Spam, Spammer, Spambots = Money

Spams, spammers and spambots are exist for only one purpose, money.

1. Spam is email that is sent to other people without being requested. Why they want to disturb our life? Because this is one way of advertising.

2. Spammer will mostly send you something that you don’t know and don’t want to know, and turn to make you know, which equal to advertising. Advertising agency usually get paid for publishing advertisement, newsletter, social announcement and many more, so do spammer. Spammer get money for doing advertising on bad things like replica stuffs, pills, porn, multi-level marketing etc. In short word, spammer is ‘bad advertising agency’.

3. Spammers are not stupid. They have capabilities to be hackers, software developers, system engineers, researchers who tend to get more money which will bring themselves happiness, with less effort. They know how to do things right, do automation for their spamming task, bypass all security features and build many ‘add-on features’ in order to bring the ‘advertisement’ directly to you.

Continue reading “Spam, Spammer, Spambots = Money” »

How to Increase Email Reliability

Have you encountered valid email being delivered to your Junk/Bulk/Spam? Why is this happened since you are not a spammer? How to make sure my email going through to the Inbox?

We called this as false-positive. False positives are innocent emails that get mistakenly identified as spams. Recent mail system security has incredibly tighten due to number of spam pattern increase. Before your email being delivered to respective mailbox, the email being filtered based on recipient mail server rules.

Example of filtering that can happened in recipient mail server:

1. PTR checking (pointer record or Reverse DNS)
2. SPF checking (Sender Policy Framework)
3. Bayesian Filtering
4. SpamAssassin Server Scoring and Filtering
5. RBL (Real-time Blackhole List)

What we can do?

Depending on how tight is the filtering level, false-positive can happen in any mail server. This is quite annoying since you cannot do anything from your side to fix this. What you can do from your side then? You can use following tips to bring up email’s reliability:

  • PTR – You must use a SMTP server to relay your email to the recipient. That server must have a public IP which recipient can see. That public IP must have a reverse lookup value. Example:
    • Public IP: 154.80.143.22. Hostname: mail.myserver.net
    • When you lookup mail.myserver.net, you surely can get 154.80.143.22, but when you reverse lookup 154.80.143.22, do you get the same result (mail.myserver.net)?
    • How to create PTR records? You MUST contact the IP owner, which can be found from whois page.
  • SPF – This one is useful to tell the world that your domain’s email address should come from certain IP address. Every spammer can use your domain as “FROM:” field, SPF checking will make sure the domain send from, match the sender IP specified in SPF record. You can generate the SPF records from OpenSPF and apply into DNS records of your domain (TXT records).
  • DKIM – This is quite new technology, where sender prove the email comes from them by signing the email with digital signature. You can browse around to see how to enable DKIM for your domain/server.
  • dnsbl.info – Make sure your SMTP IP address is not listed in this website, http://www.dnsbl.info/ . This website can tell whether your IP is in any RBL list or not. If listed, contact the anti-spam organization that list your IP and request for removal. You might need to follow their requirement for that.
  • Click “Not Spam” – Usually, if the sender is using a new domain and do not have any transaction with that particular mail server previously, it will mark your email as spam especially for email service provider like Yahoo, Gmail and Hotmail. If it happens, make sure you click “Not Spam” or “Not Junk” to let the the mail server know that this is a valid email and should be sent to inbox.

If you have done everything as list above but still cannot pass through the inbox, something is not right on the recipient side. Contact their system administrator and let them know about this so they can whitelist you inside their server.

Leave a comment if you have more point to share. Cheers!


Installation – Standalone Spam Assassin Server

This is my way on installing dedicated spam assassin server to be integrated with my internal mail server. This server better be run as virtual machine due to easy deployment and not heavy resources needed (depending on how many spam process you want it to run). In this case, we will use CentOS 5.5 64bit.

1. Install required RPM

yum install -y db4 db4-devel gcc libstdc++ libstdc++-devel

2. Update kernel, and others

yum update kernel
yum update

3. Reboot

4. Open Perl shell and install required perl modules

perl -MCPAN -e shell

(for first time user, you might need to accept default value if prompted)

install HTML::Parser
install NetAddr::IP
install Net::DNS::Resolver::Programmable
install Net::Ident
install Net::DNS
install DB_File
install Digest::SHA1
install Time::HiRes
install MIME::Base64
install Getopt::Long
install File::Copy
install Mail::SPF
install Mail::SPF::Query
install Mail::DKIM
install IP::Country
install IO::Socket::INET6
install IO::Socket::SSL
install Compress::Zlib
install LWP::UserAgent
install HTTP::Date
install Archive::Tar
install IO::Zlib
install Encode::Detect
install URI::Escape

Continue reading “Installation – Standalone Spam Assassin Server” »