Server-Based Anti-Spam



The single biggest hurdle

when hosting your own e-mail addresses is filtering spam. If you have an account with Gmail, Yahoo! Mail, or one of the other many free e-mail providers, it is almost certainly filtered for junk and viruses by some pretty sophisticated software.

When you first create your own hosted addresses in your control panel, they
most likely have no filters on them at all, which can make for a messy — and
dangerously vulnerable — e-mail account.

Most web hosts provide optional spam filters that you have to turn on and
configure yourself.

These different spam filters work in different ways and require some monitoring
and configuration, but they will help you greatly reduce the amount of spam you receive.

Many filters are available. BoxTrapper and SpamAssassin are two of the most
common filters.

Find your options by logging in to your control panel and looking for the Mail
section. In that section, if your host provides them, you will see some spam
protection options.

On cPanel, for example, BoxTrapper and SpamAssassin are almost always
installed. Here’s how they work.

BoxTrapper prevents any e-mail address from sending mail to you unless it is
on a whitelist.

A whitelist is a list of allowed e-mail addresses. Users can also create a blacklist that contains banned e-mail addresses. The same terms are used to apply
to IP addresses when dealing with website security.

E-mail addresses can get onto a BoxTrapper whitelist in two ways:
 You manually add them to the list  The senders verify they are real.

BoxTrapper sends an e-mail to any unverified senders asking them to
respond to prove that they are legitimate senders. Spammers who send out
e-mails automatically en masse using fake e-mail addresses can’t reply to the
verification message, and BoxTrapper will block messages that come from
those addresses. See Figure 3-10 for the BoxTrapper Configuration screen.
BoxTrapper holds blocked e-mails in a queue for moderation, so you have to
remember to log in periodically and check for legitimate e-mails that
inadvertently have been blocked. This can be a pain to do, especially if you get large
quantities of junk and have to pick through the junk in the queue to find real,
non-spam messages.