Results 1 to 6 of 6
Thread: SPAM and the Nobody Account
-
05-24-2005, 09:40 AM #1WHT Addict
- Join Date
- Feb 2005
- Posts
- 104
SPAM and the Nobody Account
Dear All,
Earlier this week, we got hit by a persistent spammer. He signed up and started spamming 6 minutes after. It was so serious that the server pretty much locked up (the spamd service was using 97% memory constantly). It was not the spamming as such causing it - it was the spamd check of all the undeliverable messages getting returned
When I finally managed to suspend the account, he/she did the exact same from an account that he had signed up for 2 weeks earlier... Took me a while to figure out...
I have a limit of 300 emails per domain per hour. But of course the spammer was using the Nobody account (sent about 25000 emails). My thought now is to switch off the possibility for sending external mails through the nobody account. Internal mail will still work. My customers would then need to send the external via SMTP.
Have any of you implemented this? What did your customers say? Am I just wasting my time? Are there any other "known" loopholes I shoud be aware of? What about the cpanel and root accounts - are they "abusable"?
I would really appreciate any answer.Last edited by mpoulsen; 05-24-2005 at 09:43 AM.
MP Hosting
http://mphosting.net
-
05-24-2005, 04:34 PM #2Business Consultant Manager
- Join Date
- Feb 2004
- Location
- Fort Worth, TX
- Posts
- 2,586
I am also curious of some replies on this. This is a very serious issue, and could get servers shut down.
█ www.JGRoboMarketing.com / "Automate. Grow. Repeat"
█ Office: (800) 959-0182 / A KEAP Certified Developer (KCD)
-
05-25-2005, 08:22 AM #3WHT Addict
- Join Date
- Feb 2005
- Posts
- 104
Anybody out there who tried this? Please...
MP Hosting
http://mphosting.net
-
05-25-2005, 09:42 AM #4Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
well everything woudl need to be setup for smpt such as forums and such.. sending though smtp with php puts a delay and customers may not want to do that
Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
-
05-25-2005, 03:01 PM #5Junior Guru Wannabe
- Join Date
- Oct 2003
- Posts
- 90
Even if you disable sending mail from the nobody account, wouldn't it still be possible to send spam using the socket functions in php and perl
-
05-25-2005, 04:47 PM #6WHT Addict
- Join Date
- Feb 2005
- Posts
- 104
I really don't know.... Anybody knows this?
MP Hosting
http://mphosting.net