Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

1000s of bounced messages

Discussion in 'E-mail Discussion' started by fuzzie, Jun 28, 2007.

  1. fuzzie

    fuzzie Well-Known Member

    Oct 12, 2002
    Likes Received:
    Trophy Points:
    I am getting thousands of bounced or failed messages to from
    The only way to control it is to stop exim, delete the queue. When I start exim back up, in 30 minutes, the mail is back, bouncing so many I need to do it over again.
    How do I block bounced messages from him, or just plain stop any bounced messages from being delivered?

    Can the user nobody be set to fail or discard?

    Thanks for any help!
  2. AndyReed

    AndyReed Well-Known Member PartnerNOC

    May 29, 2004
    Likes Received:
    Trophy Points:
    Minneapolis, MN
    You need to find the script that sends out SPAM through your server. In addition, login to the WHM >> Server Configuration >> Tweak Settings and check the checkbox next to: "Attempt to prevent pop3 connection floods"
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. chirpy

    chirpy Well-Known Member Verifed Vendor

    Jun 15, 2002
    Likes Received:
    Trophy Points:
    Go on, have a guess
    That WHM setting doesn't have anything to do with bounce emails or any other emails. It simply controls POP3 access to the old, deprecated cppop system.

    fuzzie, you really need to establish whether the bounces are as a result from spam being sent out from your server by looking at the bounces and tracking the headers in the exim_mainlog. If it is coming from your server, then you need to track down the offending script, most likely a compromised PHP script since it's from nobody. I have a tutorial that explains how to track these back here:

    If the bounces are definitely not as a result of spam going out from your server, then you could simply block the senders email address using an exim ACL, or sticking their mailservers IP address in your firewall.
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice