Results 1 to 13 of 13
  1. #1

    My server gets spammed every day: Redstation has mail limit

    I'm the admin of Gameworld.gr. I use Joomla and JomSocial components. Since 9/9 when I sent a mass email ONLY to my members, my mail server has huge traffic in the SMTP.

    - We deleted the outgoing email traffic and we thought that this would solve the problem.
    - We' ve even changed provider and moved from Stagnom to Redstation so that we can change IP (in case we were blocked).
    - We've added firewall.

    My webadmins tried every method. Instead I have about 10.000 spam emails per day. Look at the screenshot!

    What should I do? My webadmin says that Stagnom has the complete control of the mail server and that I have 500 mail limit per day. Of course that's not enough.

    Who's fault is it?
    1)Shall I change server? Is it Redstation's fault that they have an email limit?
    2)Are dedicated server providers supposed to have unlimited traffic to emails?
    3)Is it our fault? Shall we find a way to block these spammers? Is there a way actually to block everyone from using your mail server? We want specific orders with specific commands. We want to try everything.

    We've even deleted modules "InviteX" and "JNews" from Joomla, in case it was their fault, but the problem returned 24 hours after. Some spammers use our mail server and we can't block them!
    Attached Thumbnails Attached Thumbnails mails.jpg  

  2. #2
    Join Date
    Aug 2007
    Location
    Belgium
    Posts
    4,183
    It looks like someone is spamming via your server.
    The 'gameworl' user is responsible for it, figure out why they are able to spam via them.

    I put my bets on a security leak / code injection in the website that's hosted on the 'gameworl' user.
    www.InstantDedicated.com - Online in no time
    Dedicated Servers in [EU] Netherlands with DAILY support, also on weekends
    DDOS Protected network - 100% Money Back if it doesn't work for you
    Streaming / IPTV allowed | Up to 10 Gbit ports | 100% Network Uptime

  3. #3
    Join Date
    Mar 2013
    Location
    North and South America
    Posts
    166
    3). It is your responsibility to prevent a user or Malware from using SMTP to send out SPAM. Unless you have fully managed hosting and your host is supposed to take care of this stuff for you. You need to know the code on your server and make sure it is well crafted and up to date. There is no way that is your host's responsibility unless you specifically say hey manage my apps and make sure they are clean. And of course pay for that level of service.

  4. #4
    Join Date
    Aug 2006
    Location
    London
    Posts
    549
    Contact a reputable server admin to secure your server - only this will solve your problems - your server is being exploited to send SPAM...

  5. #5
    Ok, so any webadmin that nows seriously how to deal with that? Because we have run EVERY malware programs we know!

  6. #6
    Join Date
    Jan 2011
    Location
    Dallas, TX
    Posts
    1,489
    Go through the users files and look for a mailing script, simple.

  7. #7
    Join Date
    Aug 2006
    Location
    London
    Posts
    549
    Quote Originally Posted by Kotsolis View Post
    Ok, so any webadmin that nows seriously how to deal with that? Because we have run EVERY malware programs we know!
    Rack911 or AdminGeekZ will solve this for you without any problems...

  8. #8
    Join Date
    Mar 2003
    Location
    WebHostingTalk
    Posts
    16,966
    Moved > Hosting Security and Technology.

  9. #9
    Join Date
    Jul 2002
    Location
    London, United Kingdom
    Posts
    4,362
    Quote Originally Posted by Kotsolis View Post
    Who's fault is it?
    Yours.

    Quote Originally Posted by Kotsolis View Post
    1)Shall I change server?
    Changing server will not stop you spamming, changing to a fully-managed service with a supplier who retains their own quality sysadmins might help, as woudl employing a competent sysadmin yourself

    Quote Originally Posted by Kotsolis View Post
    Is it Redstation's fault that they have an email limit?
    2)Are dedicated server providers supposed to have unlimited traffic to emails?
    The limits are there to prevent the rest of the internet suffering from your incompetence.

    Quote Originally Posted by Kotsolis View Post
    3)Is it our fault? Shall we find a way to block these spammers? Is there a way actually to block everyone from using your mail server?
    Yes, yes and yes.
    Rob Golding Astutium Ltd - UK based ICANN Accredited Domain Registrar - proud to accept BitCoins
    Buying Web Hosts and Domain Registrars Today @ hostacquisitions.co.uk
    UK Web Hosting | UK VPS | UK Dedicated Servers | ADSL/FTTC | Backup/DR | Cloud
    UK Colocation | Reseller Accounts | IPv6 Transit | Secondary MX | DNS | WHMCS Modules

  10. #10
    Were the contents of queued emails legit or they were spam contents? If the emails which were queued, were not sent by you, there must be something wrong on the server and I would recommend to hire server management company. If they were legit emails but they were not being sent, you will need to check your email logs to find the root cause. Again, in this case you can hire server management company to find why the emails are not being sent.

  11. #11
    Join Date
    Sep 2003
    Location
    Athens/GREECE
    Posts
    48
    Hello,

    You should really hire a sysadmin who knows his job; if the current sysadmin dropped the ball to your ISP because you use his SMTP gateway, then he should be replaced immediately. As shown from your mail queue screenshot, the issue resides on your server. The fact that the spam mails keep piling up there is your ISP's issue (since they allow 500 emails per day), but this is not the main issue here, you should investigate why do spam e-mails get sent through your server.

    Have your sysadmin try doing an exigrep on the message ID to see when it was first originated. Then he should be able to identify the issue, based on the timestamp of the exigrep result (if it's an SMTP password that was leaked, a script that sends e-mails or a possible security issue with your website).

  12. #12
    You could easily have a user or more whose machines are infected with viruses, and they are sending out those emails without their knowledge. So you need to access the logs and find out what user or users are sending the spam.
    English & Spanish Ecards

  13. #13
    Join Date
    May 2009
    Location
    Italy - Rome
    Posts
    149
    It's totally not hard to fix this situation.
    There are some method for search the function your script that cause spam:

    - search on access logs a request with some mail on attribute (much script to make spam have even only one line that get each need to send the email by post attributes).

    - search each file contain encrypted code like base64, ioncube..

    - search perl and cgi files

    - search all files contain php mail function on the code

    Just this can help to clean your account.
    You can also disable the sendmail function and send email only by smtp.

    You can use maldet to find specific code of the file like base64.

    If you want me i can do this job easy i already done much time i work on a hosting company.

Similar Threads

  1. My mail has been spammed by CloudHostingReview.com
    By yajur in forum Web Hosting Lounge
    Replies: 13
    Last Post: 11-30-2009, 11:11 PM
  2. E-mail limit per day
    By Costaud in forum Dedicated Server
    Replies: 3
    Last Post: 03-08-2007, 03:37 PM
  3. Mail server for about 10K mails a day.
    By LewisSkannen in forum Web Hosting
    Replies: 0
    Last Post: 01-01-2005, 02:21 PM
  4. is there any way to limit number of sent emails per day/hour from mail() ?
    By cDedicated.com in forum Hosting Security and Technology
    Replies: 1
    Last Post: 03-17-2004, 01:52 AM
  5. Funny E-mail from a spammed user
    By sethgarnar in forum Web Hosting Lounge
    Replies: 3
    Last Post: 07-04-2003, 04:04 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •