Skip to main content

Cpanel Add Ons for Spam

Comments

9 comments

  • cPanelMichael
    Hello, Have you considered using the Greylisting feature available in cPanel version 11.50? It's documented here:
    0
  • ramorse
    Thanks. I have looked at Greylisting and eagerly await 11.50 to be available in the Release tier as that's what our servers are set to. Any ETA?
    0
  • cPanelMichael
    Thanks. I have looked at Greylisting and eagerly await 11.50 to be available in the Release tier as that's what our servers are set to. Any ETA?

    Hello, There's a target for the middle of June, but we don't have any time frame expectations as release dates can always change based on issues we find or new bugs that are discovered. Thank you.
    0
  • mtindor
    The greylisting available in 11.50 works pretty good so far. Some things to keep in mind:
      ]
    • If you enable the option to whitelist connections passing SPF, you will allow a lot of spam to come through that may otherwise be blocked. [NOTE: This feature is enabled by default in 11.50]
    • If you disable the option to whitelist connections passing SPF, be prepared to manually whitelist a lot more address space where valid emails are coming from, especially address space of larger service providers and webmail services. You will end up blocking a lot more spam that with this option disabled though.
    • The cPanel-provided default list of whitelisted addresses / address space is mediocre at best. I believe the reason why it falls short is because [I believe] that cPanel is hedging there bet that everyone will keep the whitelisting-by-SPF-passage enabled, which will negate the need for cPanel to make the default whitelist more populated and (b). Although you should see #2 above
    • whitelisting based upon rDNS / partial rDNS is still a must-have.
    • cPanel should not be providing even a minimal amount of whitelist entries because then they are on the hook for keeping them up to date -- and I've already noticed that among the companies they attempt to whitelist in the default whitelist, they have fallen short on the necessary address space that they have added for various webmail providers / large ISPs.
    Why is rDNS / partial rDNS whitelisting a must-have? Well, to be most effective against spam, one cannot whitelist hosts that pass SPF checks. And if one does not whitelist hosts that pass SPF checks, one has to add quite a bit more individual address space in. And, for a lot of the providers [Yahoo certainly comes to mind], their rDNS clearly indicates the function of the connecting mail IP address. And you can much more easily whitelist scattered blocks of IP space that is used by Yahoo for sending mail if you are able to whitelist based upon partial rDNS. If that's not available, you have to do much more involved searches of the IP address space that Yahoo has in use for legitimate email delivery. So far I've built up a pretty good starting base of whitelisted entries. I do NOT whitelist hosts that pass WPF. The greylisting so far is doing a great job thrarting off spam [that spam that doesn't retry]. And for the spam that does retry, the mere fact that the hosts are being deferred for a period of time makes it much more probable that those hosts will be listed on various RBLs and URIBLs by the time they do connect and pass the greylisting mechanism. This, of course, assumes that you are using decent RBLs in the first place to block during SMTP, and that you have the URIBL plugin enabled in SpamAssassin and are using it affectively. I give cPanel a thumbs-up for the new cpgreylistd . This post is not meant to bash anyone at cPanel. I just wanted to relay my experience thus far with cPanel's greylisting, as well as throw an idea or two at the cPanel developers who maintain cpgreylistd -- with the hope that they will consider adding whitelisting based upon rDNS / partial rDNS. Mike
    0
  • ramorse
    Thank you for your report. I've just started using this on one server and so far have found it pretty good. I am kind of concerned about the default whitelist. "So far I've built up a pretty good starting base of whitelisted entries." Would you be willing to share?
    0
  • mtindor
    Let me look into that. My customerbase is mostly within a fairly defined geographical area,and so a lot of the entries in my list would be trivial / nonuseful for most people. And I haven't yet explored how the whitelist information is stored. If it's stored in in a flat text file I may be willing to share. If it's stored in an sql format, it's probably going to be more of a pain for me than it would be a benefit to you or anyone else. I'll get back to you. m
    0
  • sparek-3
    I figure it's only a matter of time before spammers begin utilizing their own SMTP service, which would queue, hold, and retry their spam messages. This would get around greylisting servers.
    0
  • ramorse
    So, what are we to do? Still looking for a better solution to spam onslaught.
    0
  • cPanelMichael
    So, what are we to do? Still looking for a better solution to spam onslaught.

    One other alternative would be to host all of your email on a third-party mail server with native SPAM blocking features. However, I don't really see a downside to the Greylisting feature until spammers begin widespread methods of circumventing it. Thank you.
    0

Please sign in to leave a comment.