:yourdomain.com mx:mail.yourdomain.com ~all

MAIL9
v=spf1 ip4:216.157.145.29 ip4:216.157.146.2 ip4:216.157.144.214 a:yourdomain.com mx:mail.yourdomain.com ~all

Of course replace YOURDOMAIN.COM with the domain you will be creating the record for.

For a more custom setup, or to read more about SPF you can go to the following link. It has a setup wizard and explanation:

http://old.openspf.org/wizard.html