15 May

2009

SPAM? Who said SPAM?

You do know what spam is, right? Well, if you don’t – open your email. I am sure you will find out a dozen emails there, that you did not request to receive and don’t have ANY idea who their sender is. They are annoying, irritating and can drive you crazy with their high volume – that is SPAM.

So, how do you fight SPAM? Well, there isn’t any universal method that can get rid of ALL the Spam you receive. However, there are some things you can do. And certainly, there are some things your email provider can do to prevent SPAM emails being received by YOU, the End User.

SiteGround as a web hosting provider aims to prevent most of the SPAM emails which are sent to or by our servers to reach their destination. At first, we do the common and obvious things:

  • We check the sender’s domain name and IP address versus several large RBL (Real-Time Blackhole List) lists. If we find out any of them is listed in any of the lists, we discard the email message.
  • We check if the message contains a valid ‘HELO’ request. By RFC (Request For Comments) definition, each email client should start the email communication with a ‘HELO’ request. If no such are present, we ban them.
  • We check in an internal database if the IP address of the sender or the domain name of the email has tried to send too many emails for a short period of time. If it has, we discard the emails and send a warning message to the customer.
  • We screen each message and the sender’s address and identify it as spam.

So, let’s assume the email passes our phase-one checks. Then, it is relayed to the Spam Assasin (http://spamassassin.apache.org/) daemon which gives a SPAM score to each email. Emails with score lower than 7 are directly delivered to the customers’ mailbox. Emails with score higher than 7 might be flagged for a manual or automatic review by our internal in-house built systems or might be discarded.

If the email passes the Spam Assasin score system, it’s checked for bad attachments (for example .dll or .pif files – which may and will harm your computer) and is discarded if such are found.

We further check if the user trying to send emails to any of our servers is brute forcing email addresses and if we catch him to do that, we automatically discard the email. The same applies to a user trying to identify to the server with too many usernames and passwords for a certain period of time.

The latest addition to our Anti SPAM filters is an ACL (Access Control List) filter which denies sending emails from a spoofed domain name. This means that if you, for example, host the domain name yourdomainname.com” with us and “yourdomainname2.com” with another hosting company, you would not be able to send emails from the yourdomainname2.com” domain from any of the SiteGround servers.

With all that said you should already know that SiteGround has invested a lot of time and effort to build automatic systems to prevent SPAM. And we’ll keep doing more and more. Fighting spam is a continuous process and we make sure we stay ahead!

Author: Reneta Tsankova

The SiteGround Soul Giver

If something's cooking in any of the following areas at SiteGround: website user experience, marketing, advertising, public relations, sales, accounting or billing, the chances are that I have been involved. Being the most advanced non-technical person in a highly geeky company is definitely quite an interesting challenge.

Comments (2):

  1. Nathan says:

    you said: The latest addition to our Anti SPAM filters is an ACL (Access Control List) filter which denies sending emails from a spoofed domain name. This means that if you, for example, host the domain name “yourdomainname.com” with us and “yourdomainname2.com” with another hosting company, you would not be able to send emails from the “yourdomainname2.com” domain from any of the SiteGround servers.

    ———

    well i use @craiglist.org email address as from address in my horde to keep my name/real address private when i reply email from ads, does it include anonymous addresses like craiglist for example … also does it affect web ptograms that use yahoo when sending mails to users on my website???

    • Dima says:

      @Nathan: Thanks for your questions. There is no problem with using an anonymous email address when replying , as long as it is a valid email address. so you can keep on using @craiglist.org, for example, if you want to keep your contact info private.
      As for your second question, however, I’m afraid that’s a typical case of email spoofing and using such programs is not allowed.

      For more information I recommend that you post a ticket to our tech support via our HelpDesk section in your Customer Area. They will be able to assist you in more detail. :)

Favorite Tweets

Facebook

Latest Comments

Archive