[Alfa1]

Yes, i went trough 20.000 emails in a year. Really sucks. But not as much as your new members never getting their email. Cause you will likely not find out when that happens and that problem will seriously delay the growth of your site.

[rob01]

how you check the open relays connections?

im kinda new :S

[Alfa1]

Originally Posted by rob01

how you check the open relays connections?

im kinda new :S

Normally an open relay would mean that your smtp mail server accepts requests without authorization. i.e. anybody can access it and send email from it. This can be tested through many online site. Google it.

With vbulletin and its addons however, there are other open relay options, trough pages that have a function to send email. Make sure that guests can not use the 'Use Email to Friend' function anywhere on your site. I'd recommend turning this off for newbies as well.

Then go to your catchall email address. This is the standard email address where all bounced email arrives at. Often this is [email protected] Ask your host if you do not know.

Have a look at the emails that got bounced and should not have sent by you. You may see spam sent from your server, that was then bounced back to your catchall address, because the addressee does not exist. This is where it gets interesting.
Review the message, the headers and the raw view. Find the path used to send the email and specifically the mail script that was used. The mail script often indicates that there is a script in one of your add-ons that allows spammers to send email through your site.

See if you can identify the script and the addon it is part of. If so, then first see if you can correct this by changing the setting of that addon. If yes, then post about it in the relevant thread on vb.org to give others a heads up. If not, then let the coder know that there may be a problem with the addon, by posting in the relevant thread.

[Mutt]

I recently sent out a mass email from the admin control panel and was surprised that there wasn't any kind of unsubscribe message tacked onto the end like there is when members email one another.

is there an easy way to add this or do I need to remember to manually add it myself each time I send an email. are there any hacks for something like this?

thanks in advance

[Alfa1]

Originally Posted by Mutt

I recently sent out a mass email from the admin control panel and was surprised that there wasn't any kind of unsubscribe message tacked onto the end like there is when members email one another.

is there an easy way to add this or do I need to remember to manually add it myself each time I send an email. are there any hacks for something like this?

thanks in advance

Fortunately Kirk made this hack: Unsubscribe link in Administrative Mail
However, you still need to add a text manually, like described in my article.

[Mutt]

Originally Posted by Alfa1

Fortunately Kirk made this hack: Unsubscribe link in Administrative Mail
However, you still need to add a text manually, like described in my article.

thanks, that's great

[Alfa1]

I've updated the article. Pretty soon I will be needing a 3rd post, because there is a maximum amount of characters that can be entered.

Does anyone have questions or remarks?

[VonDoom]

Great article, ill be going thru most of this soon. i rarely (maybe once a year) send out bulk mail. But i never considered the ramifications of members using the email to friends feature. lol reminds me to check my email account to. umm something i haven't done in a month or more.

[cavyspirit]

Thanks for this thread. Great info.

Personally, knowing what I know now, I would never use the vB email system to do a mass mail and I'm glad that in all these years, I haven't used it.

I found out just how damn devastating it can be to be blacklisted as a spammer.

Unbeknown to me about a year ago, one of my lesser used CMS sites was hacked and a spammer was using my account to send out spam emails. My site ended up on email blacklists. It's not just the one email address or site that gets blacklisted, it can be your entire server along with references to any site on that server anywhere in the email. And since I do web development and host around a dozen accounts on this one server, ALL mail--incoming and outgoing from my server was being blocked by many, many providers. Business came to a screeching halt for me and my clients. At least that was my experience.

It was that tough wake-up call that forced to me to institute much more rigorous security on my environments.

In addition, I discovered this site: http://www.mxtoolbox.com/blacklists.aspx which lets you enter in your server IP and see if you are on any major email blacklists. And it helps you deal with getting off of each blacklist. AND they have a service which will send you an immediate alert if you end up on any blacklist for any reason. After setting and forgetting about it last year--after it taking almost a week to recover to being clean again--I did get one alert for a minor problem which I very quickly resolved.

Getting blacklisted once was a big-time learning experience and not a good one.

[porcupine73]

Thanks for this helpful article Alfa. I'm trying to get my board compliant with many of these items.

One quick thing I am trying is I created a new template I called email_footer1, which contains text similar to:

Block Disabled:      (Update License Status)
Suspended or Unlicensed Members Cannot View Code.

Then I added a plugin hooked on mail_send to hopefully append the relevant info to the bottom of all e-mails sent by vbulletin?

Block Disabled:      (Update License Status)
Suspended or Unlicensed Members Cannot View Code.

(You don't want to know how long I spent getting that to work, especially since I had \\ instead of // for the comment )

The DKIM looks interesting. My host doesn't let me add any fields to the domain record though so it looks like I'd need to use a different DNS to put out the info

[Alfa1]

Very interesting. Please let me know if this is included to all email.

[dfidler]

Originally Posted by Alfa1

Does anyone have questions or remarks?

Just a remark; awesome article. Thanks for taking the time!

[Alfa1]

Your most welcome. I hope IB will do something with it and implement the needed functionality to avoid such problems.

[Biker_GA]

Your reference to Microsoft's tips are pretty much out of date. I've been running in circles attempting to get a delivery issue resolved with them and the majority of the addresses are no longer valid on their site.

Something I've recently run into, and many may be getting smacked for this is NDR and reverse NDR spam. I've been nailed by this recently and as a result, showed up on a blacklist.

I'm still pouring through the rules in Exim to figure out a way to minimize this. You can't really prevent it, short of turning off NDR, but then you'd be in running a mail server that doesn't conform to current mail standards. **sigh** I hate spammers.

[Alfa1]

Originally Posted by Biker_GA

Your reference to Microsoft's tips are pretty much out of date. I've been running in circles attempting to get a delivery issue resolved with them and the majority of the addresses are no longer valid on their site.

Please let me know what you have found to be out of date and where new mail conditions can be found. I still see the same anti-spam policy on microsoft.com I see there is new data on http://postmaster.msn.com/Services.aspx and http://postmaster.live.com/Guidelines.aspx but that doesn't seem to replace the Anti-Spam policy.

Originally Posted by Biker_GA

Something I've recently run into, and many may be getting smacked for this is NDR and reverse NDR spam. I've been nailed by this recently and as a result, showed up on a blacklist.

I'm still pouring through the rules in Exim to figure out a way to minimize this. You can't really prevent it, short of turning off NDR, but then you'd be in running a mail server that doesn't conform to current mail standards. **sigh** I hate spammers.

Have you considered to limit the number of NDRs within X amount of time to a number that resembles a normal amount?