Advanced Spam
Feb 24, 2007
People have been abusing my web proxy servers to send SPAM emails. I use PHProxy and I have no mail ports open on my server, or any mail scripts. My network is http://privax.us
Examples of emails (I have listed some notes):
My IP: 75.126.48.148
[url]
Received: from mail.anpmall.net ([75.126.48.148]) by mail.anpmall.net with HTTP (Code-Crafters Ability Mail Server 2.55); - Hmm?
----------------------------------------
My IP: 75.126.48.148
[url]
----------------------------------------
My IP: 75.126.48.146
[url]
Received: from 216.154.195.49 ([172.18.12.134]) by vms047.mailsrvcs.net (Sun Java System Messaging Server 6.2-6.01 - hmm Java?
----------------------------------------
My IP: 75.126.48.148
[url]
I found in logs access to webmail.bellsouth.net at the time of the spamming, so I have blocked use of bellsouth.net on my proxy and banned the IP's. See
[url]
----------------------------------------
These are just some of the spam reports I have, and this is really doing my head in. As mentioned my servers do not have mail ports or mail scripts on them. They use webmin (stripped features) for a control panel.
I really need to find out why my IP is always at the bottom of this. I have asked in this forum before but did not have much luck. I have also contacted security companies to help but they were not sure what is happening.
One theory is the spammers use web based email systems, and when they submit the form the IP (from a PHP POST variable) is my IP because they are running under my proxy. But I have always assumed that if you have an email form and submit it, the server hosting the forms IP gets sent, not the actual persons IP.
That is one theory, but at the end of the day I'm still clueless to how to block this. I have blocked the use of bellsouth.net on my servers but a lot of the spam is coming from anpmall.net as mentioned above.
View 1 Replies
ADVERTISEMENT
Jul 11, 2007
I know how to use basic URL rewriting, but I'd like to redirect URLs like this:
[url]
to this:
[url]
Is that possible to do this with Apache mod_rewrite?
View 4 Replies
View Related
Nov 27, 2007
I have a Windows 2000 Advanced Server where there's a performance issue with some of the .asp pages that retrieve data from Access databases, (I know Access databases aren't ideal for data). These pages will just get stuck/freeze, and then either suddenly spring back to life, or give a script timeout error 0113.
The largest Access database I've seen is 136MB (is that way too large?)
I will probably move some of the large Access databases onto a different server but before I do:
- Are there any tools you can recommend to diagnose exactly what files / databases are causing the problem. I don't think the Win 2000 performance monitor tools even work.
- Can anyone explain more about the technicalities behind this issue. I expect it has something to do with processes, threads, memory, Access drivers being loaded into memory etc etc. Can anyone tell me what they know to put me in the picture better?
View 1 Replies
View Related
Mar 23, 2007
I'm trying to delete the IP addresses in the nameserver registration but when I follow the instructions by clearing each input box and then clicking save I get these errors:
ns1.domain.com Error: Nameserver registration failed due to error 533: Object association prohibits operation
ns2.domain.com Error: Nameserver registration failed due to error 533: Object association prohibits operation
Ive contacted namecheap but I still havent heard back from them. Anyone know whats going on? I cant seem to delete these.
View 4 Replies
View Related
Oct 29, 2009
We have discussed all the basic methods of securing and hardening the server. Lets leave all the basic and general server securing and hardening I have started this to get advance knowledge in securing and hardening of the server so that it will usefull for all the person So i request all to provide all the vaulable tips and suggestions in advance securing and hardening of linux servers I welcome all the comments related to advance securing and hardening of linux servers.
View 5 Replies
View Related
May 8, 2009
I am trying to find an application that can listen on a given UDP port, say "6271" and forward all traffic (UDP) sent to that port to another IP (not on the same subnet).
I should not call this forwarding, but instead, cloning (because forwarding usually is only on the same subnet or vlan). The packets should not be modified, (thus IP information in packet ect.)
Is this possible? I have tried some applications such as,
samplicator
View 4 Replies
View Related
Sep 19, 2014
You can edit the nginx directives for the desired vhost at the webserver config. However, it seems like that you can only add basic directives, but not something like that:
Code:
http {
# memcached servers
upstream memcached-servers {
server 127.0.0.1:11211;
}
[Code] ....
How can I do that?
View 4 Replies
View Related
Oct 17, 2013
Microsoft Windows Server 2008 R2 Service Pack 1
Panel version 11.0.9 Update #59, last updated at Oct 3, 2013 02:06 AM
MailEnable version 5
I see in the plesk documentation that the screen to enable SPAM filtering for an individual there is an option to "Move spam to the Spam folder". I don't see that option so I am wondering if it is only available on some versions of Plesk, or in combination with certain mail servers. How to make that option available?
View 3 Replies
View Related
Dec 11, 2007
i want to install PHP 5.2.5 with shared extensions on a linux Centos 4.4 well everything goes fine i installed and it work but i found out that when you use for example --wtih-mysql it bundles the mysql extension in the php it self so i find out about the shared directive and i did --with-mysql=shared,/mysql/path now php is building the mysql.so but when i include it in php.ini and restart the server i get the folowing error in httpd.conf: PHP Startup: Invalid library (maybe not a PHP library) 'mysql.so' and the extension doesn't work. I was very disapointed and building the php 10 000 times, and then i decided to use extensions bundled in the php and i remove all the shared directives from the ./configure command and build the php and miracle happend when i saw the configure command in phpinfo() it was very different from the one that i wrote in console every extension had "shared" (even the extensions that doesn't haved shared directive before i remove them) and they didn't make errors in httpd.conf and they work perfectly, but not for long after the next rebuild everything was again or bundled or drops errors in httpd.conf and not working.
So lets cut it out:
How can i make all extensions shared and enable/disable them from php.ini
View 0 Replies
View Related
Nov 17, 2008
One of our customers on a VPS downloaded this file and then ran it perl bnc.txt
I am wondering if its a spammer using the script to send spam.
It seems to be written in Portuguese, I have translated parts of it and it reminds of of the typical spam subjects you find now-a-days.
View 6 Replies
View Related
Aug 15, 2008
We are having some big issues with a spam bot on the server. We can remove the bot but could you please explain, IN DETAIL , how to configure the NAT to prevent outbound port 25 connections to the internet except from our real mail servers on with windows server 2003. Currently, the only firewall on this system is the standard windows one.
View 1 Replies
View Related
Aug 19, 2007
through some accounts on the server and the amount of spam in their mail queue is really frustrating. I had to set admin accounts for each site I run and the spammers have discovered them, so I am looking for a ssh command where I can just easily clean all the spam out. I tried cat /dev/null > /var/mail/"the username" but that didn't work.
View 1 Replies
View Related
Nov 6, 2007
Someone on our server is sending spam mails, he does not know about it.
Most spam are sent to aol.com,gmail.com and cs.com
I'm getting loads of these Mail delivery failed mails:
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
The e-mails come from the system/user account e-mail of the domain (usernameDA@domain.com), where DA is Direct Admin.
I think it sent more then 30.000 mails in 2 days.
Also received a complaint from aol.
How can I trace this? What can I do to fix it?
Is it a some crappy written php script?
He said he updated joomla, wiki and smf forum.
View 13 Replies
View Related
May 1, 2008
I use cpanel license, i enable phpsux on my server, but user can send email without smtp address.
how can pervent user for send mail without smtp?
View 3 Replies
View Related
Jan 29, 2009
I just got this from EasyAntiSpam. Unless my address is harvested from the HostingCon database, I've certainly never been in touch with them. Disappointing either way.
Matt:
Good afternoon! I hope you are doing well. I am the new Director of Sales for Easy Antispam and I wanted to get in touch with you to find out who currently provides you with your anti-spam solutions?
I have listed below a few key benefits for our antispam solution here at Easy Antispam [url]
· Fully brandable quarantine with customizable url
· Customer level whitelisting
· Nothing to install. No complex configuration changes to make.
All you have to do is redirect the MX.
Easy Antispam is a service of Interjuncture, Corp. which was founded by George A. Roberts IV and Frank Spaulding in 2004. Easy Antispam offers a solution that doesnât cause more problems and work than the spam itself. Thousands of businesses, organizations and individuals rely on Easy Antispamâs Email Protection Services to defend their inboxes against spam and other threats. So, what are YOU waiting for? Get protected, sign up now for a 30 day free trial.
View 14 Replies
View Related
Apr 18, 2009
I have a linux server with shared hosting ,now for couple of days one of my client face problem regarding spam with gmail,I have also cross-checked all the mandatory records,and we have already create MX,SPF & reverse dns record with domain keys for that domain.
View 5 Replies
View Related
Jun 25, 2009
im getting 50 and more spam mails each day, how do i secure my vps to stop 99% of the spam from coming in as i understand theres no way to completely block spams.
Im using directadmin control panel and enabled SpamAssasain but its not much of use even when i apply strict options on it.
View 3 Replies
View Related
Jan 5, 2009
I used to have a reseller account and have shifted everything to a dedicated server. I now find that a couple of clients are getting lots of spam when they didn't before.
It seems that the servers used by the reseller account had some level of basic spam filtering installed; my provider suggested I look for a filtering program to install on my server.
There are, of course, dozens of them, so I wondered if anyone has any experience - enough, perhaps, to make a recommendation.
View 6 Replies
View Related
May 12, 2009
I'm having difficulties with a whm running on centos dedicated server. The problem is that we receive too much of spam and junk emails. by too much I mean 2000 bulks per week. It's killing us.
how I can stop it.
View 14 Replies
View Related
Jul 5, 2009
I am facing some major SPAM problems.
I am a web host from the city of Kolkata, India.
Almost 95% of my clients are from my city - others are also known to me. I know many of them face to face - there are very little chances that any of them are SPAMMER.
Still my server IP is blacklisted - several times in last 1 year - I changed my datacenter - but the problem still persists.
View 10 Replies
View Related
Apr 2, 2009
We're using whm/cpanel and we're always up to date with the latest upgrades (with all our scripts).
2 weeks ago, we receive a notification from SpamCop saying that our server was sending out spam. We verified everything and found nothing. 2 days ago, same story.
We tried looking at our logs and found nothing. Does this mean that there's a security hole somewhere? How can we find out from where the spammer is sending his viagra emails from ? We do not want to be permanently banned because of a spammer.
View 5 Replies
View Related
May 27, 2009
I have problems with my mail server.
I have installed cPanel WHM.
In my server there are many accounts and now I discovered that not all accounts, when they send email to hotmail and yahoo, go to spam.
It does not happen in all accounts.
How can I bypass the filter of yahoo and hotmail for all domains configured on my server?
View 4 Replies
View Related
Mar 31, 2009
i have this in my account:
/cgi-bin/check.cgi
/cgi-bin/gz.cgi
/cgi-bin/km.cgi
/cgi-bin/hnc.cgi
/cgi-bin/ypej.cgi
some script that sends (a LOT)spam, and dissapears
Does anyone know what that was?
i cannot find anything about it
i disabled cgi scripting,
View 2 Replies
View Related
May 20, 2009
I guess the economy must be hitting them hard. They have resorted to unsolicited commercial email, everyone's favourite.
Quote:
I hope this finds you well. I am currently attempting to reach out to companies that offer web hosting services and either use, or have used, Parallels Plesk Panel as a part of the service offerings. The goal is to re-introduce Parallels Plesk Panel and hopefully revive any previously established relationships. This includes looking into why the Parallels Plesk Panel business slowed, or stopped completely, within your organization.
We are working very hard to establish a reputable channel within the hosting marketplace. In order to do so we need to look at what is currently working and what is not currently working. The best place to begin this research is with companies that have used us, but now don't really offer our products. With that said, are you available for a phone call to discuss?
My goal is to understand:
* Do you currently offer control panels, if so, is Parallels Plesk Panel a part of your offerings?
* If you are no longer offering (pushing) Parallels Plesk Panel, is there a reason?
* Would you be receptive to some sort of "trial" program to re-introduce you to Parallels Plesk Panel and our Service Provider Partnership Program?
I look forward to your response and hopefully speaking with you soon.
Antoine Wilson
Partner Recruitment Manager
Service Provider Division
Parallels, Inc.
+1 (703) 995-4170 Direct
+1 (703) 991-5511 Efax
AIM: scrams93
Skype: antoine.wilson
ICQ: 215351114
View 13 Replies
View Related
Jun 17, 2009
I was running an IP check on spamcannibal.org
It shows blocked because of this reason:
no reverse DNS, MX host should have rDNS - RFC1912 2.1
Is it actually possible to setup some kind of generic ptr records on IPs, even if they are assigned to dedicated server clients?
View 3 Replies
View Related