I have been moving clients here from other hosting companies and the first thing that always comes up is that they are getting more spam than with their previous host. I have even confirmed that some of these messages are coming from the HMS server.

Can't HMS do something to get spam under control? I really, really, really don't think asking customers to pay for a solution like Postini is answer.

Hello,

I can say that our servers definitely aren't spamming our own clients, and in general they're not sending out spam period. SmarterMail comes with some spam filtering options however they have to be configured to do anything other than simply mark messages as spam-Low, spam-med, or spam-high.

We acknowledge though that the Smartermail system isn't the best, which is why we came up with the Postini affiliation. Unfortunately since Postini charges us we have to charge our clients per user on Postini.

If you've never tried it I would suggest you do so for a single one of your accounts that gets a lot of spam. I've used Postini for several months now and I don't get ANY spam - which means it's catching several hundred messages per day.

You said that clients moving over get MORE spam on our servers than before...which means they still got spam at their last host. Isn't completely eliminating spam worth $1 per month per user? If I wasn't an employee I'd still pay for that!

Well, I did try Postini for a week and had several emails just dissapear — no quarantine — just gone. I currently use Spam Arrest personally and have zero spam problems except for the odd occassion when they originate from the HMS mail server. Yes, Spam Arrest is a paid service, but I did not have the need for a paid service before moving to HMS, as is the case with my hosting customers. My previous hosting providers used SpamAssassin and a simple mail rule in OutLook took care of everything.

As for spam originating from HMS, please read the support email thread below. Your tech confirmed that it was one of your customers. The solution was that I should unsubscribe from a mailing list that I never subscribed to... and then wait 10 days for my request to be processed? Unsolicated commercial email = spam.


From: support@HostMySite.com
Subject: Re: (#T3183056) Mail Server hack
Date: March 1, 2007 11:44:51 PM CST
To: ******@catchlight.com
Reply-To: support@HostMySite.com

Ref: catchlight.com

Hello!

This email was sent by another customer on one of our servers. There is an option at the bottom of the email saying out to opt-out of future emails.

This is an advertisement.
If you wish to no longer receive our Dartnell Corp. audioconference emails, do not reply to this email. Please write us at rmovedrt@elidigital.com with "unsubscribe" in the subject line or call 800-508-2582. Your request will be processed within 10 days.

Please let us know if we can assist you further.

Regards,
Raymond Corbin
http://www.HostMySite.com

Email: support@HostMySite.com
Technical Support: 1.877.215.4678
Customer Service & Billing Inquiries: 866.916.4678
International: 1.302.731.4948

Get your FREE .com, .net, .org, .us, .biz and .info domain name at HostMySite.com!

Manage your hosting account using our Total Customer Control Center at https://controlpanel.hostmysite.com

-----Original Message-----
From: ******@catchlight.com
Sent: 03/01/2007 08:03:13 PM
Subject: Mail Server hack
TICKET CREATED THROUGH THE CONTROLPANEL BY: Howard Theriot
CONTACTTYPE: Account Administrator
The mail header below is from a message being sent to me via HMS mail server. This concerns me because I do not use HMS mx records.

Thanks,
Howard



From: nobounce@elinetwork.net
Subject: How to Find the Best Sales Professionals
Date: March 1, 2007 2:33:15 PM CST
To: ******@catchlight.com
Reply-To: nobounce@elinetwork.net
Return-Path:
Received: from UnknownHost [206.55.123.101] by sm4-beta.ad.safesecureweb.com with SMTP; Thu, 1 Mar 2007 15:33:16 -0500
Organization: Dartnell Corp.
Message-Id:
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="----=SPLITOR00A_001_134537578D"
X-Smartermail-Spam: SPF_None

Howard,

I'm going to have a chat with the other technician because he wasn't correct in his assessment of the situation. You received this spam message from

206.55.123.101

which isn't one of our IP addresses, so the message didn't come from our network. You can check that at

http://www.arin.net/whois/index.html

Our Ips show as registered to LNH, Inc. Anyway, the reason why this message didn't go through SpamArrest as you expected is the spammer likely forced delivery to your domain's 'mail' CNAME,

mail.catchlight.com -> mail52.safesecureweb.com

This is a sneaky way of getting around spam filters; other ways include deliberately delivering mail to a secondary or backup MX record instead of the primary. Unfortunately spammers cache this information so they don't to perform repeated lookups, so the only way to prevent this type of spam from getting to you is to setup filters in your Smartermail that ONLY allow mail to deliver if it comes through the SpamArrest filters - similar to the Postini filters I created here:

http://forums.hostmysite.com/viewtopic.php?t=3347

The only important fact to note is that local mail (mail from the same server you're own) will deliver locally, so you'll need to make sure there is a provision in those filters for messages that come from your own domain and any other domains you correspond with who are located on mail52.safesecureweb.com.

I hope this is clear to you - please let me know if you have any questions!



From: nobounce@elinetwork.net
Subject: How to Find the Best Sales Professionals
Date: March 1, 2007 2:33:15 PM CST
To: *******@catchlight.com
Reply-To: nobounce@elinetwork.net
Return-Path:
Received: from UnknownHost [206.55.123.101] by sm4-beta.ad.safesecureweb.com with SMTP; Thu, 1 Mar 2007 15:33:16 -0500
Organization: Dartnell Corp.
Message-Id:
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="----=SPLITOR00A_001_134537578D"
X-Smartermail-Spam: SPF_None

Thank you for following through on this Jamie. I do appreciate it.

Not a problem - I accept the fact that there are spammers out there, but no way will I let them spam from OUR servers intentionally.

Another question for you... SmarterTools website states that SpamAssassin is now part of SM 4. Is that the case with the SM 4 beta that you guys currently offer?

Yes, but it can't be used in our shared environment because the bundled version of SA is only good for about 40,000 inbound messages per day, and our shared servers do more traffic than that.

If you use a Ded or VPS solution though it is a nice feature - though I do like Postini better.

Honestly, I signed up for the Postini trial and some email just disappeared. I could live with that.

A VPS might be a good option for me if it gives me more control over these issues. The 50 domain SM license that comes with your Windows VPS is the Pro edition, correct?

Yes, it is the pro version!

Since you are in Dedicated Server Sales, I am going to email you directly about this.

Yeah, I had completely misread something within that ticket. Jamie's assessment is correct with the IP address of the sender coming from 206.55.123.101. Sorry about that.