hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : How to stop spamming :(
Reply

Hosting Security and Technology Configuring and optimizing web hosting servers and operating systems, developing administration scripts, building servers, protecting against hackers, and general security (SSL certificates, etc.)
Forum Jump

How to stop spamming :(

Reply Post New Thread In Hosting Security and Technology Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 07-17-2004, 04:54 AM
madguy24 madguy24 is offline
Web Hosting Guru
  
Join Date: May 2004
Location: India
Posts: 310

How to stop spamming :(

Hi

My first post.. I read the rules and it seems that this is the place to post. Sorry if I am in wrong thread.

I need help on
-------------------
NOC says that spam mails are getting through my server and they are right too. AOL sends me reports of 100's of them. I doubt it is a mail script as I see the apache@serverhostname.tld in the mail logs. I disabled the mail function of PHP. But it is continuing.. My questions to techies here are

1) If possible, how can I block the mail function used in perl/cgi script ?
2) I removed the server's hostname from the /etc/localdomains. Is it a right move ?
3) External domains relay are disabled.
4) How to find the script and who is executing it and which domain ?
5) How can I prevent such attacks in future ?

Thanks for all your help with this

Maddy.

Reply With Quote


Sponsored Links
  #2  
Old 07-18-2004, 12:05 AM
PhilG PhilG is offline
Web Hosting Evangelist
  
Join Date: Feb 2003
Posts: 543
If you want to stop it just rename your sendmail exe file.

you will probably benefit from this url too:
http://www.webhostingtalk.com/showth...hreadid=258294

Hope that helps.

__________________
Off Topic Web Forum - A forum for talking about anything!!
N.Z. Webmaster Community - Are you from New Zealand? Well signup to our forum!!!!

Reply With Quote
  #3  
Old 07-18-2004, 04:41 AM
Arsalan Arsalan is offline
Web Hosting Master
  
Join Date: May 2001
Location: Islamabad, Pakistan
Posts: 635
Maddy,
Check your server's mail que. This is most probably an insecure Formmail script. If you look at a spam mail closely you should be able to find it and disable it.

__________________
Arsalan
Nexus - http://nexus.pk/
** Smart Solutions for Smart People! **

Reply With Quote
Sponsored Links
  #4  
Old 07-18-2004, 05:32 AM
andreyka andreyka is offline
Linux Guru
  
Join Date: Mar 2004
Location: Odessa, Ukraine
Posts: 604
Disable relay from localhost, only smtp auth.

Reply With Quote
  #5  
Old 07-20-2004, 10:11 PM
madguy24 madguy24 is offline
Web Hosting Guru
  
Join Date: May 2004
Location: India
Posts: 310
Thanks :)
Thanks Guys, Really thanks a lot for the inputs.

My mail queues i only showing apache@serverhostname. I assured that it is not php formmail by trying disable_functions=mail. My problem is how can I block the perl/cgi formmail script ? BTW I removed the server name from localdomains and it worked.

Regarding the andreyka's "Disable relay from localhost, only smtp auth." How can I disable relay from localhost..Sorry I am a novice.

Thanks

Reply With Quote
  #6  
Old 07-21-2004, 03:25 AM
Arsalan Arsalan is offline
Web Hosting Master
  
Join Date: May 2001
Location: Islamabad, Pakistan
Posts: 635
Login to WHM > Tweak Security > SMTP Tweak

and

WHM > Tweak Settings > Prevent the user 'nobody' from sending out mail to remote addresses (php and cgi scripts generally run as nobody if you are not using phpsuexec and suexec respectively.)

__________________
Arsalan
Nexus - http://nexus.pk/
** Smart Solutions for Smart People! **

Reply With Quote
Reply

Related posts from TheWhir.com
Title Type Date Posted
WHIR TV Video: January's WHIR Networking Event in Los Angeles Blog 2012-02-03 12:25:15
eleven Spam Report Highlights Top Spamming Trends for 2011, 2012 Web Hosting News 2012-01-12 12:14:42
Rogue Certificates, Mobile Banking Attacks Among Top Threats of 2012: McAfee Report Web Hosting News 2011-12-28 21:54:53
Email Security Firm eleven Expects Obselecense of Blacklist Anti-Spam Solutions Web Hosting News 2011-09-15 17:03:15
Web Hosting Program We Stop Badware Starts Adding New Participants Web Hosting News 2011-08-26 16:57:00


« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:

cPanel Addresses User Concerns of Transfer and Backup Restore System Security

US Attorney says Government Should Have Warrants to Search Email

8kMiles Acquires Cloud Security Firm FuGen Solutions for $7.5 Million

Name.com Resets Customer Passwords After Security Breach

Outbound Spam Causing Sleepless Nights?

Malwarebytes Launches Data Scan-and-Backup Service

Commtouch Report: Spam, Malware Continues to Increase in Q1 2013

Researchers Urge System Admins to Check for New Apache Web Server Backdoor Malware

APWG Study Finds Phishers Increasingly Target Shared Virtual Servers

Man Arrested in Connection to Spamhaus DDoS Attacks



 

Learn more about advertising opportunities across the iNET Interactive Network.

LiquidWeb
X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?