Welcome to Vastspace, provides Reliable Web Hosting since 2014

Welcome to Vastspace

Archive

If you have received “I have bad news for you Email Scam”?

Document extracted from https://www.pcrisk.com/, you can learn more from https://www.pcrisk.com/removal-guides/13972-i-have-bad-news-for-you-email-scam

The “I have bad news for you Email Scam” email is categorized as being part of a spam campaign used by cybercriminals (scammers) who attempt to threaten and trick people into paying money. Typically, scammers send an email stating that they have recorded a compromising video or image of the recipient and, if their demands are not met, they will proliferate the material to everyone on the user’s contacts list…….

Why anti-spam?

Sending emails and receiving emails are part and parcel of our daily routine. Due to my work’s nature, I received a few hundred emails a day. Mostly, these are notifications. However, they can be warnings if something went wrong.

To me, these are relatively important emails. However, I’m receiving unwanted emails or known as spam emails every day. Honestly, they can be from anywhere even you may have not corresponded with them before. Your email address can be known in several ways; harvesting, your recipient’s computers are infected by backdoors, you have enrolled to some events, your email address was sold to someone etc. Basically, they are not within your control.

I’ve personally tried, receiving emails without anti-spam. GOSH! More than 50% of the received emails were spam emails. I quickly switched back on my anti-spam gateways. I’m getting near to zero spam email.

With the anti-spam, it is a big relief. Without it, I have spent a few hours to remove those spam emails. A few hours, maybe  2~3 if you add them up. I was thinking, I can have a good rest for that 2~3 hours, why do I’m stupid to turn off the anti-spam filtering? Actually, it was my curiosity about my new anti-spam gateways.

So, it is clear that I need anti-spam for my mail server, Do you?

Anti-Spam Saga

It is all about anti-spam. Many have the wrong impression or little understanding of anti-spam. Even a lot of IT admins have a faint idea on anti-spam.

Emailing is more like a daily routine for many. Ask yourselves on how much do you understand on anti-spam. Most will tell you spam emails are those unwanted emails. But how?

Hopefully, I can make this understanding better. When someone told you I’m receiving a lot of spam emails each day, there are a few things to ask and examine. How do you determine those are spam emails? Where did these emails go to? If the subject has ‘SPAM’ classification? What kind of anti-spam solution do you have?

Anti-Spam has become very complicated. Especially those have installed anti-virus application on their computer has an anti-spam function too. The double filtering creates a lot of guessing games. We have cases whereby the email was quarantined by the local computer without users noticing it. However, the users plastered the server admin on such event.

Honestly, there are a few ways to determine a spam email. These rules are predefined and read by machines. The most common method is to use realtime blackhole list known as DNSBL The lists are maintained by various spam agencies,. Control panels and mail servers etc use these list provided free to reject or define spam emails.

Yes, it is common but less effective against spam emails. The more effective methods are combining a few like detecting spammy words, the type of charset, trusted senders and training the anti-spam system on the types of emails you wanted to receive. A good anti-spam system allows you to quarantine, reject or inject the spam classification into the subject that these emails have classified as a spam email.

You may have the best anti-spam system but I realized there are organizations have many false-positives a lot of tuning from time to time. The sender can be a newcomer, his or her email was rejected because it has violated the anti-spam rules even it was genuine. I have found the courier and logistics companies cannot have very stringent anti-spam rules and you need to check the process often to avoid unnecessary delays.

I want to say you need a good mail server admin to minimise the hiccups even you have a good anti-spam system. When this has happened, he or she is able to check from the header and do the necessary adjustments in quicker turnaround.

Cheap anti-spam?

Many have the impression that cheap things aren’t good. Yes but not exactly for all. For example, our cheap web hosting plans come with a good anti-spam filtering solution.

The anti-spam solution is as effective as you can find in the market available commercially in hundreds a month. Seriously speaking, many web hosting users are getting a lot of emails. Because they are paying little, so they might have an impression, anti-spam filtering is an addon and you have to pay more for anti-spam。

This is in the past, you are paying for anti-spam. Vastspace‘s web hosting is an exception, we feel that this is essential and it should be part of the web hosting. We have included anti-spam filtering. This is not the ordinary DNSBL anti-spam blackhole you find in most control panels.

anti-spam rulesWe use complicated anti-filtering with more than 10 rules to determine should the email classified as SPAM. We will quarantine SPAM emails in case you have decided to read it or it is a false positive. The anti-spam filtering is too effective with newsletters, with success rate up to 90%, they are quarantined if you choose to accept them in the future.

If nex time someone said to you that you have to pay for anti-spam. Try our web hosting, you will notice the difference.

SmarterMail – Migration makes easy

SmarterMail – Migration makes easy

If you are using one of the email servers and want to migrate to SmarterMail, you can use the migration tool in the webmail as shown. Basically, SmarterMail imports all your emails stored on the current mail server either using POP3 or IMAP4, however, if you are Gmail user, you can import calendars, tasks and contacts too.

 

Brute-force Protection

Whether you are using Exim, Postfix or others, I personally feel that the brute-force protection is necessary. I have seen unauthorized login attempts on email accounts especially the common ones.

I supposed your service provider has been telling you ‘please use the strong password’. However, Imseeing compromised account use a weak password. So, please remind yourselves always to use strong passwords.

A strong password can be 13 characters and above, a mixture of the symbols, capital letters, small letters and numbers. You don’t and never define such as strong password ‘P@ssword123456’ Yes. it has more than 13 characters., symbols, capital, small letters and numbers.

This type of password is very guessable, they are likely in the hacker’s dictionary. Never use this kind of password. Combination of name, birthday, handphone and NRIC number should be avoided too. A password is your first defence line, hence it is important to make sure they are not guessable.

Devices have set up with email services should install with a good anti-virus capable of detecting malicious activities like for example ports scanning which is common nowadays. This is also important to an individual, even you have a strong password, there is risk your password is stolen through a backdoor on a virus-infected devive.

If you do have the above both, the brute-force protection is useful but it is not 100% you are protected or you are safe. Hackers will attempt to login to your email account with their hacking program using a guessable password.

The ideal of brute-force protection is a rule to block further failed login after X attempts in X interval and block the source for an X period. This is effective to bar authorized access. Whoever came out the mechanism is a genius. This mechanism has protected many, not only email accesses.

Like SmarterMail has such feature out of the box, actually more like internal spammer etc. However, today topic is mainly on brute-force and yes, SmarterMail has built-in with such feature. The server admin can define the number of attempts and the block interval. SmarterMail will display the IP address and its location, should you blacklist them permanently.

I personally felt this is a great feature to protect our email users. This feature reduces the workload on email server admin too. A good email system must built-in with a good security feature and SmarterMail did it.

[/vc_column_text][/vc_column][/vc_row]

How to reduce spam emails?

How to reduce spam emails?

Actually, it is frustrating if you are receiving a lot of spam email. Even you have so-called the best anti-spam on your email service, you can receiving spam email, maybe lesser and at the same time, you might treat some emails as spam email, known as false positive.

As far as I’m concerned, there isn’t 100%. With anti-spam you are receiving lesser definitely but your definition is never the same as the server. Some anti-spam require you to set rules or train them in order to be effective

Thus, you cannot eliminate those spam emails defined by you. However, you can still minimise receiving spam emails without spending a lot to or buy a good anti-spam. Here are a few tips to help you;

a. Never use your ‘work’ email to do registration online for personal use, Your email address can be sold to someone for bulk sending. Always think twice if registration is necessary.

b. Avoid common account name like help, sales, enquiry or similar. If your name is John, avoid using john@, and add your last name.

c. Do not advertise your email address. Spammers like to use harvesting technique to collect email addresses. Common areas like auction portals, buy & sell portal etc.

e. Make sure you use SPF in your domain name DNS allows only permitted email server to send email on your behalf. I recommend ‘-a’ at the end of SPF record if you want to enforce those emails impersonate your organization.

f. Use effective RBLs on your email server. Reputable RBLs filter emails sent from bad IP addresses.

 

 

 

.

Should you own a dedicated email server?

Should you own a dedicated email server?

I’m seeing some of my customers are hosting a hundred or more email accounts using cPanel or Plesk onyx. There is nothing wrong using these control panels, email service is free using either Exim or Postfix. There are free and open source email server. Anti-Spam features are limited to free and open source solutions.

They are still ok for daily usages. However, if you are relying on the webmail, the choice is limited to the free and open source solutions. They are not amazing until you have seen better webmail like SmarterMail.

Administrative functions are also limited on these email server. Creating, deleting mailboxes and updating password are likely what you need. A lot of the other features are not available or modify them using SSH shell command.

In my opinion, administrating email server, receiving and sending emails are important for an organization. I’m seeing a lot have neglected this area.

A good email server can save you a lot of troubles and enhance your email deliveries. They are equal to money. Basically, the return is higher than investing in terms of financial values.

Today, we introduce SmartMail DE250Lite at #188 per month. Lower by more than $100 with smaller disk space. The Lite version will ft those with a lower budget if they do not need the large disk space.

A Snapshot vs a Backup

Many have not understood what is a snapshot? What are the differences? Which is better? Today, we are here to explain to you the differences, the pros and cons of the backups and the snapshots.

Snapshot is only available to a VM. Whether they are called VPS or something else. If the instance is virtualized, a snapshot is possible. Backup is installing an agent into the guest OS or the dedicated server, transfer the partition or files into a backup storage device.

Snapshot takes an image of the instance of its current state and dumped into a compressed file format like LZO. It is only possible to restore the entire VM. to restore files, you will have to extract files after you have restored the VM to another instance which is very time-consuming.

However, you can restore files from a backup. Even a bootable partition for some backup solutions. To restore a partition, you must have a temp portable partition on the memory to restore the restored bootable partition backup. This is a very slow process especially the restoration involved a huge partition.

Files restoration is the fastest and if you need to roll back the entire server, a snapshot restoration is much faster than restoring a bootable partition. However, if your backup retention is longer, you will need lesser space on your backup devices.

Most snapshot use NFS. It is cheaper to build an NFS storage than a proprietary backup solution. Nowadays, VM snapshot uses LVM-Thin to conserve disk space, it helps reduce disk space usage significantly. There is a drawback using LVM-Thin, the server must have a faster write and read space especially restoration, otherwise, it will affect the speed on other guest machines on the same server.