outgoing spam - suggetion required
I am facing outgoing spam issues in our servers, while searching in google we have found out following link for controlling outgoing spam activities, can at cPanel please go through following links & let us know whether this provide is realible & installing their solution is secure/harmless on our server or not ?
http://www.grscripts.com/howtofaq.html#56b
http://www.grscripts.com/
I require your suggestion to go ahead.
OR any other outgoing spam solutions
waiting for your replies
There's a very long thread on ASSP Deluxe here:
http://forums.cpanel.net/showthread.php?t=61125
It seems many people are using the software in a cPanel/WHM environment with success.
In WHM server configuration you can set the option 'The maximum each domain can send out per hour' to prevent spam. This way you can also view your mail logs and see a message indicating which of your domains are breaking the rule. Any email sent in excess of the rule is discarded and never gets sent.
its already set 100 limit emails per hour per domain, but this limit is effecting only actual users who are not sending spam mails
but the spammers haven't effect this limit & they can sending unsolicited emails
even 100 limit set per hour per domain using the script e.g php, perl , cgi
& our IP goes poor reputation in www.senderbase.org
now whats the easy way to find out spammers in our server
The solution is to use either CSF or cPanel's "SMTP Tweak". This blocks direct attempts to send on port 25 via scripts which would stop most of your problem.
For your customers who are complaining about the limit of 100 per hour (I'd actually make it a little higher, say 150 - 250/hour) you can individually increase the limit.
If you haven't already installed CSF, you should go to www.configserver.com/cp/csf.html and install it on your server. Coupled with mod_security it's a highly effective way of stopping hacking and all sorts of security and exploit related issues.
If you prevent customers from sending mail through php mail() function, it will help to stop spam either. Not alone, obviously, but with this, if someone sends spam, YOU WILL KNOW WHO are doing.
Alexandre Silva Hostert
Server Management for Brazilians | Gerenciamento de Servidores para Brasileiros
http://widecombrasil.com.br
how can it helpphp mail() function, it will help to stop spam
Tweak Settings on WHM:
Prevent the user "nobody" from sending out mail to remote addresses (PHP and CGI scripts generally run as nobody if you are not using PHPSuexec and Suexec respectively.)
Just check it
Alexandre Silva Hostert
Server Management for Brazilians | Gerenciamento de Servidores para Brasileiros
http://widecombrasil.com.br
Yes Brionoz we are using CSF but till now we are not able to control outgoing spam mails, recently we found cgi spam scripts which is called hnc.cgi & dm.cgi you may heared about thisThe solution is to use either CSF or cPanel's "SMTP Tweak". This blocks direct attempts to send on port 25 via scripts which would stop most of your problem.
I want to keep 150 limit per hour but how can i individually increase the limit for our higher customer , i really need solution for thisFor your customers who are complaining about the limit of 100 per hour (I'd actually make it a little higher, say 150 - 250/hour) you can individually increase the limit.
we have installed CSF firewall & mod_security though we are not able to controlling outgoing spamIf you haven't already installed CSF, you should go to www.configserver.com/cp/csf.html and install it on your server. Coupled with mod_security it's a highly effective way of stopping hacking and all sorts of security and exploit related issues.
bronoz tell me one thing which settings to be required in csf configuration
i need your suggestion
If your tmp partition is not secure you can have a look at /tmp for any malicious scripts or files with mail address list, infact even if you have secured /tmp you should have a look imho.
Another way is to check the mail logs using the command,
grep cwd /var/log/exim_mainlog|grep -i spool
It will show directories from which the mailing scripts have been sending the mails. remember it will not show the actual scripts but only parent directories.
Another option is to use the command "ps aux" which will show all currently running processes. Searchthe list for any suspecious perl scripts there.
Best Of Luck !
For your customers who are complaining about the limit of 100 per hour (I'd actually make it a little higher, say 150 - 250/hour) you can individually increase the limit.Originally Posted by tuxicans
I want to keep 150 limit per hour but how can i individually increase the limit for our higher customer , i really need solution for this
Hi Tuxicans,
do you know this thing ?
This can be done by the following steps...
edit /var/cpanel/maxemails
then run /scripts/build_maxemails_configCode:# If you update this file you must run /scripts/build_maxemails_config domain.com=5000 anothersite.net=250
Thanks i got this by before you update & its really works thanks again for your update
Hello Nilesh,
What do you mean this works? do you see lots of dm.cgi dark.cgi still uploaded but no spamming?
I was talking about : edit /var/cpanel/maxemails
LinkBack URL
About LinkBacks
Reply With Quote