Past few days - landed on the list of a couple of virulent spammers.
Activated:
Box trapper
Spam assassin
Outlook filter
The combo trips everything very accurately into a junk folder in outlook.
Wondering if theres a script solution to kill at the server, with minimal processing. I'm using cpanel/whm.
Scum sources include tersatig (dot)cn and few other ips.
Also if possible, way to wipe all .cn/.ru/.ro etc at the server.
If I have a php page with no errors, everything works fine. If I remove a semicolon so it should give me an error, it displays nothing but a white page... Also, there is no error_log created.
php.ini error config:
Code:
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Error handling and logging ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; error_reporting is a bit-field. Or each number up to get desired error
; reporting level
; E_ALL - All errors and warnings
; E_ERROR - fatal run-time errors
; E_WARNING - run-time warnings (non-fatal errors)
; E_PARSE - compile-time parse errors
; E_NOTICE - run-time notices (these are warnings which often result
; from a bug in your code, but it's possible that it was
; intentional (e.g., using an uninitialized variable and
; relying on the fact it's automatically initialized to an
; empty string)
; E_CORE_ERROR - fatal errors that occur during PHP's initial startup
; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's
; initial startup
; E_COMPILE_ERROR - fatal compile-time errors
; E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
; E_USER_ERROR - user-generated error message
; E_USER_WARNING - user-generated warning message
; E_USER_NOTICE - user-generated notice message
;
; Examples:
;
; - Show all errors, except for notices
;
;error_reporting = "E_ALL"
;
; - Show only errors
;
;error_reporting = E_COMPILE_ERROR|E_ERROR|E_CORE_ERROR
;
; - Show all errors except for notices
;
error_reporting = E_ALL & ~E_NOTICE
; Print out errors (as a part of the output). For production web sites,
; you're strongly encouraged to turn this feature off, and use error logging
; instead (see below). Keeping display_errors enabled on a production web site
; may reveal security information to end users, such as file paths on your Web
; server, your database schema or other information.
display_errors = On
; Even when display_errors is on, errors that occur during PHP's startup
; sequence are not displayed. It's strongly recommended to keep
; display_startup_errors off, except for when debugging.
display_startup_errors = Off
; Log errors into a log file (server-specific log, stderr, or error_log (below))
; As stated above, you're strongly advised to use error logging in place of
; error displaying on production web sites.
log_errors = On
; Set maximum length of log_errors. In error_log information about the source is
; added. The default is 1024 and 0 allows to not apply any maximum length at all.
;log_errors = On;
; Do not log repeated messages. Repeated errors must occur in same file on same
; line until ignore_repeated_source is set true.
ignore_repeated_errors = Off
; Ignore source of message when ignoring repeated messages. When this setting
; is On you will not log errors with repeated messages from different files or
; sourcelines.
ignore_repeated_source = Off
; If this parameter is set to Off, then memory leaks will not be shown (on
; stdout or in the log). This has only effect in a debug compile, and if
; error reporting includes E_WARNING in the allowed list
report_memleaks = On
; Store the last error/warning message in $php_errormsg (boolean).
track_errors = Off
; Disable the inclusion of HTML tags in error messages.
;html_errors = Off
; If html_errors is set On PHP produces clickable error messages that direct
; to a page describing the error or function causing the error in detail.
; You can download a copy of the PHP manual from http://www.php.net/docs.php
; and change docref_root to the base URL of your local copy including the
; leading '/'. You must also specify the file extension being used including
; the dot.
;docref_root = "/phpmanual/"
;docref_ext = .html
; String to output before an error message.
;error_prepend_string = "<font color=ff0000>"
; String to output after an error message.
;error_append_string = "</font>"
; Log errors to specified file.
error_log = "error_log"
; Log errors to syslog (Event Log on NT, not valid in Windows 95).
;error_log = error_log;
We have about 100 servers using CSF, and CSF is generating A LOT of mail alerts.. which is causing us to receive over 1000 mails daily, just from CSF alerts.. this doesn't include support emails or others.
My question..
How do you handle mail alerts when you have lot of servers? See... i can not waste 5 hours reading every mail.. even if I start deleting those mails a lot of important and critical alerts can be erased in the process..
How do you filter or handle this kind of things?
I was wondering what other people did to prevent their networks from being used as platforms for network abuse. I just setup an inward facing snort server, myself- But I was wondering what other providers (especially other low-cost VPS providers)
View 2 Replies View Relatedi'm wanting my users to be able to upload pictures to their accounts via email by sending the picture to a central email address (pics@mysite.com, for example).
from there, i'd like to take that incoming email and parse it how i see fit. (matching the email address to the user account, inserting the subject as the photo title, etc...)
what's the best method of handling this?
I've been with NPSIS as a host for 8 years. They started out with 2 guys and their wives doing the billing. Many changes/expansions over the years and all went well till they sold out in 2007. I didn't even realize they sold it until recently when the problems kept increasing and the solutions didn't. It ended today when NPS threatened to turn me in for collections. I in turn will be filing BBB and Attorney General. They lost track of my payment for 2 years thru the school I teach at. I had a grant that paid for a domain name and some hosting for the 2 years for the kids to create their own sites. I called to confirm payment before the grant expired last spring. Now they suddenly say it was never paid. They did slip up and mention that they were in the process of converting to a new billing software package. Good Luck at turning the school in to collections.
Anyway, I am in the market for a new host. I have a couple of other accounts that will follow me. I have been searching for 2 days now and I am finding more bad hosts than good ones. I'm not looking for a McDonalds approach like godaddy or hostgator. I'd prefer something more than a 1 man operation. My typical approach with any new business is to google "NewBusinessName complaint" or "NewBusinessName sucks". This only works for places that have been in business for a year or more though. I am coming up with a lot of hosts on my "NOT" list and the few I find on the good list don't quite have what I want either.
My main concern for my primary account is email/span handling. I like to use horde and squirrelmail, and boxtrapper as part of cpanel. I can deal with something other than boxtrapper if it has white list/ response challenge. I am not sure what the next 8 years will bring as far as needs/changes are concerned but I want a host willing to change with the times. Dealing with spam is a big deal to me.
Any suggestions? Like I say I've been searching for 2 days so far and it seems like finding a needle in a hay stack. I'm still reading lots of info on this site but I am in a hurry to switch hosts.
Now that bbounce had officially closed down, does anyone know of a good hosted, non-boogietools solution for combating bounce emails?
View 0 Replies View RelatedNow that bbounce.com had closed down, does anyone know of a good hosted, non-boogietools solution for combating bounce emails?
View 2 Replies View RelatedWe have a box
Cpanel 11
PHP5+ Zend 3.3 +eaccelerator 0.9.5.2+Gzip
CentOS 4
our error_log keeps to have errors
No log handling enabled - turning on stderr logging
Cannot rename /var/net-snmp/snmpapp.conf to /var/net-snmp/snmpapp.0.conf
We have make sure net-snmp is up to date, but still these erros time to time
Client uses drupal system which seems not working well EA, causing a lot of segments fault
The worse is that it seems error happen only when eaccelerator installed
I created a SQL Server database that need sto be setup for the customer on their hosting account. The hosting company wanted the sql statemens, ok so I gave it to them to setup my tables and stored procedures. I also mentioned that if they gave me a username and password with database location and catalog name for the connection string and as long as I had create rights for that database I could run my own sql statements via SQL Server Enterprise Manager to set it up. They sent an excuse about how insecure that wasy and that they couldn't send any usernames or passwords for the database to me t set this up.
They also said it's becomming more common for Hosting Companies to not allow access to the databases for thatpurpose. Ok... uh how in the world do they expect to have a programmer create and run their data driven website without that information? I'm confused on what these guys are doing.
So.. is this true? Are more hosting companies hording their database infromation and customer usernames and passwords from the developers?
a question on mod_proxy. We're using mod_proxy as a simple reverse proxy (ProxyPass & ProxyPassReverse) to reverse-proxy various back-end PHP and Mono/.NET apps.
One problem we see is that when the back-end PHP app suffers an error (e.g. a 404 or 500) , then mod_proxy ignores the nicely-formatted custom error page served up by our PHP app, and instead serves a very plain generic mod_proxy 404 or 500 error page back to the client. Is there a way to configure mod_proxy to serve up the 500/404 error page content which is created by the back-end app ?
(We thought ProxyErrorOverride might work, but it seems to be intended for the opposite scenario, where I want to *ignore* the 404 page content from the back-end and show a mod_proxy-defined error page instead.We're using apache 2.2 on 64-bit CentOS 6.5 ( httpd-2.2.15-31.el6.centos.x86_64 )
Config like:
...
ProxyPass /abc/ http://server4/abc/
ProxyPassReverse /abc/ http://server4/abc/
On apr 10th, I ordered 1 month of 3dg's $20 vps plan..
I asked about paying through paypal, and they said that they would setup the account, and charge me 'later'
on somewhere around may 5th~7th, I turned off auto-renew through their control panel..
since then, I forgot about the vps, and went ahead with my life, etc.
but today.. I get in my email a $40 PayPal invoice, charging me for apr11~june11 ...
I turned off auto renew before may10, which was the expire date for the plan.. but it now appears it has not been canceled.
I have never used their service after may 10... and I never enabled auto renew, but set it to disabled ...
now, they are charging me $40, which is complete.. BS.
they have renewed my account against my will, and they want me to pay for it.. and they are threatening me to take 'legal action'. should I decide not to pay $40...
don't trust 3dghosting.. they will renew your account w/o your consent, and charge you. if you don't give into their demands, they will contact debt collection agency, and contact credit bureaus..
don't trust 3dghosting.. they are ignorant people. I can pretty much imagine the big "WE CHARGE CUSTOMERS AT OUR WILL, AND WE MAKE THEM PAY NO MATTER WHAT" image as their background display for their computers...
Microsoft Windows Server 2008 R2 Service Pack 1
Panel version 11.0.9 Update #59, last updated at Oct 3, 2013 02:06 AM
MailEnable version 5
I see in the plesk documentation that the screen to enable SPAM filtering for an individual there is an option to "Move spam to the Spam folder". I don't see that option so I am wondering if it is only available on some versions of Plesk, or in combination with certain mail servers. How to make that option available?
One of our customers on a VPS downloaded this file and then ran it perl bnc.txt
I am wondering if its a spammer using the script to send spam.
It seems to be written in Portuguese, I have translated parts of it and it reminds of of the typical spam subjects you find now-a-days.
We are having some big issues with a spam bot on the server. We can remove the bot but could you please explain, IN DETAIL , how to configure the NAT to prevent outbound port 25 connections to the internet except from our real mail servers on with windows server 2003. Currently, the only firewall on this system is the standard windows one.
View 1 Replies View Relatedthrough some accounts on the server and the amount of spam in their mail queue is really frustrating. I had to set admin accounts for each site I run and the spammers have discovered them, so I am looking for a ssh command where I can just easily clean all the spam out. I tried cat /dev/null > /var/mail/"the username" but that didn't work.
View 1 Replies View RelatedSomeone on our server is sending spam mails, he does not know about it.
Most spam are sent to aol.com,gmail.com and cs.com
I'm getting loads of these Mail delivery failed mails:
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
The e-mails come from the system/user account e-mail of the domain (usernameDA@domain.com), where DA is Direct Admin.
I think it sent more then 30.000 mails in 2 days.
Also received a complaint from aol.
How can I trace this? What can I do to fix it?
Is it a some crappy written php script?
He said he updated joomla, wiki and smf forum.
I use cpanel license, i enable phpsux on my server, but user can send email without smtp address.
how can pervent user for send mail without smtp?
I just got this from EasyAntiSpam. Unless my address is harvested from the HostingCon database, I've certainly never been in touch with them. Disappointing either way.
Matt:
Good afternoon! I hope you are doing well. I am the new Director of Sales for Easy Antispam and I wanted to get in touch with you to find out who currently provides you with your anti-spam solutions?
I have listed below a few key benefits for our antispam solution here at Easy Antispam [url]
· Fully brandable quarantine with customizable url
· Customer level whitelisting
· Nothing to install. No complex configuration changes to make.
All you have to do is redirect the MX.
Easy Antispam is a service of Interjuncture, Corp. which was founded by George A. Roberts IV and Frank Spaulding in 2004. Easy Antispam offers a solution that doesnât cause more problems and work than the spam itself. Thousands of businesses, organizations and individuals rely on Easy Antispamâs Email Protection Services to defend their inboxes against spam and other threats. So, what are YOU waiting for? Get protected, sign up now for a 30 day free trial.
I have a linux server with shared hosting ,now for couple of days one of my client face problem regarding spam with gmail,I have also cross-checked all the mandatory records,and we have already create MX,SPF & reverse dns record with domain keys for that domain.
View 5 Replies View Relatedim getting 50 and more spam mails each day, how do i secure my vps to stop 99% of the spam from coming in as i understand theres no way to completely block spams.
Im using directadmin control panel and enabled SpamAssasain but its not much of use even when i apply strict options on it.
I used to have a reseller account and have shifted everything to a dedicated server. I now find that a couple of clients are getting lots of spam when they didn't before.
It seems that the servers used by the reseller account had some level of basic spam filtering installed; my provider suggested I look for a filtering program to install on my server.
There are, of course, dozens of them, so I wondered if anyone has any experience - enough, perhaps, to make a recommendation.
I'm having difficulties with a whm running on centos dedicated server. The problem is that we receive too much of spam and junk emails. by too much I mean 2000 bulks per week. It's killing us.
how I can stop it.
I am facing some major SPAM problems.
I am a web host from the city of Kolkata, India.
Almost 95% of my clients are from my city - others are also known to me. I know many of them face to face - there are very little chances that any of them are SPAMMER.
Still my server IP is blacklisted - several times in last 1 year - I changed my datacenter - but the problem still persists.
We're using whm/cpanel and we're always up to date with the latest upgrades (with all our scripts).
2 weeks ago, we receive a notification from SpamCop saying that our server was sending out spam. We verified everything and found nothing. 2 days ago, same story.
We tried looking at our logs and found nothing. Does this mean that there's a security hole somewhere? How can we find out from where the spammer is sending his viagra emails from ? We do not want to be permanently banned because of a spammer.
I have problems with my mail server.
I have installed cPanel WHM.
In my server there are many accounts and now I discovered that not all accounts, when they send email to hotmail and yahoo, go to spam.
It does not happen in all accounts.
How can I bypass the filter of yahoo and hotmail for all domains configured on my server?
i have this in my account:
/cgi-bin/check.cgi
/cgi-bin/gz.cgi
/cgi-bin/km.cgi
/cgi-bin/hnc.cgi
/cgi-bin/ypej.cgi
some script that sends (a LOT)spam, and dissapears
Does anyone know what that was?
i cannot find anything about it
i disabled cgi scripting,
I guess the economy must be hitting them hard. They have resorted to unsolicited commercial email, everyone's favourite.
Quote:
I hope this finds you well. I am currently attempting to reach out to companies that offer web hosting services and either use, or have used, Parallels Plesk Panel as a part of the service offerings. The goal is to re-introduce Parallels Plesk Panel and hopefully revive any previously established relationships. This includes looking into why the Parallels Plesk Panel business slowed, or stopped completely, within your organization.
We are working very hard to establish a reputable channel within the hosting marketplace. In order to do so we need to look at what is currently working and what is not currently working. The best place to begin this research is with companies that have used us, but now don't really offer our products. With that said, are you available for a phone call to discuss?
My goal is to understand:
* Do you currently offer control panels, if so, is Parallels Plesk Panel a part of your offerings?
* If you are no longer offering (pushing) Parallels Plesk Panel, is there a reason?
* Would you be receptive to some sort of "trial" program to re-introduce you to Parallels Plesk Panel and our Service Provider Partnership Program?
I look forward to your response and hopefully speaking with you soon.
Antoine Wilson
Partner Recruitment Manager
Service Provider Division
Parallels, Inc.
+1 (703) 995-4170 Direct
+1 (703) 991-5511 Efax
AIM: scrams93
Skype: antoine.wilson
ICQ: 215351114
I was running an IP check on spamcannibal.org
It shows blocked because of this reason:
no reverse DNS, MX host should have rDNS - RFC1912 2.1
Is it actually possible to setup some kind of generic ptr records on IPs, even if they are assigned to dedicated server clients?
I noticed that reported server usage from Plesk is 2.x - 3.x, so I went to mail queue (in Plesk) and saw lots of mails that shouldn't be there.
There were several senders under the domain dedibox.fr sendint LOTS of emails to lots of addresses in the same email. There shouldn't be a sender @dedibox.fr, as that domain isn't hosted on our dedicated server.
I know little about Linux administration... I tried going to the /var/log folder and grep for dedibox on the messages and maillog files, but nothing found...
How can I know if someone connected to our server as an user or something like that?