Part of being a hosting provider is dealing with everybody’s least favourite part of the internet: spam. Unlike most folks, we have to deal not only with incoming spam, but also outgoing spam which our servers may be sending. It’s important to handle spam complaints quickly, not only for the general good of the net, but because one server’s spamming may result in multiple servers being added to spam blocklists, affecting other hosting customers. Here’s how we keep an eye out for spam…

Monitoring Spam

There are several different ways in which we monitor and track the e-mail that originates from our network.

• Reputation: Service providers such as Senderscore and Microsoft publish IP reputation reports, based on the ratio of spam to legitimate e-mail they observe coming from specific addresses. We track and graph those scores for both individual machines and aggregated across our entire network, so that it becomes apparent if our reputation is becoming affected for any reason.


Tracking Spam Scores.

• Realtime Black Lists: RBLs are lists of known spam-heavy servers that are published online by various anti-spam groups. Getting published on a major RBL will quickly result in any e-mail you send being marked as spam. If you allow spammers to remain on your network, most RBLs will have no problem adding an entire hosting provider to their blacklist. As such, it’s important that we keep tabs on RBLs and take action as required immediately. Thankfully, we’ve only ever had to terminate service for one client due to spamming.
• Feedback Loops: Larger e-mail providers (like AOL and Hotmail) allow internet providers to subscribe to feedback loops for their IP space. This means that if a user clicks on “Report spam” in their webmail for an e-mail which came from us, we’ll receive notification about it and can investigate further.

Since IP addresses aren’t specific to a single server, we also make sure to track all of these statistics even if an IP is moved from one customer to another. This way we can make sure that a new customer isn’t allocated a tainted IP that has had spam issues in the past.

Logging and investigating spam complaints.

Managing Spam Compaints

Here are the three most common types of spam complaints we receive.

• Hacked account: A customer’s e-mail account has been compromised (by malware, unsecure wifi, or another security problem) and is now being used to send out spam. In these cases, we’ll immediately change the password and remove all e-mails from the outgoing mail queue. We’ll then follow up with the customer to advice them to run a fresh virus scan, enable encryption and make any other changes that may prevent this from happening again.
• Website forms: This is usually caused by “refer a friend” style forms which allow a user to enter an e-mail address or comment to a page without having CAPTCHAs or login requirements to deter spammers. Usually, rectifying this requires involvement from the customer as it requires site development, so we’ll clean out what we can and then contact the customer.
• Malware: Occasionally we see a website that’s been compromised due to outdated or buggy applications, in which hackers have uploaded a script to send spam. In these cases, we immediately start forensic examinations to track down which script gave the hackers access, and isolate what files they may have changed or uploaded. Once we feel comfortable that we’ve found everything, we’ll move the suspect files into a secure location, and then start restoring known clean files from backups. Customer involvement is also important in making sure that the initial attack vector is closed by upgrading or removing the scripts that were used to gain access.

Additionally, we have some customers who send messages to mailing lists but are being flagged for spam complaints. In these cases, we work with the customer to make sure that all e-mail addresses are double opt-in and have proper unsubscribe links and headers. If the customer isn’t interested in being a good netizen and making sure users actually want to receive their e-mail, we will remove them from our network.

Keeping Our Network Spam Free For Our Customers

We’re committed to helping our customers develop and build their online presences and reputations. Making sure spam doesn’t get in the way of that development is just one of the ways we do that. Read more about the other advantages that come with hosting with us.