1 / 39

HOW-TO: Improve Email Deliverability with your cPanel Server

HOW-TO: Improve Email Deliverability with your cPanel Server. by Kevin A. McGrail aka KAM. Introduction. Kevin A. McGrail aka KAM. linkedin.com/in/kmcgrail. My Oddest Resume Entry. Some Definitions. What is Spam?. CAN-SPAM and similar laws don’t matter. “Bulk” Status doesn’t matter.

menard
Download Presentation

HOW-TO: Improve Email Deliverability with your cPanel Server

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. HOW-TO: Improve Email Deliverability with your cPanelServer by Kevin A. McGrail aka KAM

  2. Introduction

  3. Kevin A. McGrail aka KAM linkedin.com/in/kmcgrail

  4. My Oddest Resume Entry

  5. Some Definitions

  6. What is Spam? CAN-SPAM and similar laws don’t matter. “Bulk” Status doesn’t matter. GDPR doesn’t matter.

  7. Chris Santerre What is Spam? “Consent vs Content”

  8. What is Spam? #1 Source of Cursing #1 Support Ticket #1 Security Vector

  9. What is Not Spam? Transactional emails are an Automatic form of Consent. They are NOT Spam.

  10. What is Apache SpamAssassin? A Scoring Framework An API & a Program Used by cPanel

  11. Some SMTP & Spam Basics Response Codes: 2xx/4xx/5xx Greylisting Pros & Cons SMTP Greet Pause & Ratware

  12. Acronyms to Know FPs – False Positives FNs – False Negatives RBL – RealtimeBlockLists

  13. UnPC Terms to Know Whitelisting Blacklisting Ham/Yam

  14. What is Email Deliverability Getting to the Inbox Reliability “Fire and Forget”

  15. Quiz Break

  16. Quiz >^..^<

  17. Quiz _______

  18. Quiz 8-)[>-=/ / / >

  19. How to improve Email Deliverability Step 1 Use Static IPs Use Fully Qualified Reverse Pointers (rPTRs) Policies & Guidelines: https://postmaster.aol.com/ & https://gmail.com/postmaster/

  20. SPF Records Step 2 Setup SPF (openspf.org) Try and get to a “-all”. DO NOT USE +all or ?all. Use Includes include:raptor.pccc.com is short for “v=spf1 ip4:69.171.29.0/25 ip6:2604:9100:7:9::/64 ip4:38.124.232.0/24 ip6:2001:550:2A00:1::/64 -all” Lots of tools to help but none of them will magically know your network setup.

  21. DKIM & DMARC Step 3 Setup DKIM https://documentation.cpanel.net/display/68Docs/Authentication Setup DMARC Dmarcian.com

  22. Troubleshooting Tips Review Mail Logs Review Email Headers Email Culpability

  23. Troubleshooting Tips MXToolBox(monitoring, checking config, blacklisted) cpanelloop@pccc.com

  24. No, hits=-16.7 required=5.8 tests=ENV_AND_HDR_SPF_MATCH,HTML_MESSAGE,KAM_RPTR_PASSED, RCVD_IN_DNSWL_HI,RCVD_IN_HOSTKARMA_W,SPF_PASS,TXREP, USER_IN_DEF_SPF_WL cpanelloop@pccc.com No, hits=-16.7 required=5.8 tests=ENV_AND_HDR_SPF_MATCH,HTML_MESSAGE,KAM_RPTR_PASSED, RCVD_IN_DNSWL_HI,RCVD_IN_HOSTKARMA_W,SPF_PASS,TXREP, USER_IN_DEF_SPF_WL No, hits=-16.7 required=5.8 tests=ENV_AND_HDR_SPF_MATCH,HTML_MESSAGE,KAM_RPTR_PASSED, RCVD_IN_DNSWL_HI,RCVD_IN_HOSTKARMA_W,SPF_PASS,TXREP, USER_IN_DEF_SPF_WL No, hits=-1.1 required=5.8 tests=DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, HTML_MESSAGE,KAM_NUMSUBJECT,KAM_RPTR_PASSED, MIME_HTML_MOSTLY,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2, SPF_PASS,TXREP

  25. RBLs and Beyond What is an RBL & How to Add MoreURIBL/SURBL/Invaluement Free for Some / Disable Rbldnsd ZetaScan Using Redis (No More DNS Kludges)

  26. How to improve email deliverability Centralize your outbound SMTP using Smarthosts https://documentation.cpanel.net/display/68Docs/Exim+Configuration+Manager Pros: Easier to Manage & Track Issues Cons: Might not support DKIM out of the box! One spammer / compromised box can cause issues for all

  27. Stay Off Blacklists Stay off real-time blacklists Consider your customer base carefully Monitor things with https://mxtoolbox.com/

  28. Feedback Loops AOL Postmaster Feedback: https://postmaster.aol.com/fbl-request JMRP/Hotmail/live/msn/microsoft: https://mail.live.com/mail/services.aspx https://sendersupport.olc.protection.outlook.com/pm/Services.aspx Yahoo Complaint Feedback Loop: https://help.yahoo.com/kb/SLN3438.html Gmail Postmaster Tools: (Their feedback loop requires MAAWG membership) https://gmail.com/postmaster/ Return Path: (Comcast, Cox, Rackspace and several other ISPs use them - 18 in total) https://fbl.returnpath.net/ Even More: https://sendgrid.com/blog/email-feedback-loops-101/ Mailing lists are #1 cause of false reports

  29. Next Steps ARC shows Promise https://www.dmarcanalyzer.com/arc-is-here/ Brand Indicators for Message Identification (BIMI)http://www.brandindicators.org/

  30. Story Break & Tweaks

  31. Apache SpamAssassin tweaks for cPanel Latest KAM, deadweight & heavyweight 40% increase in performance with a negligible impact on effectiveness Use your own DNS server. Do NOT use 8.8.8.8!

  32. Write Your Own Rules Meta Rules cause the least FPs Regular Expressions Test your Syntax: spamassassin --lint

  33. Write Your Own Rules Rules only affect YOUR installation! Think about Custom Rules for your Firm Pfizer Story

  34. Example Meta Rule #HEART ATTACK SPAM body __KAM_HEARTPROD1 /heart ?attack/i body __KAM_HEARTPROD2 /enzyme/i header __KAM_HEARTPROD3 Subject =~ /heart attack|healthy.{4,10}cells/i header __KAM_HEARTPROD4 From =~ /clear 7/i meta KAM_HEARTPROD (__KAM_HEARTPROD1 + __KAM_HEARTPROD2 + __KAM_HEARTPROD3 + __KAM_HEARTPROD4 >= 4) describe KAM_HEARTPROD Snake Oil Heart Health du Jour score KAM_HEARTPROD 7.0

  35. Writing Rules https://wiki.apache.org/spamassassin/WritingRules

  36. cPanel Specific Gotchas #Add More RAM free –h #Make sure you have spare children ready to go cat /etc/cpspamd.conf maxspare=1maxchildren=3 #Disable the dormant services for spamd WHM > Server Configuration > Tweak Settings > Dormant Services

  37. Live Ninja Exercise (Time Permitting)

  38. Or, without the app: http://events.bizzabo.com/polls/011731

  39. Image Credits: KAM - Photo by Ted King Cow - Keith Weller/USDAApache SpamAssassin Logo – Apache.orgVoodoo Doll - https://pixabay.com/en/doll-voodoo-magic-1264034/NOTE: VT Logo & BIMI images used under fair use guidelines.

More Related