I have configured the DNS zones for DNSBL service as follows;
"zen.spamhaus.org;b.barracudacentral.org;bl.spamcop.net"
but I continue to to get spam from ip adressess that are confirmed as blacklisted at the above zones by testing them at [URL] ...
Is there something that I have missed in the config.
When this option is enabled on the Mail Server Settings page, the page loads with the bottom of the page in focus and not the top.
View 1 Replies View RelatedI am happily running Plesk 11.5; with just one small but annoying persistent problem:
I have Clients with large mailinglistes
- SpamAssassin
- Server-wide greylisting
- DNSBL
is running.
But apparently many of the lists mail addresses have been harvested over the years. And as there is no easy way to use SA in mailman, I am down to greylisting only for list addresses.
This results in insanely large amounts of SPAM (-> moderation requests) on the client's lists. Is this behavior improved in Plesk 12?
Or can probably SIEVE filters work here - are those available to mailman? (probably not as they work in Dovecot?)
I have 5 Linux Plesk 12 servers, and I use Spamassassin, usually at a sensitivity of 2 or 3, I also use the following DNS
Blackhole lists: zen. spamhaus. org;b. barracudacentral.org;abuse.rfc-ignorant.org;cbl.abuseat.org;bl.spamcop.net;nomail.rhsbl.sorbs.net
But all of this seems to have minimal effect. I examine spam that comes through which looks very obviously like spam, but Spamassassin gives it a very low score, usually in the negative numbers.
Is SA just not as effective as I thought? Seems like if Gmail, etc can filter spam so effectively, then why can't SA? If there's something I'm not doing right, or what you all do to combat spam with Plesk 12.
I have some error when the new outgoing spam protection (limitation for outgoing mail) is enabled. Mail clients are unable to use SMTP for sending mails. "My mail client says: The message could not be sent. You are not allowed to use sendmail utility."
I don't undestand the blocking behaviour since the checkbox "Allow scripts and users to use Sendmail" is checked and no limit is exeeded.This is the relevant log part of maillog:
Code:
Jul 3 00:44:36 srv01 postfix/smtpd[3326]: C0E5182A20: client=46.128.x.x.dynamic.cablesurf.de[46.128.x.x], sasl_method=CRAM-MD5, sasl_username=info@domain.de
Jul 3 00:44:36 srv01 postfix/cleanup[3331]: C0E5182A20: message-id=<0A380CA8-AAE3-4FA8-BA7A-A3FDF7CD16E2@domain.de>
Jul 3 00:44:37 srv01 /usr/lib/plesk-9.0/psa-pc-remote[3280]: handlers_stderr: DATA REPLY:554:[B]5.7.0 The message could not be sent. You are not allowed to use sendmail utility.[/B] REJECT
Jul 3 00:44:37 srv01 /usr/lib/plesk-9.0/psa-pc-remote[3280]: REJECT during call 'limit-out' handler
Jul 3 00:44:37 srv01 postfix/cleanup[3331]: C0E5182A20: milter-reject: END-OF-MESSAGE from 46.128.213.43.dynamic.cablesurf.de[46.128.x.x]: 5.7.0 The message could not be sent. You are not allowed to use sendmail utility.; from=<info@domain.de> to=<mail@domain2.de> proto=ESMTP helo=<[192.168.1.20]>
Jul 3 00:44:37 srv01 postfix/smtpd[3326]: disconnect from 46.128.x.x.dynamic.cablesurf.de[46.128.x.x]
Moreover I disabled the line "non_smtpd_milters" in postfix main.conf since my server has same issues discribed in the following thread:
Postfix: mails sent through sendmail binary are blocked because of wrong HELO
There seems to be confusion and documentation conflicts around whether we should be whitelisting localhost or not when using Mailing Lists.
In this documentation it suggests that localhost is no longer needed, and in fact needs to be removed from the whitelist if Outbound Spam protection is to function correctly: [URL] ....
But on the other hand, this documentation suggests to add localhost to the whitelists, even though the warning says otherwise, and that outgoing mailing list mail will still be processed by Outgoing Spam Control. [URL] ....
Through trial and error, i've found that my mailing lists were not able to send mail to external email accounts unless localhost is whitelisted.
If I want all mail scripts to be going through the Outbound Spam Control, and also having my mailing lists working, should I be adding localhost to my whitelist?
When executing "statistics" these errors occur:
# /usr/local/psa/admin/sbin/statistics
WARNING during statistics_collector execution: : statistics_collector: Unable to get dir size of /var/lib/mailman/lists/14
System error 2: No such file or directory
statistics_collector: Unable to get dir size of /var/lib/mailman/archives/private/14.mbox
System error 2: No such file or directory
statistics_collector: Unable to get dir size of /var/lib/mailman/archives/private/14
System error 2: No such file or directoryClick to expand...
I just upgraded to 12.x from 11.5, and now the messages to the mailman lists on the server are being rejected for headers being over 32K.
I finally saw this when joining the list myself to see why so many recipient servers are rejecting the mail. I see many instances of these:
Received-Spf: pass (server.mydomain.net: localhost is always allowed.) client-ip=127.0.0.1; envelope-from=thelist-bounces@clientdomain.com; helo=mail.mydomain.net;
and there's one towards the end with:
Domainkey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=clientdomain.com; b=RYN97cdOiqBdkm17GknWv0IMwOmsBHoK+eRaAjYey1vg6+jke2Z35Z1CFBIs/ZvrSslcc1X3kSzu/5SvHzuZVS1nB7zEPDBdr7jZ/Y3ViFccqDWNQbbFjpW9/7tVrFRssMv55gCMNnDwmgqK8WfU1vMkHwfdsuDnIkmB4OtAfqP9w=; h=Received-SPF:Received-SPF:Received-SPF:Received-SPF:Received-SPF:Received-SPF:Received-SPF:Received-SPF:Received-SPF:Received-SPF:
[Code] ....
How do I stop getting all those Received-SPF: headers prepended to the mailman list? It tags on a header that's well over 32K for a message that is less than 1K.
I have 2 domains on a CentOS Linux server running Plesk 11.0.9.
Domain1.com has several mailing lists, and they work OK visible at http://lists.Domain1.com/mailman/listinfo.
I just created a mailing list for Damain2.com. The list is created OK, but I can't acces it over the web http://lists.Domain2.com/mailman/admin/mylist1
Browser reports "Firefox can't find the server at lists.domain2.com."
What can I do to fix this? I need to edit the lists preferences.
Come across this a few times now, when I come to issue a new VPS find that a IP address is on a spam list from a previous owner of the IP range, even came across and IP block we got issued with a few null-routed IPs!
Has anyone, or hosting providers come across this? Where datacenter issue IPs with problems? On spam lists or worse . . .
After I've upgraded Plesk 1.0.18 to latest version, I'm unable to set protection on directories. Plesk say it is set, but it is not. I can access protected directory without pop-up of login-details. Old protected directories work, but for new one added not working anymore. I also tried by conventional way adding .htaccess and .htpasswd files to the directory, but it does not apply either.
View 2 Replies View RelatedIs there a command to turn on antivirus for all mailboxes without having to enter each mailbox and update manually. I have over 800 mailboxes which need updating,
View 6 Replies View RelatedToday when I visited my plesk-stat folder, I saw that it is publicly available. Everyone can see the stats.
https://example.com/plesk-stat/
Is not this folder supposed to be protected by password as default?
I have a small problem. I have a install directory on my website, who are only for me. I have a password protected directory, and thats no problem to create in Plesk on Linux.
But the main diffrent from Windows based Plesk, are that I can not create a directory there I can browse the files in my webreader.
In windows plesk they have a option called Web directory, but I have never seen thats option in Linux plesk.
Are there any easy way to password protect and allow directory browsing in Plesk for Linux? Or do anybody have a easy way to do that?
One option, is to access the directory thru FTP interface in Internet explorer (ftp://mysite/directory). But I want to access the site thru HTTP if possible.
For months ive been battling spam and other crappy stuff so i made a jump for a IronPort C10 (yea yea its the bottom of the barrel) but this thing works great for my needs and my users (family and friends).
My old load on my mail server was .8 all the time or higher now shes around .2
What are the best ways to block outgoing spam? Installing APF would help ful?
Any other idea for outgoing spam?
For the first Time now i was trying to grant a User SSH Access via Plesk Panel (chrooted/non chrooted), but it doesnt work out really .. Abonnement > Edit Permissions > Allow Access chrooted (or non chrooted doesnt matter) doesnt change anything when im trying to Login with the created System User by Plesk. Login doesnt work!
Regular SSH Login as root works as always without any problems, but even via "su user" it doesnt works.
Till now I didn't had any Problems with my VPS Setup based on Centos 6.6 and Plesk 12.0.18 #50.
My company and I are currently discovering Plesk on a CentOS 6.6 based system. We are migrating from an old system on which FTP usernames could hold uppercase letters, which apparently is not the case in Plesk 11 (or is it because of CentOS?).
Anyway, as we can't change these FTP account names, I was thinking about creating a rule with mod_rewrite in the proftpd.conf file.
So the question is: how can I reinstall/reconfigure proftpd with this module activated? I don't even know where to find the corresponding package (which repo, correct version, etc...)
I have a client who is not happy with their current hosting provider. They get a significant amount of spam to their email addresses. Are there any providers you can recommend that offer good spam protection?
View 14 Replies View RelatedAre there any hosting companies that use an Enterprise strength SPAM solution such as IronPort?
We have 3-4 business websites and spam, especially within the last 6 months, has become a tremendous problem. At least 100 spam emails a day are being delivered.
Spam filters do not solve the problem - they simply put some percentage of spam in a folder, often genuine emails, and we still have to go through it manually.
Do not mind paying a premium for the hosting. Any hosts that offer HEAVY DUTY spam protection?
i have a ironport and its coming close to my renew, frankly for my 50 and less users its expensive and i end up with a so so of a server.
my goal would be to use a vm based one for power "green" and backups/migration needs.
im runing scalix with clamav/spamass
We have a Windows Server 2003 dedicated, and use the Windows POP3 Service for emails, is there anything that can be plugged in to provide serverside spam/virus protection?
View 0 Replies View RelatedIs there a way to configure the mailing lists created with Plesk (using MailEnable 6.5) using Plesk or another web interface like it is possible with mailman under Linux?
It is not very convenient to be required to do such stuff via RDP (and so manual by me for every customer)...
I have Spam in the Mail Queue.
How can I detect, where it come from, or how can I avoid it ?
Today in a plesk 12 with mail control (20 mails per hour per mailbox) a spammer stole a password of a mailbox and send nearly 1000 mails in two hours.
How can it is possible? Also in the stats I see 0 mails sent. In the logs (var/log/mail.log) I see the spam wast sent from a mailbox...
My server is saturated in SPAM e-mails being sent from it, however I am struggling in tracing the root of this problem. I have now exhausted 4 IP addresses and our provider is blocking port 25 automatically on a number of occasions now.
I have used the KB article: [URL] .... to trace the highest senders of e-mail, however this has proved to be unsuccessful in finding "all" of the offending domains.
I have suspended e-mail and domains on a number of subscriptions due to the high number of e-mails being sent from the system. I have also enabled outbound mail control and set limits to 10/hr however there are domains attempting to exceed this on an hourly basis. I have investigated these subscriptions but am not able to find anything offending. Is there any feature within plesk that can show me exactly where the spam is coming from...
I am dealing with a situation which i cannot understand. I am running an website for a resort and occasionally i am sending e-mail stop the people who book villas using the website. By occasionally i mean last year i sent 2 e-mail campaigns with a proper spam score.
However, at this moment, even the e-mails that i receive from the website's contact form arrive as Junk into Gmail for example.
Domain abc.com is hosted on our server, it has a hosted e-mail 123@abc.com. This e-mail adress keeps getting SPAM messages from an address abc@srv2.xyz.com (where srv2.xyz.com is our server FQDN). What we understood by reading the headers (posted below) is that someone is sending an e-mail to support@abc.com. This e-mail adress, as configured in Plesk, redirects e-mails to 123@abc.com. But we don't understand how someone managed to send an e-mail from an unexistent abc@srv2.xyz.com to it.
Here are the headers:
DomainKey-Status: no signature
Return-Path: <Coulter_Faustinoa1@aspli.com>
X-Original-To: 123@abc.com
[Code].....
I just did the update to 12.0.18 #6 and everything seemed to go pretty well. One feature we were really interested in was the Outgoing Spam Filter. Unfortunately, the error I see when I go to that feature reads, "Protection : Not active. There are some problems that prevent the service from being started."
When I Google that error, I'm brought to some KB articles but they are all for the older Outgoing Spam Filter that you need a license key for. I don't believe that is the case any more - if it is, I don't know where to get the key. I will say point out I'm a bit of a Linux novice (we are running CentOS 6.5 on this server), so I'm not really sure where to look....
I have a Plesk v12.0.18_build1200140606.15 os_CentOS 6 server. using postfix
And Lots of spam is send from my server.
I tried: [URL] .... but with no results.
on the moment the /var/log/maillog file is over 5,5GB
and the /var/log/maillog.processed is over 7,2GB and splitted into multiple .gz files
What can I do to find the source of the problem and stop it ?
I'm getting a big problem on my server.
From 1 week until now I got 4 spam attacks. The attacker is the same, because the emails sent are iqual.
The technique is also the same, they use an email account (compromissed password) and send emails through smtp server.
When I detect the attack, i do:
1. identify the compromised account
2. Change password from the compromised account
3. Stop qmail
4. Clear queue with qmail-remove
5. Start qmail
The problem is that they already used 4 diferent domains since the first attack. So, here is my problem, how do they discover the passwords?! How can I solve this problem? I have hundreds of emails accounts and can't change it all.
CentOS release 5.10 (Final)
Plesk 11.0.9
