So I get this email today from SpamCop complaining about my server sending unsolicited bounce messages.
Well yea... thanks to spammers domain spoofing and sending spam to my server, my server finds that there's no address - so it replies to the spoofed address.
My question is.... what do I do about it? The spamcop site has this to say... Though if I setup the server to do something odd like not sending a bounce because it's "filed internally", how will legit people get the proper bounce response??
Problem: Misdirected bounces
Description: When a mail server accepts a message and later decides that it can't deliver the message, it is required to send back a bounce email to the sender of the original message. These bounce emails are often misdirected.
Solution: Upgrade and/or configure your mail server software so that this situation is never encountered. Configure your software to either reject messages during delivery or accept them permanently. Do not let your software make choices about delivery after it has accepted a message. If you must accept delivery before you know the status of a message, then file it internally - do not send, forward or bounce it outside your organization. The errant message can be placed in a special folder or routed to your postmaster.
Now they stated this.. but im totally unsure what it means. If anyone knows. what section is for what... i only see the ip once, that they reported the spam come from 66.79.165.30.
Code: X-Apparently-To: x via 66.163.179.144; Wed, 26 Sep 2007 11:00:52 -0700 X-Originating-IP: [68.230.241.14] Authentication-Results: mta175.mail.re2.yahoo.com from=cox.net; domainkeys=neutral (no sig) Received: from 68.230.241.14 (EHLO fed1rmpop110.cox.net) (68.230.241.14) by mta175.mail.re2.yahoo.com with SMTP; Wed, 26 Sep 2007 11:00:52 -0700 Received: from fed1rmimpo01.cox.net ([70.169.32.71]) by fed1rmmtao105.cox.net (InterMail vM.7.08.02.01 201-2186-121-102-20070209) with ESMTP id <20070926175141.MUBZ11358.fed1rmmtao105.cox.net@fed1rmimpo01.cox.net>; Wed, 26 Sep 2007 13:51:41 -0400 Received: from fed1wml11.mgt.cox.net ([172.18.180.10]) by fed1rmimpo01.cox.net with bizsmtp id t5re1X00W0DrMWL0000000; Wed, 26 Sep 2007 13:51:39 -0400 Received: from 66.79.165.30 by webmail.west.cox.net; Wed, 26 Sep 2007 13:51:38 -0400 Date: Wed, 26 Sep 2007 10:51:39 -0700 From: UK NATIONA LOTTERY <gailpmm@cox.net> Reply-To: mrsjuliaelm@hotmail.com Subject: Congratulation! you have won MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) Sensitivity: Normal
I regularly report spam that makes it through an RBL (sbl-xbl.spamhaus.org), SQLGrey, and an internal blacklist. I've noticed that the spam I get originates all over the place (though uu.net seems to be getting more popular). However, one host stands out when it comes to the spamvertised websites that are being sent - theplanet.com. In looking the past 30 days of spam reports 60% have advertised a site hosted on [url]
Do you report spam via spamcop? Who is your biggest sender and hoster?
Please understand that I filter hundreds of spam messages a day (about 560 yesterday). These are only the ones making it though.
Today my site was reported for the second time at SpamCop.net as spamvertised site. Somebody is just copy pasting content from my site and is spamming people with it. It is done without my knowledge or consent. Unfortunately, today KnownHost supported me for the second time asking me to remove the domain/exploits or face account suspension.
how to deal with it? Recently one of my sites was penalized by Google all of a sudden, which brought down my adsense income by 1/3. I suspect that it might have something to do with this abuse.
I have already set an SPF record to prevent domain masking, but they are sending it from their own from address. Has anyone here ever faced anything like this? Can someone please advice me what to do?
Is it possible to use IP Security policies in Windows Server 2003 to help prevent types of DoS attacks? Today my server was attacked by a single attacker who merely connected and disconnected on open ports at an incredibly fast rate. This was enough to eat the cycles of the server processes effectively creating a DoS attack. I was hoping IPSec could help prevent this, but I'm open to use any other software as well.
I'm working on a php app that will be publicly released at a later point, that includes uploading functionality, but on my testing account, I get acces to /temp denied for permission reasons.
How normal is it for this type of obstruction to occur with webspaceproviders in general? If this is a fairly common policy, I need a solution of somekind. Perhaps uploadig the file temporarily to a folder on the users own webspace, instead of the location on the hosting server, being used by PHP by default (/tmp)
I don't have too much experience with different providers, so I need to ask this:
I'm creating a set-up/installation script for an application I will be releasing to the public at some point where I would like to autogenerate it's set-up (tables, users etc.) to the largest extent possible. I just tried out my script on a testing account and the automated creation of a limited MySQL user with GRANT failed, due to lack of permissions for doing that with this particular provider. My question is this:
What can I safely - on average - automate through a set-up script for a webapplication running in a shared envrionment and what will usually be disallowed by the average provider? Plesk allows me to create a new user through it's web interface, but it doesn't (as far as I can see anyway) allow the individual setting of permisssions for that user, making it very hard to follow the security policy of "least priviledge"...
Stuff that I'm thinking of is: Table creation, folder, file- and user creation.
in the last few months Ive got a blacklist warning from spamcop over my server sending bounces and now I find out one of my ips is listed at [url]for doing sender verify and bounces.
I think both of which are ridiculous to blacklist for and I really think most of the anti-spam blacklist people are nothing more then money making rackets. But I guess it seems reasonable to disable these things as it would save some resources.
Anyway what I need to do I guess is only do bounces for local users and disable sender verify. What is the best way to do this with exim? Every server I have to change is cpanel. Ive googled on this the last 2 days and cant find much info, Mailservers isnt my strong point for sure. Any advice Id appreciate.
UPDATE I found how to disable callouts [url]
Just trying to figure out how to disable bounces now
SameerHosting has been the biggest mistake I have ever made as far as purchasing a service online is concerned. This fake company and more importantly their Owner/Employee/[Insert Job Title Here] Jordan has been the most nasty, hard to work with, and distasteful person I have ever dealt with in my life. I recommend anyone to stay as far away from this company and child as possible. Below are parts of an initial post of mine at DP Forums. There are so many posts, threads, reviews and this kid and his fake company out there that you shouldn't have any trouble finding out everything that has occurred in the past 1-2 months. Thanks for your time:
I had purchased a dedicated server with this guy not realizing he was a 14 year old kid with a bad temper and poor spelling. I paid for the server and he managed to get into an argument with my tech about something (its in that thread). He then got mad at me and took out his anger on me even though I had no idea anything had happened until after the fact. He involved me in something I had no part in.
I have discussed this guy so many times that I am tired of talking about it but will give you a summary of what recently happened. Jordan pmed me through this forum through one of his other (now banned) accounts. This kid knows he will be banned from most forums and makes a handful of accounts to fall back on. He offered to give me a refund if I tell my tech to stop posting about him. Of course I did what he had asked me to do.
I have been honest and given him far to many chances to make right. Well, he ended up telling me I am no longer getting a refund from him because my tech keeps messing with his servers (which I doubt is actually happening). I am being punished again for something that does not have anything to do with my actions. He has now block me from yahoo messenger,msn messenger, his live chat.
Since I posted this on DP I have been in contact with his legal guardians and they have been no help. Jordan has messaged my Personal Billing details to many of his customers and others along with edited defamatory pictures of someone that is supposed to be myself. That is totally illegal and childish. He did this because I spoke against his scam company and illegal wrongdoings.
If anyone has had bad dealings with this company please post everything that has happened in this thread and also PM me and I can give you the e-mail of the people who take care of him and you can tell them what he has done. He needs to be stopped.
Again, it is very important to post in this thread with information about what he has done to you, the more info the better as these people will possibly listen to me and others.
I'm having difficulty sending an email to another email address (with a different domain) which is on the same VPS.The trouble is, on the other domain's VPS control panel, within the DNS settings, the MX records have been pointed externally (to an exchange server). Their email is turned off. But bizarrely, their mailbox is full.
It seems as though Plesk is ignoring the MX records, and sending MY email internally to the OTHER domain's mailbox on the same VPS.How do I get Plesk to send my mail to the correct EXTERNAL MX records?
One of my customers asked me if is possible technically to offer free email services.
Since he's going to launch a big portal he want to offer such things later, for all users.
Now, there are problems as: a) if there is any possibility to compress emails similar with GMAIL or YahooMail or so, because i can't imagine the email is uncompressed
b) how can be handled email boxes over multiple (mail ?) servers if the HDD space needed would be larger than for one server HDD ?
I am having an email issue and I can not resolve. I am hoping for some assisstance here.
One of my local clients are not able to email each other in their office. (About 10 employess I believe)
They are using Outlook mail client, and using ISP's SMTP server. They are able to send/recieve email to other users externally, but not intenally.
Using webmail works perfectly fine.
I spoke with my host and the said everything is working fine. I checked with the ISP to see if they are blocking the IP address on the SMTP server. They said they were not.
I have a personal account on the same server and tried to send email to another local email account, and it did not work either. Tried to send email to my clients email and they did not recieve anything.
I am on the same ISP as my client, so Im still not sure if its the ISP or not.
I setup mail piping with Exim so that e-mails sent to a specific account be forwarded to my PHP script. It's not working properly, because when I send a mail to this account, it's bounced by the mailer daemon:
Code: This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
pipe to |/home/user/public_html/support/parse.php generated by support@mydomain.com local delivery failed In my /etc/valiases/domain.com file I have:
On one my servers, I'm receiving hundreds of spam emails that are clogging up the email queue to email addresses that do not exist.
For instance domain.com, I would get
bob@domain.com liz@domain.com 325235@domain.com
You get the picture. How do I setup my server so that if there isn't an email address setup the email automatically gets deleted instead of trying to attempt to deliver it?
I have a client who has his own hosting account, and wants to leave his e-mail on his own hosting account, but his website on my hosting account.
On his own hosting he has created a sub domain called shop, and pointed its A record to the IP address of my server. On my server I've setup his domain name, and created the sub domain shop. That all works fine.
The problem I have is that the site under the shop domain needs to send an e-mail to sales@hisdomain.com. Now my server thinks the main domain is setup on my server, so it sends the e-mail to itself.
I'm justing wondering how I can get the server to point the mails back to his hosting?
A previous host I've used said they had to add the domain as a remote domain on the server, then they had to make some changes to /etc/localdomains because I was getting errors trying to send mails to the address.
I currently have a domain on Server 1 (Linux, Apache, Ubuntu, Matrix control panel).
This server does not have any spam filter, so I have moved all the email accounts to Server 2 (Linux, Apache, Fedora Core, Plesk) which does have a brilliant spam filter; and have changed the DNS record for mail.domain.com to the IP address for Server 2.
Emails are being successfully received on Server 2.
On Server 1, when an email is sent through SMTP to an address at that domain, it does not send it to Server 2, it gets delivered to the hosting account for the domain on Server 1. So what I am guessing is happening is that Server 1 detects the domain has an account on the server, and instead of looking up the DNS info for that domain, just assumes it is on Server 1.
What I need to do, is force Server 1 to send email for that domain to Server 2. Is this possible, and if so, how can it be achieved? If more info about the server is required for a solution please let me know and I'll provide what I can.
