Results 1 to 8 of 8
  1. #1
    Join Date
    Jan 2008
    Posts
    384

    receiving hundreds of emails

    I am receiving hundreds of emails daily like below from [email protected]. It seems someone use my VPS to send SPAM. Can some one guide me how I can find...

    ---------------------
    his message was created automatically by mail delivery software.
    A message that you sent has not yet been delivered to one or more of its
    recipients after more than 48 hours on the queue on server.myservername.com.

    The message identifier is: 1JHSau-0000wp-Fp
    The subject of the message is: PayPal Account Limited - Action Required
    The date of the message is: Wed, 23 Jan 2008 04:31:52 +0500

    The address to which the message has not yet been delivered is:

    [email protected]***********

    No action is required on your part. Delivery attempts will continue for
    some time, and this warning may be repeated at intervals if the message
    remains undelivered. Eventually the mail delivery software will give up,
    and when that happens, the message will be returned to you.
    --------------------

  2. #2
    Join Date
    Jan 2008
    Location
    India
    Posts
    287

  3. #3
    Join Date
    Nov 2003
    Posts
    477
    If you use Cpanel
    Spam protection guide
    http://forums.cpanel.net/showthread.php?t=48666

  4. #4
    Join Date
    Oct 2004
    Location
    Kerala, India
    Posts
    4,750
    I believe you have exim mail server. Add the following line in the file /etc/antivirus.exim and restart exim.

    Code:
    if error_message and $header_from: contains "Mailer-Daemon@"
    then
      # looks like a real error message - just ignore it
      finish
    endif
    David | www.cliffsupport.com
    Affordable Server Management Solutions sales AT cliffsupport DOT com
    CliffWebManager | Access WHM from iPhone and Android

  5. #5
    Join Date
    Jun 2002
    Location
    Toronto, Ontario
    Posts
    1,449
    Check to make sure you do not have any open relays on your mail server and that you do not have any exploited scripts on your server.
    Kaumil P.

  6. #6
    Join Date
    Jan 2008
    Posts
    384
    how I can check open relays?

  7. #7
    Join Date
    Jun 2002
    Location
    Toronto, Ontario
    Posts
    1,449
    Quote Originally Posted by dotflyer View Post
    how I can check open relays?
    www.dnsreport.com
    Kaumil P.

  8. #8
    Join Date
    Oct 2002
    Location
    State of Disbelief
    Posts
    22,948
    Look the message headers over carefully to make sure the original message came from your server and it's not just the bounce that's being delayed. Sometimes these are simply bounces generated by faked return addresses in messages sent to bad emails. It bounces to you because they used your return address.
    Having problems, or maybe questions about WHT? Head over to the help desk!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •