in the last 2 weeks has increased the spam mail to external users using our mail accounts.
So a user receives spam believing that it is sent from our sites.
I think the best method is to create a txt file in dns but I have many doubts about how to proceed.
Looking at one of the e-mail back to our mail server I see that emails are sent via outlook.
This is an example of the emails: ...
i am getting hundreds of theses in my mail log each day, trying different names etc and want to put a stop to them and auto ban the ips.
I have APF
I'm a web programmer with little knowledge of server maintenace, tasks, configurations, etc.
I run a website hosted a dedicated box with godaddy. It appears my MAX SMTP limit (25,000) is reached at times. I know for a fact my subscribers are not generating this many emails.
1) Is there a way I can see a log file all of the email messages that were sent using my SMTP qmail account?
2) I've entertained the possibility that someone has "hijacked" my qmail account and is using it send out spam messages?
Any help in being able to get to a log for qmail or to run some other kind of diagnosis to figure out what's exactly going on with my server and why my max smtp limit is reached constantly.
I have a client on my server from ThePlanet. That client sends a newsletter once a week to about 50,000 recipients with a program that i built. The list was purchased from a company that sells targeted directory listings.
Each email has a very clear opt out link, and one click takes them off the list. There is also a direct link to the contact form, as well as the information of the company sending the mass emails (me). This should satisfy all regulatory requirements to comply with existing laws.
Now, these emails have been sent once a week for about a month now. Today, ThePlanet issued a support ticket entitled "Abuse: Spam Source". It seems that there was a problem from aol, and one of the emails was redacted.
Reading through ThePlanet terms of service, it seems that they only allow closed system mass mailings. So now I am faced with a problem, because I have a client who expects to send out emails next week with a system i built, and I have a hosting provider that is demanding some sort of "proof" that these emails are solicited.
For the record, this newsletter isn't junk spam like selling viagra or pumping a stock. It is a free weekly summary of significant new york appellate cases, and it has been very well received by the attorneys on the mailing list. There have been ridiculously few opt outs ( < 2%), and there have been literally *hundreds* of emails coming back to show their gratitude for the free service. Not even one comment has been negative.
So what can I do now? A significant number of attorneys on this list are expecting the newsletter, but it cant be sent due to this problem.
The best that I could come up with so far is to send an "Opt in" mass email, where users must click the link to opt in, and everyone else would be removed from the mass email. I could then use the unique keys used for opt ins as "proof" for ThePlanet that the emails are solicited.
We have server in limestonenetwork for couple months, everything good until several abuse issues to our IP for several times recently. Based on instruction from Ryan A., Abuse Department Manager, I have suspend/terminate the suspected accounts in timely manner, each time there's abuse issue.
But today surprisingly, they terminate our server immediately without prior notification. I fully understand that this is my fault not to watch our hosting client for abuse issues.
I only need to get the data back for several hours so I can move the data to other server. Based on their tos limestonenetworks.com/service_info/tos.html I did not see any about temporary data restore so I think we still have right to get our data back.
question
is it true that I can not have my data back at all based on their tos ? since I can not find this matter mentioned on their tos.
During last week, two of our clients' accounts got compromised (most probably due to weak passwords) and there was a CGI script installed which started sending emails to more than 200,000 email accounts. This email addresses were stored in a text file.
By the time we noticed this activity, our server got black listed on major RBLs like Barracuda, SpamCop, Spamhaus etc and it took around 2 days to cleanup
3 days later, another account compromised with same *thing* and it really is pain in the arse now dealing with this and angry clients
We've already implemented a policy to restrict users to send 100 messages/per hour/domain which is working, but it seems this *thing* bypass exim.
I guess this Open Proxy Servers a Source of Spam is what i want to explain!
So my question is, if I've understood this right, is it possible to stop scripts like this or can we enforce mailman to use exim all the time to send messages and stop direct-mailing?
I check and see many email was sent from my domain but i dont do it, how to stop this problem ?
View 2 Replies View Relatedif any one knows of an abuse bot for web hosting companies that will automatically detect phishing, spam, etc.
I know that this isn't a huge issue for paid hosting providers but it is somewhat problematic for free hosts.
Last week my VPS hosting provider has suspended my server because of a SPAM petition made by spamcop.com.
The problem is that the incriminated spam message was not sent from any IP adress of my VPS, or a domain hosted on my VPS. Still this, my ISP has suspended my server without sending me any warning e-mail.
Only guilt that i have is that the spammer found some e-mail adresses in one webportal hosted by my server and he mentioned this on the last 2 lines of the message: "This message was sent to you be cause we found your e-mail adress on a public website and this website is....www.somewebsite.com.
The admins of my ISP didn't asked me about the potential fraud and closed my VPS for almost 24 hours without warning me. I was in vacantion for 10 days and i didn't know about the fact that my clients are in trouble.
Now i'm asking you: Does the ISP made a right thing suspending my VPS only because on of my hosted domains was mentioned in the spam message, and no IP adresses or domains names of my VPS were in the X-Originating-IP header lines?
Apparently smtp servers from other countries are using our email addresses in the 'reply to'. Because of this much failed messages replies (message is blocked; user doesn't exist) are returned to our email accounts. Is there a way to handle abuse like this? We aren't an open relay but for some reason all the mail is coming back to us. Is there a way to combat this?
View 5 Replies View RelatedHow i can stop Spammer from my server?
my control panel is CPANEL !
what software i must install?
as many of you know, FreeBSD is a stable system... I have many other FreeBSD servers (with the same kernel as this one) that doesn't have problems but this server keeps rebooting once or twice a day (EVERY DAY)
it's just a reboot... something very very similar to someone pushing the reset button
1) messages, security, auth or dmesg has no entries just before the reset, so the kernel is not getting aware the server is rebooting
2) the server comes back after around 10 minutes (reboot time + fsck)
this is happening for long time, so I compiled a new kernel... and the problem didn't stop
I request the datacenter techs to replace hardwares and they told me everything was replaced: motherboard, CPU, memories... and yesterday also the power suply
so I have no other idea on what to do
in fact I have one... setting a nobreak in this server power suply for 2 or 3 days to see if the problem stops, but the datacenter didn't like this idea
Does anyone have the abuse/DMCA complaint email for OVH as I need to file a complaint but cant find it.
View 3 Replies View Related