For those of us still mired in the modes of communication of the previous century, email is still our primary method of communication. And the bane of all email users is now, and probably forever will be, spam. In this post, I discuss spam problems and solutions as pertaining to Linux-based servers running WHM/cpanel.
I find it interesting that the discussion of how to best deal with spam is ongoing and evolving. Part of the problem is that there are many different email clients and servers, which means there is no one-size-fits-all anti-spam solution. Some solutions work only with Outlook, some work on the email server, some are hardware-based solutions, some are open source solutions. Every solution I’ve seen includes trade-offs. And certainly spammers change their tactics constantly, which means that anti-spam solutions must always stay one step ahead if they are to be effective.
So which is the best anti-spam solution for you? There are two primary considerations:
- The email client used. Do you use Outlook or Thunderbird to read your email? Or do you use a web interface?
- The server environment where your email account is hosted. This article deals with Linux/cpanel-based servers.
This would not be a complete article without mentioning some popular preventive strategies. The idea here is that if you can prevent the spammers from harvesting your email address, you are invisible to them. The first and most popular preventive strategy is to prevent “data scraping” of your website. If your email address appears on your website in plain text (you can highlight and “copy” it into your paste buffer) chances are sooner or later a spammer will scrape your site and add your email address to their database. The primary preventive strategy is to make your email address un-parseable. There are a few techniques for this. Two of the most popular are:
- Putting your email address in a bitmap (an image). This way, your email address still displays and is readable to humans, but parsers typically cannot read the image.
Okay, so the spammers have your email address. This is the most common, and in some sense, inevitable, situation most email aficionados find themselves in eventually. What to do now?
Server Side Anti-Spam Solutions
- Spam Assassin – this software is essentially the first line of defense and being open source, it is fairly well understood by spammers. Most sophisticated spammers have little trouble getting around Spam Assassin. However, it does do a decent job of blocking unsophisticated spammers, of which there are many. Spam Assassin uses an algorithm intended to mark emails as spam which include common spammer tactics or “signatures”. The spam emails can be auto-deleted or simply passed on to the email client marked as spam (typically in the subject line). Spam Assassin is nice because it’s basically a set-and-forget piece of software that does its job behind the scenes. Downsides include incorrectly marking good emails as spam and the fact that it seems in practice to be fairly easily defeated by the more sophisticated spammers.
- Box Trapper – many cpanel installations now include Box Trapper. Box Trapper is a tougher nut to crack for spammers though not surprisingly, it causes a bit more pain for the email user than Spam Assassin. The basic idea of Box Trapper is that everyone who emails you is essentially considered “guilty until proven innocent”. When Box Trapper is activated, everyone who emails you will receive a “challenge” email which requires a response from the emailer. Generally this consists of a simple “reply to” (you need only reply to the challenge email, no other modifications are necessary). This works because most spam reply-to email addresses are fake and have no monitoring. You might consider it amusing that the reason that most spammers have fake reply-to addresses is that they do not wish to be spammed or electronically assaulted in any other way. The most classic response to spam for a newbie is to send an email asking to be removed from the mailing list. This has the unintended effect of confirming to the spammer that a real, live human is monitoring the account and reading all the crappy spam. Ironically, this only makes the spammer consider your address more valuable!
- Other Solutions – hardware anti-spam systems and other software will not be covered here as they are not available at most low-cost hosting companies.
Client Side Anti-Spam Solutions
The final barrier to spam is the client software. If you use a web interface to read email on your inexpensive email hosting account, you’re primary hopes are pinned on the server-side solutions.
Open Source Solutions
This was a category that didn’t even exist a few years ago. Since then a few Windows add-ons have been written for popular clients like Outlook and Thunderbird. The two I have used before are SpamBully and SpamBayes. After using SpamBully for several months on my Windows box, I’ve determined that SpamBully is unfit for my needs. SpamBully consistently marked obvious spam as not-spam and emails from safe senders, friends and even my own website (which I’d specifically white-listed as well as marking the emails as “not spam”) as spam. Basically, it required more effort to read my emails and to mark spam emails as junk than would have been required by simply not using it.
I have a very lengthy experience with a product called SpamFighter. SpamFighter initially seemed to work well, but after several months (actually over a year) of constant use, it has the same problems as SpamBully, namely incorrectly marking good emails as spam and (far more often) marking spam emails as good. Again, my yardstick was to determine if SpamFighter required more time to use than not, and again, this solution did not work often enough for me to want to continue to use it.
Junk Email Filter on Outlook and Thunderbird
This brings us all the way back to email client software spam filtering solutions which are oft-overlooked solutions. The Junk email filter on Outlook has various settings, as seen here:
A major revelation for me was the “level of junk protection” setting. I had always had it set “Low” previously, as I was concerned about missing real emails. This had the effect of passing a great deal of spam to my inbox, to the point where I had spent time working with SpamFighter and SpamBayes. However, merely changing the protection level to “High”, meant that almost all spam was caught, as well as a small handful of legitimate emails.
This led to a large revelation: it’s much easier to “un-junk” legitimate emails than it is to “junk” spam emails, simply because there are so many more spam emails sent than legitimate emails.
This change in my own mind-set really made my Outlook Junk filter start working for me. The few legit emails caught in the Outlook Junk email filter are easily marked “Not Junk” and from then on, delivered straight to my inbox.
If you’ve given up on client-side solutions, especially those built-in solutions so often overlooked, try reversing your mindset: crank that junk mail sensitivity setting to “High”, unjunk the legitimate emails and see how many junk emails get through to your inbox. If your experience is similar to mine, the junk emails in your inbox will drop to near-zero.