I have gone from receiving a dozen or so to more than 400 ... and they are all coming to my primary email address.

What I find interesting, is that SpamAssassin is correctly tagging them (modifying message subject) but (?some?) messages that are above the delete threshold appear to be getting through, anyway.

Has spam spiked for anyone else?

Yup, I've been getting quite a lot lately as well. Not 400, but above average.

Ticket #212233

I just received over 100 SPAM messages via my main e-mail account.

All of these messages had the message attached.
All of these messages had the subject modified with *****SPAM*****.
All of these messages had a "spam rating" greater than 9.0.

According to my SpamAssassin configuration, all SPAM with a "spam rating" greater than seven (7) should be deleted, without being routed to a mailbox.

Please clarify if I have misunderstood, or help me to properly configure SpamAssassin to delete these messages.

Best regards,
-Mark Boggs


I have gone from receiving a dozen or so to more than 400 ... and they are all coming to my primary email address.

What I find interesting, is that SpamAssassin is correctly tagging them (modifying message subject) but (?some?) messages that are above the delete threshold appear to be getting through, anyway.

Has spam spiked for anyone else?

Let's see the full headers for one of these 9.0's that are still going to your Inbox. Sometimes there's info in there from SA as to why it went through, and in my exprerience that's most often because you've got a whitelist entry that "overrides" the SA rule.

Ryan replied to my ticket and indicated that I may have misunderstood how to use the DA/SpamAssassin control panel setup.

I am not so sure that I misunderstood ... it appears to me that there are at least a couple of configuration options.

The first setting (a) - what to do with SPAM, I still have configured to go to my Inbox.

The next setting (b) - at what level should a message be marked as SPAM.

The next setting (c) - at what level should a message be automatically deleted.

I believe that I am correct in presuming that no matter what, a message that is greater than the threshold identified in setting (c); that message is going to be deleted. If this is not correct, then I have misunderstood the configuration options.

here is a header:

======================BEGIN======================= =====
Spam detection software, running on the system "www75.hostpc.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see the administrator of that system for details.

Content preview: The original message was received at Wed, 25 Jul 2007 03:22:43
+0200 from host-89-230-0-176.ozorkow.mm.pl [89.230.0.176] ----- The following
addresses had permanent fatal errors ----- <crobert@netpratique.fr> (reason:
554 Le message contient une source de spam connue dans l'en-tête Received:)
[...]

Content analysis details: (14.2 points, 5.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
2.7 HTML_OBFUSCATE_20_30 BODY: Message is 20% to 30% HTML obfuscation
0.0 HTML_MESSAGE BODY: HTML included in message
0.8 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar to background
1.1 URIBL_SBL Contains an URL listed in the SBL blocklist
[URIs: anenhealth.com]
3.4 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist
[URIs: anenhealth.com]
2.6 URIBL_OB_SURBL Contains an URL listed in the OB SURBL blocklist
[URIs: anenhealth.com]
3.6 URIBL_SC_SURBL Contains an URL listed in the SC SURBL blocklist
[URIs: anenhealth.com]

The original message was not completely plain text, and may be unsafe to open with some email clients; in particular, it may contain a virus, or confirm that your address can receive spam. If you wish to view it, it may be safer to save it to a file and open it with an editor.
===================END============================ ===



Let's see the full headers for one of these 9.0's that are still going to your Inbox. Sometimes there's info in there from SA as to why it went through, and in my exprerience that's most often because you've got a whitelist entry that "overrides" the SA rule.

Plesk and DirectAdmin control panels allow to add/modify DNS settings.

1. Use Google Apps (http://google.com/a) to use their email service - spam will be much less.
2. Use your Gmail a/c to download (via POP) your emails hosted at HostPC. (and auto-delete emails after download if you want) - same effect as #1 because its still gmail program.
3. Similar to Google Apps, Microsoft is providing a similar service called Windows Custom Domains (http://domains.live.com).
4. Filter the emails your self if you know programming - its not a very hard task to get this kind of mail setup - but you're responsible for the filtering algorithm, which is where the task is real heavy. Incoming Mail & PHP (http://www.evolt.org/article/Incoming_Mail_and_PHP/18/27914/index.html).

Plesk and DirectAdmin control panels allow to add/modify DNS settings.

1. Use Google Apps (http://google.com/a) to use their email service - spam will be much less.
2. Use your Gmail a/c to download (via POP) your emails hosted at HostPC. (and auto-delete emails after download if you want) - same effect as #1 because its still gmail program.
3. Similar to Google Apps, Microsoft is providing a similar service called Windows Custom Domains (http://domains.live.com).
4. Filter the emails your self if you know programming - its not a very hard task to get this kind of mail setup - but you're responsible for the filtering algorithm, which is where the task is real heavy. Incoming Mail & PHP (http://www.evolt.org/article/Incoming_Mail_and_PHP/18/27914/index.html).

what a brilliant suggestion - thank you

I've been using Google's hosted email for my domain email and it's been awesome, their spam filter is top notch and it gives a couple GB of space per account...can't beat it.

But remember - using Google would be at the cost of privacy. They do sniff data at times.
According to help (http://mail.google.com/support/bin/answer.py?ctx=%67mail&hl=en&answer=21288),

Please note that you can't customize the default frequency of mail fetches.

So you may want to check with HostPC if Google keeps checking every 5 mins. Im not sure if this is considered a resource usage or not.

But remember - using Google would be at the cost of privacy. They do sniff data at times.
According to help (http://mail.google.com/support/bin/answer.py?ctx=%67mail&hl=en&answer=21288),


So you may want to check with HostPC if Google keeps checking every 5 mins. Im not sure if this is considered a resource usage or not.

Yes; absolutely must check - but using option #2 (fetch mail via POP) is an immediate solution to get their SPAM filer turned loose on the mail problem I am experiencing.

As I look through the information, it seems that option #1 is the direction I want to head.

Thanks again. I can't say how helpful this has been. I had 385 SPAM messages waiting in my HostPC (Inbox) mailbox (12 hours worth of mail). I turned Google loose on this mess and in less than ten minutes it was whittled down to less than 20 non-SPAM messages.

no, no, no, don't have Google POP your account, just set up your domain in Google domain hosted email service (it's free) and then redirect your email so it doesn't even sit on HostPC, it goes to your Google server space...take HostPC completely out of the picture and save your bandwidth, disk space, time and energy...

no, no, no, don't have Google POP your account, just set up your domain in Google domain hosted email service (it's free) and then redirect your email so it doesn't even sit on HostPC, it goes to your Google server space...take HostPC completely out of the picture and save your bandwidth, disk space, time and energy...

Understood - I needed a quick solution to filter the ~400 messages that were already sitting in my HostPC email account and using POP to GMAIL satisfied that need.

Now, as you and others have suggested, I will be updating mx servers so that mail is routed directly to gmail.

no, no, no, don't have Google POP your account, just set up your domain in Google domain hosted email service (it's free) and then redirect your email so it doesn't even sit on HostPC, it goes to your Google server space...take HostPC completely out of the picture and save your bandwidth, disk space, time and energy...

Thank you again, THANK YOU !!!

I setup the mx records to route mail directly to google, as you and others suggested.

So far today, google mail has filtered 2500 pieces of spam ... in less than 13 hours.

Dang dude, I thought MY email was loaded ... 2500 in 13 hours?? Who's S/L did you get on? :)

holy crap, thats a lot of...crap...WOW.

I currently use http://www.tuffmail.com for all my email as you can get very specific on your spam settings. You can even control the settings on the MX before it even reaches the mail server. They even have POP3S and IMAPS.

Dang dude, I thought MY email was loaded ... 2500 in 13 hours?? Who's S/L did you get on? :)

I have to admit that part of it is my own fault for using a catchall.

Back in the day, when spam was primarily generated by selling of email addresses, and before all of the (spam-related) crap that is going on now started, I would use a unique email address (for example, HostPC(at)MyDomain.com) for my interaction with that business or organization.

This technique allowed me to quickly determine, when I received SPAM, who was responsible for having sold that particular email address. I started this back in ... 1998.

Fast forward to today and you guys know better than I do, the rules have changed dramatically. What irritates me more than anything, is the idea that SPAMMERS will use my email domain is a forged header as the return address. So, no only do I get lots of the same SPAM, I also get hundreds (and sometimes thousands) of bounces from SPAM sent to bad email addresses that return to me.

Anyway, as is indicated many times here by Joe and his support team, as well as in the Direct Admin setup screens, DO NOT use a catchall. In time ...

COUNT UPDATE FOR SATURDAY: ~4600 SPAM Messages captured by Google Mail Spam for the 24-hour period of Saturday, August 4th.

I currently use http://www.tuffmail.com for all my email as you can get very specific on your spam settings. You can even control the settings on the MX before it even reaches the mail server. They even have POP3S and IMAPS.

I'll check it out ... sounds interesting, but gmail is free ... for now.

but gmail is free ... for now.
True, but theres a minor problem when it comes to sending many individual emails at a time. Gmail limits you to 50 outgoing emails sent a time. So if you intend on using a mailer program to send emails to your website users via SMTP, this would be a problem. You could use the mail (http://php.net/manual/en/function.mail.php) function obviously, but it uses more resources than SMTP.

I wanted to add MX records pointing to google and hostpc - so that I can have like, 50 emails hosted using Google Apps and 2 emails at HostPC. But Im not so sure about this.

If you're sending out that many at a time, I'd suggest a mailing list program - phpList comes to mind.