Skip to main content

[FAQ] Information: Spam Emails

If you are receiving lots of spam(unsolicited) emails in your mailbox, this section should be able provide you with solutions.


Spam and Virus Emails - Information...
What are spam and virus emails?
Where do spammers get my email address from?
Emails sent to me are being return to the sender with a spam warning.
What is the first thing I should do to cut down on spam?
What software can I use to help prevent receiving spam?
Who can I complain to about the spam I receive?    
Why are emails that are sent to me,being marked as SPAM and returned?
Why do I keep receiving email bounces for email I didn’t send?
How do I setup SPF on my account to combat spoofing?
Why does SpamAssassin label some email as Spam, and others not?
How do I use the tools in CPanel to manage the spam I receive.

 

Spam and Virus Emails - Information...

Recently there has been an explosion of spamming and virus sending on the internet. Did you know that more than 80% of all emails sent on the internet are now spam or junk email!
Most of these types of email originate from the USA, Asian and European countries, where there are few restrictions on the sending of these types of unsolicited emails.

There a lot of information available on the internet on how to protect yourself against spam and viruses. This website is also a good starting point for information http://www.spamhaus.org/.
You may find that some spam/virus email appear to be sent from your own domain name, however this is just because spammers are using your email address which they got off your website using email harvesting software that scans the internet looking for valid email addresses. They then put common addresses in from of the @, such as info, admin etc, as these are what many domain owners use as email addresses. Once spammers have got a valid email address, it then allows them to send spam using your email address to other users, as the email address is unlikely to get blocked due to it being a valid email address. If this is happening to you, we recommend that you remove the ‘catchall‘ email address (the one that allows you to receive all emails from any address using your domain such as ...@yourdomainname.co.nz), and only set up specific email addresses that you actually use, eg. yourname@yourdomainname.co.nz. We also recommend that you modify your email address to something that would be difficult to guess (eg. Your first and last name before the @ symbol). This is incase a spamming computer is using a 'dictionary' to automatically fill in common email address names before the domain extension.

Please note that we don‘t have any control over who sends you email. Therefore please don‘t report the spam emails to us. If you are wanting to report spam, you will need to report it to the ISP that it is being ‘sent‘ from, which you can get from the full header of the email. As spam is now such a huge issue, don‘t expect a reply or response from the ISP as they are unlikely to have the resources to deal with it.

Another thing we need to highlight, is if you have a website that uses formmail or any other automated scripts, you are required to keep your scripts up to date with the latest and most secure versions of the script. Spammers can hack unsecured scripts and use them to send spam through the server.

As an internet user, you have a responsibility to keep your computer safe and secure with Internet security software, including Anti-Virus, Anti-Spam, Firewall, and Antispyware software. Most importantly you must update this software regularly by downloading the software updates from the software developers website. If you are running the Microsofts Windows operating system, you must also make sure that you have downloaded the latest patches. An unprotected computer risks getting a virus that will actually automatically send out spam and virus emails, or worse!

Users who use the cPanel hosting control panel can setup server spam filtering, which is called ‘Spam Assassin‘ in the mail section of the control panel, which can either ‘tag‘ identified spam, or shift it to another folder, however this should not be used as a replacement for you own internet security software on your own computer.
Users of our Corporate and Business hosting plans can setup server spam filtering within their control panel in the mailboxes section. Users of our other hosting plans that don't have a control panel, will need to install your own Antispam software on your computers or upgrade to our higher hosting plans.

If you are forwarding your email to a third party email address, then you should check if your provider provides server spam filtering that you are able to enable.

Please note that no internet security software is 100% effective, and spammers are always working out ways to beat the Anti-Spam software, so sometimes spam email will still get through. To locate internet security software , just enter internet security into your Internet search engine.

RETURN TO TOP OF PAGE

 

What are spam and virus emails?

SPAM is the term most commonly used to refer to unsolicited e-mail that floods the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it. Most SPAM or junk emails, are commercial advertising, often for dubious products, get-rich-quick schemes, or quasi-legal services. SPAM costs the sender very little to send -- most of the costs are paid for by the recipient or the carriers rather than by the sender.

E-mail SPAM targets individual users with direct mail messages. E-mail SPAM lists are often created by scanning Usenet postings, stealing Internet mailing lists, or searching the Web for addresses. (Do not ever put your email address on your website unless it is encrypted!) E-mail SPAM’s typically cost users money out-of-pocket to receive. Many people - anyone with measured phone service - read or receive their mail while the meter is running, so to speak therefore SPAM costs them additional money. On top of that, it costs money for ISPs and online services to transmit SPAM, and these costs are transmitted directly to subscribers.

One particularly nasty variant of e-mail SPAM is sending SPAM to mailing lists (public or private e-mail discussion forums.) Because many mailing lists limit activity to their subscribers, spammers will use automated tools to subscribe to as many mailing lists as possible, so that they can grab the lists of addresses, or use the mailing list as a direct target for their attacks.

As the Internet is public, there is really little that can be done to prevent spam, just as it is impossible to prevent junk mail. We therefore have no control who sends you your email.

Some spam may also contain viruses, so it is important that you are careful when opening emails that contain attachments. We recommend that you don’t open attachements if you don’t know the email sender.

Protection against spam and viruses is the client’s responsibility, and as an internet user, you must have sufficient internet security software installed on your computer to filter out and delete these. Internet security software includes, but is not restricted to, antivirus software, antispam software, and firewall software. Also spyware detection and removal software is a requirement these days, as a lot of ’free’ software can install nasty spyware on your computer that can send out information that you have stored on your computer. Please note that no internet security software is 100% effective, so sometimes the odd spam email will still get through. To locate internet security software just, just enter internet security into your Internet search engine. Some of the more popular ones are Nortons, PCCillin, and McAfee.

If you have got a ’catchall’ email address setup, and you are receiving lots of spam, that is sent to email addresses using a random string of characters that it places at the beginning of your domain name, eg kjsionvcgy465x@yourdomainname.co.nz, we then recommend that you delete your catchall email address, and only setup specific email addresses that you use for your email.

RETURN TO TOP OF PAGE

 

Where do spammers get my email address from?

They can get your email address from a number of different ways. These include but are not limited to...

- Your email address may be published on your website, and it hasn't been encrypted.
- Your email address may appear somewhere else on the internet, or you have used it in a forum posting
- Spamming robots may have found your website and is then using a dictionary to guess valid email addresses that may be use.
- Someone that you communicate with has your email address in their address book, and their computer is infected with spyware or a virus which is transmitting their address book to the spamming robots.

There are also many other ways spammers can acquire an email address.

RETURN TO TOP OF PAGE

 

Emails sent to me are being return to the sender with a spam warning.

A common reason this will occur, is because the IP address of the ISP of the email sender has been blacklisted with on Antispam database. Such Antispam databases include spamcop.net or ordb.org. Datacentres use these antispam databases to cut down the amount of spam that is received through the network. If someone who sends you an email encounters this issue, they will need to contact their ISP (the company that they connect to the internet with) to ask them to contact the relevant spam database, to ask them to remove the blacklist. Often the blacklist will only last a day, unless more reports have been received about spamming on the affected IP address. Only the owner of the blacklisted IP address (eg. the ISP) is able to have the blacklist removed.

RETURN TO TOP OF PAGE

 

What is the first thing I should do to cut down on spam?

The most common reason people get a lot of spam, is because their email address is connected to a 'catchall email address'. This means that the mailbox will receive any email sent to any name that is in front of the domain name. If this is happening to you, we recommend that you remove the ‘catchall‘ email address (the one that allows you to receive all emails from any address using your domain such as ...@yourdomainname.co.nz), and only set up specific email addresses that you actually use, eg. yourname@yourdomainname.co.nz. We also recommend that you modify your email address to something that would be difficult to guess (eg. Your first and last name before the @ symbol). This is incase a spamming computer is using a 'dictionary' to automatically fill in common email address names before the domain extension.
Disabling the catchall address, should reduce the amount of spam your receive.

If your account doesn't have a control panel, you may need to contact us to remove this for you, and provide us with the email address you would like to setup. Please make your email address difficult to guess (eg. your first and last name combined)

RETURN TO TOP OF PAGE

 

What software can I use to help prevent receiving spam?

Spam is a huge problem on the internet with more than 80% of emails sent to the mailservers now being spam. Therefore we strongly recommend that all users have Antispam software installed on your own computers.

The main Anti Spam Software we use ourselves, is the New Zealand Developed Mailwasher which you can download a demo from http://fta.firetrust.com/index.cgi?id=lounge35&page=1 .

If you use a new version of Microsoft Outlook, you may already have a filter built in. If you use an older version, there may not be any spam protection, therefore Spamfighter may be an option, which you can download at this link http://www.spamfighter.com .

There are also hundreds of other Anti Spam software options which integrate with your email software which you will be able to find in Google.

Most of our higher level hosting plans come with server spam filtering built into the hosting control panel. However this spam filtering should never be used as a replacement for your own spam filtering software that you install on your own computer. If your hosting or email plan don't have server spam filtering, and you would like it, please contact us to upgrade your plan.

Please note that if you are forwarding your email from your domain to a third party email account with your ISP or similar, then any server spam filtering that you have setup with us will not apply, as the email is automatically forwarded onto your ISPs mail servers. Therefore you would need to enable spam filtering with your ISP, if they provide it.

RETURN TO TOP OF PAGE

 

Who can I complain to about the spam I receive?    

We have no control who sends you your email, including any spam or junk email that you receive. Therefore if you want to complain about receiving a spam email, you will need to make a compliant to the ISP of the sender of that email. You can find out who sent the email to you, from the header information in the emails properties box. You can find this in Outlook by selecting the email in your inbox, right clicking, and selecting 'options' or 'properties'. This will then display the header, which should show you the IP address or the ISP name of the sender.

Other email software has similar ways of accessing the header. Please don't expect a reply from the ISP(unless they are a good one), as they very likely won't have the resources to deal with the compliant

You can also report the spam to such organisations as http://www.spamcop.net/ , http://www.sorbs.net/ , http://www.spamhaus.org/, which is probably the most effective way of beating spam, as this can blacklist the ISP servers, effecting all their services, and stopping the spam being sent.

If you have Antispam software on your computer, depending on its features, this software may also automatically send the details of the spam to the companies above, without you needing to visit their websites.

Please don't email us with your spam emails, as we can't do anything about who sends you email.

RETURN TO TOP OF PAGE

 

Why are emails that are sent to me being marked as SPAM and returned?

Over 90% that is sent around the internet is now spam, which is a major problem for all hosting providers. Therefore the servers we use run antispam software that use some of the top antispam databases from around the world. Most top hosting providers will now use these sorts of antispam systems, and will use these same databases. This means that anyone who sends you an email, the mailservers IP address that sends the email, is checked against this database. If a particular email is being blocked, it would mean that the provider they are using will be blacklisted that database, very likely because their provider has been reported for sending spam. This is usually due to one of their other customers spamming and abusing their mailserver. It is up to the ISP that has been blacklisted, to get themselves removed from the database. If they are having trouble sending email to you, that means they will also be having trouble sending to many other people too.

CPanel users can manage the amount of spam filtering they want, by logging into CPanel and going to the Spam Assassin sectioFor clients on our Corporate and Business hosting plans, you can configure your spam settings in the email section on the control panel.

If you have a client who has been sent an email from our servers that says their email has been blocked, you will need to ask them to contact their email or ISP provider to get the issue sorted out.

RETURN TO TOP OF PAGE

 

Why do I keep receiving email bounces for email I didn’t send?

This occurs when a spammer sends email and sets the ’from’ address to your own email address. This is often referred to as 'spoofing'. This can occur due to internet’ s universal email system, which allows the sender to set their email address to anything they like. Banks are often a target of this, and spammers will send out phishing emails using fake bank email addresses. Often they will use an automated 'dictionary' which will fill in common email names before domain extension. The reason spammers use the email address of your domain name, is that a lot of mail servers check that the ’from’ address, to check that it is a valid domain before accepting the email. The spammers harvest your email and domain name from your website, as they have special software that crawls the internet searching for valid domain names and email addresses to use. This is why it is very important that if you display your email address on your website, that you use some form of email encryption script. You will be able to find such scripts by conducting a google search.

The best way to combat Spoofed emails using your domain name, is to setup or enable 'Sender Policy Framework' (SPF) on your domain. You can do this inside the CPanel control panel by logging into your main CPanel page, go to the 'Email' section, and click the 'Email Authentication' icon. Then under the SPF section, click the 'enable' button.

There are also some virus’s and malware that unsuspecting computer users have been infected with on their personal computers that also do the same thing, and that crawl the users personal computer for valid email addresses and then automatically send these email addresses back to the spammer.Often the spammers spamming software will also create a random string of characters that it places at the beginning of your domain name, to create the ’from’ address. e.g. iuysdfgiy3576@yourdomainname.co.nz . The reason that you would receive the bounced emails, is because you have a ’catchall’ address setup. The ’catchall’ email address captures all email sent to your domain no matter what is put at the beginning of the @. The only way to prevent receiving these is to remove the ’catchall’ and setup only the specific email addresses that you use for your email.

Please note that if your email address is spoofed, and the email is reported as spam by a recipient, that your domain shouldn't get blacklisted in the RBL (realtime blacklist database). The best blacklisting databases will usually only blacklist the originating IP number of the senders server, and not the domain name contained in the email address.

Another thing we need to highlight, is if you have a website that uses formmail or any other automated scripts, you are required to keep your scripts up to date with the latest and most secure versions of the script. Spammers can hack unsecured scripts and use them to send spam through the server.
Therefore always make sure that your website is use the most secure version of any website scripts.

RETURN TO TOP OF PAGE

 

How do I setup SPF on my account to combat spoofing?

The best way to combat Spoofed emails using your domain name, is to setup or enable 'Sender Policy Framework' (SPF) on your domain. You can do this inside the CPanel control panel by logging into your main CPanel page, go to the 'Email' section, and click the 'Email Authentication' icon. Then under the SPF section, click the 'enable' button. Clients on our Corporate or Business grade hosting plans can setup SPF records by following the SPF setup instructions here.

RETURN TO TOP OF PAGE

 

Why does SpamAssassin label some email as Spam, and others not?

What does SpamAssassin do to check that an email could be spam?

SpamAssassin checks many variables within an email, when assigning an email a spam score. Users can also change the settings that SpamAssassin uses in order to determine if an email will score as a spam or not. SpamAssassins settings can be changed within the cPanel. The tests SpamAssassin does are complex, making it difficult to understand why an email was given a particular score. For more in-depth information on the tests SpamAssassin does go here.

How can I lower my SpamAssassin score on emails I send out?

The main thing is to make sure that your email does not fall into the definition of being spam. Here are some things to look out for in the emails that you send. The same applies to emails that you receive that maybe getting detected by Spam Assassin as Spam, which is information you can pass onto the sender if you are having problems high spam scores from them.

- Lookout for false or misleading information in the header
- Lookout for false or misleading information in the subject line
- Provide indication that email is an advertisement
- Include a type of return email address that allows recipient to opt-out
- Email includes a clear notice that there is an option to opt out
- Email is not sent after a recipient had sent notice that they wish to no longer receive the email
- Email contains a valid, physical address.

More information that may help to keep your email from being labeled as spam, or generating a false positive result includes:
Stop Blocking My Mail
Frequently Asked Questions - SpamAssassin
Avoiding False Positives

An alternative option to minimise the risk of your email from being labeled as spam, is to use Domain Keys. The Domain Key is an e-mail authentication system that allows for incoming mail to be checked against the server it was sent from to verify that the mail has not been modified. This verifies that the email is coming from the listed sender and allows abusive messages to be tracked easier.

More information on SpamAssassin can be found at https://wiki.apache.org/spamassassin/SpamAssassin

RETURN TO TOP OF PAGE

 

How do I use the tools in CPanel to manage the spam I receive.

CPanel comes with a lot of free tools to help manage spam emails. These are listed below.

SpamAssasin

SpamAssassin is an automated mail filter that uses a wide range of heuristic algorithms on mail headers and message body text to identify "SPAM" (unsolicited email). This software is capable of eliminating more than 98% of all SPAM messages. Its performance depends on the individual configuration, which can be tuned by each website owner. Once identified, the mail is tagged as "SPAM" for later filtering using the user's desktop mail client.
To configure your SpamAssassin, please click on the SpamAssassin icon on the main screen of your cPanel interface.


BoxTrapper

BoxTrapper Spam Trap is a tool that can help reduce spam significantly. Someone emails you, if they're not on your white list then they must reply to a message they receive after emailing you. After replying they are put on a white list so they don't have to respond every time they send you a message to validate the email. Basically you give them the big OK that the sender is a person and not a virus or spammer - they usually never respond so this cuts down spam a lot.


Filter Your Mail Automatically - Cpanel E-mail Filtering

Cpanel also has the ability to use Mail Filters - a nice little addon that will examine all your messages, sort them, do the action you tell it ad delivery you the results. This is an excellent method and often unused tool that can save you hours and hours of browsing spam. For example the Sober viruses sends out a series of messages that all have common subjects, you can completely delete anything that meets those exact subjects, preventing your inbox building up with spam and protecting you from viruses.

Login to your Cpanel, click on Mail, E-mail Filtering, at the bottom top click  Add Filter.
In the Filter section you have two drop downs, the first is what you are filtering.
Subject, From, To, Body, Any Header, SpamAssasin Spam Header.

The next drop down is how you are filtering it.
contains, equals, matches regex, and begins with.

The input box is the filter. Enter the text you want to filter here.

For example, if you keep getting spam messages with the same subject and you want to filter them. The spam messages have the subject line: Ultimate Online Pharmaceutical

You would create a filter as follows:

What? Subject
How? Equals
Filter? Ultimate Online Pharmaceutical
Destination? Discard

This now automatically deletes any messages that you receive with the subject: Ultimate Online Pharmaceutical so they never even get to your inbox.

Once you've added a filter you can test it, enter a message that you think you want to filter in the test window, with subject, from address and body to make sure the filter works the way you want.

WARNING - setting up filters incorrectly can result in mail never received and the sender will never know. If you setup filters incorrectly then valid email can be deleted as well so be careful.

RETURN TO TOP OF PAGE