Results 1 to 7 of 7

Thread: Spaming

  1. #1
    Join Date
    Sep 2008
    Chicago, Illinois


    Hey Guys...]

    I have more than 500 Domain Names with my server. Today I saw my IP is blacklisted on 2 SPAM agents. I already set 150 mails per hur.

    Guys tel me how to track the spammer . How to find his domain name?

    have any method find without checking Logs. Have any special software to track Spammer domain name?

    Guys I'm hoping good replys.



  2. #2
    Join Date
    Jun 2004
    North of some border
    Welcome to WHT. I've moved this thread to Tech & Security Issues, where someone may be able to help you.

    Do you have a WHT question or concern? Please open a helpdesk ticket.

    "Do what you can, where you are, with what you have." Theodore Roosevelt

  3. #3
    Join Date
    Dec 2007
    Knowing which spamlists have blacklisted you would be of help. Some of them are more important then others as only a few exist to support the community vs. others who exist to extort mailers and webhosts.
    James Paul Woods
    Operations Manager
    HostKitty Internet Services

  4. #4
    Join Date
    Jul 2009
    best possible solution is write a script like this

    grep "exceeded the max emails per hour" /var/log/exim_mainlog

    Which will give a hit of who is spamming.

  5. #5
    You can check the logs by using the commands below,

    #tail -f /var/log/exim_mainlog

    this will help you to catch the spammers by checking the exim_mainlogs.
    Support Facility | 24/7 web hosting technical support services
    Technical support | Server management | Data migration

    Technical Articles

  6. #6
    Join Date
    Jun 2008
    Try to cat /var/log/exim_mainlog | fgrep 'date' |fgrep 'cwd=/tmp'

    /var/log/exim_mainlog | fgrep 'date' |fgrep 'cwd=/home' |more

    someone might be using php scripts for spamming. So just check whether any bulk emails send from the home directory or not. Replace date with current date int he log file format. If more emails from tmp then i will recommend you to secure the tmp partition.

    Every time enable extended logging option in exim....

  7. #7
    Join Date
    Nov 2004
    You also need to consider that spam may be generated via port 25 from compromised scripts, that is, they avoid the mail system to get around the limit. You can stop this with cpanel's "SMTP Tweak" which prevents outbound port 25 access apart from for the exim users. CSF also has this built in. IMO it's essential to have both the 150 limit and the port 25 restriction.

Similar Threads

  1. spaming from my domain
    By linktome in forum Hosting Security and Technology
    Replies: 2
    Last Post: 09-10-2006, 04:35 AM
  2. Stop SPAMING from PHP
    By WebHostingNeeds in forum Hosting Security and Technology
    Replies: 12
    Last Post: 11-25-2004, 04:25 PM
  3. Doster spaming
    By Toeki in forum Domain Names
    Replies: 9
    Last Post: 07-24-2004, 01:02 PM
  4. Spaming :@ (Please help me)
    By Hassan in forum Web Hosting Lounge
    Replies: 4
    Last Post: 05-13-2004, 04:57 AM
  5. Saturnhost is spaming
    By vizi in forum Web Hosting
    Replies: 16
    Last Post: 05-09-2001, 09:53 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts