• SysAdmin email rant

  • Started by Troy,
  • at 03/15/2018, 20:42pm

Troy

Male, 51yo

Nashville, TN USA

  • Administrator
  • Offline
  • Threads
    3
  • Posts
    4
  • Likes
    5
  • Follows
    0
  • Followers
    0

at 03/15/2018, 20:42pm

So we just got through a major IP block put in place by Microsoft yesterday. They were pretty much blocking email from our entire IP space—even from segments that aren’t even in use and never have been.
 
I’m not sure exactly what prompted this, but we did have a malware infected site on a client’s dedicated server sending out quite a bit of spam just before it happened. It had been taken care of, but apparently the damage had already been done.
 
I find that clients don’t seem to appreciate how difficult email issues can be. They just want to be able to email anyone and it go through, but that isn’t how it works in today’s spam riddled environment, where there is more spam than legitimate email being sent, and more abusive traffic than legitimate traffic being directed at websites.
 
Here are some things that clients really need to be aware of:
 
1. If you install a content management system such as WordPress, Joomla, Drupal, etc. it may default to allowing people to register as users. If you don’t need that feature, turn it off! User registration abuse, as well as abuse of other types of submittable website forms, is a HUGE problem.
 
2. If you DO need user registration on your website, protect your user registration forms with a good CAPTCHA to prevent bots from submitting the forms.
 
3. Don’t install plugins/components with clever features that you think are cool, without considering the possible ramifications of their use. For example, we have had church websites recently with prayer request modules that I’m sure the churches think are great to feature on their websites, but in reality they are seriously problematic. One such addon would allow anyone to post a prayer request, and then other people could come along and indicate they were praying for a request, which would send an email to the person who submitted the request. But, what if the request wasn’t actually submitted by the person who used the email on the request? The email address wasn’t being validated in any way. And what if the person submitting the request wanted to stop the emails coming to them indicating someone had prayed for them? There was no way to opt out. And, what if the person clicking the button to indicate they had prayer for a request wasn’t a person at all? There was nothing to stop bots from doing so. As a result, spam complaints were generated and the site eventually had to be disabled to stop the problem, until this feature could be disabled/removed.
 
4. ABOVE ALL be sure and keep your installed applications up to date. Softaculous makes it super easy to install web applications, but that isn’t the end of it. You have to keep them updated. Open source code means hackers have the source code! They have people who do nothing but scour the source code looking for vulnerabilities to exploit, which they inevitably find and exploit. Duh! People seem to think they can install, configure and forget, but that just isn’t the case. If you don’t keep your web applications updated, you WILL be hacked.
 
All of these problems lead to countless hours of work for the system admin who is trying to keep IP address reputation clear so people can send emails without too much trouble. It’s a difficult task made all the more difficult by website owners who don’t understand the risk they are putting themselves in as well as everyone else sharing server resources with them.
 
Okay, that’s my rant for today. I might add to the above list though as more come to mind.

Edited by: Troy at 03/16/2018, 17:46pm