Results 1 to 4 of 4

Thread: SPAM Attack

  1. #1
    Join Date
    Mar 2005

    Angry SPAM Attack

    Hi, i ask for your help to solve this issue.
    I receive thousands of SPAM like below, my machine almost crashed. I execute a apf -d, is there anything else that can i do to improve security? How can I remove from exim queue those emails?

    root 0 0
    <[email protected]>
    1114804290 0
    -interface_address 'heremyIP
    -received_protocol esmtps
    -body_linecount 71
    -tls_cipher TLSv1:AES256-SHA:256
    [email protected]

    217P Received: from [] (
    by myhostname with esmtps (TLSv1:AES256-SHA:256)

    (Exim 4.44)
    id 1DRbWM-0001u6-93
    for [email protected]; Fri, 29 Apr 2005 16:51:31 -0300
    148P Received: from nobody by with local (Exim 4.44)
    id 1DRbS9-0005Ov-3L
    for [email protected]; Sat, 30 Apr 2005 02:47:09 +0700
    027T To: [email protected]
    047 Subject: Alguem que te ama te enviou um cartão
    040F FROM:O Carteiro <[email protected]>
    024 content-type: text/html
    014 X-priority: 1
    050I Message-Id: <[email protected]>
    038 Date: Sat, 30 Apr 2005 02:47:09 +0700
    091 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
    050 X-AntiAbuse: Primary Hostname -
    046 X-AntiAbuse: Original Domain -
    059 X-AntiAbuse: Originator/Caller UID/GID - [99 99] / [47 12]
    055 X-AntiAbuse: Sender Address Domain -
    011 X-Source:
    016 X-Source-Args:
    015 X-Source-Dir:

  2. #2
    Join Date
    Nov 2004
    If you run WHM and exim, you can easily delete ALL emails in the mail queue (which would be recommended, even if you lose a few legit emails).

    Just look for the "manage mail queue" function.

  3. #3
    Join Date
    Mar 2005
    Yes... if I use this option i will lose legit emails.

    Now i receive this attack from another ip... i blocked too... but what can i do to avoid those attacks?

  4. #4
    Join Date
    Apr 2005
    Curacao, Dutch Caribbean

    I am being hit and it seems it is happening from within.

    How do I enable in WHM to make sure you need "my server requires authentication", when someone is sending mail? I think this has to do with this!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts