Want less spam?

Follow the tips in this 2 minute video tutorial to learn how to set up Greylisting and SPF anti-spam features in Plesk 11.

How to Setup SPF & Greylisting

SPF in Plesk 11

Sender Policy Framework (SPF)  helps prevent email spoofing by verifying the sender’s IP address against a DNS record.  This helps cut down on spam, phishing and other malware attacks.

You can easily enable SPF in Plesk by checking this box which is found in the Mail Server Settings section under the Tools & Setting menu.


spf plesk 11
Use the fail option in production. This provides you with SPF validation protection but reduces the impact of false positive results.


SPF Checking Mode

There are several modes in this section, but these are the two modes you will probably use.

Only Create Received-SPF headers, never Block

This is suitable for testing.   With this enable, your server will check but not block email based on SPF records.  You can check the email headers to see the results.  If the system is working properly, you can then enable blocking based on SPF validation results.

Reject mail when SPF resolves to “fail” (deny)

I recommend the SPF fail setting in production.  This setting will reject email that fails SPF checks.  An email will fail an SPF check if the sending server’s IP is not permitted in the SPF record.  This is a fantastic way to protect against phishing attacks and some spam.

I don’t recommend any values for the other boxes. They represent specialized use cases and can be left blank.


Greylisting in Plesk 11

Greylisting blocks spam by temporarily rejecting an email when the sending server is not known.  After the initial rejection, the sending server will try sending the email again.  On the second attempt, your server accepts the email.  This blocks spam because many spam bots never try to resend an email after the initial rejection.

You can enable greylisting in Plesk by checking the box.  This box is found in the Spam Filter Settings section under the Tools & Settings menu.


greylisting plesk 11
Enabling greylisting can significantly reduce spam at the expense of causing delays in legitimate email delivery.

Greylisting works because many spam bots never try to send the email again.  As a result, greylisting can be highly effective at blocking spam.

The drawback is that greylisting interrupts regular email delivery processes.

For example, when you request a password reset link from a site, the server often immediately sends you an email. If your server has never seen this sender, greylisting may block the email.   As a result, you have to wait around for that reset email – perhaps as long as an hour or more depending on the setting of the sending server.

I suggest you leave greylisting off unless you have an exceptionally high spam burden that other tools in Plesk are not resolving.  The frustration it can cause often outweighs the benefits, especially if other tools are adequately blocking spam for you.