I got a RHEL dedicated server it has Ensim Ensim Pro 4.0.3-22.rhel.3ES
I got a few email accounts over quota limit. Even though it reached the quota the still consumes mail.
the size keeps increasing until HD space runs out. I checked other forums and they recommended to
do this find /home/virtual/site#/fst/var/spool/mqueue/ -exec rm -f {} ;
I did this but there were no files in there to begin with.
So every hour i keep getting this failure notice. This is a report generated by the hourly run of MailQueueCleaner. Some sites on this server have problems which prevent the processing of their email queues. UNTIL YOU RESOLVE THE PROBLEMS, THESE SITES WILL NOT BE ABLE TO RECEIVE EMAIL. A summary of the problems is included below.
sites over the quota show up here.
I just want to be abl to clear the mail out of selected accounts without logging in the account. I am sure it is some file to clear.
I run a site with about 1,000,000 unique visitors per month and recents server failures made me decide to get a failover server to minimize downtime. My goal wasn't to get 99.999% uptime but to be able to be back on track after a failure in a "reasonable" amount of time. After evaluating several solutions, I decided to go with DNS failover. Here's how the setup work:
1) mydomain.com points to main server with a very low TTL (time to live) 2) failover server replicates data from main server 3) when main server goes down, mydomain.com is changed to point to failover server
The drawback is the DNS propagation time since some DNS servers don't honor the TTL and there is some caching happening on the user's machine and browser. I looked for empirical data to gauge the extent of the problem but couldn't find any so I decided to setup my own experiment.
The Experiment ==============
I start with mydomain.com pointing to the main server with a TTL of 1800 seconds (1/2 hour). I then change it to point to the failover server which simply port forwards to the main server. On the main server, I periodically compute the percentage of requests coming from the failover server which gives me the percentage of people for which the DNS change has propagated.
I made the DNS change at exactly 16:04 on 06/21/06 and here are the percentage of propagated users:
So even after 18 hours, there is still a certain percentage of users going to the old server so DNS failover is obviously not a 99.999% uptime solution. However, since more than 90% of the users are propagated in the first hour, the solution works well enough for me.
I'm kinda confused about warez linking allowed VPS hosters.. Most of them they say "Warez Linking is allowed" "AS LONG AS IT'S LEGAL" Is there a legal warez? I though that warez is illegal in the first place!
I'm planing to buy a VPS Plan from fsckvps.com, but I'm afraid they might terminate my account, so want to make sure if I will work fine with them, I've contacted them as pre-sale question, they said that warez linking is allowed as long as nothing is hosted on their server.
Okay, Now what's legal warez? My site content actually is New worldwide music albums, info, Movies, Cracked/nulled softwares..
Download links are included, but hosted on sharing site such as 4shared.com etc..
Will this be fine? Or I might experience account termination?
I'm just inches away from purchasing their 512MB RAM Plan, this is my final question.
We are seeing good reviews about cologuys' dedicated servers but we are concerned that they host piracy sites such as << snipped >> (super illegal site) and << snipped >> (service to download rapidshare links without waiting). I'm assuming this is against their TOS but what we're more concerned with is should Cologuys ever get busted for hosting warez would our servers be affected in any way?
I saw a website a few days ago hosting Warez and hacking, But they wasn't directly download from there website. They was only linking? is this illegal in the UK just to link to warez, Like to rapidshare, megaupload, etc..? Whats there law like?, Can anyone explain if this is a good idea or not?
I noticed in the apache error logs that Yahoo and Google (mostly Yahoo) have been crawling one of my clients' sites for warez, cracks and serials, but these files don't exist (and hence they're ending up with 404 errors in the error logs).
The IPs that are doing this are legit (as far as I can tell)... 74.6.20.32, 74.6.74.50, 66.249.65.178
It's systematically hitting the server once every second or two, looking for files such as "free.serial.no.of.flash.professional.8.jsp", "trainer.SimCity.4.million.jsp", "Paragon.Partition.Manager.v.7.crack.jsp"
and this has been happening for at least a day now.
Now here's the thing. The site has gone through a redesign about 4 months ago, and the previous site was running an old version of PHP Nuke that was filled with spam (from tracebacks), and a photo gallery manager which was probably not installed securely. The new site utilizes Joomla, and all the previous elements are gone (in fact the site was migrated to my servers after the redesign, so my servers never hosted their old PHP Nuke or photo gallery).
These mysterious crawls from Yahoo and Google all seem to hit the photo gallery URLs, such as http://www.domain.com/albums/album01...v3.1.patch.jsp
The other weird part is, all the links end with .jsp. The site's previous server did not have JSP support, and neither does mine.
Also before we moved the site over to my server, I archived their entire website on their old server, and none of these files exist there.
Doing a search on Google on their site (site:www.domain.com) doesn't show any of these files. Searching Google for links that point to the site also don't show anything out of the ordinary.
This has me baffled... Does anyone have any idea what is going on?
yesterday andhrahost.com hacked our WHMCS and sent emails to many of our customer here is the screen shoot ,
[url] [url] he also deleted all admin logs but luckily.i took this screen shoot
Around 2 month back also this happen with us and we even informed OC3 about it but that time also. Mr Alex Ferrari From OC3 networks replied to me and didn't took any action on it.we daily get spam from oc3 networks ip.
regularly they were trying to hack our whmcs and yesterday they did it
i have even sent email to OC3 network and this time also ne reply from them and the hacker,spammer server is still up and selling warez hosting , illigal hosting openly.
Kindly guide me how to proceed to take actions against OC3 netwokrs and against that hostig company who is doing this regurarely.
FAILReverse DNS entries for MX recordsERROR: The IP of one or more of your mail server(s) have no reverse DNS (PTR) entries/* (if you see "Timeout" below, it may mean that your DNS servers did not respond fast enough)*/. RFC1912 2.1 says you should have a reverse DNS for all your mail servers. It is strongly urged that you have them, as many mailservers will not accept mail from mailservers with no reverse DNS entry. You can double-check using the 'Reverse DNS Lookup' tool at the DNSstuff site if you recently changed your reverse DNS entry (it contacts your servers in real time; the reverse DNS lookups in the DNS report use our local caching DNS server). The problem MX records are: 22.130.197.82.in-addr.arpa [No reverse DNS entry (rcode: 3 ancount: 0) (check it)]
FAILAcceptance of postmaster addressERROR: One or more of your mailservers does not accept mail to postmaster@myminiaturepainting.com. Mailservers are required (RFC822 6.3, RFC1123 5.2.7, and RFC2821 4.5.1) to accept mail to postmaster.
I'm hosting my website on a shared hosting, and recently the ip 87.255.1.42 began sending DoS attacks to my website - there are constantly being sent queries to the starting page of my website, more than 400,000 queries/day.
It's not doing any significant damage but overloads the server every day, and I would like to know how to report this attack to any authority who can stop the attack.
I queried the RIPE database db.ripe.net/whois?form_type=simple
I have run rkhunter and got the following report, I have checked everything and seems to be fine. Also, I have run rkhunter --update and didn't help. How can remove this bad messages? Do I need to reinstall the package?
/bin/dmesg [ BAD ] /bin/env [ BAD ] /bin/grep [ BAD ] /bin/kill [ BAD ] /bin/login [ BAD ]
I regularly report spam that makes it through an RBL (sbl-xbl.spamhaus.org), SQLGrey, and an internal blacklist. I've noticed that the spam I get originates all over the place (though uu.net seems to be getting more popular). However, one host stands out when it comes to the spamvertised websites that are being sent - theplanet.com. In looking the past 30 days of spam reports 60% have advertised a site hosted on [url]
Do you report spam via spamcop? Who is your biggest sender and hoster?
Please understand that I filter hundreds of spam messages a day (about 560 yesterday). These are only the ones making it though.
I have been receiving unsolicited emails from a site which is hosted on DonHost servers in UK.
I have been receiving these emails for the last 3-4 days on my business email which is not on any list. I think the sender is complete amateur because he is using CC and I can see everyone's emails. They are mostly local companies and Government offices so they way this person gathered the email list is very questionable.
I contacted DonHost on www.donhost.co.uk and sent them an email to their Support but they haven't even replied to me.
My VPS is setup and now when I did a dnsreport for my site, it shows:
Number of nameservers ERROR: You have 2 nameservers, but both are on the same IP! This is not a valid setup. You are required to have at least 2 nameservers, per RFC 1035 section 2.2.
Is this a big problem?
The report [url] also shows other failures. Are there any critical ones that I need to take care of? How do I do it?
I have been receivig a huge logwatch report, seems that logwatch is not parsing the /var/log/secure file, but sending the log entries instead of any resume of it. I got thousands of lines like
Cp-Wrap: Pushing "47 GETDISKUSED pvargas lights.com.co" to '/usr/local/cpanel/bin/eximadmin' for UID: 47 : 25 Time(s) Cp-Wrap: Pushing "47 GETDISKUSED r.perez konecrans.com" to '/usr/local/cpanel/bin/eximadmin' for UID: 47 : 69 Time(s) Cp-Wrap: Pushing "47 GETDISKUSED r.rodriguez konecrans.com" to '/usr/local/cpanel/bin/eximadmin' for UID: 47 : 114 Time(s)
I have upgraded to the most recent version of Logwatch with default configuration. Any ideas on what could be wrong?