I don’t really want corporate web filtering companies such as websense, surfcontrol, SonicWall, Symantec etc.. Visiting and categorising my website. I know there is an IP list somewhere that lists a few thousand IP address used by these companies but I haven’t found it yet.
View 2 RepliesI have a website that was setup specifically for PHP/MySQL development so I can show clients their projects as I progress. I would like to block anyone from viewing this site unless I have allowed their IP to view it.
On my local system I can configure Apache to do it in the config file but I am on shared hosting so I don't have access to the config file.
on an internal network is it possible to stop a user browing to a web page using microsoft DNS server?
I just want to point java.com to 127.0.0.1 or somthing to stop people/machines automatically downloading the latest version
I have the following code in my .htaccess file to block an IP from accessing a file on my site and it works fine.
<Files mypage.html>
Order Deny,Allow
Deny from XXX.XXX.XXX.XXX
</Files>
Is there a way to block an IP from accessing a page (e.g., mydomain.com/mypage/)?
I've seen a number of exploit attemps on the default website which I believe has come via direct access via ip address i.e http://xxx.xxx.xxx.xxx.I have tried to block with .htacess but it seems to be being ignore (possibly by parallels or nginx configuration).how I can block access to the default site to all but 127.0.0.1, server external ip and my ip?
View 19 Replies View RelatedI am new to apache, and really terrible with regular expressions.
How to craft an htaccess rule that looks a the URL of the page you are visiting, and redirects HTTPS to the same URL in HTTP if the URL contains a certain text string (in the case the word "products")...
I used to have a reseller account and have shifted everything to a dedicated server. I now find that a couple of clients are getting lots of spam when they didn't before.
It seems that the servers used by the reseller account had some level of basic spam filtering installed; my provider suggested I look for a filtering program to install on my server.
There are, of course, dozens of them, so I wondered if anyone has any experience - enough, perhaps, to make a recommendation.
Even though I have temporarily installed Exchange Server on my dedicated server, I still am thinking about using POP3 instead, simply because of multiple email accounts and my outlook client can use multiple email accounts, and setup rules/filters to direct incoming emails to specific recepients to folders, which is what I want.
Sure, in Windows I know how to set up POP3 BUT what security can I setup for POP3 email accounts?
In addition, what about spam/filtering? How would I set that up to stop spam coming in?
I took over some sites that have a Windows hosting package. They're not high-traffic sites and the content is just typical corporate stuff; it's not sensitive information or anything.
Any they are insisting that they filter the IP addresses allowed to use the FTP account. So I have to give them my IP and it adds it to a safe list. this is causing me problems for urgent updates as sometimes I am working at home or somewhere away and my ISP gives me my IP dynamically, although it doesn't change that often.
Is this normal or necessary? I've never come across it before. I think it's overkill personally. What would you do? If they're worried about security should I ask them to set up SFTP and remove the IP filter?
I am having an issue with SPAM and baunced emails.
Spammers are sending out emails to thousands of addresses and putting my email in reply back field so i am getting all complaints/baunced emails etc.
I have DirectAdmin installed which lacks advanced email filtering features and wanted to know how can i setup Exim or what third party software to add to filter all incoming emails based on their subject?
I have Squirrelmail installed and it has these filters but the problem is that it applys its filters only on login and if i am checking email thru POP3 filters dont get applied.
I would like to filter some special mails of mine through an external PHP script. Is this possible? I would like to call the php file everytime a mail arrives, and the php file will make changes to that mail text and save in inbox.
My PHP file is ready but i need to make this work in Exim.
decent spam filtering service that allows you to do multiple domains and charges on a per user basis (with most you have to have the same domain or you have to buy another license pack). Anyway I'm looking to spend around $1-3 per user
View 0 Replies View RelatedDoes anybody know if GD filters email BEFORE it reaches my domain? It surely seems so. I recently moved to GD. I turned off spam filtering and don't receive any spam on accounts that used to receive a lot of spam. The only possible explanation is that they kill it before it reaches my domain.
View 5 Replies View RelatedI am using SA+ClamAV+Qmail now. Is there any better solutions out there? Preferable free s/w.
View 1 Replies View Relatedif anyone may know of a server spam filtering product which has these features....
1. stops identified spam at the server and keeps it for a period of time eg 7 days before dumping it
2. forwards clean mail to end user
3. end user gets daily report via email of mail tagged and kept
4. clickable link in daily email report to 'release' mail and send it
5. auto whitelists released mail (ie adds it to bayesian database / whitelist addresses)
6. configurable to work with either individual end user, or with eg domain sysadmin (who can view / help see mail for all domain users)
7. can be either a hosted service, or server software product; although linux opensource server product would be good.....
8. not hugely expensive :-)
I have been using ASSP for quite some time; and like it's accuracy. So I suppose what ideally I'm looking for is ASSP with Bells and Whistles. On Cpanel I'm using grscripts ASSP deluxe, and this already has some great bells, but lacks a couple of the whistles I'd like (as above).
If anyone has ideas - or can point me to other threads (I did a search here already, but couldn't refine my search enough to find anything relevant)
My provider is using mailfoundry for spam filtering.. but I used IMAP (stored on server) for email.. my problem is that I'm also using a catch-all address and I make up random email names for sites I go to, to check for spam on the incoming side..
I setup filters in Cpanel to remove the selected spam or emails I don't wish to recieve.. but they don't seem to remove themselves.. it could just be a setup problem or it could be the mailfoundry.. not sure..
Here's the settings I have in cpanel (I just altered the name) is this the right setting.. or does it go elsewhere?
We have a serious spam email problem. Can anyone recommend a good Remote Spam Filtering service?
View 2 Replies View RelatedExim logs:
2007-04-05 15:07:45 1HZYFE-0003DC-Rr <= sales@mydomain.com H=(mta2.srv.hcvlny.cv.net) [167.206.4.197]:42573 I=[xxx.xxx.122.208]:25 P=esmtp S=9925 id=000801c777be$11815a50$34840ef0$@com T="test" from <sales@mydomain.com> for marco@customer.ca maria@customer.ca
2007-04-05 15:07:45 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1HZYFE-0003DC-Rr
2007-04-05 15:07:45 1HZYFE-0003DC-Rr => discarded (system filter)
2007-04-05 15:07:45 1HZYFE-0003DC-Rr Completed QT=1s
This only happens when a 4kb jpeg/jpg attachment is sent. Not sure where its getting caught.
My antivirus.exim file attached
I searched for "jpg" and "jpeg" in that file, nothing showed up.
Code:
# Exim filter
## Version: 0.17
#$Id: system_filter.exim,v 1.11 2001/09/19 11:27:56 nigel Exp $
## Exim system filter to refuse potentially harmful payloads in
## mail messages
## (c) 2000-2001 Nigel Metheringham <nigel@exim.org>
##
## This program is free software; you can redistribute it and/or modify
## it under the terms of the GNU General Public License as published by
## the Free Software Foundation; either version 2 of the License, or
## (at your option) any later version.
##
## This program is distributed in the hope that it will be useful,
## but WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
## GNU General Public License for more details.
##
## You should have received a copy of the GNU General Public License
## along with this program; if not, write to the Free Software
## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
## -A copy of the GNU General Public License is distributed with exim itself
## -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
## If you haven't worked with exim filters before, read
## the install notes at the end of this file.
## The install notes are not a replacement for the exim documentation
## -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
## -----------------------------------------------------------------------
# Only run any of this stuff on the first pass through the
# filter - this is an optomisation for messages that get
# queued and have several delivery attempts
#
# we express this in reverse so we can just bail out
# on inappropriate messages
#
if not first_delivery
then
finish
endif
## -----------------------------------------------------------------------
# Check for MS buffer overruns as per BUGTRAQ.
# [url]
# This could happen in error messages, hence its placing
# here...
# We substract the first n characters of the date header
# and test if its the same as the date header... which
# is a lousy way of checking if the date is longer than
# n chars long
if ${length_80:$header_date:} is not $header_date:
then
fail text "This message has been rejected because it has
an overlength date field which can be used
to subvert Microsoft mail programs
The following URL has further information
[url]
seen finish
endif
## -----------------------------------------------------------------------
# These messages are now being sent with a <> envelope sender, but
# blocking all error messages that pattern match prevents
# bounces getting back.... so we fudge it somewhat and check for known
# header signatures. Other bounces are allowed through.
if $header_from: contains "@sexyfun.net"
then
fail text "This message has been rejected since it has
the signature of a known virus in the header."
seen finish
endif
if error_message and $header_from: contains "Mailer-Daemon@"
then
# looks like a real error message - just ignore it
finish
endif
## -----------------------------------------------------------------------
# Look for single part MIME messages with suspicious name extensions
# Check Content-Type header using quoted filename [content_type_quoted_fn_match]
if $header_content-type: matches "(?:file)?name=("[^"]+\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|eml|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|url|vb[se]|ws[fhc])")"
then
fail text "This message has been rejected because it has
potentially executable content $1
This form of attachment has been used by
recent viruses or other malware.
If you meant to send this file then please
package it up as a zip file and resend it."
seen finish
endif
# same again using unquoted filename [content_type_unquoted_fn_match]
if $header_content-type: matches "(?:file)?name=(\S+\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|eml|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|url|vb[se]|ws[fhc]))"
then
fail text "This message has been rejected because it has
potentially executable content $1
This form of attachment has been used by
recent viruses or other malware.
If you meant to send this file then please
package it up as a zip file and resend it."
seen finish
endif
## -----------------------------------------------------------------------
# Attempt to catch embedded VBS attachments
# in emails. These were used as the basis for
# the ILOVEYOU virus and its variants - many many varients
# Quoted filename - [body_quoted_fn_match]
if $message_body matches "(?:Content-(?:Type:(?>\s*)[\w-]+/[\w-]+|Disposition:(?>\s*)attachment);(?>\s*)(?:file)?name=|begin(?>\s+)[0-7]{3,4}(?>\s+))("[^"]+\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|eml|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|url|vb[se]|ws[fhc])")[\s;]"
then
fail text "This message has been rejected because it has
a potentially executable attachment $1
This form of attachment has been used by
recent viruses or other malware.
If you meant to send this file then please
package it up as a zip file and resend it."
seen finish
endif
# same again using unquoted filename [body_unquoted_fn_match]
if $message_body matches "(?:Content-(?:Type:(?>\s*)[\w-]+/[\w-]+|Disposition:(?>\s*)attachment);(?>\s*)(?:file)?name=|begin(?>\s+)[0-7]{3,4}(?>\s+))(\S+\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|eml|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|url|vb[se]|ws[fhc]))[\s;]"
then
fail text "This message has been rejected because it has
a potentially executable attachment $1
This form of attachment has been used by
recent viruses or other malware.
If you meant to send this file then please
package it up as a zip file and resend it."
seen finish
endif
## -----------------------------------------------------------------------
#### Version history
#
# 0.01 5 May 2000
#Initial release
# 0.02 8 May 2000
#Widened list of content-types accepted, added WSF extension
# 0.03 8 May 2000
#Embedded the install notes in for those that don't do manuals
# 0.04 9 May 2000
#Check global content-type header. Efficiency mods to REs
# 0.05 9 May 2000
#More minor efficiency mods, doc changes
# 0.06 20 June 2000
#Added extension handling - thx to Douglas Gray Stephens & Jeff Carnahan
# 0.07 19 July 2000
#Latest MS Outhouse bug catching
# 0.08 19 July 2000
#Changed trigger length to 80 chars, fixed some spelling
# 0.09 29 September 2000
#More extensions... its getting so we should just allow 2 or 3 through
# 0.10 18 January 2001
#Removed exclusion for error messages - this is a little nasty
#since it has other side effects, hence we do still exclude
#on unix like error messages
# 0.11 20 March, 2001
#Added CMD extension, tidied docs slightly, added RCS tag
#** Missed changing version number at top of file :-(
# 0.12 10 May, 2001
#Added HTA extension
# 0.13 22 May, 2001
#Reformatted regexps and code to build them so that they are
#shorter than the limits on pre exim 3.20 filters. This will
#make them significantly less efficient, but I am getting so
#many queries about this that requiring 3.2x appears unsupportable.
# 0.14 15 August,2001
#Added .lnk extension - most requested item :-)
#Reformatted everything so its now built from a set of short
#library files, cutting down on manual duplication.
#Changed w in filename detection to . - dodges locale problems
#Explicit application of GPL after queries on license status
# 0.15 17 August, 2001
#Changed the . in filename detect to S (stops it going mad)
# 0.16 19 September, 2001
#Pile of new extensions including the eml in current use
# 0.17 19 September, 2001
#Syntax fix
More out of curiosity than anything, I've been wondering if there are options for filtering outgoing SMTP. Not necessarily every single message, but a firewall-level tool to watch for a sudden burst in SMTP from one host, run some of the messages through SpamAssassin or the like, and trigger an alert if they rank highly for spam.
It seems like it's technologically possible, but I've never heard of anyone doing it, nor seen an actual implementation of it. Has anyone heard of this type of thing?
I need some real multidomain shared hosting accounts (ie DirectAdmin, Hsphere, or cPanel only with WHM access because no way I am going to use add-on domains), with support for 4 domain names, 1GB disk space, 40gb multihomed bandwith, fast mysql server with at least 6databases.
My budget is less than 30US$/mo/account, and i need both PHP5 and Mysql 5.
Now this would seem pretty regular requirements.
The fact is I would like to get some of these accounts in not-so-popular locations for an application I am developing and some tests I will do, etc.
The California/Chicago/Dallas/NewYork part was quite easy, indeed ...
Now I am looking for some decent webhosting companies co-locating in :
- Upper West USA (any amongst Washington, Oregon, Idaho, Montana, Wyoming, etc)
- Colorado (ie, Denver)
- Kansas
- Vienna,McLeod corner in VA, or at the very least maybe Asburn,VA
- Toronto, Canada
If you are a web hoster and you colocate in some of these places please anwer: I don't think a simple message like "We are amongst the hosting companies located in XYZ" without reference to plans, price or promotions would be considered self-advertising in any way and is far better, useful and more informative than writing a post like "look at the advertising section, I am sure you will find some", because trust me I am searching till hours and I dind't find any:
I've got a PHP mail system which sends emails with these headers: ....
View 1 Replies View RelatedI have SpamAssassin on my server, and I use email piping to forward incoming emails to a PHP script. I'd like to know if emails go through SpamAssassin before being piped, or if they don't go through SpamAssasin. Where exactly is SpamAssassin requested to scan emails?
View 5 Replies View Relatedreliablesite has filtered 100% of the spam emails
View 8 Replies View Relatedmore specific filtering options in cpanel exactly:
if header from contains 'example' and also header from contains 'example2' then discard
in cpanel it just has one word or phrase i need the filter to check for 2 words in any order in the from field
what are the companies using liquidweb's datacenter?
View 14 Replies View RelatedFirst one i tried was Implux.net and after a year or so started getting a lot of skipping/buffering problems with the streams.
I'm now with Serverroom.us but cannot stand the software they use CentovaCast or at least don't like the setup they use.
Found some in WHT ads forum, provide 800 GB space and 8000GB bankwitch. Other companies are similar offer. I talked with them, and ask: "Do you really provide 800 GB space?" they replied, yes.
Then I told them I am going to order. I have a 600GB sized website want to move into it and planed finish moving in 3 weeks to 1 month, then they just left me there, never had one word, so frustrating.
Asked a few more, and got similar result.
Are they real companies with real ads? If not, Why WHT allow false ads listed in there and waste us time.
What are some good monitoring companies that can keep track of downtime. Even more specifically looking for companies that can send an sms alert or possibly reboot the server following ceartin instructions during a downtime.
Though please provide all suggestion (even if they don't do the above).
I own a IT/Computer related blog site & community right now. I have plans to contact the top 25-50 hosting companies posing as a potential new client. I plan ask questions similar to the following and publish it on my blog. (This project will be geared towards shared hosting only, on low to mid sized budgets.
1.) What are the exact specs of the shared servers you are using? Smp, Uni processors? What are the manufactures of this hardware?
2.) How many clients are added to a server before it's considered 'Full'? If your company doesn't use this method, then what is the average I/O, CPU, & Memory usage on a full server in the opinion of your company for shared hosting?
3.) What is your mass email policy? Emails per hour?
4.) Where is the physical location of your companies shared servers in regards to country, city, and state?
5.) Are you a Reseller? If so, with whom do you resell for?
6.) Physical location of Technical Support?
7.) What is the average wait time for a Technical Support ticket submission during server peek hours for your company?
8.) Do you currently have a link of client testimonials that includes URL's to the
clients website?
Do you think publishing this information to be public for each host would be illegal, imoral, or disrespectful in anyway? If not, does anyone have any other suggestions as far as questions that are usually not disclosed on hosts website in regards to shared hosting?
Anyone know of a listing of hosting companies based on the location of their offices? I don’t care where their servers are but I would like to know that I am dealing with a company that is local. (By the way, I live in the northern part of Virginia and I consider metro DC and all of Virginia to be local.)
View 8 Replies View Related