Cpanel / Spam
Jan 15, 2007
I would like to setup a true proper spam prevention method on my cpanel box. I have the usual default spam assassin, exim, mailman used plus chirpy's exim acl. Please can someone show me how to properly setup rbl's (even auto update if possible), Rules du Jour, etc? I've searched cpanel forums and not getting proper results or at least anything but very old threads.
I've found these links so far:
rulesemporium.com/rules.htm#stocks
What do you think of this?
webhostgear.com/index.php?art/id:175 (pretty old article)
or this?
rvskin.com/index.php?page=public/antispam
mailscanner?
configserver.com/free/mailscanner.html
vipuls / dcc
configserver.com/techfaq/faqlist.php?catid=5&faqid=7&page=1
Please do NOT tell me to "just buy the service...". I want to LEARN with your help and I can do it for sure, just need a little help.
Which links should I follow? Which is most effective?
View 11 Replies
Sep 4, 2007
I'm currently getting spammed out the wazzoo on my hosting server and I sent them a support ticket about it and they said it was related to cPanel and that tons of people are having this issue. However I'm not so sure as I poked at a few of the forums here and did a search and nobody seems to be having the same problems. They said they'd fix it when a fix was coming out, but nothing yet and I'd assume it would be a big enough issue for cPanel to release an immediate fix, or at least roll back the system.
Is there a bug in cPanel currently or are they lying to me? Is there any way to curb spam past spam assassin since that doesn't seem to be working?
View 14 Replies
View Related
Jul 27, 2008
I would like to offer some good advice to people who Host thier sites with Hostgator or any other Webhosts who provide Cpanel. Please Check your "Mail" feature.
I just check all of my sites Mail in the Mail section.
All of my sites do not have webmail set up, but I was surprised to find tens of thousans of spam mails and I dont even have any email accounts set up!
This was causing me to get 'iNode" warnings that my account would be soon suspended and I should upgrade my site to Dedicated Hosting, something I cannot afford!
Go to [url]
Steps
1. Click on Mail
2. Click on Webmail
3. Click on Horde
4. Login
5. Click on Mail
SURPRISE! Do you too have thousands of Spams ... even if you dont even have an email account set up?
If you folder is full of thousands of Spams then do this...
6. Click on Folders
7. Tick Inbox
8. Choose Empy Folders from the Drop Down box above
9. Click Empty Selected Folders
10. Do this regularly before you get an email from Hostgator like this:
Quote:
WARNING: gator85.hostgator.com: comscout: 63970 inodes
Server: gator85
User: xxxxx
Email: xxxxx(Owner)
iNodes: 63970 (warning)
Date: Sun Jul 27 00:22:59 CDT 2008
Email: xxxx
Account Name: xxxxx
Server: gator85.hostgator.com
iNodes (Files): 63970/50,000 (127.00%)
Hello,
To maintain the highest level of performance on our shared servers we have a maximum inode (file) limit of 50,000 inodes (files) per account. The size of the file does not matter, only the number of files. For example, a DVD image (say, 4.5gb) only counts as one inode, or file. Our limit, as outlined in our terms of service, is 50,000 files per account. We generally don't hold people strictly to this limit, but at the same time we expect our users to respect the limits of the system. When an account has hundreds of thousands of files, it significantly degrades overall disk performance, as each file on the disk must be tracked/indexed.
An easy analogy would be a table of contents or glossary for a book. If the book only has a few hundred pages, the index or glossary is likely to be small and easy to search. If the book has 5,000 pages, finding what you want might take significantly longer. The file system on a server works in a similar way, just on a larger scale. Our experience has shown that 50,000 files per account is a fair number, and accounts that exceed that by a significant amount cause disk performance issues. This message is to inform you that the listed account has significantly exceeded our limits for disk inodes/files and could potentially lead to disk issues.
It is also important to realize that accounts that exceed the inode (file) limit are not backed up by our courtesy weekly backup service, per section 7b of our Terms of Service. Of course, we advise every user to run their own backups to be safe. Accounts over our the 50,000 inode limit are bypassed so that backups can complete in a timely fashion for everyone. Otherwise, accounts with hundreds of thousands or more inodes will utilize more server resources than other accounts, and could lead to file system errors on our backup servers.
This account will be re-checked again in 7 days to verify it is below 50,000 files. If this account remains above the maximum inode limit after repeated checks, we'll have to review the situation further and advise a course of action. It is critical that one of the following actions take place before that happens:
a) reduce the number of inodes/files. This change must be permanent; if you have a high number of cache files or similar, and you expect them to naturally exceed the inode limit again in the future, the configuration must be changed to limit the total number of cached files.
If you are completely unaware of the source of the inodes, it may be that you have left your default mailbox enabled, and never cleared it. Over time, it can fill up with spam, consuming hundreds of thousands of inodes. If you have a catch-all enabled on your account, this can greatly increase the amount of mail/spam that our account receives and will raise your inode usage quickly unless routinely emptied. If you would like assistance clearing these folders from unwanted email or removing the catch-all from your account, please let us know and we would be happy to assist you.
The default mailbox is located at:
/home/xxxx/mail/cur
/home/xxxxx/mail/new
b) upgrade to dedicated service, where inode counts are no longer checked. In many cases, accounts that significantly exceed our inode/file limits have simply outgrown the shared environment, and a dedicated server is the logical choice. In many cases, the transfer from a shared to dedicated server will incur no charge. In rare situations, accounts with excessive numbers of accounts or users may require a fee; the transfer department would advise you of that fact prior to the transfer taking place. If you've read this far, it's clear you're serious about taking care of the issue and we can offer you 50% off off the first month's purchase of a dedicated server. To receive the discount, please:
- Reply to this email stating you'd like to upgrade. You will
automatically be assigned a ticket number, which will be
visible in the subject line. You may need to confirm your
email if this is the first time you've ever sent us a
ticket or emailed one of our departments.
- Order a dedicated server:
[url]
- Email sales@hostgator.com after placing your order. This
promotion is unadvertised, and must be manually approved.
You must reference the ticket # you receive (above) to
qualify for the discounted rate. This promotion only
applies to dedicated servers priced $ 219.00 or higher.
We thank you for taking the time to resolve this issue. If you have any questions or perhaps you are not sure what could be causing the high number of inodes, we can help you with that. Simply reply to this email and we will be more than happy to assist you.
As soon as I deleted all of my emails, guess what .... I already have 4 Spam emails, that is very quick!
I have 4 main sites with hostgator and this how much emails I have without knowing:
Site 1: 27,237 Spam Emails
Site 2: 43,438 Spam Emails
Site 3: 7,398 Spam Emails
Site 4: 63,972 Spam Emails
This is who one Spam was from:
To: myaccount@gator257.hostgator.com
So the spammers send the emails to gator257.hostgator.com and so forth!
That is crap! Surely they can fix it, as I say, I dont even have a email account in my Cpanel!
View 6 Replies
View Related
Feb 5, 2007
Today data center mailed us and told some one is sending spam from our server.
The copy of spam mail they give us is below
Quote:
Return-Path: <a...@aliativa.com>
Received: from server10.hosthat.com (server10.hosthat.com [65.98.61.138])
by mta2.spin.it (Postfix) with SMTP id B06FE14AD6
for <(MUNGED)>; Sun, 4 Feb 2007 07:43:42 +0100 (CET)
Received: from ouwd (78.181.146.18)
by server10.hosthat.com; Sun, 4 Feb 2007 06:43:47 -0000
Date: Sun, 4 Feb 2007 06:43:47 -0000
From: =?iso-8859-5?B?RGF2aXMgS2V5cw==?= <a...@aliativa.com>
X-Mailer: The Bat! (v2.01)
Reply-To: =?iso-8859-5?B?YWRtaW4=?= <a...@aliativa.com>
X-Priority: 3 (Normal)
Message-ID: <(MUNGED)@aliativa.com>
To: (MUNGED) <(MUNGED)>
Subject: =?iso-8859-5?B?aW52ZXN0IHRvIGFsaWF0aXZh?=
=?iso-8859-5?B?LmNvbQ==?=
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----------(MUNGED)"
------------(MUNGED)
Content-Type: text/plain; charset=iso-8859-5
Content-Transfer-Encoding: 8bit
Aliativa Investments philosophy is underpinned by two brilliant rules.
* We should invest our clients' monies with the same care as though it were our money.
* We are doing our best for the every our investor.
Register now: http://www.aliativa.com/index.php
------------(MUNGED)--
As you can see there is no account info regarding who send spam mail.
In server phpsuexec is enabled.
In Tweak Settings, "Track the origin of messages sent though the mail server by adding the X-Source headers (exim 4.34+ required)" is enabled.
The spamer domain aliativa.com (why no one take the spamer down ?) is not hosted by us. But found following in exim_mainlog
Quote:
2007-02-04 06:27:11 1HDaq9-0007nb-Oc <= support@aliativa.com H=localhost (server10.hosthat.com) [127.0.0.1] P=smtp S=1378 id=008f01c43f8b$3ccd8848$0b56efd5@tkpdwifh
2007-02-04 06:27:19 1HDaq9-0007nb-Oc ** 00032rc@golden.ripco.com R=fail_remote_domains: unrouteable mail domain "golden.ripco.com"
2007-02-04 06:27:19 1HDaqN-0007oe-8c <= <> R=1HDaq9-0007nb-Oc U=mailnull P=local S=2238
2007-02-04 06:27:13 1HDaqB-0007nc-3s <= admin@aliativa.com H=localhost (server10.hosthat.com) [127.0.0.1] P=smtp S=1187 id=915817196.20060825223219@aliativa.com
2007-02-04 06:27:16 1HDaqB-0007nc-3s ** 000iskc@golden.ripco.com R=fail_remote_domains: unrouteable mail domain "golden.ripco.com"
2007-02-04 06:27:16 1HDaqK-0007ob-UA <= <> R=1HDaqB-0007nc-3s U=mailnull P=local S=2041
Anyone know how he send SPAM ? Using SMTP from localhost ? Why mail header do not include anything about who send spam?
View 6 Replies
View Related
Oct 17, 2013
Microsoft Windows Server 2008 R2 Service Pack 1
Panel version 11.0.9 Update #59, last updated at Oct 3, 2013 02:06 AM
MailEnable version 5
I see in the plesk documentation that the screen to enable SPAM filtering for an individual there is an option to "Move spam to the Spam folder". I don't see that option so I am wondering if it is only available on some versions of Plesk, or in combination with certain mail servers. How to make that option available?
View 3 Replies
View Related
Mar 24, 2008
When clicking the link it shows
Can't use an undefined value as an ARRAY reference at /usr/lib/perl5/site_perl/5.6.2/i686-linux/YAML/Syck.pm line 72.
YAML::Syck::Load(undef) called at /usr/local/cpanel/Cpanel/DataStore.pm line 67
eval {...} called at /usr/local/cpanel/Cpanel/DataStore.pm line 49
Cpanel::DataStore::load_ref('/home/user/.cpanel/filter.yaml', 'HASH(0x97c9640)') called at /usr/local/cpanel/Cpanel/DataStore.pm line 37
Cpanel::DataStore::fetch_ref('/home/user/.cpanel/filter.yaml') called at /usr/local/cpanel/Cpanel/Email.pm line 3290
Cpanel::Email::_fetchfilter('/home/user/.cpanel/filter.yaml') called at /usr/local/cpanel/Cpanel/Email.pm line 3920
Cpanel::Email::has_spam_autodelete() called at cpanel.pl line 354
main::__ANON__() called at cpanel.pl line 1763
main::exectag('<cpanel Email="has_spam_autodelete()">') called at cpanel.pl line 4806
main::dotag(undef) called at cpanel.pl line 4673
main::cpanel_parseblock('SCALAR(0x919fa24)') called at cpanel.pl line 4625
main::cpanel_parse('GLOB(0x9406294)') called at cpanel.pl line 1295
I've forced updated exim, spam assassin and cpanel, still same problem.
View 6 Replies
View Related
Oct 3, 2007
Can anyone recommend a hosted third-party spam filtering service for cPanel servers?
Most of the servers are reseller based, and I don't see myself or my team having to enter each individual email address into the service.
With that said, is there any service where you can just point the MX records to it, it would scan the email, and then deliver it?
View 2 Replies
View Related
