I can't stop the SPAM. Help please!

[sitemaker]

I'm a new WHMCS user. I have read some other spam-related threads here, and I was already doing everything I saw recommended:

SpamAssassin is already turned on (to prevent email piping from forwarding spam to WHMCS) with deletion activated.

 

 

The antispam phrase feature of WHMCS is set to junk anything that contains "viagra", "cialis" and a whole bunch of other words that this spammer is sending.

 

 

But I'm getting several dozens of spams a day, sent in bursts.

 

 

Is there some setting I've neglected or might be using improperly? I am a newbie to WHMCS.

[bear]

Are you sure it's done though email and not being submitted directly?

 

Better pre-filtering will almost certainly help, if it's through email. I've installed Mailscanner on our servers, and it's got a far better success rate than SA. You have it tag each junk message (by default, it begins with {Spam?}) and then use mail filters to prevent those from being added into the desk.

 

If you're not comfortable with installing this, or need a very useful WHM and Cpanel interface for you and your users, there's a company that can install it for you for under $50 per server: http://www.configserver.com

 

There are also a few nifty tools there that they provide for free, and they do a great job.

[redrat]

Thanks for pointing out that site, bear. Looks very useful.

[sitemaker]

Are you sure it's done though email and not being submitted directly?

 

I'm not sure.

Is there a way to add a CAPTCHA to WHMCS support tickets? That ought to stop the spam if it's entering that way, no?

 

--- J.

[bear]

I don't use the WHMCS ticketing system, but I believe it's enabled by default to use CAPTCHA. Look under "General Settings" and in there the "Other" tab for the section labelled "Captcha Form Protection".

Bear in mind, simple CAPTCHA has been found to be defeatable by some spam bots now. It's not a perfect solution.

 

@redrat

You're welcome. Make sure you check out the mail manage and mail queue scripts. Seconds to install, free, and really useful.

[sitemaker]

Boy am I embarassed! I am a newbie to WHMCS and I paid for the WHMCS people to install it for me. I'm embarassed to admit that I did not find that feature on my own until today, but indeed it was OFF. I just turned it on.

 

I'm still confused about why they got thru even though they contained keywords that I'd set as spam indicators in the WHMCS Spam Settings, but I'll continue to explore.

 

Will let you know here whether this CAPTCHA fixes the problem.

 

THANK YOU.

[bear]

You're welcome. Being new is nothing to be embarrassed about, and in no time at all you'll be a veteran.

[JFF]

I haven't received any spam on any of my emails in over a year now.. used to get 200+ per day. No missed emails either. I use http://www.spamarrest.com. It costs a few dollars a month per email account but I would have paid a lot more. Instead of junking emails using keywords which is risky in my business (I don't want to lose even a single lead) it makes the sender confirm they are a real person before I get their emails.

[bear]

(I don't want to lose even a single lead) it makes the sender confirm they are a real person before I get their emails.

I think you'd be surprised just how many people will not follow through with the verification steps.

 

For the record, when I get those confirmation requests, I delete them and find someone else to work with. I feel that any business that cares about their customers and not missing any leads can wade through the occasional junk mail to get mine, without making me jump through hoops to get delivered.

 

I receive a ton of email each day to over 24 accounts on several servers, and out of that, it's mostly only good mail that passes through to my computer. I use a proper filtering system on my servers so that the obvious junk is removed, the less obvious junk is marked for easy handling, and I don't annoy or alienate those that legitimately wish to contact me by making them verify anything.

 

Boxtrappers, spamtraps, and any other method to complicate communication from clients and potential business contacts should be avoided at all costs, in my opinion. If it works for you, terrific, but I'll pass.

[wsa]

I use mailfoundry very good

[mylove4life]

I was think of adding a tag line to a email that the system sends and having the email server look for that tag line and delete everything else. Of course it will only work for the online system, nothing direct.

[sitemaker]

Happy news here: After activating the CAPTCHA feature, the problem has disappeared.

I'm sure something will slip through every now and then, but the nightly monster is gone.

[confusiondesign]

Boy am I embarassed! I am a newbie to WHMCS and I paid for the WHMCS people to install it for me. I'm embarassed to admit that I did not find that feature on my own until today, but indeed it was OFF. I just turned it on.

 

Thank you!

 

I couldn't find this feature for my life.

 

I get spam emails based on the form, now its gone!

 

Thanks

[ronny]

Put your CAPTCHA Setting On. It will help solve this issue.

 

 

<<signatures should be set up in your profile>>