Do not send e-mail to me!
 

Irondome

The effective and low cost email protection for cPanel and DirectAdmin

Irondome is an anti-spam filter that runs locally, but it queries the SPFBL.net database in real time. The filter is installed by our script and your email server will be immediately protected. Our system will interact with sender and recipient to try to resolve suspect cases and avoid your support team be called. All email passing by the filter can be visualized and managed through the control panel.

How it works

All notorious spammers will be blocked immediately and they will receive a rejection warning message from our system.

In the case of a false positive, the sender will be able to ask for release and our system will contact the recipient to confirm it.

If the recipient agrees with the release, then our system will send a warning message to the sender explaining that he was accepted and can now resend the message.

All suspect messages will be held in the email server queue and our system will send a warning message to the sender informing that.

If the sender asks for the message to be released, then our system will contact the recipient to confirm it.

If the recipient agrees with release, then our system will request your email server to release the message so that it can be immediately delivered to the recipient.

All released senders will be added in the whitelist, so any other future messages from the same sender will pass directly. System works in a peer-to-peer collaboration environment, which means it is refined with each human interaction.

Features

  • Uses a big reputation database shared with many other SPFBL network providers, involving IP ranges, domains and ASN.
  • Works with clamav-unofficial-sigs that have the most effective malware signatures. By the way, we work directly with a clamav-unofficial-sigs partner to provide new threats samples to improve its effectiveness.
index
  • Does anti-spoofing checking to avoid spoofing attacks come as sent by big companies or by the same recipient’s company.
  • Does deep analysis in the subject to find word combinations used for spam, leet and many other techniques to confuse anti-spam systems.
  • Creates spamtraps automatically considering the nonexistent accounts receiving massive spam and not receiving good emails.
  • Prevents from many phishing attacks, using our own phishing database and others like Google Safe Browsing® and Porcupine®.
  • Checks recent created domains and combine this criteria with others to get spammers. Many spammers uses recent and low cost domains to avoid bad reputation scores from old one.
4205999
  • All spam are reported to the origin data center or ISP, so the spammer will have to account for its bad deeds.
  • Integrated firewall capable of protecting your email server against massive abuses, which can even prevent DDoS to the SMTP service. It limits 8 SMTP connections every 10 minutes from IPs without legitimate sending but with massive volume of abuses.

How to try it

You can try this solution for free for 30 days. You must contact us so we will release your email server IP to it have access to our SPFBL server. After that, you must follow these steps:

If you operate an cPanel, open the port 9877 TCP OUT in its firewall and run this command as root in your email server shell:

curl -s https://raw.githubusercontent.com/leonamp/SPFBL/master/client/spfbl.cpanel.sh | sudo bash /dev/stdin install

If you operate an DirectAdmin, open the port 9877 TCP OUT in its firewall and run this command as root in your email server shell:

curl -s https://raw.githubusercontent.com/leonamp/SPFBL/master/client/spfbl.directadmin.sh | sudo bash /dev/stdin install

Once that’s done, disable any other incoming filters to avoid conflicts with Irondome, including RBL checks and SpamAssassin.

 

It is important to know that this installation process will invoke the clamav-unofficial-sigs installer, which is a version with much better level of detection than the official Clamav, and this can cause the Irondome installation process to stop for a few minutes as this stop is an imposition of itself clamav-unofficial-sigs. Furthermore, your email server may notice changes made to the official Clamav and send security alerts. If this occurs, you can ignore these alerts as the installed version is reliable.

 

To uninstall, just close port 9877 TCP OUT and run the command below:

If you operate an cPanel, run this command:

curl -s https://raw.githubusercontent.com/leonamp/SPFBL/master/client/spfbl.cpanel.sh | sudo bash /dev/stdin uninstall

If you operate an DirectAdmin, run this command:

curl -s https://raw.githubusercontent.com/leonamp/SPFBL/master/client/spfbl.directadmin.sh | sudo bash /dev/stdin uninstall