Results 1 to 10 of 10

Thread: SPAM problem

  1. #1
    Join Date
    Nov 2003
    Location
    Online
    Posts
    1,217

    SPAM problem

    1- its third time my ip black listed. I don't know how but someone ejject some php script and spam using it. Spam by nobody user. How I can get ride on it?

    2- Also there are huge amount of mails in mail queue, even i disable catch all email option month back, so how I can get ride on incoming spam also.

  2. #2
    Join Date
    Jun 2009
    Location
    Kochi,India
    Posts
    179
    Can you tell us the mailserver you are using
    Ezeelogin -
    The ultimate multiple server administration software.
    *Parallel shell *rm -rf protection *SSH logging*automated password changes*encrypted storage*
    AdMod.com -Delivering innovative web hosting solutions

  3. #3
    Join Date
    Nov 2003
    Location
    Online
    Posts
    1,217
    how I can check this mailserver, i think its exim.

  4. #4
    Join Date
    Jun 2009
    Location
    Kochi,India
    Posts
    179
    If you are using a cpanel/WHM server then it will be exim by default.

    Enable Mailheaders by running /scripts/easyapache script and after that check the mail header using

    exim -Mvh <message id>

    From that you will able to find the source of spam.
    Ezeelogin -
    The ultimate multiple server administration software.
    *Parallel shell *rm -rf protection *SSH logging*automated password changes*encrypted storage*
    AdMod.com -Delivering innovative web hosting solutions

  5. #5
    Join Date
    Oct 2009
    Location
    India
    Posts
    23
    You can check for spammers using the command,

    root@server[~]#cat /var/log/exim_mainlog|grep "exceeded the max emails per" > spammers.log; cat spammers.log |cut -d: -f4|awk '{print $2}'|sort -n|uniq -c

    It will list the spamming domain names along the number of mails send.

  6. #6
    Quote Originally Posted by eglim View Post
    1- its third time my ip black listed. I don't know how but someone ejject some php script and spam using it. Spam by nobody user. How I can get ride on it?

    2- Also there are huge amount of mails in mail queue, even i disable catch all email option month back, so how I can get ride on incoming spam also.
    What`s your server control panel ? is it cpanel ?

  7. #7
    Join Date
    Nov 2003
    Location
    Online
    Posts
    1,217
    yes its cpanel

  8. #8
    Join Date
    May 2008
    Posts
    340
    Check the following,

    1. Size of the email server queue,

    exim -bpc
    2. Email server queue and the number of emails per domain,

    exim -bp | exiqsumm -c > /root/exim-queue.txt
    From the above you should have the information about which domain is sending maximum number of emails per domain in the file /root/exim-queue.txt.
    Twitter : http://twitter.com/eth1networks
    Contact Us : support[at]eth1.in

  9. #9
    If you are using exim then in WHM there is option Tweak Setting -> Prevent the user "nobody" from sending out mail to remote addresses (PHP and CGI scripts generally run as nobody if you are not using PHPSuexec and Suexec respectively.
    Shared Hosting | Reseller Hosting | VPS Hosting | Dedicated Servers
    KeserHosting.Com

  10. #10
    Join Date
    Nov 2003
    Location
    Online
    Posts
    1,217
    well when i use suphp it stop to sent mails through forms also, many of my clients use php contact form.

Similar Threads

  1. Is this SPAM problem?
    By robotwink in forum Hosting Security and Technology
    Replies: 1
    Last Post: 11-01-2009, 09:01 AM
  2. Spam Problem - Need someone to fix
    By Staminet in forum Employment / Job Offers
    Replies: 2
    Last Post: 12-05-2006, 02:52 PM
  3. Spam Problem
    By Serverplan in forum Hosting Security and Technology
    Replies: 10
    Last Post: 09-21-2005, 12:19 PM
  4. Spam Problem (Please help me)
    By Ogeres in forum Dedicated Server
    Replies: 4
    Last Post: 08-27-2005, 08:21 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •