It just makes me angry when someone uses our servers to relay mails around.
We can check that out quite simple manner, since you are using cpanel, I assume that you will have exim as your mail server. If you could check the configuration file of exim you could find the option to stop relay on your server, this can also be helpful to check whether you have indeed disabled the mail relay.
Once you are done through that, you can try sending out mails from your server with anonymous mail address either using the mailing client or using telnet. If relay is denied then you will recieve the error message on your client or on the shell. (depends on the method that you use )
This is one great way would just let you know if your mail server is vulnerable or not. If you have further doubts you can either post it over here or let me know at [email protected]
I think embsupafly still needs a straight, to-the-point how-to answer. I'm following this thread with great interest as theplanet will shut down my server in less than 12 hours unless I do something about a spamming problem I do not think I have, but spamcop believes the shared IP was spamming. May be a spoofing...? I'm no expert. Can anyone help?
Originally posted by JieWei From then, using your cPanel, ban the ip/host address from the invalid user... I guess it would be useful.... Try that =)
If the domain was registered, and if he used a non-dynamic IP, banning a static IP would work. But 9 times out of 10, the IP will not be static. I finally got this moron deleted and turned the automatic ordering and setup option to off in my billing software.