Results 1 to 7 of 7

Thread: Spaming

  1. #1
    Join Date
    Sep 2008
    Location
    Chicago, Illinois
    Posts
    651

    Spaming

    Hey Guys...]


    I have more than 500 Domain Names with my server. Today I saw my IP is blacklisted on 2 SPAM agents. I already set 150 mails per hur.

    Guys tel me how to track the spammer . How to find his domain name?

    have any method find without checking Logs. Have any special software to track Spammer domain name?

    Guys I'm hoping good replys.

    Thanx

    Marx

  2. #2
    Join Date
    Jun 2004
    Location
    North of some border
    Posts
    5,613
    Welcome to WHT. I've moved this thread to Tech & Security Issues, where someone may be able to help you.

    Lois
    "Do what you can, where you are, with what you have." – Theodore Roosevelt

  3. #3
    Join Date
    Dec 2007
    Posts
    1,278
    Knowing which spamlists have blacklisted you would be of help. Some of them are more important then others as only a few exist to support the community vs. others who exist to extort mailers and webhosts.
    James Paul Woods
    Operations Manager
    HostKitty Internet Services

  4. #4
    Join Date
    Jul 2009
    Posts
    178
    best possible solution is write a script like this

    grep "exceeded the max emails per hour" /var/log/exim_mainlog

    Which will give a hit of who is spamming.

  5. #5
    You can check the logs by using the commands below,

    #tail -f /var/log/exim_mainlog

    this will help you to catch the spammers by checking the exim_mainlogs.
    SUPPORT FACILITY | 24/7 TECH SUPPORT
    SERVER MANAGEMENT | WEB HOSTING SUPPORT | WP EXPERTS

  6. #6
    Join Date
    Jun 2008
    Location
    India
    Posts
    130
    Try to cat /var/log/exim_mainlog | fgrep 'date' |fgrep 'cwd=/tmp'

    /var/log/exim_mainlog | fgrep 'date' |fgrep 'cwd=/home' |more

    someone might be using php scripts for spamming. So just check whether any bulk emails send from the home directory or not. Replace date with current date int he log file format. If more emails from tmp then i will recommend you to secure the tmp partition.

    Every time enable extended logging option in exim....

  7. #7
    Join Date
    Nov 2004
    Location
    Australia
    Posts
    1,737
    You also need to consider that spam may be generated via port 25 from compromised scripts, that is, they avoid the mail system to get around the limit. You can stop this with cpanel's "SMTP Tweak" which prevents outbound port 25 access apart from for the exim users. CSF also has this built in. IMO it's essential to have both the 150 limit and the port 25 restriction.

Similar Threads

  1. spaming from my domain
    By linktome in forum Hosting Security and Technology
    Replies: 2
    Last Post: 09-10-2006, 04:35 AM
  2. Stop SPAMING from PHP
    By ServerOK in forum Hosting Security and Technology
    Replies: 12
    Last Post: 11-25-2004, 04:25 PM
  3. Doster spaming
    By Toeki in forum Domain Names
    Replies: 9
    Last Post: 07-24-2004, 01:02 PM
  4. Spaming :@ (Please help me)
    By Hassan in forum Web Hosting Lounge
    Replies: 4
    Last Post: 05-13-2004, 04:57 AM
  5. Saturnhost is spaming
    By vizi in forum Web Hosting
    Replies: 16
    Last Post: 05-09-2001, 09:53 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •