Home > Hosting, Servers & Security >

Guide to hiding Server/Lander location, making DDOS impossible and sending bulk mail (8)

11-08-2014 03:06 AM #1 SergeiGlaukus (Member)
Guide to hiding Server/Lander location, making DDOS impossible and sending bulk mail

Hey guys,

This solution is practical. I have set this up and it works in the real world.

I got a lot out of the community this year, therefore I think this is the right place to give something back and share a solution that is

- affordable - no additional monetary cost
- anonymous
- performant
- reliable
- available

Currently I have dozens domains, Sites and Postboxes as well as multiple web apps in Python, Java and Ruby running on a Dedicated Server in Germany.
I have also setup several servers and systems for clients that are sending bulk e-mail (30k addresses) with OpenEMM and Interspire.

The problem with this is that sending out bulk e-mail without double opt-in has high fines as a consequence in Germany. Also no provider (mailchimp, aweber, etc) will accept the lists.
We found a solution how not to get blacklisted and a black hat way around the privacy laws of Germany. As Germany has the strictest privacy laws in the world this will be legal anywhere.
I can tell you later how to send out bulk mail.

For my tracking purposes I currently use Voluum, but this guide should be applicable to self-hosted trackers as well.

So whats my problem?

I don't want to be linked to my offers. IN NO WAY.
I want nobody to be able to recognize other offers I am running when being on a landing page.
I want to hide the true location of my server.
I want to grow my list.
I want my email to have high delivery rates and also hide the location of my mailserver so it can never be DDOSed
I want my pages to be served as quickly as possible even though my server is in Europe
I don't like using the cloud because I want to own my data and like to handle my own backups and PURGE data when necessary

The problem is that when people are on the landing page they can check the IP of the server.
When they enter this IP or domain into a reverse lookup like this: http://www.tcpiputils.com/ they can find out all the domains belonging to this IP, therefore identifying all your other offers when they run on the same server.
When knowing the IP they can see the location of the server.
Also just using cloudflare does not hide the MX Record and in most cases not the IP. Therefore you are still identifiable and DDOSable.

Usually people are using the same mailserver IP even when they have different domains. As mxtoolbox puts out the IP of the mailserver by displaying the MX record, you can reverse it. When using Fallback IPs, you still can reverse the true IP that probably runs the mailserver.

There is one advantage of using a dedicated server over using shared/cloud: you have total control.

The other side of the coin of running a dedicated server vs running shared hosting: Usually when using one dedicated server, all the mails and domains point to only one IP address.
If you host all domains and even your mail on that IP, people can figure out all the other domains/offers/landing pages you run.
If you don't pay attention, people might be able to realize your identity because you DID NOT pay attention and one domain can be linked to you, maybe because of old content your forgot about.

When using shared/cloud you are at the mercy of your host so that not all your domains are on the same IP address and connectable.

Ok, so we need to setup the following

1) Privacy Domains
2) Reverse Proxy for Web Server
3) External DNS Service
4) SMTP-Relay (Inbound + Outbound) for Mail Server
5) bulk mail server with newsletter software

1) Privacy Domains

I recommend namesilo.com. They have the cheapest domains of all registrars when you want full domain privacy.

beware of some hosts. For example dynadot.com still puts your full name in the whois info, even though they promise privacy

Just use namesilo.com, namecheap.com or internetbs.net for registering your domains.

2) Reverse Proxy for Web Server + 3) External DNS Service

I recommend cloudflare.com. They even provide Free SSL Encryption for all domains!

This is one of the best services ever.

It is a CDN, DNS Service and Reverse Proxy.

It makes you more money because landers loadd faster.
It makes you more money because in case of a downtime of your host the lander still works and Voluum can forward to the offer.
it makes you more money because when setting it up correctly nobody knows your true server location and nobody can DDOS your server.

When setting it up you need to make sure to "accelerate" all A records by activating the orange clouds: https://www.dropbox.com/s/sulrn11k8t...09.24.png?dl=0

Also you need to setup an SMTP relay and point the MX record to the new domain. Delete all the mail A records. Otherwise people could still figure out your server IP.

4) SMTP-Relay (Inbound + Outbound) for Mail Server

I recommend mailgun.com. It's free until you send more than 10000 per month or use it for more than 1000 domains.

a) register there and add all your domains.

For all domains except of one that is never used for your landers, delete all mail A records and MX records from cloudflare. Then follow the instructions to setting cloudflare up.

b) Add a catchall route and forward like this to all domains that you need to cloak

https://www.dropbox.com/s/9dgk6rqzml...48.25.png?dl=0

you will need to choose one domain that you will never cloak using this method that is on the same server as the other domains.

Create a forward like mailgunabc@domainNOTcloaked.com and forward it to abc@cloakeddomain.com.

As the domains are on the same server, they will be just put into the right postbox and don't travel over the Internet.

c) Did you know that most apps and services you send mail with, include information about your system, your local IP address and hostname?

I will include a tutorial on automatically stripping mails from private data soon.

Now just use mailgun for sending your mail by reconfiguring all the devices with the new mailgun login and password.

5) bulk mail server with newsletter software

reserved for the future


You now have hidden your server location as much as possible. Also receivers of your mail will never know your true server location.

I am using this in practice and only the companies cloudflare.com and mailgun.com know where my server is truly located are. Nobody else can figure out my which domains run on the same server.

As long as you never break the law and do something that is illegal in the USA, you are safe with this method.

I will continue this thread with even more tutorials if you are interested in more practical know how.

11-08-2014 03:33 AM #2 constantin (Member)

awesome share!!! can't wait for the next parts.

11-08-2014 05:50 AM #3 zeno (Administrator)

Nice!

Bookmarked and one to read through with a fine toothed comb. This kind of stuff makes the tech side of my brain ooze alpha waves.

11-09-2014 05:33 AM #4 constantin (Member)

Could you elaborate specifically on the cloudflare stuff? I'm really curious about the details of the cloudflare setup. Thanks!

11-09-2014 06:41 AM #5 _mcr_ (Moderator)

What is your monthly email volume?

11-09-2014 01:11 PM #6 bbrock32 (Administrator)

Love these kind of technical posts that can give you a competitive advantage, thanks for sharing.

Going to keep an eye on this thread for updates.

11-09-2014 01:21 PM #7 fbqueen (Senior Member)

Awesome share!

I'd love to hear more about the cloudfare stuff too!

11-10-2014 07:28 AM #8 SergeiGlaukus (Member)

@_mcr_: I have setup systems for clients. they send out up to 100k mails per month. I setup an openEMM system for them. My own lists are still small.

Ok, thank you for the positive replies. I am going to continue writing then...

Home > Hosting, Servers & Security >