UKC

How to Reduce SPAM and Protect your Reputation

Dealing with email sent to non-existent mailboxes

Screen Shot 2015-06-03 at 12.28.22

Reducing SPAM and protecting your email reputation is an ongoing project, your job is never done. There are however some tricks, and this is one of them.

Spammers send emails to non-existent email addresses all the time. It’s part of their strategy. Here’s why.

Let’s imagine you have setup a mailbox for your domain, john.doe@yoursite.co.uk.

All email sent to john.doe@yoursite.co.uk will arrive at your inbox. So far, so good. So… What happens to emails sent to test@yoursite.co.uk?

This is determined in your Mail Settings in the Plesk panel. There’s three options.

1) Catch-all method: If you have setup a catchall to john.doe@yoursite.co.uk, then emails sent to test@yoursite.co.uk (and in fact any email for anyone@yoursite.co.uk) will arrive in your inbox – it won’t take long to fill this mailbox with this catchall email spam.

2) Forward to address method: To prevent john.doe@yoursite.co.uk filling up with spam, you may choose to send all your spam emails to an old Gmail account, john.doe@gmail.com. Great, no spam for your john.doe@yoursite.co.uk mailbox! Well, not so great i’m afraid. This is potentially disastrous. Now Google will receive all your spam, sent from @yoursite.co.uk – it won’t be long before your domain name and IP are blocked on the global blacklists. A nightmare to clear up.

Here’s the solution you have been waiting for.

3) Reject method: Using this method, the spam emails are not delivered at all. The connection attempt is rejected at the SMTP server level. No email to deliver, no email to bounce. This is the recommended and best method for dealing with emails sent to non-existent mailboxes – and it’s really easy to do.

Time to login to your Plesk Panel and set this up

Screen Shot 2015-06-17 at 14.57.31

This will not eliminate all SPAM emails, nor will it guarantee your domain/IP will never be blacklisted, but, it definitely helps. If you do not “Reject” then SPAM and blacklisting is eventually inevitable.

How to: Replace WordPress .htaccess

Replace a corrupt or lost WordPress .htaccess

wordpress_logoWordPress uses .htaccess for security and for URL re-writing and so it is a key contributor to the functionality of your site. Sometimes you will find your site looking very badly formatted, as if the CSS files are not being found.

The problem is usually caused by a corrupt or lost .htaccess file. This can be caused by a misbehaving/bad plugin feature or update.

Never fear, you can replace the default WordPress .htaccess file and get your site looking great again.

There are two default formats for WordPress .htaccess depending on the version you are running. Basically, if the first doesn’t work, simply try the second.

The “Basic WordPress” .htaccess

If your WordPress was installed in document root:

# BEGIN WordPress
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress

The “MultiSite WordPress” .htaccess

If your WordPress was installed in a sub-folder:

RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]

# add a trailing slash to /wp-admin
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
RewriteRule . index.php [L]

Google Has Started Giving A Ranking Boost To HTTPS/SSL Sites

It’s official. Every site needs SSL. If you do not have SSL, it’s time to get it.

GoogleSSLAdding HTTPS to your website using a 2048 bit SSL certificate will cause Google to give your site a “ranking boost” against your non-SSL counterparts.

To be exact, Google said it carries “less weight than other signals such as high-quality content.” Based on their tests, Google says it has an impact on “fewer than 1% of global queries” but said they “may decide to strengthen” the signal because they want to “encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.”. This was announced by Google last year and there are signs that this signal is strengthening.

We all know how important security is. Prior to Google’s “HTTPS Everywhere” drive, there were more generic reasons why you would need to install SSL.

  • eCommerce web sites definitely needed SSL. Your customers will no doubt enter personal information (such as name, address, email) to sign up to your service. Even if you do not accept payments on your site and use an external payment provider, it is still essential that you protect your customers personal data and passwords.
  • Sites with a login form that require a username and password. Any site that requires a visitor to login – such as WordPress, Joomla, Drupal or a community Forum. Why? Because generally people use the same password across many sites (I know, it’s bad, but they do) and you have to protect their details from being leaked. As time progresses, people will simply avoid sites that do not use SSL/HTTPS.
  • Sites with forms where visitors would type personal information. If you have a contact form where visitors will type their name, address, telephone and email then an SSL with protect their data. You are more likely to get leads if you use SSL.

We Make Requisition and Installation of SSL Easy

You quite likely do not have the time or inclination to work out what you need to do to acquire, install and activate SSL on your website. That’s where we come in. All you need to do is order the certificate.

We will generate the CSR, acquire the SSL certificate and Install/Activate it. You do not need to do anything. It’s time to boost your site ranking and protect your visitors.

red_ordernow

Getting BadMailFrom Error: Cannot Send Email

emailHave you triggered the BadMailFrom Spam Trigger?

If you are getting BadMailFrom message when trying to send email then one of the following has happened:
  1. You have sent a large number of emails from an account and the recipients have marked some of this email as SPAM
  2. Your account has been hacked and a spammer is sending emails from your account

The BadMailFrom filter stops SPAM before it gets ‘too’ serious. The filter is automatically removed after a short period of time. If the problem persists the lock will be in place for a longer period.

The recommended actions you should take are:

  • Ensure you are sending emails only to recipients that are expecting the email
  • If you are sending to a large number of recipients try spreading out the mailshot (over a number of hours or days)
  • If you did not send a quantity of outgoing mail then change your mailbox password straight away.
It is not possible for our Support Staff to reset the BadMailFrom trigger. Simply await it to reset. The trigger does not affect incoming mail.

Apple Mail Cannot Send Emails

emailSMTP Send Problems with Apple Mail

If you are having problems with Apple Mail SMTP using IMAP, ensure you are using the following settings:

Mail > Preferences > SMTP > Edit SMTP Server List > Advanced

Automatically detect and maintain account settings: No
Port: 587
Use SSL: No
Authentication: MD5 Challenge-Response
Allow insecure authentication: Yes

For more information: How to setup Apple Mail