Do You Report Spam To Spamcop
Feb 10, 2009
I regularly report spam that makes it through an RBL (sbl-xbl.spamhaus.org), SQLGrey, and an internal blacklist. I've noticed that the spam I get originates all over the place (though uu.net seems to be getting more popular). However, one host stands out when it comes to the spamvertised websites that are being sent - theplanet.com. In looking the past 30 days of spam reports 60% have advertised a site hosted on [url]
Do you report spam via spamcop? Who is your biggest sender and hoster?
Please understand that I filter hundreds of spam messages a day (about 560 yesterday). These are only the ones making it though.
View 7 Replies
ADVERTISEMENT
May 19, 2007
I have a spamcop report saying that my site was spamvertised.
If true (and I don't even know how to verify it), it was through no doing of my own.
Is there a way to deal with that?
View 5 Replies
View Related
Mar 14, 2008
We have see a interesting system from one competitors:
any user that have a email account receive any 24 hours a email report of all spam receive (as html attach)
In this html file there is list and flag and user can be indicate that is NOT a spam and click submit into html file that send information to mail server
May be interesting system
We use exim on ours server and horde as webmail..
View 2 Replies
View Related
Oct 14, 2007
I have linux centos 5 and the latest horde imp
I enabled this in conf.php:
$conf['spam']['reporting'] = true;
$conf['spam']['program'] = '/hsphere/shared/bin/sa-learn --spam';
but the spamassassin database is not updating.
View 2 Replies
View Related
Mar 15, 2009
Today my site was reported for the second time at SpamCop.net as spamvertised site. Somebody is just copy pasting content from my site and is spamming people with it. It is done without my knowledge or consent. Unfortunately, today KnownHost supported me for the second time asking me to remove the domain/exploits or face account suspension.
how to deal with it? Recently one of my sites was penalized by Google all of a sudden, which brought down my adsense income by 1/3. I suspect that it might have something to do with this abuse.
I have already set an SPF record to prevent domain masking, but they are sending it from their own from address. Has anyone here ever faced anything like this? Can someone please advice me what to do?
View 14 Replies
View Related
Mar 30, 2008
So I get this email today from SpamCop complaining about my server sending unsolicited bounce messages.
Well yea... thanks to spammers domain spoofing and sending spam to my server, my server finds that there's no address - so it replies to the spoofed address.
My question is.... what do I do about it? The spamcop site has this to say... Though if I setup the server to do something odd like not sending a bounce because it's "filed internally", how will legit people get the proper bounce response??
Problem: Misdirected bounces
Description: When a mail server accepts a message and later decides that it can't deliver the message, it is required to send back a bounce email to the sender of the original message. These bounce emails are often misdirected.
Solution: Upgrade and/or configure your mail server software so that this situation is never encountered. Configure your software to either reject messages during delivery or accept them permanently. Do not let your software make choices about delivery after it has accepted a message. If you must accept delivery before you know the status of a message, then file it internally - do not send, forward or bounce it outside your organization. The errant message can be placed in a special folder or routed to your postmaster.
View 2 Replies
View Related
Sep 27, 2007
Now they stated this.. but im totally unsure what it means. If anyone knows. what section is for what... i only see the ip once, that they reported the spam come from 66.79.165.30.
Code:
X-Apparently-To: x via 66.163.179.144; Wed, 26 Sep 2007 11:00:52 -0700
X-Originating-IP: [68.230.241.14]
Authentication-Results: mta175.mail.re2.yahoo.com from=cox.net; domainkeys=neutral (no sig)
Received: from 68.230.241.14 (EHLO fed1rmpop110.cox.net) (68.230.241.14)
by mta175.mail.re2.yahoo.com with SMTP; Wed, 26 Sep 2007 11:00:52 -0700
Received: from fed1rmimpo01.cox.net ([70.169.32.71])
by fed1rmmtao105.cox.net
(InterMail vM.7.08.02.01 201-2186-121-102-20070209) with ESMTP
id <20070926175141.MUBZ11358.fed1rmmtao105.cox.net@fed1rmimpo01.cox.net>;
Wed, 26 Sep 2007 13:51:41 -0400
Received: from fed1wml11.mgt.cox.net ([172.18.180.10])
by fed1rmimpo01.cox.net with bizsmtp
id t5re1X00W0DrMWL0000000; Wed, 26 Sep 2007 13:51:39 -0400
Received: from 66.79.165.30 by webmail.west.cox.net; Wed, 26 Sep 2007 13:51:38 -0400
Date: Wed, 26 Sep 2007 10:51:39 -0700
From: UK NATIONA LOTTERY <gailpmm@cox.net>
Reply-To: mrsjuliaelm@hotmail.com
Subject: Congratulation! you have won
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Priority: 3 (Normal)
Sensitivity: Normal
View 12 Replies
View Related
Sep 13, 2007
FAILReverse DNS entries for MX recordsERROR: The IP of one or more of your mail server(s) have no reverse DNS (PTR) entries/* (if you see "Timeout" below, it may mean that your DNS servers did not respond fast enough)*/. RFC1912 2.1 says you should have a reverse DNS for all your mail servers. It is strongly urged that you have them, as many mailservers will not accept mail from mailservers with no reverse DNS entry. You can double-check using the 'Reverse DNS Lookup' tool at the DNSstuff site if you recently changed your reverse DNS entry (it contacts your servers in real time; the reverse DNS lookups in the DNS report use our local caching DNS server). The problem MX records are:
22.130.197.82.in-addr.arpa [No reverse DNS entry (rcode: 3 ancount: 0) (check it)]
FAILAcceptance of postmaster addressERROR: One or more of your mailservers does not accept mail to postmaster@myminiaturepainting.com. Mailservers are required (RFC822 6.3, RFC1123 5.2.7, and RFC2821 4.5.1) to accept mail to postmaster.
mail.myminiaturepainting.com's postmaster response:<br /> >>> RCPT TO:<postmaster@myminiaturepainting.com><br /> <<< 550 <postmaster@myminiaturepainting.com>: Recipient address rejected: User unknown in virtual mailbox table <br />
what do these dns fail report mean in english? that there's something wrong with my host company and i should dump them?
View 2 Replies
View Related
Jul 12, 2008
The mytop has installed on DB server. When run mytop command the following status displaying more. Please let me know what is this exactly.
194545 user localhost testdb 5 Sleep
192371 user localhost testdb 184 Sleep
191333 user localhost testdb 272 Sleep
191233 user localhost testdb 279 Sleep
191031 user localhost testdb 296 Sleep
View 1 Replies
View Related
Jan 6, 2008
whm take one error report to me
S.M.A.R.T Errors on /dev/sda
From Command: /usr/sbin/smartctl -q errorsonly -H -l selftest -l error /dev/sda
Please note the following marginal Attributes:
ID# ATTRIBUTE_NAME FLAG VALUE WORST THRESH TYPE UPDATED WHEN_FAILED RAW_VALUE
190 Unknown_Attribute 0x0022 056 044 045 Old_age Always In_the_past 44
----END /dev/sda--
View 1 Replies
View Related
Nov 23, 2008
I'm hosting my website on a shared hosting, and recently the ip 87.255.1.42 began sending DoS attacks to my website - there are constantly being sent queries to the starting page of my website, more than 400,000 queries/day.
It's not doing any significant damage but overloads the server every day, and I would like to know how to report this attack to any authority who can stop the attack.
I queried the RIPE database
db.ripe.net/whois?form_type=simple
View 2 Replies
View Related
May 30, 2007
I have run rkhunter and got the following report, I have checked everything and seems to be fine. Also, I have run rkhunter --update and didn't help. How can remove this bad messages? Do I need to reinstall the package?
/bin/dmesg [ BAD ]
/bin/env [ BAD ]
/bin/grep [ BAD ]
/bin/kill [ BAD ]
/bin/login [ BAD ]
View 6 Replies
View Related
Nov 17, 2007
I have a box (CentOS + Cpanel). build a script send me email report and keep it run hourly or daily?
Example i got this command:
Quote:
find / -name "*.anyext." -exec grep -i "something" {} ; -print
I want make a script run this command everyday and send me email about result from that command.
View 1 Replies
View Related
Mar 9, 2009
I have been receiving unsolicited emails from a site which is hosted on DonHost servers in UK.
I have been receiving these emails for the last 3-4 days on my business email which is not on any list. I think the sender is complete amateur because he is using CC and I can see everyone's emails. They are mostly local companies and Government offices so they way this person gathered the email list is very questionable.
I contacted DonHost on www.donhost.co.uk and sent them an email to their Support but they haven't even replied to me.
View 14 Replies
View Related
Jul 16, 2008
If your website gets targeted by an attacker.
And it gets unbelievable volume of attack that brings it down.
You try to shift between hosts but it does not help.
The host would null-rout your traffic to maintain the integrity of his network.
What can you so?
You tried several technical solutions, it did not help.
Someone is determined to bring you down!
Is there any legal path that you can take?
Is there a legitimate hackers company that you can hire to look at the attack and find the source?
View 8 Replies
View Related
Jun 5, 2007
My VPS is setup and now when I did a dnsreport for my site, it shows:
Number of nameservers
ERROR: You have 2 nameservers, but both are on the same IP! This is not a valid setup. You are required to have at least 2 nameservers, per RFC 1035 section 2.2.
Is this a big problem?
The report [url] also shows other failures. Are there any critical ones that I need to take care of? How do I do it?
View 11 Replies
View Related
Oct 29, 2007
I have been receivig a huge logwatch report, seems that logwatch is not parsing the /var/log/secure file, but sending the log entries instead of any resume of it. I got thousands of lines like
Cp-Wrap: Pushing "47 GETDISKUSED pvargas lights.com.co" to '/usr/local/cpanel/bin/eximadmin' for UID: 47 : 25 Time(s)
Cp-Wrap: Pushing "47 GETDISKUSED r.perez konecrans.com" to '/usr/local/cpanel/bin/eximadmin' for UID: 47 : 69 Time(s)
Cp-Wrap: Pushing "47 GETDISKUSED r.rodriguez konecrans.com" to '/usr/local/cpanel/bin/eximadmin' for UID: 47 : 114 Time(s)
I have upgraded to the most recent version of Logwatch with default configuration. Any ideas on what could be wrong?
View 4 Replies
View Related
Mar 2, 2007
Is this just for mail antivirus? where do I see the report of the anti virus?
View 2 Replies
View Related
Nov 2, 2007
How and where do i report warez (Dedicated Server!)
Hosting poshtiban.com Supported 2 web sites, Upload Cracked Software and copy righte Movies!
<< Removed Examples >>
how i can Report this web site to DataCenter?
whois ip from:
[url]
View 9 Replies
View Related
Jul 7, 2009
if it is possible to setup a page like this with their public reports feature?
[url]
I tried looking for Pingdom forums, but they seem to be offline.
View 1 Replies
View Related
Apr 30, 2008
We have a software license system on our server that reports home every two weeks to revalidate.
Rapidswitch (our dedicated hosting co.) has 30 mins downtime today and the license system was offline.
Can anyone recommend a good way to mirror a site on two separate servers (Apache/MySQL) in different data centers?
View 2 Replies
View Related
Feb 21, 2008
I'm not sure how much people use InternetHealthReport.com, but Global Crossing consistently has the worst packet loss - [url]
I'm not sure what the cause is, but I wouldn't be surprised if it's because they are a primary peer for Hurricane Electric and other budget carries who don't have much other Tier 1 peers (i.e. Xeex).
Any comments from current Global Crossing customers?
View 14 Replies
View Related
Mar 2, 2007
i only see page, hits and bandwidth on the weekly report, how come the columns for unique visitors and visits are gone?
View 2 Replies
View Related
Sep 1, 2007
I got a RHEL dedicated server it has Ensim Ensim Pro 4.0.3-22.rhel.3ES
I got a few email accounts over quota limit. Even though it reached the quota the still consumes mail.
the size keeps increasing until HD space runs out.
I checked other forums and they recommended to
do this
find /home/virtual/site#/fst/var/spool/mqueue/ -exec rm -f {} ;
I did this but there were no files in there to begin with.
So every hour i keep getting this failure notice.
This is a report generated by the hourly run of MailQueueCleaner. Some sites on this server have problems which prevent the processing of their email queues. UNTIL YOU RESOLVE THE PROBLEMS, THESE SITES WILL NOT BE ABLE TO RECEIVE EMAIL. A summary of the problems is included below.
sites over the quota show up here.
I just want to be abl to clear the mail out of selected accounts without logging in the account. I am sure it is some file to clear.
View 1 Replies
View Related
Oct 17, 2013
Microsoft Windows Server 2008 R2 Service Pack 1
Panel version 11.0.9 Update #59, last updated at Oct 3, 2013 02:06 AM
MailEnable version 5
I see in the plesk documentation that the screen to enable SPAM filtering for an individual there is an option to "Move spam to the Spam folder". I don't see that option so I am wondering if it is only available on some versions of Plesk, or in combination with certain mail servers. How to make that option available?
View 3 Replies
View Related
Jun 22, 2006
I run a site with about 1,000,000 unique visitors per month and recents server failures made me decide to get a failover server to minimize downtime. My goal wasn't to get 99.999% uptime but to be able to be back on track after a failure in a "reasonable" amount of time. After evaluating several solutions, I decided to go with DNS failover. Here's how the setup work:
1) mydomain.com points to main server with a very low TTL (time to live)
2) failover server replicates data from main server
3) when main server goes down, mydomain.com is changed to point to failover server
The drawback is the DNS propagation time since some DNS servers don't honor the TTL and there is some caching happening on the user's machine and browser. I looked for empirical data to gauge the extent of the problem but couldn't find any so I decided to setup my own experiment.
The Experiment
==============
I start with mydomain.com pointing to the main server with a TTL of 1800 seconds (1/2 hour). I then change it to point to the failover server which simply port forwards to the main server. On the main server, I periodically compute the percentage of requests coming from the failover server which gives me the percentage of people for which the DNS change has propagated.
I made the DNS change at exactly 16:04 on 06/21/06 and here are the percentage of propagated users:
06/21/06 16:00 0 %
06/21/06 16:05 3 %
06/21/06 16:10 20 %
06/21/06 16:15 37 %
06/21/06 16:20 59 %
06/21/06 16:25 69 %
06/21/06 16:30 76 %
06/21/06 16:35 80 %
06/21/06 16:40 86 %
06/21/06 16:45 90 %
06/21/06 16:50 91 %
06/21/06 16:55 92 %
06/21/06 17:00 93 %
06/21/06 17:05 94 %
06/21/06 17:10 94 %
06/21/06 17:15 95 %
06/21/06 17:35 95 %
06/21/06 17:40 96 %
06/21/06 17:45 97 %
...
06/22/06 10:40 99 %
So even after 18 hours, there is still a certain percentage of users going to the old server so DNS failover is obviously not a 99.999% uptime solution. However, since more than 90% of the users are propagated in the first hour, the solution works well enough for me.
View 14 Replies
View Related
Jun 14, 2007
What do you guys think about this report?
[url]
View 5 Replies
View Related
