Results 1 to 7 of 7
Thread: Spaming
-
08-14-2009, 12:30 AM #1Temporarily Suspended
- Join Date
- Sep 2008
- Location
- Chicago, Illinois
- Posts
- 651
Spaming
Hey Guys...]
I have more than 500 Domain Names with my server. Today I saw my IP is blacklisted on 2 SPAM agents. I already set 150 mails per hur.
Guys tel me how to track the spammer . How to find his domain name?
have any method find without checking Logs. Have any special software to track Spammer domain name?
Guys I'm hoping good replys.
Thanx
Marx
-
08-16-2009, 09:48 PM #2
Welcome to WHT. I've moved this thread to Tech & Security Issues, where someone may be able to help you.
Lois█ "Do what you can, where you are, with what you have." – Theodore Roosevelt █
-
08-16-2009, 11:24 PM #3relax, im a professional
- Join Date
- Dec 2007
- Posts
- 1,278
Knowing which spamlists have blacklisted you would be of help. Some of them are more important then others as only a few exist to support the community vs. others who exist to extort mailers and webhosts.
James Paul Woods
Operations Manager
HostKitty Internet Services
-
08-17-2009, 01:49 AM #4Temporarily Suspended
- Join Date
- Jul 2009
- Posts
- 178
best possible solution is write a script like this
grep "exceeded the max emails per hour" /var/log/exim_mainlog
Which will give a hit of who is spamming.
-
08-17-2009, 08:47 AM #5Support Facility
- Join Date
- Jun 2009
- Posts
- 2,335
You can check the logs by using the commands below,
#tail -f /var/log/exim_mainlog
this will help you to catch the spammers by checking the exim_mainlogs.
-
08-18-2009, 05:45 AM #6WHT Addict
- Join Date
- Jun 2008
- Location
- India
- Posts
- 130
Try to cat /var/log/exim_mainlog | fgrep 'date' |fgrep 'cwd=/tmp'
/var/log/exim_mainlog | fgrep 'date' |fgrep 'cwd=/home' |more
someone might be using php scripts for spamming. So just check whether any bulk emails send from the home directory or not. Replace date with current date int he log file format. If more emails from tmp then i will recommend you to secure the tmp partition.
Every time enable extended logging option in exim....
-
08-20-2009, 01:47 AM #7Web Hosting Master
- Join Date
- Nov 2004
- Location
- Australia
- Posts
- 1,737
You also need to consider that spam may be generated via port 25 from compromised scripts, that is, they avoid the mail system to get around the limit. You can stop this with cpanel's "SMTP Tweak" which prevents outbound port 25 access apart from for the exim users. CSF also has this built in. IMO it's essential to have both the 150 limit and the port 25 restriction.
Similar Threads
-
spaming from my domain
By linktome in forum Hosting Security and TechnologyReplies: 2Last Post: 09-10-2006, 04:35 AM -
Stop SPAMING from PHP
By ServerOK in forum Hosting Security and TechnologyReplies: 12Last Post: 11-25-2004, 04:25 PM -
Doster spaming
By Toeki in forum Domain NamesReplies: 9Last Post: 07-24-2004, 01:02 PM -
Spaming :@ (Please help me)
By Hassan in forum Web Hosting LoungeReplies: 4Last Post: 05-13-2004, 04:57 AM -
Saturnhost is spaming
By vizi in forum Web HostingReplies: 16Last Post: 05-09-2001, 09:53 PM