by admin | Mar 12, 2024 | Blog News - English, Website Security
How do you know you are spamming emails?
- Returned (bounced) emails flooding to your inbox
- Your Hosting provider will be shutting down your site
Common Causes: allowing a Spammer to use your outgoing mail server:
- Compromised Passwords (using weak passwords)
- Compromised Programs on your server space (normally through email sending programs)
Scripts that are commonly compromised:
- Tell a Friend
- Newsletter Mailouts
- Bulk Email Programs
Why your Hosting Provider will shut you down:
To offer competitive pricing on hosting, a shared server is used. The Hosting Server runs off one IP address. Spam emanating from an account on this server is identified by its IP address.
DNS Blacklist servers have lists of IP addresses of known spammers. If your Hosting Server gets its IP blacklisted because of spamming, it effects all of the accounts on that server. The result is legitimate emails will be bounced because of the poor reputation of that IP. A server Administrator has no option but to shut the offending account down until the spamming problem is rectified.
BULK EMAIL : is allowed is 100 per hour or 1,000 per day
DEFAULT EMAIL ADDRESSES – cPanel – Default email account is normally used for spamming
Catch All default email addresses are wonderful collectors of spam. This is because they let any email through with the address (anything)@yourdomain.com.
An easy and effective way to cut down spam is to specify forwarders or mailboxes.
This means that an email that is correctly addressed, specifically for you, is either forwarded to you ISP email address or held in your Mail Box on your server space.
All other emails that are incorrectly addressed to your domain can be then discarded.
The directions below apply to those servers that operate cPanel.
www.(yourdomain).com.au/cpanel
Login :
UserName: yourusername
PassWord: youruserpassword
Click on Mail
In Mail Manager Main Menu,
Ensure that you have a mail forwarder for each of your exact email addresses.
or
set up a POP3 Mailbox for each of your exact email addresses.
Click on Set default address
Enter ‘:Fail: no such address here’ to discard all mail that is not correctly addressed
This means that all incorrectly addresses emails (they constitute the bulk of spam) will be deleted whilst the correctly addressed emails will get through to you.
PREVENTATIVE
Change to email addresses that are not on the internet.
Do not use a common prefix like admin, support, info etc.
New websites should not have plain text email addresses displayed either on the page or in the coding of the page. There are various java scripts and php scripts available to encode your email address.
If you have a spambot filling in your forms, you may need an image verification to prove that a human is trying to send information to you.
by admin | Mar 12, 2024 | Blog News - English, Website Monitoring
Why Does DNS Propagation Take Too Long?
The DNS propagation takes too long because some ISP servers and computers remember the the (old caches) setting for a long period of time. How? your computer, as well as the servers of your Internet Service Provider only update the records for the long interval of time. They assume that the records are the same as the last time it checked.
Before we learn about DNS propagation, let first learn a little bit about how DNS works. When you setup a website with a web hosting company, they always create a Master DNS record in their Domain Name Servers. When the change of the nameservers take place, the domain registrar (the company you paid for the honor of owning your domain name) will points the domain to webhosting provider DNS server because they host the master authority of domain.
If the website is queried from outside, the query command first go to the registration database to find out the DNS authority of the website. Then they visit webhosting DNS servers to find out what is the IP Address for the domain name in question, and from there the public audience can now access the website.
In order to speed up the rate at which their customers can view the internet, each Internet Server Provider caches the DNS records to their servers. They make their own copy of the master records and read them locally instead of reading them from the remote server. By this approach it speeds up website accessibility by (1) speeding up the duration browser uses to call the domain name (2) Reduce the amount of traffics on the web and therefore making the website load more faster
The negative part of the caching process is that different ISP update the caches differently; some instantly to 24 hrs, 36hrs and even others go to 72hrs. The rate of updating the cache between current to 72hrs is what we call DNS propagation. When the process is complete everyone will now see your website. Because the caching updating differ between ISP servers, the propagation duration is therefore said to vary between 24hrs to 72hrs for DNS and IP addresses to completely propagate to all ISP and hence become usable.
Check your website if it is propagating in some ISP abroad
The following online proxy service can show your website by bypassing your local Internet Service Provider
Proxy – Hide.me
https://hide.me/en/proxy
We offer a free web proxy to easily access blocked websites and surf the web … We handpick servers that live up to our high standards of security and privacy.
Online Anonymous Proxy
https://zend2.com/
Online anonymous proxy server. Online proxy for watching movies, browsing youtube. This site works also as a Facebook proxy.
?Facebook Proxy – ?Youtube proxy – ?Edit Browser – ?About us
KPROXY – Free Anonymous Web Proxy – Anonymous Proxy
https://kproxy.com/
Hide your IP address (your location and personal information) online. Protect your data from snooping by your internet service provider. KPROXY EXTENSION.
How to Clear Caches
C:Documents and SettingsUser>ipconfig /flushdns
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:Documents and SettingsUser>nslookup cssites.com
Server: ns1.mindspring.com
Address: 207.69.188.185
Non-authoritative answer:
Name: cssites.com
Address: 208.113.181.173
C:Documents and SettingsUser>nslookup 208.113.181.173
Server: ns1.mindspring.com
Address: 207.69.188.185
Name: apache2-ugly.drpepper.dreamhost.com
Address: 208.113.181.173
Recommended Website to Check your DNS
DNSstuff.com
(Generate full DNS report; DNS status, warning and errors with detailed information)
What’s my DNS? (Will show you a list of common name servers around the world, and tell you whether or not certain records related to your website have propagated to them)
intoDNS (will provide a complete list of your DNS records if available. If records are not yet available DNS propagation has not yet been completed fully)
Pingdom (Check DNS errors and warnings with additional information)
propagatedyet.com (Check domain DNS propagation against its IP Address)
Checkdnspropagation.com (Check domain propagation and if all parameters agree to each other)
172
by admin | Mar 5, 2024 | Blog News - English, Website Monitoring, Website Security, Website Suspension
Unsettled Bills
A website can be suspended due to unsettled bills related to that domain or website. It can be web hosting annual fee, domain registration fee, the website design charges not paid or other critical reasons
Violation of server terms and conditions
The website can also be suspended if it violates server terms and conditions. These terms vary according to the host but common ones are:
- Email spamming
- Server resource over usage eg. Over CPU usage, physical memory over use, Virtual memory over use, too many processes normally over ten (10) processes etc
- It can also can be suspended if it is under attack or hacked. The hacking can originate from admin or backend access, database injection or cross platform scripting.
How is the website attacked?
Backend or Administrator access
The access through the backend are normally caused by using either weak password, common words, and easy to guess usernames.
SQL Injection
SQL injection is a code insertion method, used to attack database-driven web applications, in which evil SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).
Cross-site scripting -XSS
Cross–site scripting (XSS) is a kind of computer security hole typically found in web applications. XSS allows assailant to insert client-side scripts into web pages viewed by other users. This is normally used for phishing, stealing users important information like passwords and credit card numbers
Bugs
A scrip bug is an error, flaw, failure or fault in a web application that causes it to allow attacker insert harmful codes/commands to that applications
Poor coded scripts
Poorly coded scripts in many cases originate from students who are still learning or from developers with insufficient coding skills and experiences. The poor coded scripts can also originate from pre release software or beta
Cross-Site Request Forgery (CSRF)
Cross-site request forgery is abbreviated as CSRF is a type of harmful exploit of a website where unlawful commands are sent from a user that the web application trusts.
DDoS Attack
A distributed denial-of-service(DDoS) attack takes place when multiple systems flood the bandwidth or resources of a targeted server, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example, a botnet) flooding the targeted system with traffic.
Server security misconfiguration
Security Misconfiguration arises when Security settings are defined, implemented, and maintained as defaults. Good security requires a secure configuration defined and deployed for the application, web server, database server, and platform.
Email spamming
There are two types of email spamming
- Bulk emails are sent to your email server from unanimous senders
- Bulk email are sent to third parties in bulk via your email server by spoofing means
How to protect your website from Attacks
Backend or administrator access
Always use difficult to guess usernames and strong passwords. Password from 8 and above characters that contains at least 4 character types from Capital, small letters, numbers and special characters can reduce the risk.
Parallel to this deploy to your website login attempt limiters and firewalls. This can reject all dictionary or related bots that guess your username and passwords.
Implement also webmaster reporting mechanism if something changes from your website. You may go far by limit logins from know IP addresses or countries. If you don’t have any deal to specific country, then block your website from appearing from those vulnerable countries. If at all you don’t need public presence then block search engine bots and any other bots from visiting your website
SQL Injection
You may need to use difficult to guess usernames and password for your database. Password from 8 and above characters that contains at least 4 character types from Capital, small letters, numbers and special characters can reduce the risk. Implement webmaster reporting mechanism if something changes from your database. You may go far by limit logins from know IP addresses or countries. If you don’t have any deal to specific country, then block your website from appearing from those vulnerable countries. If at all you don’t need public presence then block search engine bots and any other bots from visiting your website
Cross-site scripting -XSS, Bugs,
Buy scripts from reputable and known providers. Avoid cheap scripts. Also deploy backend security mechanism as described above. For script with bugs that are from known genuine vendors or developers, pl;ease make sure you immediately update all outdated scripts or uninstall if the vendor did not release the update patch on time
Poor coded scripts
Buy scripts from reputable and known providers. Avoid cheap scripts. Also deploy backend security mechanism as described above
Cross-Site Request Forgery (CSRF)
Always deploy security monitors, scanners and blockers for unauthorized outbound and inbound communications
Server security misconfiguration
Check your server configuration regularly and if any misconfiguration detected correct it and or communicate to the server admin/ tech personnel for correct configuration. In many cases let the web server have the optimal security setting
DDoS Attack
- The best way to stop DDoS Attack is tto use the web application Firewall
- Monitor the DDoS Attack continuously in order to device the better option of preventing the attack
Email spamming
There are two types of email spamming
- Bulk emails are sent to your email server from unanimous senders
- Bulk email are sent to third parties in bulk via your email server by spoofing means
Protect bulk emails spamming from unanimous senders
For the first case you can use mails assassin
To enable SpamAssassin in cPanel, follow these steps:
- In the Mail section of the cPanel home screen, click Spam Assassin™.
- Click Enable Spam Assassin.
- To enable auto-deletion of spam messages, select a score level under Filters, and then click Auto-Delete Spam.
Protect bulk emails spamming via you email server
For the second case you can use SPF or disabling PHP Mail function in cpanel
Using SPF to control email spoofing and phishing
Adding an SPF record to your DNS zone file is the best way to stop spammers from spoofing your domain. In addition, an SPF Record will reduce the number of legitimate e-mail messages that are flagged as spam or bounced back by your recipients’ mail servers.
This is an easy way to control phishing and email spoofing.
Disabling PHP Mail function in cpanel
- While in Cpanel go to Software section
- Select PHP Version
- Switch to PHP Options
- in send mail path select /bin/true
- Then click apply and save the PHP setting
How to avoid website suspension?
Pay bills ontime
Always pay your bills ontime. In order not to miss when you are required to pay your bills do the following:
- Give your web host the emails that you commonly use and are active. If the emails is not in use immediate report to the web host for emails replacement and it is recommended to always provide extra email and phone
- You may need premium notification services like those that uses sms notification if you do not frequently use you email
- Request the web host to notify the next bill at least 60 or 30 days before
- Set your phone, tablet or computers to notify you before the deadline. You can even use email functions like calendar from your emails or third party websites
- If your website is an important asset to you or your business, plan always to pay longer payment plans
Monitor your website security
After you have secured your website, it is not the end, monitor the security of your website within your website or from third party services. The third party services common one is www.CloudFlare.com, www.websitedefender.com, www.wix.com, www.verisign.co.uk, www.uptimerobot.com etc For more websecurity info go to http://seo.co.tz/website-security-management-for-seo/
by admin | Mar 4, 2024 | Blog News - English, Emails
Microsoft had been using very stick spam filtering algorithm for their mail servers over the last 4 to 5 years. This move has affected many third parties email services and individual from the freedom of electronic communication.
On the other hand, Google through gmail has been improving their algorithm for spam filtering making it sophisticated, effective and user friendly. Instead of blocking the spam like MS do, gmail allow the spam but with a red bar notifying you that, the email is probably the spam with reason
Gmail Suspicious Dangerous Email with reasons
If the email is suspiciously a spam, gmail will also notify you using a yellow bar with reason why that email is suspected a spam?
Gmail Suspicious Email Spam with reasons
Comparison Between MS Email and Gmail
Google algorithm over spam management is right? Why?
Most of 20-40 percent of suspected spams are not actually spam and it turn that some of those suspected spam email are emails for new job offering, new sales offering, new clients etc
Let take an example
Few years ago, a friend of mine who a Kenyan by origin was checking email using his gmail account and after finishing reading the mauls in the inbox he decided to delete all mails in the spam folder but in the first and second attempts he hesitated and in the third think-out, he decided to go through the headings of the spam folder emails and surprisingly, he discover one email in the spam folder titled “UN JOB OFFERING”
When opened the email message, he just found that he got a job with UN in IT related job in Pretoria, South Africa for the interview carried out online some two to three weeks before. If that friend of mine was he using Microsoft email, I guess that job could just expired without his knowledge.
|
MS Emails
|
Gmail
|
| Microsoft server block all suspected spam and give you no choice to decide weather is true or not |
Google server let all suspected spam to your spam folder and give you the choice to decide weather is true or not |
| Microsoft server block all suspected spam and never warn you or give details about the suspected spam |
Google server let decide to block manually, delete or change to non spam if accidentally tagged as spam by the system. Google also warn you and give details why that email is the spam according to Google |
| Microsoft claim they detect 97% of spam
??? most of the blocked emails are from genuine IP addresses |
Google claim they detect 99% of spam
I highly agree with this claim |
How many opportunities had, have or are going to expire without your knowledge because of this aggressive algorithm used by Microsoft to block out some genuine emails from third parties?
For those who are not aware, Microsoft since last four years or so if I am not mistaken implemented a very strict spam filtering policy which affect new IP addresses. If you are using email hosted in the new IP address, then you are the Victim of this. Your email will be suddenly blocked if you send to any recipient with Microsoft related email like those end with live.com, hotmail.com, outlook.com etc
Sample of mail delivery failed from Microsoft after blockage
From out opinions we advice our customers and others to avoid using Microsoft emails alternative you can trust and use gmails for quite many reason one of them mentioned above and the other one are: they provide enough disk space, secured interface, robust email management thread like nature and many other applications and services.
If you do not believe me, you can follow the link below and read the thread about how people are complaining about the problems since 2013 to date and no remarkable action taken by Microsoft to correct the problems
by admin | Mar 4, 2024 | Blog News - English, Website Security
There are a number of reasons to why your IP address may have been listed by Barracuda and other listing directories as having a poor reputation.
The reasons includes:
- The email server at your IP address contains a virus and has been sending out spam
- The email server at your IP address may be configured incorrectly
- The PC at your IP address may be infected with a virus or botnet software program
- Someone in the organization at your IP address may have a PC infected with a virus or botnet program
- Your IP address may be a dynamic IP address which was previously utilized by a known spammer
- The marketing department of a company at your IP address may be sending out bulk emails that do not comply with the CAN-SPAM Act.
- Your IP address may have a insecure wireless network attached to it which could allow unknown users to use it’s network connection to send out bulk emails.
- In some rare cases, your recipients’ Barracuda and other directories Spam Firewall may be misconfigured
