Spam filtering, virus scanning and bulk email policy

Spam Protection
PrecisionPros uses the latest and best in technology to combat and reduce unsolicited email (spam). We estimate that over 95% of all email traffic is spam. Spam is not only a distraction; it can serve as a vector for viruses, malware, and phishing attacks. Our email spam filtering system is a continuously-updated, multi-layered process that eliminates 98% of all spam with near zero false-positives. Below is the layering process:

Layer 1: The Gateway Scan
As soon as an email arrives the sending IP address is compared to an aggregated spam blacklist compiled from multiple spammer tracking systems. Our gateway servers also analyze the email message in the context of other arriving mail. If a large number of emails are coming simultaneously from a single IP or are addressed to random addresses that do not exist in our system, it could signify a spam attack and the email will be blocked. If the sending address is from a domain in our system but the mailbox does not exist the email will be blocked. This last case is called “spoofing” and it is the reason you may have received spam from your own email address or domain.

Layer 2: Cloudmark® Scan
All email is scanned by Cloudmark’s industry-leading spam detection software. Cloudmark uses Advanced Message Fingerprinting™ to detect spam, phishing, and viruses. Instead of relying on a spam blacklist Advanced Message Fingerprinting examines algorithm patterns that expose spam across all languages and character formats. These patterns are updated every 60 seconds based on worldwide feedback loops and the latest spammer tactics.

Layer 3: The Message Sniffer Scan
Email is then scanned with Message Sniffer from ARM Research Labs. Message Sniffer relies on pattern recognition and machine learning technology to detect spam and malware. It searches the entire message for spam, virus, and malware features including unusual headers, structural artifacts, message source behaviors, obfuscation techniques, email and URL targets, binary and image signatures, unusual code fragments, and even coding styles.

Virus Protection
PrecisionPros also uses the latest and best in technology to make sure your data isn’t compromised. Our antivirus system scans all inbound and outbound emails using a multistage process. The process is broken down into the following four stages:

Stage 1: Restricted Attachments
Virus protection starts with scanning messages for dangerous types of file attachments. Dangerous files are those that can execute code, which can be used by malicious persons to spread viruses or do harm to your computer. Restricted file types include, but are not limited to, program files (.exe, .com), script files (.bas, .vbs, .js), and shortcuts to files (.lnk, .pif). When an email is sent or received that contains a restricted file attachment, the email is rejected and the sender receives a “bounced” email notification informing them of the restriction.

Stage 2: Normalization
This stage of the email antivirus process searches for email formatting vulnerabilities that can be used by viruses to hide from virus scanners. If any vulnerability is found our system corrects the formatting of the message so that it can be thoroughly scanned for viruses. This is called “normalizing” the message, and most notably this process protects against known Microsoft Outlook security threats.

Stage 3: Decompression
Next, if the email contains any compressed attachments such as zip files, the compressed attachments are temporarily unzipped so that the contents can be scanned for viruses. Many of today’s viruses use compression as a way to sneak their way past virus scanners, sometimes even compressing themselves in several layers to try to hide from scanners. If an attachment cannot be decompressed, as might be the case for password-protected zip files, the original file is scanned for virus signatures that occur within compressed attachments.

Stage 4: Virus Scan
After the above preprocessing is complete an email antivirus scanner is used to scan the email and all of its uncompressed attachments. Everything is scanned to ensure maximum protection against new virus threats. ClamAV ( is the current scanner of choice, although our system was designed to be able to plug-in any virus scanner on the market should the need to do so arise. Updated virus definitions are automatically pushed to our system. This gives our customers protection from new viruses within minutes. Virus definitions are updated hourly. In contrast, most desktop and server anti-virus programs are configured to check for new virus signatures only once per day.

Bulk Email Policy
Our Bulk Email Policy is simple: Customers may not send email of similar content to more than 250 recipients. In our effort to make our email hosting services as reliable as possible we must restrict our customers from doing anything that could jeopardize the reputation of our mail servers. Thanks to our strict Acceptable Use Policy (AUP) our mail servers have a strong reputation for consistently sending legitimate email. Our customers benefit from this directly; email sent from reputable mail servers will be delivered promptly and effectively—arriving in their recipients’ inboxes rather than their spam folders.

One of the most important ways we protect the integrity of our mail servers is to restrict bulk email. Our AUP’s Bulk Email Policy restricts customers from sending any email of similar content to more than 250 recipients—even if the email is sent in batches over time or is sent using multiple email accounts. These restrictions are tough but they are necessary to protect our mail servers from potential blacklisting. If an ISP or another email host detects that unsolicited or undesired email has been sent from one of our servers (even just one email out of a thousand) the server may be blacklisted – which results in email delivery delays and may cause legitimate email to end up in recipients’ spam folders. This affects not just the offending customer but all customers sending email through the mail server. Though we have safeguards in place to promptly replace blacklisted servers, we must preserve our mail servers’ reputation for always sending legitimate email.

When email hosting companies compromise and allow their customers to send bulk email it negatively affects everyone. In fact, many businesses turn to us because of our strict AUP. They’re tired of having their email flagged as spam by their recipients’ email providers and they know that our AUP will prevent this from happening. It’s one more way that we’re Fanatical for our customers. We do recognize that many businesses need to send legitimate bulk email—and we are here to help. We have identified iContact, a leader in the email marketing industry, as a company that not only specializes in permission based, CAN-SPAM compliant, bulk email services, but that also shares our commitment to high quality products and reliable email delivery. To learn more about iContact and how they can help with your bulk email needs, please visit them at

Business email configuration settings

Server Configuration Settings:
Server Type Server Name Port
POP3 110
IMAP 143
POP3 with SSL 995
IMAP with SSL 993
SMTP with SSL 465


Mac Client Setup:

Mobile Device Setup:

Setup NTPD on CentOS

Procedure: Setup NTPD on CentOS Linux

Open the terminal or login over the ssh session. You must login as as the root user. Type the following yum command to install ntp
# yum install ntp ntpdate ntp-doc

Turn on service, enter:
# chkconfig ntpd on

Synchronize the system clock with server (use this command only once or as required):
# ntpdate

Start the NTP server. The following will continuously adjusts system time from upstream NTP server. No need to run ntpdate:
# /etc/init.d/ntpd start


Easy cut/paste



counting inodes

I like this script:


wget -O ~/bin/inodes
chmod +x ~/bin/inodes


Directory path is not required. If nothing is provided the present working directory is used.

Argument Example Description
-d inodes -d /path/to/dir Specify path to directory to scan. Optional, will use pwd if not specified.
-t inodes -t 50000 Display tree output for directories with over 50,000 inodes. Optional.
-e inodes -e 100 Exclude directories that are below 100 inodes. Optional


Steps to stay clean after malware removal

Steps to Stay Clean

If you are reading this page then you are on your way to being proactive and actively taking steps to help reduce the risk of reinfection. While no-one can promise you the risk will ever be zero, we can work together to ensure that its as low as possible.

Website Firewall – WAF

There are a growing number of software vulnerabilities being exploited by attackers, trying to keep up with it can be very challenging to you as a website owner. Let’s face it, when you created your website you were hoping it was going to be easy and weren’t interested in spending every day focusing on security. If this is you, then you’ll want to consider something like a Website Firewall to help keep your website performing and keep the hackers out.

Update your website(s)!

If you are using WordPress, Joomla (or any other CMS), and it is not already using the stable current version, take a minute to update please. Why? Because out-of-date software is leading cause of infections. This includes your CMS version, plugins, themes, and any other extension type.

Change your password for all access points. This includes FTP, SFTP (or SSH), Plesk, etc… .Choose a good and strong password. What often defines a good password is built around three core components – Complex, Long and Unique. The argument most make when it comes to passwords is that it’s too difficult to remember multiple passwords. This is true. It’s also why Password Managers were created.

Password Tip: Start using a password manager: Peguta <> and LastPass <> are good ones to use (online and free).

We cannot stress the importance of changing all passwords to include those not related to your CMS. Your website has various access points, attackers understand this and because of this they will often exploit multiple points of entry. At a minimum, be sure to update the password for all administrator accounts. We say all because often users will create more administrators than they require and will often update one, but forget about the rest. There really is no better time to clean than after a compromise, take advantage of this time.

* Joomla users <>

* WordPress users <>

* Drupal users <>

Change your database password. If you are using a CMS (WordPress, Joomla, etc…) change your database password. Please be sure to update your configuration file – Joomla: configuration.php and WordPress: wp-config.php. This is not an automated process so you will need to know how to open those files and edit manually. If you’re not familiar with handling changes in your database and configuration files, contact support.

*If you don’t know how to change your passwords (specified above), contact support for details.

Run a virus scan on your personal desktop/laptop.

In a lot of cases we see that websites are compromised via local environment (notebooks, desktops, etc..). Its why we always ask you take a minute to run an Anti-Virus product. If you’re OK with spending a little money, the latest reports show that BitDefender is leading the pack in malware detection on MAC’s and PC’s. Other alternatives includes Kaspersky for Windows and MAC, and Sophos and F-Secure for Windows. You can also try Avast, MSE, Spybot that are free alternatives and very good. Here is the bottom-line, it doesn’t matter how many times your site gets cleared, if your desktop is not clean, your site can get reinfected quite easily.

Start doing backups of your site

Afterthe site is clean and secure, a very good practice is to do daily backups at a minimum. There are number of backup solutions out there you can use, if you are a client of ours you can sign up for our Website Backup solution. It’s a simple configuration that works off SFTP and stores all your content, including the database, in the cloud.

Sucuri Security WordPress Plugin.

Whether you’re a Sucuri client or not, it doesn’t matter, we recommend leveraging the Free WordPress Security plugin <>. They provide detailed instructions on how to install <> and provide a more in depth discussion on WordPress Security Monitoring <>.

Clean your Kitchen.

Too often the issues we see plaguing our clients are caused by “soup kitchen” servers. Old installations of their content management systems, themes or plugins. Over time these old installs become forgotten but grow ripe with malware that’s ready to infest their entire server after each clean. Take a minute to separate those things that belong on a test, staging and production server.

Turn off STARTTLS in postfix – 5.7.0 must issue a STARTTLS Command

To disable TLS in the file for postfix - Change this line in the /etc/postfix/

submission inet n - n - - smtpd -o smtpd_enforce_tls=yes -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=rmit_sasl_authenticated,reject -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unah_destination

to the following:

submission inet n - n - - smtpd -o smtpd_enforce_tls=no -o smtpd_tls_security_level=may -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=rmit_sasl_authenticated,reject -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unah_destination

and then restart postfix:
service postfix stop
service postfix start


Plesk backup and restoration


Backing up your content is very important. Backups help protect your content in the case of unforeseen catastrophes and provide known good instances of your sites and data that you may revert to. While our system maintains regular internal backups of all customer data for emergency recovery purposes, these are overwritten on a rotating basis. Therefore, it is best not to rely on these backups for your individual backup needs. So, depending on the situation and timing of your need for a backup, these internal disaster recovery backups may not be a solution for you. This is where self-managed backups are important. Plesk itself has it’s own backup tool that you may use to manage your own backups to meet your specific needs. The following article details how to instantly backup your site,  and restore from backups you have created.

Creating an instant backup

With an instant backup, you can create an immediate backup of your domain’s configuration, data and/or email. The following directions detail how to create a full backup of a domain.

  1. Log into Plesk
  2. Click on Domains
  3. Click on Manage Domain or Manage Hosting
  4. Click on Websites & Domains
  5. Click on Backup Manager
  6. Then, click Back Up.
  7. Choose your options in the Backup Settings. This includes adding a prefix to the backup name, choosing to make a multivolume backup, where the backup will be created, and if a notification is desired.
  8. From the same window, choose the “Domain configuration and content” option. When this is done, the drop down box to the right will become active and you can choose the type of backup you want that will include content for your domain. The “All configuration and content” option will make a full backup of your domain.
  9. The last option on this page allows you to suspend the domain while it is being backed up. Suspending the domain will make the domain temporarily unavailable to web traffic while it is being backed up.
  10. When you are finished customizing your backup, click “Back Up” to immediately backup your domain.
  11. This will return you to the Backup Manager. When the backup is complete, you will see it listed below. You may need to refresh the page to see the new backup.
  12. At this point, you may also choose to save a copy of this backup to your local computer. To do so, click the green arrow that is to the far right of the desired backup.

Restoring a backup

  1. Log into Plesk
  2. Click on Domains
  3. Click on Manage Domain or Manage Hosting
  4. Click on Websites & Domains
  5. Click on Backup Manager
  6. Select the existing backup you wish to restore from the list of backups in your Server Repository or Personal FTP Repository.
  7. Select the items within the backup that you wish to restore.
  8. Click Restore to restore from your selected backup.


SSL certificate for VPS

Step 1:  Generate CSR

1  Login to your Parallels Plesk Panel.
2  Click on the Tools & Settings link on the left panel.
3  Click on the SSL Certificates icon.
4  Click on the Add SSL Certificate button.
5  Enter a name for your SSL.
6  Fill in your SSL details and click on the Request button to generate your CSR.
7  Click on the SSL name.
8  Scroll down the page to obtain your CSR for your SSL certificate.

Step 2: Buy/Regenerate SSL using CSR

You will need to purchase/regenerate your SSL using the CSR generated via Plesk in step 1 above.

Step 3: Install SSL in Plesk

To install your newly purchased SSL certificate via Plesk, please follow the below instructions:

On your Parallels Plesk Panel.

1  Click on the Tools & Settings link on the left panel.
2  Click on the SSL Certificates icon.
3  Click on the SSL name.
4  Scroll down and enter the Certificate and CA certificate in the provided boxes.
5  Click on the Send Text button.

Your certificate will now be installed on Plesk.

Step 4: Check SSL support is enabled via Plesk

To check that your SSL certificate is enabled in Plesk, please follow the below instructions:

On your Parallels Plesk Panel.

1  Click on the Domains link on the left panel.
2  Click on the Manage hosting link next to the relevant domain name.
3  Click on the Websites and domains tab.
4  Scroll down and click on the relevant domain name.
5  Under the Hosting Settings section, click on the tick box for Enable SSL support.
6  Select the appropriate SSL certificate name from the drop down menu.
6  Scroll down and click on the OK button.

Your SSL certificate will now be fully installed and enabled on your VPS.

cpanel to plesk migration

Prerequisites checklist

  • Your cPanel version is 9, 10, or 11
  • The destination server is running Parallels Plesk for Linux
  • Your Plesk version is 11.0.9+ with the latest updates installed
  • The Migration and Transfer Manager component is installed on the Plesk server
  • The Plesk server has at least one shared IP address and the same number of dedicated IP addresses as on the source cPanel server
  • Plesk has Mailman mailing list manager installed and configured (only required if the source cPanel server hosts mailing lists)
  • The source server accepts SSH connections from the destination server and password authentication for user root is enabled in the SSH server’s configuration (see Parallels Knowledgebase article #115625 for details)
  • SELinux is disabled on the destination server (only for the duration of the migration process)
  • Optional: The Plesk server uses same path to the virtual hosts directory as the source server (see instructions on how to change the path) Note: make sure that ‘.skel‘ directory is present in the virtual hosts directory location specified by ‘HTTPD_VHOSTS_D

Migrated objects and settings

Plesk and cPanel have different business models and features, requiring the conversion of migrated objects during deployment on the destination server. For example, cPanel’s parked domains are converted to domain aliases in Plesk.

Some objects and settings cannot be migrated due to technical limitations. For example, passwords for FTP users are not migrated because they are encrypted by cPanel. Plesk generates new passwords for FTP users during the deployment process and reports them in the migration results report.

For a full list of migrated objects and technical limitations, refer to the Preparing for Migration: cPanel chapter from the Installation, Upgrade, Migration, and Transfer Guide from Parallels.


Open the Migration and Transfer Manager in the Plesk interface:

Tools & Settings → Migration & Transfer Manager and click on the Start New Migration button.

Step 1:

On the first step of the migration wizard, input the source server hostname (or IP address), the SSH server’s port, and the root user password. Then choose whether to migrate the whole server or to perform a selective migration. Leave the Use rsync transport option enabled — this will improve the speed and reliability of the data transfer, as well as lower the free disk space requirements for both the source and destination servers.

Migration Settings

You can specify the location of temporary migration data on the source (Migration & Transfer Agent upload path) and destination (Temporary Files Location) servers. If the source server hosts large databases or if the option Use rsync transport had been disabled, it is recommended that you check these paths point to locations with enough free disk space.

Step 2:

If selective migration was selected in the previous step, the Migration and Transfer Manager wizard will present a screen with a list of accounts on the source server, each with a check-box to select. Additionally, you will be offered the choice to transfer all data, mail only, or everything except mail. By default, all data is migrated.

Step 3:

The next step — IP address mapping — allows you to choose an IP mapping scheme, i.e., which IP addresses domains will have on the destination server, based on the IP address they had on the source server. Two or more shared IP addresses can be mapped to a single shared IP address on the Plesk server, but mapping of dedicated IP addresses is done one-to-one. IP addresses are changed in domains’ DNS records and hosting setup during deployment.

Define IP Addesses Mapping

Step 4:

After that, your migration will start. Progress can be monitored on the Migration & Transfer Manager screen. Upon completion, the Migration and Transfer Manager will report on the general status of the migration (Completed or Completed with errors):

Migration & Transfer Manager screen

If the migration finishes with errors, links to view or download the migration results report will be available on the migration process screen. To access it, click on the source server’s hostname in the list of migrations:

migration results

container file cleanup

cd /vz/root/

rm -rf */var/www/vhosts/*/statistics/logs/*.processed
rm -rf /vz/root/*/var/lib/psa/dumps/*
rm -rf */var/www/vhosts/*/statistics/logs/*processed*
rm -rf */var/www/vhosts/*/statistics/logs/*.processed.*
rm -rf */var/www/vhosts/*/statistics/logs/error_log.*.gz