So it looks like this is an e-mail being sent to bot@dole.ie
However when I look at my mail I can see the mails are being sent FROM bot@dole.ie. For example:
Sorry, but Lyris ListManager did not find your email address
-] "bot@dole.ie"
listed as a member of techno-l.
Only members of techno-l are allowed to contribute messages.
Because Lyris ListManager could not confirm that you are a member of techno-l, your message was not accepted.
---
Return-Path: [bot@dole.ie]
Received: from mail.reginamater.com ([201.231.192.60]) by listserver.knowledgeexpress.com with SMTP (Lyris ListManager WIN32 version 8.9a); Mon, 07 Apr 2008 16:01:23 -0500
Message-ID: [000501c898ea$068d922e$f5014499@bhudl]
From: "gun mella" [bot@dole.ie]
To: [techno-l@techno-l.org]
Subject: Don't pay too much for your drugs. Buy from us.
Date: Mon, 07 Apr 2008 18:15:12 +0000
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.3138
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
4 free pills with every order
[url]
...
There are lots of bounced e-mails being sent back to me.
Does anyone know how I can check to see what's spending the spam or how to stop it?
Microsoft Windows Server 2008 R2 Service Pack 1 Panel version 11.0.9 Update #59, last updated at Oct 3, 2013 02:06 AM MailEnable version 5
I see in the plesk documentation that the screen to enable SPAM filtering for an individual there is an option to "Move spam to the Spam folder". I don't see that option so I am wondering if it is only available on some versions of Plesk, or in combination with certain mail servers. How to make that option available?
We're using whm/cpanel and we're always up to date with the latest upgrades (with all our scripts).
2 weeks ago, we receive a notification from SpamCop saying that our server was sending out spam. We verified everything and found nothing. 2 days ago, same story.
We tried looking at our logs and found nothing. Does this mean that there's a security hole somewhere? How can we find out from where the spammer is sending his viagra emails from ? We do not want to be permanently banned because of a spammer.
I noticed that reported server usage from Plesk is 2.x - 3.x, so I went to mail queue (in Plesk) and saw lots of mails that shouldn't be there.
There were several senders under the domain dedibox.fr sendint LOTS of emails to lots of addresses in the same email. There shouldn't be a sender @dedibox.fr, as that domain isn't hosted on our dedicated server.
I know little about Linux administration... I tried going to the /var/log folder and grep for dedibox on the messages and maillog files, but nothing found...
How can I know if someone connected to our server as an user or something like that?
For some days now, the server`s been sending spam through our main domain, under different email aliases that don`t even exist : fdg@domain.com , gfhh@domain.com ( email aliases that don`t even exist )( I changed my domain with domain.com for privacy measures )....so on.. I tried to check what is sending out emails. Any idea how to track/check/scan for what is sending out emails?
I've gotten several complaints through spamcop in the last several weeks. The headers show the spam mails coming from nobody@ my server and they show the originating IP as my server. The datacenter is threatening to shut me down.
I've looked in the mail queue and haven't found any of the sent spam mails in there (or bounces from them). I am getting bounces into horde that were apparently sent from me.
How do I find which client is sending them? Or maybe the server has been hacked and spam software uploaded somewhere?
I recently got a dedicated server with The Planet. WHM/Cpanel...
I am a designer and starting to host my clients. So far i've setup about 5 different clients and everyone says the same thing...
Since they've switched to my server the email spam they get to their emails is out of control.
I asked The Planet for help and they said to make sure some spam filters were automatically checked for each account in my WHM and in their unique cpanel accounts, and they are but it hasnt helped. They also have a spam service but i do not want to pay any more per month than i already am.
What would cause this to be so bad versus my clients old servers?
Secondly, what open source solutions are there out there and who is the best to hire to install them on my server?
I currently have a dedicated server, Linux, with 1 website on it that is sending spam.
At first I thought it was someone spoofing my email address, however when I check my servers Email queue I can see the spam emails in there being sent.
My problem is that I have contacted my server provider and support for the scripts I'm running and everyone is saying its the other persons fault. My server provider is saying everything is up to date and it must be a software exploit on one of my scripts, and the support team from my software is saying its not them that its the server.
Can you control SPAM on a server ? I've got this email account that all receives is SPAM, nothing else. I'd like to eliminate this so it doesn't get any more SPAM.
I received many email spam recently, with the sender address from my own server. Eg.
my domain = www.shashinki.com email spam that I received = shop@shashinki.com which is being sent to my own email address of shop@shashinki.com. Yes, the sender is my own email address account.
I checked using gmail and the sender is from my own server IP address and the sender's email address seems to be valid and is from my own email account.
I have changed the password of my email address, added SPF to my email system...etc. I have done all that I can think of, but I still get the same spam emails.
What can I do and what should I do? I got really tired of this and I am worried that my server is being used to send spams to others.
My server is with LayeredTech, unmanaged server, so I dont have a manager to help me.
Hope to get some insight and help from sifus here...
what experiences other people have been having with loads on their servers from spam. I was doing some profiling of our machines and noticed that load actually a fairly significant part of the load on our servers, and its way worse than it used to be.
Looking at the numbers I suspect we could comfortably have way more accounts per server if we could deal with spam better.
We recently had a problem with a mail spammer. He sent over 90,000 emails and had 20,000 in the queue. Is there anyway to possibly stop this as it was really lagging the server bad. So bad the softlayer took it offline for a while...
got a 2nd notice from my ISP complaining that spams are being sent from my dedicated box. Since the first notice, I had stopped all the mail-related services (sendmail, mailman, courier-imap), which means no emails will be sent out from this box. However, I still received the 2nd notice for spamming.
own dedicated box running CentOS 4.2 with Plesk 8.1. 1 site hosted on it.
concerns are
1. Is my box hacked in and hijacked to send out spam? If yes, how can I check for system integrity?
2. Based on the service status dump, is there something else I need to do in the meantime to stop the box from sending out spam?
3. If there's someone who willing to help out, I'm willing to pay a small amount (~$50, sorry I'm broke!) to fix the server and just kinda help me through the process.
I just found that some spammer send email through my server. I am using sendmail.
So if they know my domains in /etc/mail/local-host-names, can they spam email through my server without knowing username and password?
Do you think postfix is a better solution? The server is used by me only. I even won't connect to the server to sendmail. I use web mail to check email in the server.
Hoping someone can help here. I have a web server running a couple of sites, has been for a couple of years now. With one of the domains, I have an email forwarder setup through cpanel to forward mail sent to a specific address at that domain to my gmail account (it's a "contact us" type address). I don't think the email address is listed on the web anywhere.
Anyway, I am noticing a lot of spam emails being sent to that address, from that same address and they all appear to be relayed through my exim server legitimately. Obviously they aren't (as I am not sending them).
I am only familiar with sendmail, and am unsure about where to look for any possible hacks to my exim server. Can someone point me in the right direction? I want to stop these spam messages being sent, asap.
I have a cPanel dedicated server and have a lot of spam attacks on this server. It's getting so bad that our IP is being added to Yahoo & AOL blacklists and my emails are bouncing to these accounts.
Is there anyone on here who can do a thourough check on our server and install anything necessary to stop this kind of activity?
I have a (dedicated) server out of control. It is managed by a 3rd party company who has never been able to get the spam and server load under control. Loads average over 5! and there is no activity in top other than sendmail and mailscanner (with Ensim).
I turned off mailscanner and sendmail while I typed this and server load went to .08.
I'm going to switch (dedicated) servers to a new provider (for reasons above plus a few others) which will include managed service from the server provider as well.
There are only a few programs that need to run on this server. VBulletin is the main concern.
I want to lock down all mail access. I want vbulletin to be able to send outgoing email as part of its administration and as part of its member notifications.
I don't want ANYONE OUTSIDE THE SERVER to be able to send mail through this server.
One idea I have had is to use DNS to assign all MX records of every domain on the machine to the free gmail service.
I have one domain on this machine (and important domain) that gets thousands and thousands of spam. I assigned its' MX records to NO-IP.com who filters and forwards email to me. That has worked - but server load never budged.
how you avoid dealing with problems related to SPAM? I want to avoid blacklists at all possible, what are your steps for detecting and eliminating spam sent from your server? Is there a certain software out there that will detect spam being sent?
I just installed the latest version of PHPList (Email manager program) on our client's dedicated server. The dedicated server is using Linux with Apache and PHP version 4.4.4.
When I try to subscribe to the newsletter I am suppose to receive a confirmation email.
Unfortunately my company's email host blocks this email thinking it's spam and I so I never receive the confirmation email. I then installed the exact same version of PHPList on a shared server with Linux, Apache, and PHP 4.4.4. Using this setup I received the confirmation email.
So it seems like the server is the problem and not the software. The IP address of the dedicated server is not blacklisted. Actually the IP address just came into existence in January 2007.
It really makes no sense to me why emails coming from the dedicated server are marked spam, but emails coming from the shared server are fine. Both servers are hosted by Hostgator.
I am clueless as to what action to take next. Are there any server settings that could fix this problem? Any ideas is greatly appreciated.
Logwatch says I send out about 3k emails each day and that is a ridiculous amount. I use postfix and do not run any sort of relay, even for myself. I have IPB 2.2.2, Wordpress 2.0.4, and Gallery 2.x.
How can I track down where these messages are originating from? Or perhaps I am reading my LogWatch file incorrectly?
Quote:
--------------------- postfix Begin ------------------------
17999281 bytes transferred 2460 messages sent 26 messages expired and returned to sender 145 messages removed from queue
Top ten senders: 24 messages sent by: apache (uid=48): 2 messages sent by: root (uid=0):
I have a client on my server from ThePlanet. That client sends a newsletter once a week to about 50,000 recipients with a program that i built. The list was purchased from a company that sells targeted directory listings.
Each email has a very clear opt out link, and one click takes them off the list. There is also a direct link to the contact form, as well as the information of the company sending the mass emails (me). This should satisfy all regulatory requirements to comply with existing laws.
Now, these emails have been sent once a week for about a month now. Today, ThePlanet issued a support ticket entitled "Abuse: Spam Source". It seems that there was a problem from aol, and one of the emails was redacted.
Reading through ThePlanet terms of service, it seems that they only allow closed system mass mailings. So now I am faced with a problem, because I have a client who expects to send out emails next week with a system i built, and I have a hosting provider that is demanding some sort of "proof" that these emails are solicited.
For the record, this newsletter isn't junk spam like selling viagra or pumping a stock. It is a free weekly summary of significant new york appellate cases, and it has been very well received by the attorneys on the mailing list. There have been ridiculously few opt outs ( < 2%), and there have been literally *hundreds* of emails coming back to show their gratitude for the free service. Not even one comment has been negative.
So what can I do now? A significant number of attorneys on this list are expecting the newsletter, but it cant be sent due to this problem.
The best that I could come up with so far is to send an "Opt in" mass email, where users must click the link to opt in, and everyone else would be removed from the mass email. I could then use the unique keys used for opt ins as "proof" for ThePlanet that the emails are solicited.
how can I restrict how many emails can be send per domain base? I know hostgator and hostmonster can restrict their email per hour base on their domain name...
I'm having problems with incoming spam on my dedicated server the load average of the server is around 80 or 100.2 I know it's incoming spam because when I check the exim process I see a lot of ips from russia, germany, taiwan then I block that ips with the /etc/apf/apf -d ip command and then the load of the server drops down to 7 or less, so the cuestion is how can I detect and block the spammers ips automatically on the server? I have spam assassin running and blocks the spam emails right, the real problem is the high load generated for spamd application and all the incoming connections of the spammers ips on the server.
Server specifications:
Cent OS 4 Control panel: directadmin Dual-Core AMD Opteron(tm) Processor 2214 HE 1GB RAM Exim 4.68 Apache 1.3.39 MySQL 5.0.37 vm-Pop3d 1.1.7f-DA-2
I just found out all my mails sent to Gmail are marked as spam. However, if I check my IP address in independant grass-root spam databases, my IP address isn't blacklisted. I checked 7 of them. Do you know how to solve this problem