I get 125 spam messages a/day. Most of them get filtered by SpamSieve on the client side.
In theory, my old hosting provider used Spam Assassin, but dialed down so high it had been mostly pointless. Meanwhile at work, we had no spam filtering at all, other then this TDMA challenge response system that I immediately disabled.
So client side filtering was where it was at, but I knew that it was possible to do a lot better against spam with server-side filtering. (www.acme.com)
So when I looked into spam solutions for work I was intrigued by http://www.spamstopshere.com for my own use. It has the reputation for being the most accurate, and additionally, you can actually tell how much it will cost you by browsing their website, something that isn't true for BrightMail or Postini.
So my first problem was that my old hosting provider only allowed one MX record per domain because they use the CPanel hosting interface.
Ok I thought, I'll just change it to point at the spamstopshere filters.
Oops, the hosting provider stopped accepting email for my domains period when I did that.
So my email was broken for a bit. Spamstopshere filtered the spam (Good!), but legitimate emails would get rejected by the hosting provider (Bad!).
Contacting their support did no good. They were willing to install the long form MX records SpamStopsHere suggests, but that still led to bounces.
Hunt for a better hosting provider:
7 years ago when I started using Nettigritty after a friend of mine sold his ISP business where I was mooching a server they were a good deal because they only wanted like $20/year for hosting. Not a lot of bandwidth, but enough for my blog. The catch is that they're in India, I had to pay in Rupees. (I'm not kidding.)
7 years later cheap linux hosting is abundant, and along the way I'd had to upgrade my hosting with them anyways because I was using too much bandwidth. So I was now paying $120/year anyways.
So my requirements for a hosting provider were:
$10/month for lots of space/bandwidth/domains.
The first one was easy. Cheap linux hosting is all the rage now.
The second was harder, because most of the cheap guys use CPanel or its equivalent.
I won't bore you with the details, but they boiled down to two choices:
- Network Solutions
They have a terrible reputation, but their hosting account included BrightMail! So no extra cost.
They have their own control panel that's much better then anything else I've seen, and they supported shell accounts!
The clincher was that I found a $97-off promo code for dreamhost (SPAM97) that let me have 1 year of hosting with no setup fee for $22.41.
I tried them and found to my joy that DreamHost explicitly supports spam filtering services in their configuration!
Spam filtering results:
Dreamhost lets you edit your MX records directly. So I did that and installed the recommended set of MX records SSH suggested.
Did my spam drop down by 99.5% as SSH claims?
Nope. 90% of it went away, but it turns out that the suggested MX records by SSH have a flaw:
They still list your real mail server, and there are two sorts of spammers:
a. Lazy Spammers who don't bother to look for MX records at all and just try to send to domain.com, mail.domain.com or smtp.domain.com. Turns out you can defeat them simply by putting your mail reception server at xxx.domain.com or in my case, mx1.dreamhost.com. So I wasn't getting spam from them because it was quite a leap from opinionatedbastard.com to mx1.dreamhost.com. So just by moving my domain to dreamhost, I automatically filtered out some spam!
b. Smarter spammers who do pull the MX records, but ignore the spamh.com mailservers in favor of the mx1.dreamhost.com mail servers. So they were bypassing the spam filter entirely, the fuckers.
Because DreamHost explicitly supports spam filtering, I removed them from my MX records ENTIRELY. spamh.com is secretly sending my email to mx1.dreamhost.com, but the spammers have no way of knowing that. Bwa Ha Ha!
Ta Da! No more spam! Well, except all this crap that shows up on my work account... But we'll be getting SSH there soon.
SSH is working awesome for me. I have it set to forward any questionable emails to the appropriate spam@foo account, but I have yet to see any make it that far. It mildly annoys me that I'll end up spending more for this then I do for hosting. (Hint, Hint to DreamHost, add this as a feature...)
The only emails I lost were because of configuration problems OUTSIDE of SSH, i.e. my ISP.