I recieved a new block of ips from my server folks and this block is worse than before, the main ip is on more than 10 spam lists.
How do I resolve this? Is there a way a server company can select a clean block of ips?
can I set the email program to use a separate ip or something intead of changing ips of server?
We have see a interesting system from one competitors:
any user that have a email account receive any 24 hours a email report of all spam receive (as html attach)
In this html file there is list and flag and user can be indicate that is NOT a spam and click submit into html file that send information to mail server
May be interesting system
We use exim on ours server and horde as webmail..
I can only add 100 addresses to the global address spam white list. I need to add more!
View 1 Replies View RelatedI know this topic has come up numerous times , could someone point me to the thread that had a really great list. I know I have seen it before just can't seem to find the thread.
View 14 Replies View Relatedhow can i remove list of blocking IPs on iptable on my server its over 100 IPs how can i remove it?
View 2 Replies View Relatedhow I can see all the mail's adress sended by a site that I have in a vps hosting;
the site is in php and run on apache; panel is directadmin; is there some log file? or is necessary some software?
I'm trying to setting plesk backups to own ftp server.. My ftp server is listening by the port 31..
My conf:
Server: mydomain:31
Directory: vpsbkp
User and password...
Passive mode checked
Here the error display: "Transport error: unable to list directory: Curl error: Couldn't connect to server"
Where are the bkp ftp logs?
Since we had Update to 12.x we have problem to connect to any ftp Server
We have this Problem on two diffrend Plesnikserver.
Both are running under Ubuntu 12.04 ....
Microsoft Windows Server 2008 R2 Service Pack 1
Panel version 11.0.9 Update #59, last updated at Oct 3, 2013 02:06 AM
MailEnable version 5
I see in the plesk documentation that the screen to enable SPAM filtering for an individual there is an option to "Move spam to the Spam folder". I don't see that option so I am wondering if it is only available on some versions of Plesk, or in combination with certain mail servers. How to make that option available?
We're using whm/cpanel and we're always up to date with the latest upgrades (with all our scripts).
2 weeks ago, we receive a notification from SpamCop saying that our server was sending out spam. We verified everything and found nothing. 2 days ago, same story.
We tried looking at our logs and found nothing. Does this mean that there's a security hole somewhere? How can we find out from where the spammer is sending his viagra emails from ? We do not want to be permanently banned because of a spammer.
I noticed that reported server usage from Plesk is 2.x - 3.x, so I went to mail queue (in Plesk) and saw lots of mails that shouldn't be there.
There were several senders under the domain dedibox.fr sendint LOTS of emails to lots of addresses in the same email. There shouldn't be a sender @dedibox.fr, as that domain isn't hosted on our dedicated server.
I know little about Linux administration... I tried going to the /var/log folder and grep for dedibox on the messages and maillog files, but nothing found...
How can I know if someone connected to our server as an user or something like that?
I'm hosted with elitehosts.com, they've been absolutely GREAT for 2 years now.
However, one of my sites gets SOOO much spam email that the host cannot handle it. Apparently the limit is like 500/hour.
The result is email for the domain is no longer dependable.
Senders to the domain get undeliverable bouncebacks.
Is there anyway to fix the problem? The server side spam filters catch the email, but doesn't solve the problem of all the incoming mail.
Is finding a new host (if even just for email) my only option?
Have any of your seen anything like this before?
Someone is somehow sending spam via my server.
Looking at /var/log/exim_mainlog I can see many entries like the following:
2008-04-07 21:10:43 1Jixfv-0006ad-4Y [= [] H=smtp.inet.fi [192.89.123.192] P=esmtp S=4192 id=I81c2X5ll000c597d@smtpgw.lapit.fi
2008-04-07 21:10:43 1Jixfv-0006ad-4Y =] info [bot@dole.ie] R=virtual_user T=virtual_userdelivery
2008-04-07 21:10:43 1Jixfv-0006ad-4Y Completed
So it looks like this is an e-mail being sent to bot@dole.ie
However when I look at my mail I can see the mails are being sent FROM bot@dole.ie. For example:
Sorry, but Lyris ListManager did not find your email address
-] "bot@dole.ie"
listed as a member of techno-l.
Only members of techno-l are allowed to contribute messages.
Because Lyris ListManager could not confirm that you are a member of techno-l, your message was not accepted.
---
Return-Path: [bot@dole.ie]
Received: from mail.reginamater.com ([201.231.192.60]) by listserver.knowledgeexpress.com with SMTP (Lyris ListManager WIN32 version 8.9a); Mon, 07 Apr 2008 16:01:23 -0500
Message-ID: [000501c898ea$068d922e$f5014499@bhudl]
From: "gun mella" [bot@dole.ie]
To: [techno-l@techno-l.org]
Subject: Don't pay too much for your drugs. Buy from us.
Date: Mon, 07 Apr 2008 18:15:12 +0000
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.3138
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
4 free pills with every order
[url]
...
There are lots of bounced e-mails being sent back to me.
Does anyone know how I can check to see what's spending the spam or how to stop it?
For some days now, the server`s been sending spam through our main domain, under different email aliases that don`t even exist : fdg@domain.com , gfhh@domain.com ( email aliases that don`t even exist )( I changed my domain with domain.com for privacy measures )....so on.. I tried to check what is sending out emails. Any idea how to track/check/scan for what is sending out emails?
View 8 Replies View RelatedI have:
WHM 10.8.0 cPanel 10.9.0-R44
CentOS 3.8 i686 - WHM X v3.1.0
I've gotten several complaints through spamcop in the last several weeks. The headers show the spam mails coming from nobody@ my server and they show the originating IP as my server. The datacenter is threatening to shut me down.
I've looked in the mail queue and haven't found any of the sent spam mails in there (or bounces from them). I am getting bounces into horde that were apparently sent from me.
How do I find which client is sending them? Or maybe the server has been hacked and spam software uploaded somewhere?
how to best deal with email spam.
Here is what's up...
I recently got a dedicated server with The Planet. WHM/Cpanel...
I am a designer and starting to host my clients. So far i've setup about 5 different clients and everyone says the same thing...
Since they've switched to my server the email spam they get to their emails is out of control.
I asked The Planet for help and they said to make sure some spam filters were automatically checked for each account in my WHM and in their unique cpanel accounts, and they are but it hasnt helped. They also have a spam service but i do not want to pay any more per month than i already am.
What would cause this to be so bad versus my clients old servers?
Secondly, what open source solutions are there out there and who is the best to hire to install them on my server?
I currently have a dedicated server, Linux, with 1 website on it that is sending spam.
At first I thought it was someone spoofing my email address, however when I check my servers Email queue I can see the spam emails in there being sent.
My problem is that I have contacted my server provider and support for the scripts I'm running and everyone is saying its the other persons fault. My server provider is saying everything is up to date and it must be a software exploit on one of my scripts, and the support team from my software is saying its not them that its the server.
Can you control SPAM on a server ? I've got this email account that all receives is SPAM, nothing else. I'd like to eliminate this so it doesn't get any more SPAM.
View 13 Replies View RelatedI received many email spam recently, with the sender address from my own server.
Eg.
my domain = www.shashinki.com
email spam that I received = shop@shashinki.com which is being sent to my own email address of shop@shashinki.com. Yes, the sender is my own email address account.
I checked using gmail and the sender is from my own server IP address and the sender's email address seems to be valid and is from my own email account.
I have changed the password of my email address, added SPF to my email system...etc. I have done all that I can think of, but I still get the same spam emails.
What can I do and what should I do? I got really tired of this and I am worried that my server is being used to send spams to others.
My server is with LayeredTech, unmanaged server, so I dont have a manager to help me.
Hope to get some insight and help from sifus here...
I have reason to believe that a site on my server was hacked and is now being used to send out spam emails.
View 9 Replies View Relatedwhat experiences other people have been having with loads on their servers from spam. I was doing some profiling of our machines and noticed that load actually a fairly significant part of the load on our servers, and its way worse than it used to be.
Looking at the numbers I suspect we could comfortably have way more accounts per server if we could deal with spam better.
Today data center mailed us and told some one is sending spam from our server.
The copy of spam mail they give us is below
Quote:
Return-Path: <a...@aliativa.com>
Received: from server10.hosthat.com (server10.hosthat.com [65.98.61.138])
by mta2.spin.it (Postfix) with SMTP id B06FE14AD6
for <(MUNGED)>; Sun, 4 Feb 2007 07:43:42 +0100 (CET)
Received: from ouwd (78.181.146.18)
by server10.hosthat.com; Sun, 4 Feb 2007 06:43:47 -0000
Date: Sun, 4 Feb 2007 06:43:47 -0000
From: =?iso-8859-5?B?RGF2aXMgS2V5cw==?= <a...@aliativa.com>
X-Mailer: The Bat! (v2.01)
Reply-To: =?iso-8859-5?B?YWRtaW4=?= <a...@aliativa.com>
X-Priority: 3 (Normal)
Message-ID: <(MUNGED)@aliativa.com>
To: (MUNGED) <(MUNGED)>
Subject: =?iso-8859-5?B?aW52ZXN0IHRvIGFsaWF0aXZh?=
=?iso-8859-5?B?LmNvbQ==?=
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----------(MUNGED)"
------------(MUNGED)
Content-Type: text/plain; charset=iso-8859-5
Content-Transfer-Encoding: 8bit
Aliativa Investments philosophy is underpinned by two brilliant rules.
* We should invest our clients' monies with the same care as though it were our money.
* We are doing our best for the every our investor.
Register now: http://www.aliativa.com/index.php
------------(MUNGED)--
As you can see there is no account info regarding who send spam mail.
In server phpsuexec is enabled.
In Tweak Settings, "Track the origin of messages sent though the mail server by adding the X-Source headers (exim 4.34+ required)" is enabled.
The spamer domain aliativa.com (why no one take the spamer down ?) is not hosted by us. But found following in exim_mainlog
Quote:
2007-02-04 06:27:11 1HDaq9-0007nb-Oc <= support@aliativa.com H=localhost (server10.hosthat.com) [127.0.0.1] P=smtp S=1378 id=008f01c43f8b$3ccd8848$0b56efd5@tkpdwifh
2007-02-04 06:27:19 1HDaq9-0007nb-Oc ** 00032rc@golden.ripco.com R=fail_remote_domains: unrouteable mail domain "golden.ripco.com"
2007-02-04 06:27:19 1HDaqN-0007oe-8c <= <> R=1HDaq9-0007nb-Oc U=mailnull P=local S=2238
2007-02-04 06:27:13 1HDaqB-0007nc-3s <= admin@aliativa.com H=localhost (server10.hosthat.com) [127.0.0.1] P=smtp S=1187 id=915817196.20060825223219@aliativa.com
2007-02-04 06:27:16 1HDaqB-0007nc-3s ** 000iskc@golden.ripco.com R=fail_remote_domains: unrouteable mail domain "golden.ripco.com"
2007-02-04 06:27:16 1HDaqK-0007ob-UA <= <> R=1HDaqB-0007nc-3s U=mailnull P=local S=2041
Anyone know how he send SPAM ? Using SMTP from localhost ? Why mail header do not include anything about who send spam?
We recently had a problem with a mail spammer. He sent over 90,000 emails and had 20,000 in the queue. Is there anyway to possibly stop this as it was really lagging the server bad. So bad the softlayer took it offline for a while...
View 4 Replies View Relatedgot a 2nd notice from my ISP complaining that spams are being sent from my dedicated box. Since the first notice, I had stopped all the mail-related services (sendmail, mailman, courier-imap), which means no emails will be sent out from this box. However, I still received the 2nd notice for spamming.
own dedicated box running CentOS 4.2 with Plesk 8.1. 1 site hosted on it.
concerns are
1. Is my box hacked in and hijacked to send out spam? If yes, how can I check for system integrity?
2. Based on the service status dump, is there something else I need to do in the meantime to stop the box from sending out spam?
3. If there's someone who willing to help out, I'm willing to pay a small amount (~$50, sorry I'm broke!) to fix the server and just kinda help me through the process.