Results 1 to 6 of 6
  1. #1

    SPAM and the Nobody Account

    Dear All,

    Earlier this week, we got hit by a persistent spammer. He signed up and started spamming 6 minutes after. It was so serious that the server pretty much locked up (the spamd service was using 97% memory constantly). It was not the spamming as such causing it - it was the spamd check of all the undeliverable messages getting returned

    When I finally managed to suspend the account, he/she did the exact same from an account that he had signed up for 2 weeks earlier... Took me a while to figure out...

    I have a limit of 300 emails per domain per hour. But of course the spammer was using the Nobody account (sent about 25000 emails). My thought now is to switch off the possibility for sending external mails through the nobody account. Internal mail will still work. My customers would then need to send the external via SMTP.

    Have any of you implemented this? What did your customers say? Am I just wasting my time? Are there any other "known" loopholes I shoud be aware of? What about the cpanel and root accounts - are they "abusable"?

    I would really appreciate any answer.
    Last edited by mpoulsen; 05-24-2005 at 09:43 AM.
    MP Hosting
    http://mphosting.net

  2. #2
    Join Date
    Feb 2004
    Location
    Fort Worth, TX
    Posts
    2,585
    I am also curious of some replies on this. This is a very serious issue, and could get servers shut down.
    www.JGRoboMarketing.com / We Filter out the Bad Leads and Send you the Good ones!
    █ Office: (800) 959-0182 / Automated Lead Funnel Service

  3. #3
    Anybody out there who tried this? Please...
    MP Hosting
    http://mphosting.net

  4. #4
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,294
    well everything woudl need to be setup for smpt such as forums and such.. sending though smtp with php puts a delay and customers may not want to do that
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  5. #5
    Join Date
    Oct 2003
    Posts
    90
    Even if you disable sending mail from the nobody account, wouldn't it still be possible to send spam using the socket functions in php and perl

  6. #6
    I really don't know.... Anybody knows this?
    MP Hosting
    http://mphosting.net

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •