Results 1 to 15 of 15
  1. #1
    Join Date
    Nov 2005
    Location
    Michigan, USA
    Posts
    3,872

    Here's a new one, people continue to amaze me.

    Heres a new one. We caught a user sending spam from our servers, we contacted them. They asked for a new IP, we refused to add a new IP since the other one had been blacklisted. We requested him to remove whatever was causing the spam and asked if his account had been hacked.

    He continued to complain about us not adding a new IP without explaining the reason or a way of preventing the spam so I suspended his account.

    He then complains about him paying to use the service and his domains being offline and even calls me "Greedy" for accepting his money in the first place as I continued to try to explain to him that SPAM is not only illegal but a big violation of our terms.

    Then after about a half-hour he starts sending loads of spam to all of our email addresses...laugh?


    Anyone have any tips on how they monitor the email traffic being sent from their servers?


  2. #2
    Join Date
    Jun 2009
    Location
    UK: Oxford
    Posts
    1,256
    Logs?

    If you have ssh, depending on your server as well, for starteres look in (root)/etc/httpd/logs or in cpanel, access and error logs.

  3. #3
    Join Date
    Jun 2007
    Location
    Australia
    Posts
    819
    Quote Originally Posted by jwebhost View Post
    Logs?

    If you have ssh, depending on your server as well, for starteres look in (root)/etc/httpd/logs or in cpanel, access and error logs.
    It depends on how the person is sending out the spam. It could've been a PHP mailer or perhaps it was from a IMAP or POP account. If you're running cPanel, the Apache log files are in /usr/local/apache/logs. He may also want to check the exim_mainlog and maillog file in /var/log.


  4. #4
    Join Date
    Jan 2011
    Posts
    451
    Hello,

    Why can't you do a Maldetect scan? It will catch almost all the mailing scripts.

    The script can also be found from the exim_mainlog or domlogs ( depending on the script). You never should encourage spamming in the server. Why can't you suspend the account till you gets an explanation?
    " Your work is to discover your work and then with all your heart to give yourself to it. "

    That's the mark of a true professional !

  5. #5
    Join Date
    Nov 2005
    Location
    Michigan, USA
    Posts
    3,872
    Guess I should have mentioned it was a VPS as well. The other tips will be useful for other web hosters too though.

    We did shut down his smtp server immediately to prevent more, we just didn't shut down his whole vps.


  6. #6
    Join Date
    Jun 2009
    Location
    California
    Posts
    509
    Wow you suspended one of your customers for complaining? That's not very professional.

  7. #7
    Join Date
    Nov 2005
    Location
    Michigan, USA
    Posts
    3,872
    Wow you just missed the whole point of my post? The customer was sending SPAM, I asked them to handle it and they would not.


  8. #8
    Join Date
    Jun 2009
    Location
    California
    Posts
    509
    Oh, I see it now. I didn't understand that he was continuing to send spam.

    You might try blocking outbound SMTP traffic at the firewall.

  9. #9
    Join Date
    Mar 2010
    Location
    Chennai
    Posts
    623
    I would love to say in this juncture that we have already been "AMAZED" by such people... LOL

    They keep bettering themselves, don't they?
    "You got a dream... You gotta protect it. People can't do somethin' themselves, they wanna tell you you can't do it. If you want somethin', go get it. Period." - Pursuit of Happyness

  10. #10
    I suppose in this stage that is better to negotiate with client and try to find solution. In any case you are service provider and you decide who do you like to work with and who not.

  11. #11
    Join Date
    Apr 2009
    Location
    New York City
    Posts
    5,054
    crazy how he didn't do anything about his spam and then later started spamming you.

  12. #12
    Join Date
    Jun 2010
    Location
    Panama
    Posts
    265
    Don't suspend his account, block outgoing SMTP port at the firewall for his server until he fix the issue of spamming, if he is a true spammer without shame then there is nothing to do than suspending the account.

    You need a monitor tool at the gateway level so you cough spam before your IPs getting blacklisted.
    Offshore Hosting & High Privacy in Panama
    OnApp Cloud Servers & Shared Web Hosting | Daily Backups | 99.9% Uptime
    www.OffshoreRacks.com

  13. #13
    Join Date
    Oct 2008
    Location
    /root/webhosting
    Posts
    884
    Don't suspend his account, block outgoing SMTP port at the firewall for his server
    That customer is on shared server not on VPS or dedi. Blocking SMTP will result in blocking all users SMTP
    Heres a new one. We caught a user sending spam from our servers,
    My first question is , do you have CSF ?
    We had this situation 2 times. CSF monitored and sent us mail. We opened a ticket under users account.
    We gave them time of 48 hours to remove spamming script else account will be suspended till month end. We gave him link of our TOS.
    Those users removed their scripts.
    *Make sure you have spamming controls written in your TOS
    Try to deal with them keeping lollipop in your mouth and ice on your head

    ██ Website Hosting Mumbai | Web Hosting India
    ██ Web Hosting Unleashed
    ██ cPanel-Softaculous Shared Hosting | 99.9% Uptime
    ██ sales[at]linkwayhosting.com | +91-9930-3388-67

  14. #14
    Join Date
    Nov 2005
    Location
    Michigan, USA
    Posts
    3,872
    Quote Originally Posted by OffshoreRacks View Post
    Don't suspend his account, block outgoing SMTP port at the firewall for his server until he fix the issue of spamming, if he is a true spammer without shame then there is nothing to do than suspending the account.

    You need a monitor tool at the gateway level so you cough spam before your IPs getting blacklisted.

    We did not suspend the server until we got in touch with the customer, and he continued to do nothing to stop or prevent the spam so it led me to believe he was doing it knowingly.

    As for the monitor tool, do you have any suggestions?


  15. #15
    Join Date
    Jun 2010
    Location
    Panama
    Posts
    265
    for a start,
    Assemble a reliable machine or server with 2 Ethernet cards, download Untangle 32 or 64 bit install that iso image on the server and when setup part comes it will ask for router or bridge mode, you select bridge, then when you are on the web console you download the spam assassin module, and then you can configure everything to just watch for spam, mark spam, or quarantine spam. This way you will see the incoming spam and the outgoing spam.

    If you need more info let me know.
    Last edited by OffshoreRacks; 05-26-2011 at 03:30 PM.
    Offshore Hosting & High Privacy in Panama
    OnApp Cloud Servers & Shared Web Hosting | Daily Backups | 99.9% Uptime
    www.OffshoreRacks.com

Similar Threads

  1. Google... it never ceases to amaze me
    By seankoons in forum Web Hosting Lounge
    Replies: 12
    Last Post: 06-11-2007, 12:14 PM
  2. Some people's stupidity never ceases to amaze me
    By anon-e-mouse in forum Web Hosting Lounge
    Replies: 24
    Last Post: 11-06-2004, 06:12 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •