Posted: Fri 25 Apr 2014 11:01
Hi Cookie, I have a number of questions about spam filtering. Obviously, asking you to provide a tutorial would be a bit cheeky, so if you know of a web page that will answer these questions, this would be a great help. All of these questions refer specifically to the BCA server and CPanel...
- If SpamAssassin is disabled on an account, does the server do any spam filtering all, or does it still reject messages where the sender is blacklisted?
- If the answer to the above is "yes" then what additional filtering itakes place when SpamAssassin is enabled?
- If the SpamAssassin config page (click on the SpamAssassin icon in CPanel) is set to Auto Reject, based on a score, what is the difference between setting the score there, and setting it in an account-level filter (i.e. by clicking on Account Level Filtering in CPanel)?
- Should we be enabling DKIM and SPF (click on Email Authentication in CPanel), or are the "complex" issues with these that are best avoided . Specifically, because I send my mail via a third-party (Gradwell, or BT, depending), but with Sender set to bcra.org.uk, so do I need to do anything special?
- If I try to enable DKIM I get a warning: In order to ensure that SPF or DKIM takes effect, you must confirm that this server is an authoritative nameserver for hidden-earth.org.uk. If you need help, contact your hosting provider. But there is no indication of how I do "confirm" that. The nameservers for hidden-earth are set to ns1.memset.com which is presumably correct, but how do I "confirm" that?
- Some time ago, you suggested that I change BCRA's name servers to Memset instead of ns.hosteurope.com, which is where they are now (set at 123reg.co.uk) but I cannot remember why I didnt do it. Im sure I came up with a reason, but what was it? Can you remember? Anyway, if I do that, now, I still, presumably, need to "confirm" it (as above).
- Obviously the type of spam people are targeted with varies depending on who you are. The nature of the spam Im receiving (and I assume, other people with BCRA and Hidden-Earth addresses) suggests that it could be minimised if we were able to write some custom rules. The first is that any message containing an unencrypted ZIP attachment should be rejected. (Ive seen this on other mail servers). The second is that any message that was also sent to a non-existent user should be rejected. (I gather that's how Cloudmark works). But I guess that both of these rules are simply too intensive of manpower for any of us, here, to think about