Protecting Against Outgoing Spam

Bob Morse

Spam! What is it Good For? Absolutely Nothing

We all find ways to deal with the ongoing onslaught of incoming spam. Even with filters, blockers, mass deletion, it's nearly impossible to avoid seeing some spam. The purveyors of spam are clever and persistent. Fortunately, our spam protection systems do a pretty good job of protecting our hosting clients.

But outgoing spam is often overlooked by web hosts. It's not that any of our hosting clients are guilty of willfully sending out spam. If they were, their accounts would be suspended and likely terminated as the practice is against our terms of service. But occasionally an email account will be compromised and taken over by an outside hacker. This is usually due to the use of weak passwords, using the passwords on multiple accounts or passing them around in plain text that can be harvested.

The inconvenience spam causes recipients is reason enough to guard against it. But even more harmful is that a server caught sending out spam can be put on blocklists which can block any mail from the offending server being delivered to any server subscribing to one of those lists. Subscribing to block lists is, in fact, one of the tools we use to protect our clients from incoming spam. Once your server gets on one of these lists it can take time and often a good deal of work to get the server removed.

 

 

Enter Outgoing Spam Monitor!

So in order to protect everyone from such an event, we have installed the ConfigServer Outgoing Spam Monitor on our servers. It's highly configurable and allows us to detect potential spam and hold it on the server instead of letting it go out into the world. We are notified by any incident so an administrator can review the incident and make a decision on whether the email is legitimate or not. 

If it's determined the email is spam it's deleted and the account owner's email password is changed along with their host account password. The client is then notified of the incident and of the password changes so they can reconnect to their accounts. Legitimate email is released without further action or notification.

Since OSM was installed late last year, we've already had two instances where an email account had been compromised and the spam removed. We also had one instance of legitimate email being held and then released within a matter of minutes.  Buying the licenses for OSM has already proved to be a great value! If you appreciate our level of care and support, consider signing up for your own hosting account at Redwood Host.

  Unless in the rare instance your email account is compromised, you will never know this layer of protection is working in the background to protect your integrity and the integrity of our hosting servers.