Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Am I being Spamed?

Discussion in 'General Discussion' started by Anveo, Feb 16, 2003.

  1. Anveo

    Anveo Registered

    Joined:
    Sep 18, 2002
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    151
    Hi everyone. My server has been generating thousands of emails with this message:


    ^^^^^^^^^^^^
    This message was created automatically by mail delivery software (Exim).

    A message that you sent could not be delivered to one or more of its
    recipients. This is a permanent error. The following address(es) failed:

    mroverclocker@yahoo.com
    SMTP error from remote mailer after end of data:
    host mx1.mail.yahoo.com [64.156.215.5]: 554 delivery error:
    dd Sorry, your message to mroverclocker@yahoo.com cannot be delivered. This account is over quota. - mta148.mail.scd.yahoo.com

    ------ This is a copy of the message, including all the headers. ------

    Return-path: &nobody@ns1.ipkonfig.com&
    Received: from nobody by ns1.ipkonfig.com with local (Exim 3.36 #1)
    id 18kUzR-0000FC-00
    for mroverclocker@yahoo.com; Sun, 16 Feb 2003 14:01:55 -0600
    To: mroverclocker@yahoo.com
    Subject: test
    MIME-Version: 1.0
    Content-type: text/html; charset=iso-8859-1
    From: Tubber &tube@tub.com&
    Message-Id: &E18kUzR-0000FC-00@ns1.ipkonfig.com&
    Date: Sun, 16 Feb 2003 14:01:55 -0600


    does this work?
    ^^^^^^^^^^^^^^^^^

    I am assuming my server is being used at some type of spam relay, but I am unsure how I should go about fixing this, and preventing it from happening in the future. Thanks for any help you can give!
     
  2. hostcp3

    hostcp3 Well-Known Member

    Joined:
    Jun 18, 2002
    Messages:
    156
    Likes Received:
    0
    Trophy Points:
    166
    do a

    locate bomb.php

    or even


    locate bomb | more


    on your server.

    I have had two customers run these in recent times.
     
  3. awsol

    awsol cPanel Test Bitch

    Joined:
    Feb 8, 2002
    Messages:
    591
    Likes Received:
    0
    Trophy Points:
    316
    Location:
    Boston MA
    It looks like somebody is either testing you for a open relay or trying to see if they can use your server to spam.

    One thing that most pop servers allow is anonymous sending. This is a big problem because all I need to know is your hostname and I can send as many emails through your server that I want.

    Recently I switched my servers to require for the person to login to send. This is the safest way to go and you won't regret it.
     
  4. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,574
    Likes Received:
    3
    Trophy Points:
    193
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    Steve - What change has to made for this?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. awsol

    awsol cPanel Test Bitch

    Joined:
    Feb 8, 2002
    Messages:
    591
    Likes Received:
    0
    Trophy Points:
    316
    Location:
    Boston MA
    I completely forget the steps I did to accomplish this. If I remember I will let you guys/gals know.
     
  6. awsol

    awsol cPanel Test Bitch

    Joined:
    Feb 8, 2002
    Messages:
    591
    Likes Received:
    0
    Trophy Points:
    316
    Location:
    Boston MA
    It wasn't that way on my servers. I had to manually do it.
     
  7. awsol

    awsol cPanel Test Bitch

    Joined:
    Feb 8, 2002
    Messages:
    591
    Likes Received:
    0
    Trophy Points:
    316
    Location:
    Boston MA
    Go back to IRC punk :)
     
  8. steven

    steven Active Member

    Joined:
    Sep 9, 2001
    Messages:
    39
    Likes Received:
    0
    Trophy Points:
    306
    Anyone else have any suggestions, as this is happening to one of our servers as well?

    -Steven
     
  9. manokiss

    manokiss Well-Known Member

    Joined:
    Mar 31, 2002
    Messages:
    575
    Likes Received:
    0
    Trophy Points:
    316
    same here

    Hi, same here, we have same problem, we thought to restrict nobody@ but we cant, lot of clients use his forums to send mails.
    So we continue waiting a solution for this.

    Any help will be apreciated
     
  10. awsol

    awsol cPanel Test Bitch

    Joined:
    Feb 8, 2002
    Messages:
    591
    Likes Received:
    0
    Trophy Points:
    316
    Location:
    Boston MA
    Blocking nobody@ isn't needed. You need to block outgoing so the people need to verify. Since nobody@ is server based they still work.
     
  11. manokiss

    manokiss Well-Known Member

    Joined:
    Mar 31, 2002
    Messages:
    575
    Likes Received:
    0
    Trophy Points:
    316
    hi awsol, thanx

    Thanx awsol !

    Any step to do that ? is in the exim.conf ?

    TIA
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice