Stop Outgoing Spam Using Mod_security
Mar 2, 2007Can you share your mod_security rules to stop outgoing spam? (most generated by php contact forms)
And for incoming?
I would like to know what rules can work with mod_security 1.9.4.
Can you share your mod_security rules to stop outgoing spam? (most generated by php contact forms)
And for incoming?
I would like to know what rules can work with mod_security 1.9.4.
i have a problem with a hacker that uses .htaccess to disable mod_security
using this code
PHP Code:
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
so is there a way to stop this?
also they have come up with a smart way to run shell files named as images using this code in .htaccess
PHP Code:
AddType application/x-httpd-php .gif
is there a way to disable the "AddType application"?
I have a server that is sending spam, but I can not know who sent because the server not has installed suphp.
There is another option to see who sends spam?
For my site email address I get like 500 emails a day.
Is spam assassin really the only method?
i have server and on the server 150 website and more
someone upload mailer and send spam to online banking
i want know where this mailer on the server coz my server on nobody
i stoped sending from nobody from Tweak Settings till know what the account sent that and all message in Mail Queue Manager
what the solution?
any script to know that or method?
I'd like to seek help on how to read eximlog file. I saw the below inside eximlog. I'm wondering now because realemail@domain.com does not exist on this user emailaddress when I browse his cpanel. Now who is sending it? the only correct info is the pixelxl which is the user.
2007-03-25 14:49:41 1HVMXt-0000SV-7j => pixelxl <realemail@domain.com> F=<vsbqd@domain.com> R=localuser T=local_delivery S=2213
2007-03-25 14:49:41 1HVMXt-0000SV-7j Completed
What are the best ways to block outgoing spam? Installing APF would help ful?
Any other idea for outgoing spam?
I am trying to make sure my server configuration is optimally set to prevent my outgoing activation emails being set as spam.
so far I have set up an SPF record - Using Plesk for mydomain.com set up a DNS record of type TXT and value v=spf1 mx -all.
How do I check if this has been set up correctly?
I am using CentOS with Apache and Plesk 8.3 and I am sending mail using PHP's mail() function. The majority of the emails that aren't being received are going to hotmail accounts but I haven't yet sent a large enough amount of emails to view any concrete pattern. Curiously they don't appear to be going to the user's spam folder they are just being deleted outright.
Also, I'm not sure if it's related but one of my users mistyped their email address as @gogglemail.com and I now have a message in the qmail mail queue which is dated 1970. Is this something I am failing to do at a PHP level (i.e. not setting a date attribute)?
I'm wondering if theres anything I can install on the server that will either filter or track outgoing spam. I don't want to limit the number of emails sent per hour or anything, I just want to be able to maybe search through some flagged emails or something. Or if they send the exact same email more than x times it can disable their account... I'm not sure
View 1 Replies View RelatedA user in my server trying to send email, but email is flagged as "Absolute Spam" by Spamassassin. It says IP is listed in SBL/XBL.
There is an IP address in "Received-From" part of the headers. That IP is actually listed in several spam databases, but not my server's IP (Below, red and bold).
Email is sent from my server, but how come "From" IP is different from mine?
Headers of the email are below:
Quote:
Received: from [203.215.94.252] (helo=[10.0.0.7])
by server1.kanmonline-server101.net with esmtp (Exim 4.63)
(envelope-from <*********@sweetmail.org>)
id 1HQ3Yj-0007jV-6J
for ************@ezweb.ne.jp; Sun, 11 Mar 2007 00:32:37 +0900
Mime-Version: 1.0 (Apple Message framework v624)
In-Reply-To: <**********************@nm03imap01c.ezweb.ne.jp>
References: <**********************@nm03imap01c.ezweb.ne.jp>
Content-Type: text/plain; charset=ISO-2022-JP; delsp=yes; format=flowed
Message-Id: <98108bd45ea8b8bbd10cc7c35b6fad81@sweetmail.org>
Content-Transfer-Encoding: 7bit
From: =?ISO-2022-JP?B?GyRCOWI2NhsoQiAbJEIwITUqO1IbKEI=?= <**********@sweetmail.org>
Subject: Re:
Date: Sat, 10 Mar 2007 23:32:34 -0800
To: *********@ezweb.ne.jp
X-Mailer: Apple Mail (2.624)
We have WHM 11 on the server.
Now the server is getting to many spam mails. We already have filters on the server, but we get spam mails with header which are not in English language. The header are normally in russian or arabic language.
how to stop these spam mails with header which are not in english.
I have been receiving a LOT more "unusual character" spam, where the entire email consists of something like this: .....
View 5 Replies View RelatedI check and see many email was sent from my domain but i dont do it, how to stop this problem ?
View 2 Replies View RelatedI have a VPS and I am wondering if anyone knows any way in which to make it so that emails sent from the server are not seen as spam by hotmail and the likes.
View 5 Replies View Relatedi have one server with cPanel/WHM use Exim mail server, how to stop receved SPAM from domain inews.inf.br, i receved many SPAMs from this domain.
OS: CentOS
Stop spam at smtp level.It's great with a lot of features, easy to install.
www.spamdyke.org
Stop spam now
I have a linux VPS with WHM and exim 4.68.
What common settings can I configure to not have emails sent to spam folder for mail servers like gmail, yahoo, and hotmail?
Reverse DNS seems to work, on dnsstuff.com my server name comes up for my IP.
mail.domain.com is coming up as the same IP as reverse DNS.
SPF record is set up for the domain.
Any idea? Or any program can prevent it?
(CentOS 5.2 Linux running on servers)
I just did the update to 12.0.18 #6 and everything seemed to go pretty well. One feature we were really interested in was the Outgoing Spam Filter. Unfortunately, the error I see when I go to that feature reads, "Protection : Not active. There are some problems that prevent the service from being started."
When I Google that error, I'm brought to some KB articles but they are all for the older Outgoing Spam Filter that you need a license key for. I don't believe that is the case any more - if it is, I don't know where to get the key. I will say point out I'm a bit of a Linux novice (we are running CentOS 6.5 on this server), so I'm not really sure where to look....
I have a hard problem with my VPS. I have postfix as mail server on plesk 12 under ubuntu 12.
I dont know why the outgoing mails of all my domains in my servers are getting spam in servers like gmail, yahoo, hotmail...
I'm using mxtoolbox to fix errors and warnings and finally fixed all of them, but my mails are still outgoing to spam.
In mxtoolbox actually I have no mail server errors / warning, u can see it with, for example, this one of my domains: [URL] ....
Headers:
This message is an automatic response from Port25's authentication verifier service at verifier.port25.com. The service allows email senders to perform a simple check of various sender authentication mechanisms. It is provided free of charge, in the hope that it is useful to the email community.
[Code] ....
The problem is that all the mail that exits my VPS server (OVH) is going to the spam folders of Gmail, Outlook, etc accounts.
I've tried to connect my Gmail account to check via POP3 my inbox on my VPS, and all I get is an SSL error.
I have some error when the new outgoing spam protection (limitation for outgoing mail) is enabled. Mail clients are unable to use SMTP for sending mails. "My mail client says: The message could not be sent. You are not allowed to use sendmail utility."
I don't undestand the blocking behaviour since the checkbox "Allow scripts and users to use Sendmail" is checked and no limit is exeeded.This is the relevant log part of maillog:
Code:
Jul 3 00:44:36 srv01 postfix/smtpd[3326]: C0E5182A20: client=46.128.x.x.dynamic.cablesurf.de[46.128.x.x], sasl_method=CRAM-MD5, sasl_username=info@domain.de
Jul 3 00:44:36 srv01 postfix/cleanup[3331]: C0E5182A20: message-id=<0A380CA8-AAE3-4FA8-BA7A-A3FDF7CD16E2@domain.de>
Jul 3 00:44:37 srv01 /usr/lib/plesk-9.0/psa-pc-remote[3280]: handlers_stderr: DATA REPLY:554:[B]5.7.0 The message could not be sent. You are not allowed to use sendmail utility.[/B] REJECT
Jul 3 00:44:37 srv01 /usr/lib/plesk-9.0/psa-pc-remote[3280]: REJECT during call 'limit-out' handler
Jul 3 00:44:37 srv01 postfix/cleanup[3331]: C0E5182A20: milter-reject: END-OF-MESSAGE from 46.128.213.43.dynamic.cablesurf.de[46.128.x.x]: 5.7.0 The message could not be sent. You are not allowed to use sendmail utility.; from=<info@domain.de> to=<mail@domain2.de> proto=ESMTP helo=<[192.168.1.20]>
Jul 3 00:44:37 srv01 postfix/smtpd[3326]: disconnect from 46.128.x.x.dynamic.cablesurf.de[46.128.x.x]
Moreover I disabled the line "non_smtpd_milters" in postfix main.conf since my server has same issues discribed in the following thread:
Postfix: mails sent through sendmail binary are blocked because of wrong HELO