Forums



Results 1 to 4 of 4

Thread: Prevent Nobody from sending mail

  1. 03-05-2004, 06:16 PM #1
    GOT
    GOT is offline
    Get Proactive! GOT's Avatar
    Join Date
    Apr 2003
    Posts
    902

    Default Prevent Nobody from sending mail

    I haev one server that I work with that is attracting some bad apples as clients. We, like most everyone, allowed the user nobody to send mail. Well, someone was abusing it and sent out about 20,000 spam emails. We also get occasional mail bombs.

    We compiled PHP with SuExec, but that caused way to many problems for the legitimate users of the system, so instead we checked the box to prevent the user nobody from sending emails.

    Guess what? 20,000 messages later, we are back at suexec.

    Can someone else confirm that this option is really broken, or am I missing something int eh big picture? How can the user nobody send out 20,000 messages with that box checked?
    Proactive Server Monitoring and Management
    http://got-management.com
    Reply With Quote Reply With Quote
  2. 03-05-2004, 09:22 PM #2
    phantom2
    phantom2 is offline
    Member
    Join Date
    Jan 2004
    Posts
    59

    Default

    I leave the "do not all ow php to send email as nobody unchecked. It caused some scripts not to work.

    You're going to get spammers. That's the nature of the business. However there are many things you can do to prevent spam by limiting the amount of emails can be sent out per user er hour. Tweak your Exim and sendmail.

    Also, make sure you state in your terms of service that shared clients can only send out 300 emails per day max unless they have special permission to do so.

    Also, in you terms, state that it is impossible to spam so dont bother trying and that each complaint received will result in a $500 fine.

    It helps. )
    Reply With Quote Reply With Quote
  3. 03-05-2004, 09:29 PM #3
    GOT
    GOT is offline
    Get Proactive! GOT's Avatar
    Join Date
    Apr 2003
    Posts
    902

    Default

    Does that limit apply to the user nobody? I did not think that it does.

    The problem is that they are using php to spam. The noc is getting so many complaints that they have twice threatened to pull the plug on the server. Nothing shows in the apache logs because all it takes is one access to launch the spam.

    Given your setup is the norm I am used to, how do you figure out who is spamming when they are using the nobody account?
    Proactive Server Monitoring and Management
    http://got-management.com
    Reply With Quote Reply With Quote
  4. 03-05-2004, 09:38 PM #4
    phantom2
    phantom2 is offline
    Member
    Join Date
    Jan 2004
    Posts
    59

    Default

    ore than likely they are signing up using proxys. Join one of those proxy list sites and block those proxy IP's via htaccess. That will help but may not stop the problem. It's very odd to have THAT much of a spam problem. We get a spammer maybe once every 5 to 6 months.
    Reply With Quote Reply With Quote
« MySQL and transferring accounts | Valiases empty »

Similar Threads

  1. Prevent the user "nobody" from sending out mail to remote addresses
    By tracktor in forum E-mail Discussions
    Replies: 1
    Last Post: 04-04-2009, 04:43 AM
  2. want to prevent the server from sending mail to certain tlds
    By Silver_2000 in forum cPanel & WHM Discussions
    Replies: 0
    Last Post: 07-02-2008, 08:19 AM
  3. How to prevent the user 'cpanel' from sending mail
    By tteague05 in forum cPanel & WHM Discussions
    Replies: 3
    Last Post: 07-18-2006, 01:10 PM
  4. prevent user nobody from sending out mail
    By cazny in forum cPanel & WHM Discussions
    Replies: 1
    Last Post: 09-12-2004, 11:36 AM
  5. Prevent the user 'nobody' from sending out mail to remote addresses
    By DWHS.net in forum cPanel & WHM Discussions
    Replies: 4
    Last Post: 08-29-2003, 11:21 AM